PCI Compliance Also on Cloud?

What about “PCI Compliance on Cloud?”   There _is_ a document by the Payment Card Industry (PCI) SSC(Security Standards Council) website https://www.pcisecuritystandards.org/pdfs/PCI_DSS_v2_Cloud_Guidelines.pdf Notice this is a v2(Feb 2013) document of the DSS (Data Security Standard), and we know that the latest DSS document is v3 (Nov 2013), but we can figure out a few things … Read more

Command & Control Traffic From Inside Network

It seems everyone should be looking for Command and Control traffic  from inside the network (updated on 04/01/2016)   What does Command and Control mean? It is the last process in the hacking cycle: As we have pointed out: SVAPE & C   Scan, Vulnerability Analysis, Penetrate Exploit & Control from other posts  http://www.fixvirus.com/svapec/ Our … Read more

Lenovo Made Big Cybersecurity Mistake & now Komodia

Here is the underlying Lenovo problem: http://www.kb.cert.org/vuls/id/529496  ” Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys, making systems broadly vulnerable to HTTPS spoofing” And unfortunately this Komodia Redirector is inside a Lenovo software installation (Superfish) Here is a Techworld  story: http://www.techworld.com/news/security/lenovo-not-alone-in-suffering-from-superfish-security-flaw-3598898/  which also discusses  the problem both in Lenovo systems: “ Security researchers … Read more

Go Ahead and Hack Us!

  That is the message companies have according to the Christian Science Monitor survey “Conventional wisdom” and results  of the survey are at odds, there is an overall thinking that all companies are now paying attention to cybersecurity or information Security now that Anthem was hacked and the Sony hack occured. But the opposite is … Read more

Your Cyberdefense Still 2000’s Thinking?

Yes it is February 20, 2015 And it is high time you replaced your firewall(FW), just like all computers the new firewalls have better processors and chips to make your speed in Internet browsing faster and if you get a Next Gen FW(NGFW) you can also be more secure.   So as technology gets better, … Read more