It is good to review this Annual report: http://www.cisco.com/web/offers/pdfs/cisco-asr-2015.pdf (may have to fill out some information to get it) key discoveries: 1) 1% of all high urgency CVE (Common vulnerabilities and Exposure) were actively exploited. This means organizations must prioritize and patch high urgency vulnerabilities. 2) Since Blackhole exploit kit in 2013, it … Read more
SVAPE&C explanation video (special edition of fixvirus security show) Let us know if that helps you understand Pentesting Use the Sigma Scan to do SVA at least. http://oversitesentry.com/solutions/sigma/ Sigma Scan is Alpha Scan + Nessus/Nikto, it depends on what the alpha scan revealed. Contact Us. to help you
While reading the ~20 blogs this morning the one from F-Secure hit home: http://community.f-secure.com/t5/BSB-Blog/Why-Internet-security-should/ba-p/65567 Elija is discussing why we should have Internet security: “The 24/7 work culture is also one reason for using the same devices both for work and for leisure. This in turn may lead to a situation where social media activities and … Read more
Dark Reading has an article on PCI compliance from end of last year: http://www.darkreading.com/risk/compliance/how-pci-dss-30-can-help-stop-data-breaches/a/d-id/1318306 An important paragraph: “In the cases of the largest data breaches, in 2014 a common point of vulnerability was the exploit of remote access methods to implant malware on systems that store, process, or transmit cardholder data. Frequently the point of … Read more
This link explains why I created these sites in the first place http://www.fixvirus.com/philotimodo-the-right-thing-your-network/ PCI compliance is only trying to get you to do some Philotimo -“do the right thing”. Scan your computers and fix any problems to prevent the hackers from attacking you.
