If you are not in the IT field who would understand all the details of a potential hack-attack, here are some headlines in news today that may not create a full picture: http://www.darkreading.com/perimeter/ddos-attackers-exploiting-80s-era-routing-protocol/d/d-id/1321138? Which means the old RIPv1 or Routing Information Protocol has abilities that can be exploited. If you have an old router, or … Read more
As I was going through the Top 100Cyber Security blogs one post stood out to me: http://money.cnn.com/2015/04/29/technology/credit-card-machine-hack/ Apparently 90% of all credit card machines have the default password , which happens to be: 166816 and Z66816 since 1990. So there are several problems here: 1. The same default password for many years by the manufacturers … Read more
New devices and old alike: The issue with WiFi is that it is a network piece that can bite you if you are not aware of it. In PCI compliance the relevant section (besides the sections for configuring your device correctly at 4.1) The testing of Wireless networks is in 11.1: … Read more
Sucuri Blog has an interesting blogpost on how a website got compromised and allowed unencrypted Credit Card numbers(only in one specific area and for a few seconds) to be stolen from the Magento Ecommerce platform for a period of time. Magento is an Ecommerce web system. It Looks like Magento also had a … Read more
We know a firewall protects the network By using Port or protocol filter lists (also known as Access Control Lists) a firewall does protect the network in a minimal manner. But doing IP header filtering is not enough today when there are so many attackers and they can change the port or IP addresses. … Read more
