Heartbleed bug causes Phishing and Scams to rise

Posted on April 21, 2014 by admin

My buddy Aamir Lakhani wrote a post on the reaction to Heartbleed. He points out the media attention on Heartbleed is opening new opportunities for phishing attacks. The original post can be found HERE.

Everyone is in frenzy due to the OpenSSL Heartbleed bug. The mainstream media has been reporting on it for a few days. Unfortunately, with this much publicity, there is also opportunity for attackers to take advantage of the hype. In the last 24 hours I am seeing a major rise in phishing emails and other scams.

As people understand and hear about the bug, I expect scams and malicious phishing emails to exponentially increase. Continue reading →

Rating: 0.0/5 (0 votes cast)

Computer Viruses Facts and Statistics

Posted on April 20, 2014 by admin

The people at toptenreviews provided a interesting infographic about facts and statistics on computer viruses. They break up where they tend to come from as well as the most common infections. There is also a brief blurb on conficker since its the most prolific virus to date. The original can be found HERE. Continue reading →

Rating: 0.0/5 (0 votes cast)

Device Fingerprinting – What it is and defense measures

Posted on April 14, 2014 by admin

The people at webdesigndegreecenter developed a infographic covering device fingerprinting beyond standard cookie tracking. The original infographic can be found HERE. Continue reading →

Rating: 0.0/5 (0 votes cast)

Am I Vulnerable To HeartBleed? Questions You Should Be Asking

Posted on April 11, 2014 by admin

Wow, what a crazy week! I’ve been slammed with questions about the heartbleed pandemic and thought I would provide a post answering “so what should I do?”.

For those that don’t know about heartbleed, read this post HERE. I found this cartoon a entertaining way of explaining heartbleed in non-technical terms. The original cartoon can be found HERE via xkcd.com

What should you do? Continue reading →

Rating: 5.0/5 (1 vote cast)

OpenSSL Heartbleed Bug Impacting More Than Half Of The Internet

Posted on April 9, 2014 by admin

My buddy Aamir Lakhani wrote a great post covering the recently exposed security vulnerability that impacts more than half of the websites on the Internet. Its something everybody needs to be aware of. The original article can be found HERE.

Heartbleed is a serious vulnerability affecting OpenSSL cryptographic libraries. The Heartbleed vulnerability allows an attacker to steal information protected under normal SSL TLS conditions.

Here is what you need to know:

This is a very serious vulnerability.
It harms personal computers and everyday users. Attackers could possibly steal user information.
Many popular websites, including social media, search, email, banking, and health sites are vulnerable.
The bug is found on most systems and has been present since 2012.
Most likely, attackers knew about the vulnerability, and may have been exploiting it for a long time.
Patching and updating systems will not protect owners from attackers who have already captured data.

Continue reading →

Rating: 0.0/5 (0 votes cast)

NSS Labs Breach Detection Systems (BDS) Comparative Analysis Report

Posted on April 8, 2014 by admin

NSS labs just released their Breach Detection Systems Report found HERE. The purpose for this report is based on the concept that there is a need for security solutions that extend beyond defense measures found in common security products such as Anti-Virus and IPS network appliances. NSS labs have developed a name for the feature designed to stop advanced threats known as having “Breach Detection” capabilities. Its pretty much technology you would implement as a last layer in the event a threat breaches your firewall, AV and network security defenses. Continue reading →

Rating: 0.0/5 (0 votes cast)

Launching and Preventing Denial of Service Attacks – DDoS / DoS

Posted on April 3, 2014 by admin

I have recently seen a uptick in DDoS / DoS attacks against my customers and asked questions such as “how easy is it to perform these attacks?”, “who launches these attacks?” and “how can I defend against such attacks?”. I have spoke about this topic in the past however will provide both the executing and defending side of DoS in this post. Continue reading →

Rating: 0.0/5 (0 votes cast)

Five Myths about NetFlow

Posted on March 31, 2014 by admin

Alicia Butler from Lancope wrote a interesting post about the 5th Myths about NetFlow. You can find the original post HERE.

NetFlow is an important tool for incident responders, providing valuable insight into the activities that take place on organizations networks. NetFlow is capable of summarizing information about network traffic into brief records that may be maintained indefinitely, providing a running history of network connections that may be referenced during incident response.

With all the good NetFlow brings, there are still some misconceptions about NetFlow that need to be dispelled. Continue reading →

Rating: 5.0/5 (1 vote cast)

The Darknet

Posted on March 22, 2014 by admin

I’ve had people ask about the Darknet and decided to provide a brief overview. To summarize, the Darknet is not some evil network designed to cause chaos. I find it funny when articles refer to the Darknet as some form of attack or thing to watch out for. To put it simply, the Darknet is a closed or hidden network meaning you can’t access webpages using standard Internet browsers. In order to find dark resources, you need specific software and sometimes special permission to access parts of the network. The next screenshot is one method using a TOR browser. Continue reading →

Rating: 0.0/5 (0 votes cast)