Oct: Swipe&Sign + Breach = Merchant Liable Not CC companies

The Cybersecurity field knows this has been in the works for a year now, and in 5 months it will happen.   Chip in a Credit card The US will catch up to the rest of the world as world travelers know this.  (Europe has had it since 2004) http://www.creditcards.com/credit-card-news/american-travelers-guide-emv-chip-cards-1271.php In this image from the … Read more

We Must Master The Cybersecurity Basics

A great SECINT (Security Intelligence) paper John Stewart wrote: http://www.cisco.com/web/about/security/intelligence/JNS_TTPs.pdf   Basics must be mastered: patching Identity: Strong identity, federated Identity, and identity based networking Eliminate dark space Notice that the basic #1 item is  patching.  We must be able to cover patching on a timely basis with a regular methodology. Otherwise our systems are … Read more

Linux Servers Can Get Malware Too

    Yes it is a big deal, since many IT folks do not know that malware is on all computers, Malware is short for malicious software and is typically “installed” in Windows machines  with a phishing email, but what makes this unique is not just the Linux system attacks, but how they got attacked. … Read more

Testing System Vulnerabilities

It would be a good idea to test your system hacking skills on systems that are not production systems. But who has time to create systems with a few vulnerabilities? Well it is vulnhub.com Here is Bwapp which you can download which is actually a vmware instance of a vulnerable application which can be “test” … Read more

How much Security is enough?

Tim Wilson at DarkReading is discussing a little on how to discuss security issues, goals, and concerns. Of course his message is a basic and simple one how much should anyone be concerned with security.   A business has to have sales to operate. To have sales, there must be customer service, installation and other essential … Read more