Sukhvinder Bedi

In news today:Postal Service confirms security breach: http://www.foxnews.com/politics/2014/11/10/postal-service-confirms-security-breach-chinese-govt-hackers-reportedly/

In news: Pro-democracy Hong Kong sites DDoS’d with Chinese cyber-toolkit: http://www.theregister.co.uk/2014/11/03/hong_kong_hacking_chinese_cyber_spy_link/

In news about potential data breach: Nearly 44,000 state retirees may have had their personal data compromised in a security breach, more info. at : http://alturl.com/bjdkw

Also, Survey shows the cost of security breaches is on the rise (no brainer there) but Budgets? Not so much. Read more at: http://alturl.com/hi9tu

In news: Dropbox used for convincing phishing attack: http://www.cso.com.au/article/557732/dropbox-used-convincing-phishing-attack/

KMPG:https://www.kpmg.com/US/en/Pages/default.aspx
Fingerprint: =D9:4F:C4:2F:80:C5:DD:84:1F:AA:F3:97:14:A7:70:A5:82:B1:6E:F3
Signature Hash Algorithm: SHA 1
Thumbprint Algorithm: SHA 1
Issuer: Cybertrust Public SureServer
Valid from April 16, 2014 to April 16, 2015

CN = *.kpmg.com
OU = KPMG
O = KPMG LLP
L = Montvale
S = NEW JERSEY
C = US

The important part of SANS article that I got it is the ‘cycle of social engineering’ and how it’s the most common way of ‘hacking’ into the systems. I agree that now more than ever, skill application of Social Engineering is a security threat to an organization. For a Security professional, it is important to know the value of information that is…[Read more]

I came across this article when searching data integrity. The article highlights a strong need for data integrity in health information exchange.Link: http://www.healthcareitnews.com/news/data-integrity-essential-hies-ahima-says

Also, something caught my eye on Security week, this article talked about smart meter are widely considered to be…[Read more]

I came across this article when searching data integrity. The article highlights a strong need for data integrity in health information exchange.http://www.healthcareitnews.com/news/data-integrity-essential-hies-ahima-says

Also, something caught my eye on Security week, the article talked about smart meter are widely considered to be vulnerable

It is interesting that I read about packet sniffing on switched and non-switched environment after tinkering with an unmanaged switch. The article talks about the tools used to perform packet sniffing and ways to mitigate the risk of packet sniffing. It tries to give you both ends of the stick so that a penn.tester or an auditor is aware of what…[Read more]

The flaw allows an attacker to remotely attach a malicious executable to a variable that is executed when Bash is invoked. – See more at: http://threatpost.com/major-bash-vulnerability-affects-linux-unix-mac-os-x/108521

Interesting reading from SANS: The Keep Within the Castle Walls – An Experiment
in Home Network Intrusion Detection: http://alturl.com/3hy3y

Key points from assigned reading:

Art of Reconnaissance: Two things that I like from the reading, apart from the technical how-to’ is to consider basic steps before attempting any recon testing:
(a) To get a written consent before you do any recon testing on a network and (b) to never do recon testing using your own network connection. The q…[Read more]