The recently added BugSec blog¹ on Security News Analyzed page at #30 is the source. Apparently there are several NGFW (Next generation FireWalls) systems that allow the initial handshake to occur no matter the destination, including to destinations we would want to deny. It is good to point out, that an actual connection is not … Read more
What is your weakest point in your security(People, Process & Technology)? Safe to say that people are the weakest link. And by that I mean social engineering your workforce to either click on something they should not, or do something like give out too much information (yes my boss is on vacation right now). Email … Read more
What happens if your passwords are stolen? Never mind how. Let’s assume somehow with “magic” your passwords are stolen. Now what? It is useful to make this risk assessment exercises to see what can happen in your network. This is why one does not want to give more access than absolutely necessary. If … Read more
Although on December 7th is another year gone by for remembering Pearl Harbor attack in 1941 (74 years ago) I want to focus on the suprise attack angle. Tora Tora Tora トラ・トラ・トラ means “We have achieved complete surprise” in Japanese codeword. A translation is Tiger. Tora (Tορα) is translated to “now” from Greek. Torah … Read more
Checking your Logs for anomalies is getting more difficult as time goes on. There is a new report out by FOX IT¹ and the report dissects a long running botnet (botnet is a program that connects to itself across the Internet). This botnet may be considered the largest and longest running as it started around … Read more