SYNful Attacks Cisco Routers

http://blogs.cisco.com/security/synful-knock This is an attack that is successful only if you do not change default passwords on Cisco Routers.  But… see below. In Mid September: { Today, Mandiant/FireEye published an article describing an example of this type of attack. This involved a router “implant” that they dubbed SYNful Knock, reported to have been found in 14 routers … Read more

You Don’t Understand Hackers or Computers? Hackers Will Still Hack You

Yes we(humans) are Risk seeking  with losses, and risk averse with gains. https://www.schneier.com/essays/archives/2008/01/the_psychology_of_se.html “Security is a tradeoff,” Schneier said, speaking to a packed audience at his RSA session. “What are you getting for what you’re giving up? Whether you make that tradeoff consciously or not, there is one.” You think that your computers are not … Read more

Its not that we don’t care about Security

Does this sound familiar? My company does what it can with security and is compliant, we have no breaches so far.   The problem is that the security team knows we can get breached, in fact we likely already have. But fortunately nothing has been overtly accomplished (as far as we can tell) by the … Read more