Curious about latest Malware or Viruses?

https://isc.sans.edu/  has a good post on how to do some rudimentary searches… Specifically https://isc.sans.edu/forums/diary/Botnets+spreading+Dridex+still+active/20295/ is the post. The image above is the same image from isc.sans.edu today post, notice how Brad Duncan searched for the Dridex malware with the hash mark, so if there is a suspected malware you are interested in researching that is a great … Read more

Wifi Attacks Succeed Against All:WEP/WPA

When do Wifi attacks Succeed? It depends on your setup   Some basics: First of all, change your default admin password (since default admin passwords are on the Internet so that users can manage their WiFi Access points). New access points may look like this: and the support page shows how to access the WiFi … Read more

VLAN Hopping Defeats Segmentation

When we set up a Network we segment the network. The firewall protects the inside network, and the inside network critical systems are separated from the rest of the devices. Also for compliance reasons one needs to segment networks.   So the hacker wants to see all the computers… (how?) VLAN hopping. http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-convery-switches.pdf This is … Read more

Security Triangle+ People Process Technology+

As other blog posts have mentioned  in the past: Schneier: https://www.schneier.com/blog/archives/2013/01/people_process.html http://www.computerweekly.com/blogs/david_lacey/2013/01/we_need_more_use_of_security_t.html Here is the “Security Triangle” People, Process, and Technology. Image from: http://www.business2community.com/online-communities/social-intranets-merging-people-process-and-technology-0126252   Even though the image above is for social media, I like it because it shows the number of items in People that must be behind your new security push. “Security People” … Read more