Rob Alexander is CIO of Capital One and was very proud of his move to AWS http://t.co/ix9TamNPAW here is one of his slides touting the his efforts. “We can provide higher security with AWS than with our own data centers” They are developing new mobile and web apps to connect to your bank account “Mobile … Read more
EMV(Europay, MasterCard, Visa) is the standard with the pin and chip technology which the US has finally moved to on October 1st of this year. Since EMV history and about https://www.emvco.com/about_emv.aspx So it is good that we have gotten up to speed from our days of just mag stripe and pin number. But since the standard has … Read more
https://technet.microsoft.com/en-us/library/security/ms15-oct.aspx Has several patches including MS15-106 ” One memory corruption vulnerability (CVE-2015-6056) has been publicly disclosed.” from the following link: https://msisac.cisecurity.org/advisories/2015/2015-121.cfm As far as Microsoft patches go – the ones that patch remote code execution in the vulnerability impact column. And 4 of the 6 have remote code execution. As a systems person I … Read more
A breach has many looks… THE fundamental problem is highlighted in this article: http://www.infosecurity-magazine.com/news/15mn-affected-medical-information/ Besides the obvious headline grabber “1.5mil records stolen by hackers.” I am going to compile a few sentences from the article and then discuss: {He added, “Every healthcare firm, large and small, that stores patient data is at risk of a … Read more
All it takes is one patch is missed, One computer not taken care of. Computers must be patched so that Zero-day exploits have minimal affects. We discussed this on July 20th http://oversitesentry.com/why-security-news-scrutinized-to-nth-degree/ Let’s review: After a vulnerability is introduced, an exploit hits the “wild” and then the clock starts ticking, the attackers(criminal hackers) and defenders(software … Read more
