-
Jason A Lindsley commented on the post, Progress Report for Week Ending, February 9, on the site 6 years ago
This article really reinforces the need for more cyber awareness in both public and private sectors. I attended a round table this week that was focused on improving Cyber Awareness for financial institutions. There were a lot of creative ideas discussed and some programs were really impressive. We recently kicked off a Cyber Awareness…[Read more]
-
Jason A Lindsley commented on the post, Week 10 Update, on the site 6 years ago
Nice analogy Fred! At least I know the logging and monitoring in North Philly is working because I get Temple text alerts every time there is an incident!
To me it is a no-brainer to provide free credit freezes to citizens. We trusted credit bureaus with our data, they make a ton of money off of it, and this breach shows the impact when their…[Read more]
-
Jason A Lindsley commented on the post, Week 10 Update, on the site 6 years ago
Interesting – sounds like another Mirai attack on the horizon.
How many servers are out there with this setting unknowingly? That’s a good question. I also wonder how many servers are out there that know this vulnerability exists and “do not have the time or resources to fix it.” See my post of Atlanta ransomware below…
-
Jason A Lindsley commented on the post, Week 11 Update, on the site 6 years ago
Thanks for sharing Sev. I think it’s great that Apple is making this standard for all users and not just EU citizens that it is required for under GDPR. It will be interesting to see how much GDPR changes the landscape for data privacy beyond EU and how many other countries follow suit with similar regulations.
I’ll be interested to see what…[Read more]
-
Jason A Lindsley commented on the post, Week 11 Update, on the site 6 years ago
This is probably one of the more interesting vulnerabilities that’s been discovered due to the complexity of patching. There are probably hundreds of millions of devices that cannot ever be patched. I’ve read and heard various things about this vulnerability that downplay it’s significance – it’s difficult to weaponize and exploit, you need…[Read more]
-
Jason A Lindsley commented on the post, Week 11 Update, on the site 6 years ago
Wow – this is a fascinating experiment. It would be interesting to do a follow-up to see what the recommendations are to prevent devices from flipping bits. Although it seems like the problem is relatively minor, it would be interesting to see what some of the root causes are for the thematic errors, especially in Windows devices. Thanks for…[Read more]
-
Jason A Lindsley commented on the post, ICE 5.1 Telling a Story through Visualization, on the site 6 years ago
I thought it was interesting that one individual estimated that they could have spent about 10 – 20% of the cost to bring in the consultants to help with the issues prior to the incident. I guess that estimate ($270K – $540K) assumes the city already has a security department that can implement and sustain the services recommended by the…[Read more]
-
Jason A Lindsley commented on the post, Progress Report for Week Ending, September 29, on the site 6 years ago
A very interesting model. I especially thought the service used for device-to-device and device-to-cloud certificate-based authentication is an interesting concept to secure IoT devices. I assume this is something that could prevent rogue bots (e.g. Mirai) from communicating with the devices.
-
Jason A Lindsley commented on the post, Progress Report for Week Ending, September 29, on the site 6 years ago
In addition to privacy, other VPN benefits include access to your US Netflix catalog and other geographical based streaming services when traveling out of the country!
-
Jason A Lindsley commented on the post, Week 14 Update, on the site 6 years, 8 months ago
https://thehackernews.com/2018/04/iphone-itunes-wifi-sync.html
The article talks about the risk of trusting another computer when you plug your iPhone in the USB port to charge it. I rarely ever do this, but when I do use a computer USB to charge my phone, I never “trust” it. This article also talks about the risk of connecting to free…[Read more]
-
Jason A Lindsley commented on the post, Week 14 Update, on the site 6 years, 8 months ago
In addition to privacy, other VPN benefits include access to your US Netflix catalog and other geographical based streaming services when traveling out of the country!
-
Jason A Lindsley commented on the post, Week 14 Update, on the site 6 years, 8 months ago
A very interesting model. I especially thought the service used for device-to-device and device-to-cloud certificate-based authentication is an interesting concept to secure IoT devices. I assume this is something that could prevent rogue bots (e.g. Mirai) from communicating with the devices.
-
Jason A Lindsley commented on the post, Week 14 Update, on the site 6 years, 8 months ago
I thought it was interesting that one individual estimated that they could have spent about 10 – 20% of the cost to bring in the consultants to help with the issues prior to the incident. I guess that estimate ($270K – $540K) assumes the city already has a security department that can implement and sustain the services recommended by the…[Read more]
-
Jason A Lindsley commented on the post, Week 11 Update, on the site 6 years, 8 months ago
https://www.wired.com/story/fin7-carbanak-hacking-group-behind-a-string-of-big-breaches/
This article is about a very sophisticated organization that makes about $50 million a month stealing credit cards from POS systems. They have been connected to many of the major POS breaches, including more recently SAKS Fifth Avenue, Saks Off 5th, and…[Read more]
-
Jason A Lindsley commented on the post, Week 11 Update, on the site 6 years, 8 months ago
Wow – this is a fascinating experiment. It would be interesting to do a follow-up to see what the recommendations are to prevent devices from flipping bits. Although it seems like the problem is relatively minor, it would be interesting to see what some of the root causes are for the thematic errors, especially in Windows devices. Thanks for…[Read more]
-
Jason A Lindsley commented on the post, Week 11 Update, on the site 6 years, 8 months ago
This is probably one of the more interesting vulnerabilities that’s been discovered due to the complexity of patching. There are probably hundreds of millions of devices that cannot ever be patched. I’ve read and heard various things about this vulnerability that downplay it’s significance – it’s difficult to weaponize and exploit, you need…[Read more]
-
Jason A Lindsley commented on the post, Week 11 Update, on the site 6 years, 8 months ago
Thanks for sharing Sev. I think it’s great that Apple is making this standard for all users and not just EU citizens that it is required for under GDPR. It will be interesting to see how much GDPR changes the landscape for data privacy beyond EU and how many other countries follow suit with similar regulations.
I’ll be interested to see what…[Read more]
-
Jason A Lindsley commented on the post, Week 10 Update, on the site 6 years, 9 months ago
Interesting – sounds like another Mirai attack on the horizon.
How many servers are out there with this setting unknowingly? That’s a good question. I also wonder how many servers are out there that know this vulnerability exists and “do not have the time or resources to fix it.” See my post of Atlanta ransomware below…
-
Jason A Lindsley commented on the post, Week 10 Update, on the site 6 years, 9 months ago
Nice analogy Fred! At least I know the logging and monitoring in North Philly is working because I get Temple text alerts every time there is an incident!
To me it is a no-brainer to provide free credit freezes to citizens. We trusted credit bureaus with our data, they make a ton of money off of it, and this breach shows the impact when their…[Read more]
-
Jason A Lindsley commented on the post, Week 10 Update, on the site 6 years, 9 months ago
The city of Atlanta’s network has been disrupted for six days from a Ransomeware attack and time is running out to pay the six-bitcoin ransom payment by end of day today.
The attack was conducted by SamSam, who has collected…[Read more]
- Load More