Month: January 2015

Studying Data Breaches as a whole

by

IBM has an infographic and a report: http://www-935.ibm.com/services/us/en/security/infographic/cybersecurityindex.html http://www-935.ibm.com/services/us/en/it-services/security-services/cost-of-data-breach/ (we make a point to show you the whole link, so you know exactly where you are going) The image above is a snippet from the infographic  IBM has gathered this information from the Ponemon Institute research report (you can download these reports if you register … Read more

Amazing to note Telnet vulnerability Patch Tuesday

by

Microsoft has a Telnet  vulnerability which has a critical remote code execution. (MS15-002) https://technet.microsoft.com/library/security/ms15-jan This is true:  “Only customers who enable telnet on Windows 2003 are affected (it is installed but not enabled). and Telnet is not installed on Vista or later operating systems” But if you did enable (or install and enable) it has … Read more

Credit Card Thieves Caught in Saint Louis area

by

Fox2 a local TV media channel (in Saint Louis area) has the story: http://fox2now.com/2015/01/12/police-bust-credit-card-thieves-from-detroit/   Why do I bring this up in a cyber security blog? Due to this little info blurb: “Maryland Heights police searched the vehicle, and found fake Michigan drivers’ licenses, dozens of pre-paid MasterCard gift cards, and pricey electronics.” and “Fedak … Read more

Another Desktop Exploit – Silverlight Problem

by

Checkpoint has the scoop: http://www.checkpoint.com/downloads/partners/TCC-Silverlight-Jan2015.pdf Silverlight exploits may be less common, but unfortunately this particular exploit obfuscates itself and can infect the desktop that has loaded Silverlight. Background to Silverlight: “The Silverlight framework enables the development of web applications with features similar to those of Adobe flash and Java Applets. The Silverlight runtime environment is … Read more

Krebs notes Lizard attacked Sony with home routers

by

The hacker group Lizard Squad  that attacked Sony and Microsoft on Christmas day: http://oversitesentry.com/christmas-hacking-while-you-were-out/ This was the result of their attack:   Brian Krebs has done research (as he does) and has found that the Lizard group has been hacking default password home routers around the world, and it seems they used them to attack … Read more