What can we do to shore up our defenses? If you already have a firewall, an IDS/IPS, an anti-virus software. Is that all there is to make your network as close to impervious as possible? I.e. the six sigma security that I have discussed in past blogposts: http://oversitesentry.com/assume-you-are-hacked-so-get-6-sigma-security/ How to test your environment? – … Read more
also called the “Deepweb” Guess what the IRS was hacked, which actually means we were hacked. http://arstechnica.com/security/2015/05/report-irs-admits-its-been-hacked-tax-info-stolen-for-100000-plus/ In the thousands of breaches all over the world, the criminals are building a dossier data file on all of us that have any PII – Personal Identifiable Information. Addresses (old and new), answers to questions like what … Read more
After a long Weekend I wonder if there is a good enough understanding of how(and why) hackers do what they do – i.e. What makes a hacker want to take control of an airplane just to see if they can do it? There is a widely discussed Wired article: http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/ about hacking an airplane and potentially … Read more
http://www.wsj.com/articles/SB118014402282815483 An excellent tribute and a very good expanation in 2007 Memorial Day and today 8 years later: Once we knew who and what to honor on Memorial Day: those who had given all their tomorrows, as was said of the men who stormed the beaches of Normandy, for our todays. But in a … Read more
I.e. Bruce Schneier quote: Can we patch vulnerabilities faster than attackers can exploit them? The University of maryland, College park has a website project: https://www.umiacs.umd.edu/~tdumitra/blog/2015/04/15/impact-of-shared-code-on-vulnerability-patching/ In my opinion the crux of their vulnerability survey is in this graph(also from Univ of Maryland link): The end result of this survey was that how long vulnerabilities … Read more
