As you may know SSL is the security standard upon the encrypted Internet was first built. the Secure Socket layer is no longer secure though. If you read our POODLE (Padding Oracle On Downgraded Legacy Encryption)post: http://oversitesentry.com/the-sslv3-vulnerability-fix-and-explanation/ It showed the current reality of SSLv3 (the latest version) is no longer secure. And thus it is … Read more
Moving to the Cloud is important for the “next” level of IT in the board room(the Chief xO’s and directors…) all you need is a browser in “the cloud” Why? Now we can have computing at our desktops and mobile devices without the local infrastructure. We don’t need those specialist IT people (I … Read more
At the hackers were there for several weeks(maybe months)- copying and taking data before they started deleting data, and breaking stuff. Every day more malware (malicious software) is being created which is very hard to detect – why do you think Symantec says that anti virus is dead, the defenses of a network must contain more … Read more
Here are some dos and don’ts from the Riverdale (Md) Volunteer Fire Department (not all are reproduced here) Do install smoke detector Do check heating system for blockage, and maintain system Do check the electric cords for wear and replace if necessary Don’t put ashtrays on sofa or sofa arms Don’t leave space heaters unattended … Read more
First the latest SC magazine: http://www.scmagazine.com/anthem-brings-in-mandiant-to-investigate-resolve-breach/article/396749/ 1. Anthem did right in discussing and revealing the breach “early”, as most companies sit on the information and reveal after several months. 2. Did not encrypt data due to needing speed for various reasons (mining the data etc. Although it is questionable whether that would have hindered the … Read more
