NewsofDay: On CMS systems review from this post: http://securityintelligence.com/cms-hacking-2014-by-the-numbers/ Also for TipofDay: PCI compliance the new page created at Oversitesentry (My blog) http://oversitesentry.com/pci-compliance/
Today’s show discusses News of day in the Threatpost blog about Coolreaper: A backdoor is when software runs a piece of code that you are not aware…
We are discussing in news of day – the sad story of retailers not having proper cyber security from Sophos survey: http://www.sophos.com/en-us/press-office/press-releases/2014/12/72-percent-of-uk-retailers-not-cyber-secure.aspx A lot of retailers do…
Here is the news link discussed in the news of day: http://dealbook.nytimes.com/2014/12/13/small-bank-in-kansas-is-a-financial-testing-ground/?_r=0 Hopefully they will review the security implications of this development. At the…
Threatpost blog post: http://threatpost.com/microsoft-recalls-patch-tuesday-exchange-update/109844 about the exchange server patch rollback (uninstall). The TipofDay is about PCI compliance – security policy must be created. some parts…
Am working on the next video… In meantime here are some interesting links: Kerberos Hack of MS14-068 and then one can add themselves as Domain…
hacker process explained: Don’t get SVAPEC’d Criminal Hackers use this method: Scan-> Vulnerability Assessment –> Penetrate and Exploit –> Control = SVAPE&C You should do the SVA…
Why do hackers want to hack you? To steal your data and reputation, so they can make money. (a criminal in Romania – $10000 is…
2nd show Fixvirus Security Show NewsofDay: POODLE(Padding Oracle On Downgraded Legacy) resurfaces – i.e. Not just the original issue https://www.openssl.org/~bodo/ssl-poodle.pdf – But the new one: https://www.imperialviolet.org/2014/12/08/poodleagain.html F5 has issued…
We will set up a daily(M-F) Tip-of-day and News-of-day segment Here is the first one – about tomorrows Patch Tuesday and plan for next year…