As I was going through the Top 100Cyber Security blogs one post stood out to me: http://money.cnn.com/2015/04/29/technology/credit-card-machine-hack/ Apparently 90% of all credit card machines have the default password , which happens to be: 166816 and Z66816 since 1990. So there are several problems here: 1. The same default password for many years by the manufacturers … Read more
New devices and old alike: The issue with WiFi is that it is a network piece that can bite you if you are not aware of it. In PCI compliance the relevant section (besides the sections for configuring your device correctly at 4.1) The testing of Wireless networks is in 11.1: … Read more
Sucuri Blog has an interesting blogpost on how a website got compromised and allowed unencrypted Credit Card numbers(only in one specific area and for a few seconds) to be stolen from the Magento Ecommerce platform for a period of time. Magento is an Ecommerce web system. It Looks like Magento also had a … Read more
We know a firewall protects the network By using Port or protocol filter lists (also known as Access Control Lists) a firewall does protect the network in a minimal manner. But doing IP header filtering is not enough today when there are so many attackers and they can change the port or IP addresses. … Read more
As Washington Post wrote a story about the old Lopht group visit to the Capitol Hill. http://www.washingtonpost.com/sf/business/2015/06/22/net-of-insecurity-part-3/ Do you remember the following historical events? True in 1871 Chicago had 330,000 residents. (from https://www.awesomestories.com/asset/view/CHICAGO-IN-1871-Great-Fire-of-1871 ) But this is what happened when many things happened simultaneously and overwhelmed the fire department response due to conditions(dry): The area of … Read more
