I am always working on trying to explain how better security can save your company from headaches and certain disaster in the future. While also figuring out why people are just not paying attention to security in general. And as they say a picture says a thousand words. So lets discuss my little pie … Read more
“Detection is a Flawed” Strategy by Simon Crosby at Dark Reading: http://www.darkreading.com/endpoint/times-running-out-for-the-$76-billion-detection-industry/a/d-id/1321381 Simon goes over the problems we have had including the Target failure, where the malware was detected but not acted upon (2014). So the Firewall Industry does sell a difficult job – they do know that breaches occur, there will be breaches. (image … Read more
I’m always monitoring multiple newsfeeds for the latest Security news (this is why I set up my top30 Security News Analyzed page). In my review I found the following 2 links which are tied into a recurring theme us security people attempt to work through. CIO’s real security headache http://www.techrepublic.com/article/the-cios-real-security-headache/ Six technical measures … Read more
What does it mean to say check my firewall with an automated pentest scan? That means to test the firewall using various programs to review the vulnerabilities using an application like Nessus or Nikto to test the IP address for vulnerabilities known to Nessus or Nikto. Nessus: The above … Read more
As I was going through the Top 100Cyber Security blogs one post stood out to me: http://money.cnn.com/2015/04/29/technology/credit-card-machine-hack/ Apparently 90% of all credit card machines have the default password , which happens to be: 166816 and Z66816 since 1990. So there are several problems here: 1. The same default password for many years by the manufacturers … Read more
