Exploit Home Routers Then Pharm DNS servers

Yes another slightly new style of attack: http://www.networkworld.com/article/2889933/hackers-exploit-router-flaws-in-unusual-pharming-attack.html There are a couple of slightly new twists in this hacker style attack. Proofpoint found the attack (as a spam protection company they see all kinds of emails)  https://www.proofpoint.com/us/threat-insight/post/Phish-Pharm Here is definition of pharming: “Attackers use poisoned DNS servers to redirect address requests, usually for online banking … Read more

How do we improve Security?

We need a Renaissance of focus on Security. I’m a Systems Engineer (http://www.fixvirus.com/about-us-full-story/) and teacher of Security Architecture (SEC020 at Professional Education Technology & Leadership Center at Washington university in Saint Louis) So of course like a dentist looking at teeth (they can’t help it) I look at computers from a systems point of view. Which … Read more

PCI Compliance Also on Cloud?

What about “PCI Compliance on Cloud?”   There _is_ a document by the Payment Card Industry (PCI) SSC(Security Standards Council) website https://www.pcisecuritystandards.org/pdfs/PCI_DSS_v2_Cloud_Guidelines.pdf Notice this is a v2(Feb 2013) document of the DSS (Data Security Standard), and we know that the latest DSS document is v3 (Nov 2013), but we can figure out a few things … Read more

Command & Control Traffic From Inside Network

It seems everyone should be looking for Command and Control traffic  from inside the network (updated on 04/01/2016)   What does Command and Control mean? It is the last process in the hacking cycle: As we have pointed out: SVAPE & C   Scan, Vulnerability Analysis, Penetrate Exploit & Control from other posts  http://www.fixvirus.com/svapec/ Our … Read more

Lenovo Made Big Cybersecurity Mistake & now Komodia

Here is the underlying Lenovo problem: http://www.kb.cert.org/vuls/id/529496  ” Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys, making systems broadly vulnerable to HTTPS spoofing” And unfortunately this Komodia Redirector is inside a Lenovo software installation (Superfish) Here is a Techworld  story: http://www.techworld.com/news/security/lenovo-not-alone-in-suffering-from-superfish-security-flaw-3598898/  which also discusses  the problem both in Lenovo systems: “ Security researchers … Read more