Securitybreaches

New Credit Cards(EMV) Hacked in France

Posted on

EMV(Europay, MasterCard, Visa) is the standard with the pin and chip technology which the US has finally moved to on October 1st of this year. Since EMV history and about https://www.emvco.com/about_emv.aspx So it is good that we have gotten up to speed from our days of just mag stripe and pin number.  But since the standard has […]

Securitybreaches

October2015 Patch Tuesday: Including Windows Shell Vulnerability

Posted on

https://technet.microsoft.com/en-us/library/security/ms15-oct.aspx Has several patches including  MS15-106  ” One memory corruption vulnerability (CVE-2015-6056) has been publicly disclosed.”  from the following link: https://msisac.cisecurity.org/advisories/2015/2015-121.cfm   As far as Microsoft patches go – the ones that patch remote code execution in the vulnerability impact column. And 4 of the 6 have remote code execution.   As a systems person I […]

Securitybreaches

Network Security Has Fundamental Problems

Posted on

A breach has many looks… THE fundamental problem is highlighted in this article: http://www.infosecurity-magazine.com/news/15mn-affected-medical-information/ Besides the obvious headline grabber “1.5mil records stolen by hackers.” I am going to compile a few sentences from the article and then discuss: {He added, “Every healthcare firm, large and small, that stores patient data is at risk of a […]

Securitybreaches

One Cyber Mistake Causes Problem$

Posted on

All it takes is one patch is missed, One computer not taken care of. Computers must be patched so that Zero-day exploits have minimal affects.  We discussed this on July 20th http://oversitesentry.com/why-security-news-scrutinized-to-nth-degree/ Let’s review:   After a vulnerability is introduced, an exploit hits the “wild” and then the clock starts ticking, the attackers(criminal hackers) and defenders(software […]

Securitybreaches

State-of-the-Art Security: Obscure your Network

Posted on

Richard Bejtlich has a new post (as of May 10) http://taosecurity.blogspot.com/ He set out a few excerpts of a 1978 book “Computer Capers” by Thomas Whiteside. To me the most interesting excerpt(2nd): “The difficulties of catching up with the people who have committed computer crimes is compounded by the reluctance of corporations to talk about the […]