tonyz

New PCI DSS v3.0 released Nov 2013

by tonyz
June 24, 2014March 17, 2015

DARKReading has the highlights of the changes of v3.0 compared with v2.0 SearchSecurity also has a synopsis – with the 5 most important changes: 1. Pentesting (Penetration… Read More »New PCI DSS v3.0 released Nov 2013

4 Future Internet trends and how they affect Security

by tonyz
June 10, 2014March 17, 2015

RealclearTechnology has an interesting article (the 4 headings below is my synthesis of the article) It is based out of the Cisco projections (linked in article).… Read More »4 Future Internet trends and how they affect Security

Testing Cloud services

by tonyz
June 4, 2014March 17, 2015

Since we advocate testing your IT services and devices, what if your organization has cloud services? How about Amazon EC2? AWS compliance keep this in mind.… Read More »Testing Cloud services

National Institute of Standards and Technology (NIST) has new standards

by tonyz
May 27, 2014March 17, 2015

NIST has a computer Security division and they have revamped their The On-line Database: Access and Control policy and procedures There are many good areas to review… Read More »National Institute of Standards and Technology (NIST) has new standards

Experian – one of the credit reporting agencies was duped

by tonyz
May 19, 2014March 17, 2015

KrebsonSecurity has the story (a good security blog) a 24 year old Viet-Nam (Ngo) national helped create a situation where data from Experian was sold… Read More »Experian – one of the credit reporting agencies was duped

SQL Injection is a common hacker method to attack

by tonyz
May 14, 2014March 17, 2015

As noted by us-cert.gov there are many methods of taking advantage of SQL injection opening in a website. The real problem is when companies don’t admit… Read More »SQL Injection is a common hacker method to attack

National Vulnerability Database (NVD)

by tonyz
May 13, 2014March 17, 2015

NVD or at the http://nvd.nist.gov/home.cfm NIST is the National Institute of Standards and Technology. NVD contains: 62145 CVE Vulnerabilities 231 Checklists 248 US-CERT Alerts… Read More »National Vulnerability Database (NVD)

Drupal vulnerability – patch your software

by tonyz
May 12, 2014March 17, 2015

Yes Drupal version 7.x – 3.5 now has a remote command injection vulnerability. Packetstormsecurity has a page on it. patch to the latest software (May 3rd… Read More »Drupal vulnerability – patch your software

Wardriving: when a hacker checks wifi signals

by tonyz
May 1, 2014March 17, 2015

Have you checked wifi signals as to their effectiveness? Is your wifi router/ access point using good encryption technology? Wardriving: Peter Shipley coined the term “wardriving”… Read More »Wardriving: when a hacker checks wifi signals

CVE vulnerabilities for April – 2014

by tonyz
April 26, 2014March 17, 2015

Here are the CVE vulnerablities for April 2014 so far. CVE (Common Vulnerabilities and Exposure) vulnerability data are taken from National Vulnerability Database (NVD) xml feeds provided… Read More »CVE vulnerabilities for April – 2014

« Previous
1
…
11
12
13
14
15
16
Next »