DDOS Amplification Attack Study Shows Effectiveness

http://www.christian-rossow.de/publications/tcpamplification-woot2014.pdf written by: Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany The researchers did a variety of scans – udp and tcp based scans to test the Internet. This table means that there are hundreds of thousands potential computers(network devices) on the Internet that can be used … Read more

Bank Hacked In Minutes – Executives Don’t Know Nothin

In less than a minute a Hacker found out that the bank was giving out too much information. http://sijmen.ruwhof.net/weblog/584-how-i-could-hack-internet-bank-accounts-of-danish-largest-bank-in-a-few-minutes As the hacker studied the website information, it was evident that it will not take long to hack the website. Which means access to customer server information, so that means PII (Personal Identifiable Information), banking information … Read more

We are Hacked – Firewall Useless – Now What?

Why did we get hacked?  Is a common refrain after a breach. Thousands of businesses got hacked last year (and this year) as in my previous post: http://oversitesentry.com/analyzing-data-breaches-can-we-tolerate-status-quo/ We believe in our technologies, in automation in firewalls There are many aspects of potential weakness – and all weaknesses will be taken advantage of. The only way … Read more

Patching Ur Computers – Actually Reduces Risk

Patch Tuesday  August ( 8/11/2015) Here is Microsoft patch Tuesday August 2015 edition https://technet.microsoft.com/en-us/library/security/ms15-aug.aspx   How can I say that unpatched computers will get hacked? Any Metasploit pentester will tell you this. Metasploit is a nifty program (runs on Linux) that will attack computers with various attacks and payloads. It takes advantage of people who … Read more