Have you had an inkling that cyber security is getting worse? remember this post from Black Hat2014 where I posted about a dilemma of management? It is as if this problem is so pervasive we can’t do anything about this. There seem to be more cyber breaches not less, we now expect to get hacked. … Read more
Checkpoint found a “Misfortune Cookie” vulnerability in various gateway devices for the home. This is the paper about how to protect one’s device: http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf thsi is especially disconcerting: Any user traffic destined for banking or financial sites was redirected to malicious servers under the attackers control or redirected through SSL proxies where the security of … Read more
Honeywell Point Of Sale(POS) systems – like the Dolphin Scanners: The components of Honeywell’s software (OLE for Retail POS systems to be exact) seem to be susceptible to buffer overflow attacks. Threatpost blogpost Relevant paragraph: “The Honeywell OPOS Suite provides a standard programming interface that allows POS hardware to be easily integrated into retail POS … Read more
A screenshot from the following Youtube video(below) – by Lenardo Ve: This is an instructive video how DNS can be hacked and attacked. And if successful it could cause an attackers proxy system to embed itself into the web traffic of the company. Notice that the evil proxy server that placed itself … Read more
If it is not plain to everyone, here is some evidence: Sony Picture’s Scott Rudin exec emails: http://deadline.com/2014/12/scott-rudin-apology-sony-hacking-barack-obama-1201320321/ His racially insensitive emails were posted after the network and all servers were hacked. even after several years go by the emails have surfaced. SEP = Security Equals Privacy This scenario can be repeated: Google and Twitter … Read more
