Discussion of public breaches of security
Have you done everything you could to manage the level of risk that you need to have? On Feb 4th I said Risk Management failed us: http://oversitesentry.com/risk-management-does-not-work/ So how can I help you understand the new level of cyber risk today? In the past it was good enough to run a firewall (which keeps out most … Read more
What if you could block all China originating traffic? As you see there was a Forbes Internet attack survey done for Q2 2014. China was the top source of attack traffic (43% of global Internet attack traffic). Image reference Link: http://www.statista.com/chart/2801/china-is-the-worlds-top-source-of-internet-attack-traffic/ . What if you could just block all this traffic? How could you do it? It … Read more
Yes another slightly new style of attack: http://www.networkworld.com/article/2889933/hackers-exploit-router-flaws-in-unusual-pharming-attack.html There are a couple of slightly new twists in this hacker style attack. Proofpoint found the attack (as a spam protection company they see all kinds of emails) https://www.proofpoint.com/us/threat-insight/post/Phish-Pharm Here is definition of pharming: “Attackers use poisoned DNS servers to redirect address requests, usually for online banking … Read more
It seems everyone should be looking for Command and Control traffic from inside the network (updated on 04/01/2016) What does Command and Control mean? It is the last process in the hacking cycle: As we have pointed out: SVAPE & C Scan, Vulnerability Analysis, Penetrate Exploit & Control from other posts http://www.fixvirus.com/svapec/ Our … Read more
We know the problems with the Anthem Breach: no encryption But does it mean you should encrypt your data? What does it mean to “encrypt the data” What if your data is “stolen” with correct credentials, i.e. if someone has the username and password then it is over, whether the data is encrypted matters … Read more
