The Internet Storm Center has a post about how to get information from computers on the Internet. So you want to use the Internet? If you want to use it, you have to be connected. If you are connected you can be scanned. Hackers will scan you until they find a vulnerability. There are … Read more
KrebsonSecurity has some info There is no information on Home Depot website on the breach, although there are a lot of jobs open and unfilled from Aug 20, as well as some new ones in the security engineering positions. —————————————————————————– Update on this issue – Late night 9/3 http://news.yahoo.com/almost-u-home-depot-stores-may-hit-breach-214825497–sector.html yahoo story (from Reuters) it is … Read more
CIO magazine has the 11 steps of the hack Step 3 exploit a web vulnerability should have been remediated, although the hackers were in the network they would have had a harder time to attack. Step 5-6 Stealing a token from Domain admins , although the password hash may have been removed somehow, the Domain … Read more
etutorials.org explains some Heap Overflow attacks This is an important sentence and diagram( from the etutorials.org: “Where the details of stack overflow exploitation rely on the specifics of hardware architecture, heap overflows are reliant on the way certain operating systems and libraries manage heap memory. Here I restrict the discussion of heap overflows to … Read more
In JPMorgan’s shareholder letter states on page 22. Ja,oe Dimon is Chairman and Chief Executive Officer By the end of 2014, we will have spent more than $250 million annually with approximately 1,000 people focused on the effort. This effort will continue to grow exponentially over the years. In our existing environment and at our company, … Read more