Sharing is Caring
In pre-school, we were taught (well, before it was considered the mark of creeping socialism) that sharing was good. Share your toys. Share snacks. Why we even shared colds, flu’s and viruses. …
DetailsThe Latest Heartbleed Bug Bombshell: NSA Knows About it and Uses It
The US National Security Agency (NSA) reportedly knew about the Heartbleed bug flaw and regularly used it to gather critical intelligence, according to the Bloomberg news agency. Heartbleed is the name given…
DetailsEvidence Appearing That NSA Knew About Heartbleed
While Bruce Schneier may have been jumping to conclusions when he said: “At this point, the probability is close to one that every target has had its private keys extracted…
DetailsDodging the Bullet
When the point of sale terminals at Target were hacked last December, issuing banks (the banks that issued credit cards to consumers) were on the hook for millions of dollars…
DetailsUsing Trust Interfaces to Build an IT Security Strategy
After presenting this week at InfoSecWorld 2014 on Why Risk Management Fails, I was asked by a frustrated risk management professional how to build an IT security program. The days…
DetailsThe Latest on the Heartbleed Bug
In the days since the Heartbleed Bug, a vulnerability in OpenSSL heart beat function, was exposed we have begun to see signs of the Internet bleeding out. Bruce Schneier ranks…
DetailsHeartbleed Bug: What Are We Forgetting to Worry About?
Considering that SSL protocols, including OpenSSL, are used anywhere machines have to communicate securely with each other, Heartbleed isn’t just a problem for Web servers. The vulnerability is present in…
DetailsHeartbleed Vulnerability is a Major Heartache
The announcement yesterday of a widely deployed vulnerability in OpenSSL, the Heartbleed Bug, is set to shake up the security industry. According to the discoverers at Codenomicon and Google, all Apache…
DetailsFederal Banking Regulators Warn of Increased Cyberattacks on ATMs
Cyber-attackers are withdrawing large amounts of money using stolen debit card information, often in amounts exceeding ATM limits or even the amount the victim has in the account, the Federal…
DetailsFFIEC Notifies Financial Institutions of Continued DDoS Attacks
The US Federal Financial Institution Examination Council’s (FFIEC) recent guidance on distributed denial of service (DDoS) attacks, provides financial institutions with at least six-steps as part of their responsibility to mitigate…
Details