As I was going through the Top 100Cyber Security blogs one post stood out to me: http://money.cnn.com/2015/04/29/technology/credit-card-machine-hack/ Apparently 90% of all credit card machines have the default password , which happens to be: 166816 and Z66816 since 1990. So there are several problems here: 1. The same default password for many years by the manufacturers … Read more
New devices and old alike: The issue with WiFi is that it is a network piece that can bite you if you are not aware of it. In PCI compliance the relevant section (besides the sections for configuring your device correctly at 4.1) The testing of Wireless networks is in 11.1: … Read more
Even a Next Generation Firewall(NGFW) will not save your network if the fundamental architecture is designed to prevent the firewall from working properly. Asaf Cidon Posted the following at informationweekDARKReading: http://www.darkreading.com/endpoint/why-the-firewall-is-increasingly-irrelevant/a/d-id/1320800 Obviously a firewall protects machines and users that are behind the firewall. So as Asaf rightly points out when the user data is … Read more
In the security field we seem to be going over the same ground over and over. The reason for this is that security should be easy and an afterthought, but when it is treated that way problems come up sooner or later… I did not lead with the Cardinals versus Astros story, but the story … Read more
At Showmecon (www.showmecon.com – June8,9 2015) I went to a HIPAA compliance talk by Hudson Harris “HIPAA 2015- Wrath of the Audits” It was an excellent talk by Hudson Harris @legallevity (his Twitter account) And this is what my report (or what I got out of it) is: 1. 10% of all HIPAA covered … Read more