computersecuritynews

Courts Uphold FTC Regulation-Punishment to Negligent Company

by

Threatpost has the story:  https://threatpost.com/court-rules-ftc-has-authority-to-punish-wyndham-over-breaches/114390 From the court brief http://www2.ca3.uscourts.gov/opinarch/143514p.pdf are some interesting snippets:   Let’s list the cybersecurity problems that Wyndham had: Stored CC data (which is a violation of PCI standard) Passwords were simple (Example: “micros” in a Micros computer default pw) Did not use firewalls between their corporate network, property management system, … Read more

Ashley Madison Hack Proves CyberSecurity Must Be Six Sigma Secure

by

We have to continue “learning” from high profile hacks. As you may have read in the news a “dating” site that attracts extra marital hookups has been hacked by some hackers. The after action report in detail has not been released so nothing really to learn from the hacking itself. Except the usual – I … Read more

Patching Ur Computers – Actually Reduces Risk

by

Patch Tuesday  August ( 8/11/2015) Here is Microsoft patch Tuesday August 2015 edition https://technet.microsoft.com/en-us/library/security/ms15-aug.aspx   How can I say that unpatched computers will get hacked? Any Metasploit pentester will tell you this. Metasploit is a nifty program (runs on Linux) that will attack computers with various attacks and payloads. It takes advantage of people who … Read more

7 Best Black Hat 2015 White Papers

by

Do you want to get up-to-speed on latest hacker techniques? Snagged this list from reddit: https://www.reddit.com/r/netsec/comments/3fz6z6/blackhat_usa_2015_presentation_slideswhite_papers/cttslpu   Abusing Windows Management Instrumentation (WMI) to Build a Persistent Asynchronous and Fileless Backdoor Crash & Pay: How to Own and Clone Contactless Payment Devices Forging the USB Armory an Open Source Secure Flash-Drive-Sized Computer SMBv2: Sharing More than … Read more