Ok, as I read the latest 2600 magazine on my tablet (article “Parse Database Injection”). I was going to write about the article as it is pretty interesting to me. April 4, 2016 edition so it is not online yet. But as I read more I realized only a few people will understand what I am … Read more
Have you heard this claim before? Working on just PCI compliance is not enough! What about the 109 pages of compliance checks in V3.1 of the PCI DSS Standards(Payment Card Industry – Data Security Standard)¹ document is lacking in Cybersecurity? There are 12 sections in the document: Firewall installation and configuration, roles of network admins, paperwork and … Read more
What do I mean by “In Time” ? it means that at some point when a system has old code on it a new attack will have been developed by enterprising hackers both good and bad hackers. At that point your system is easily hacked, the more time you leave it unpatched the more likely … Read more
We have had some challenging situations in Cybersecurity in the last 2 years (2014-15), But since we are so focused on the here and now, if it is not happening to you does it really affect you? Let’s review a few of the most egregious offenders and the problems they had: Target¹ – malware on Point … Read more
A couple of questions come mind: How can the Criminal Hacker tell if my system is weak and thus “Low hanging fruit” What will the criminal hacker do with my systems? How much do you REALLY trust your situation? Criminals have ways of finding your weaknesses – if you have one they will find it. … Read more