Jason A Lindsley

This article really reinforces the need for more cyber awareness in both public and private sectors. I attended a round table this week that was focused on improving Cyber Awareness for financial institutions. There were a lot of creative ideas discussed and some programs were really impressive. We recently kicked off a Cyber Awareness…[Read more]

Nice analogy Fred! At least I know the logging and monitoring in North Philly is working because I get Temple text alerts every time there is an incident!

To me it is a no-brainer to provide free credit freezes to citizens. We trusted credit bureaus with our data, they make a ton of money off of it, and this breach shows the impact when their…[Read more]

Interesting – sounds like another Mirai attack on the horizon.

How many servers are out there with this setting unknowingly? That’s a good question. I also wonder how many servers are out there that know this vulnerability exists and “do not have the time or resources to fix it.” See my post of Atlanta ransomware below…

Thanks for sharing Sev. I think it’s great that Apple is making this standard for all users and not just EU citizens that it is required for under GDPR. It will be interesting to see how much GDPR changes the landscape for data privacy beyond EU and how many other countries follow suit with similar regulations.

I’ll be interested to see what…[Read more]

This is probably one of the more interesting vulnerabilities that’s been discovered due to the complexity of patching. There are probably hundreds of millions of devices that cannot ever be patched. I’ve read and heard various things about this vulnerability that downplay it’s significance – it’s difficult to weaponize and exploit, you need…[Read more]

Wow – this is a fascinating experiment. It would be interesting to do a follow-up to see what the recommendations are to prevent devices from flipping bits. Although it seems like the problem is relatively minor, it would be interesting to see what some of the root causes are for the thematic errors, especially in Windows devices. Thanks for…[Read more]

I thought it was interesting that one individual estimated that they could have spent about 10 – 20% of the cost to bring in the consultants to help with the issues prior to the incident. I guess that estimate ($270K – $540K) assumes the city already has a security department that can implement and sustain the services recommended by the…[Read more]

A very interesting model. I especially thought the service used for device-to-device and device-to-cloud certificate-based authentication is an interesting concept to secure IoT devices. I assume this is something that could prevent rogue bots (e.g. Mirai) from communicating with the devices.

In addition to privacy, other VPN benefits include access to your US Netflix catalog and other geographical based streaming services when traveling out of the country!

https://thehackernews.com/2018/04/iphone-itunes-wifi-sync.html

The article talks about the risk of trusting another computer when you plug your iPhone in the USB port to charge it. I rarely ever do this, but when I do use a computer USB to charge my phone, I never “trust” it. This article also talks about the risk of connecting to free…[Read more]

In addition to privacy, other VPN benefits include access to your US Netflix catalog and other geographical based streaming services when traveling out of the country!

A very interesting model. I especially thought the service used for device-to-device and device-to-cloud certificate-based authentication is an interesting concept to secure IoT devices. I assume this is something that could prevent rogue bots (e.g. Mirai) from communicating with the devices.

I thought it was interesting that one individual estimated that they could have spent about 10 – 20% of the cost to bring in the consultants to help with the issues prior to the incident. I guess that estimate ($270K – $540K) assumes the city already has a security department that can implement and sustain the services recommended by the…[Read more]

https://www.wired.com/story/fin7-carbanak-hacking-group-behind-a-string-of-big-breaches/

This article is about a very sophisticated organization that makes about $50 million a month stealing credit cards from POS systems. They have been connected to many of the major POS breaches, including more recently SAKS Fifth Avenue, Saks Off 5th, and…[Read more]

Wow – this is a fascinating experiment. It would be interesting to do a follow-up to see what the recommendations are to prevent devices from flipping bits. Although it seems like the problem is relatively minor, it would be interesting to see what some of the root causes are for the thematic errors, especially in Windows devices. Thanks for…[Read more]

This is probably one of the more interesting vulnerabilities that’s been discovered due to the complexity of patching. There are probably hundreds of millions of devices that cannot ever be patched. I’ve read and heard various things about this vulnerability that downplay it’s significance – it’s difficult to weaponize and exploit, you need…[Read more]

Thanks for sharing Sev. I think it’s great that Apple is making this standard for all users and not just EU citizens that it is required for under GDPR. It will be interesting to see how much GDPR changes the landscape for data privacy beyond EU and how many other countries follow suit with similar regulations.

I’ll be interested to see what…[Read more]

Interesting – sounds like another Mirai attack on the horizon.

How many servers are out there with this setting unknowingly? That’s a good question. I also wonder how many servers are out there that know this vulnerability exists and “do not have the time or resources to fix it.” See my post of Atlanta ransomware below…

Nice analogy Fred! At least I know the logging and monitoring in North Philly is working because I get Temple text alerts every time there is an incident!

To me it is a no-brainer to provide free credit freezes to citizens. We trusted credit bureaus with our data, they make a ton of money off of it, and this breach shows the impact when their…[Read more]

https://www.npr.org/sections/thetwo-way/2018/03/28/597758947/time-is-running-out-for-atlanta-in-ransomware-attack

The city of Atlanta’s network has been disrupted for six days from a Ransomeware attack and time is running out to pay the six-bitcoin ransom payment by end of day today.

The attack was conducted by SamSam, who has collected…[Read more]