Discussion of public breaches of security
It is worthwhile to discuss Fake apps: http://www.hotforsecurity.com/blog/dont-be-fooled-bitdefender-anti-prank-tool-does-not-exist-11664.html There are “fake” apps which claim to be anti-virus or other legitimate apps (like games) but in reality are stealing your information on your phones and computers. Example: Guardian story Here is a Criminal developer boasting(on a discussion board) about creating the fake Flappybird app which steals … Read more
We know Insider trading is bad – even though we all want the money, the info to know that there will be good news before the news becomes public is sometimes draws a certain person like a moth to a flame. image from slide: http://www.slideshare.net/Identacor/8-nastiest-data-breaches-in-2015 7. Morgan Stanley insider theft: Morgan Stanley fired an employee … Read more
https://status.github.com/messages The status messages from the weekend state the problems GitHub had. We discussed a feint DDoS attack last week on blogpost: http://oversitesentry.com/ddos-not-only-for-disruption/ There are cases of DDoS that PCI compliance asks you to place the risk in a low category: Risk level: Severity is low for Denial-of-service attack, abnormal termination So the low risks are … Read more
DDoS(distributed Denial of System) means that a number of machines on the Internet are attacking one of your machines, It starts with several machines(“Masters”) being controlled by the “Attacker”, then the “slaves” attack your machine. With this definition of DDoS normally The actual attack into your machine usually just floods the victim machine with nonsensical … Read more
Have you done everything you could to manage the level of risk that you need to have? On Feb 4th I said Risk Management failed us: http://oversitesentry.com/risk-management-does-not-work/ So how can I help you understand the new level of cyber risk today? In the past it was good enough to run a firewall (which keeps out most … Read more