No Anonymity on Internet

If it is not plain to everyone, here is some evidence: Sony Picture’s Scott Rudin exec emails: http://deadline.com/2014/12/scott-rudin-apology-sony-hacking-barack-obama-1201320321/ His racially insensitive emails were posted after the network and all servers were hacked. even after several years go by the emails have surfaced.    SEP = Security Equals Privacy This scenario can be repeated: Google and Twitter … Read more

Test new POODLE vulnerability

There is a new POODLE vulnerability and test at Qualys SSL labs) https://www.ssllabs.com/ssltest/   POODLE (Padding Oracle On Downgraded Legacy) The problem is that your encryption stream may be downgraded to a legacy (i.e. can be cracked) standard.  TLS 1.2 and higher needs to be kept as the known secure standard. Go click on ssllabs.com … Read more

Healthcare data at risk

It is only a matter of time before health data will be plastered all over the Internet. A number of Blogs are discussing this very issue http://www.safelogic.com/exposing-the-risks-of-data-driven-healthcare/ is one.   Penetration testing for New England care solved some problems outside of security issues: http://www.coresecurity.com/content/penetration-testing-key-to-hipaa-compliance-for-care Penetration testing checks the boundaries of your computer systems. By using open source tools … Read more

Best Password Management

Due to the bad password practices of the general population, the latest example is the Sony Pictures hack uncovering the passwords of Sony Pictures employees(as well as SSN and more):     As in our previous post where  we discussed the hack. Now various forums are picking apart the very bad password practices of Sony Pictures … Read more