Archive for August, 2019

F-15 gets PWND

My default thought is that if you get physical access to it, you can hack it eventually. You really need to test with outside white hat hackers on your system to make sure you are doing everything you can to secure your stuff.


By KingCorey in fun  .::. Comments Off on F-15 gets PWND

Windows Wormable

If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately.

https://thehackernews.com/2019/08/windows-rdp-wormable-flaws.html


By KingCorey in fun  .::. Comments Off on Windows Wormable

The SMARTEST phone is to not use one

Often we overlook that handy tool as the most insecure device we have. Cell phones have been a target for every hacker for a very long time. Best advice I can give is stop using it, but I know that isn’t going to happen.

Next best advice is carry a dumb phone and turn it off most of the time. Again, probably not going to happen.
This well done article tells all about the Wireless Service and what is happening on that front. Enjoy.

https://krebsonsecurity.com/2019/08/who-owns-your-wireless-service-crooks-do/


By KingCorey in fun  .::. Comments Off on The SMARTEST phone is to not use one

Critical ‘Update Now’ Warning Issued For VxWorks OS Inside 2 Billion IoT Devices

AN UNPRECEDENTED WARNING HAS BEEN ISSUED AFTER IT WAS DISCOVERED THAT 2 BILLION COMMONPLACE IOT DEVICES—INCLUDING PRINTERS, FIREWALLS AND MEDICAL EQUIPMENT—CARRY CRITICAL OPERATING SYSTEM VULNERABILITIES WHICH EXPOSE NETWORKS AND ORGANIZATIONS TO THE RISK OF CYBERATTACK.

Needless to say you should be checking on this ASAP. You probably have some of this in your IoT area.

https://techsecurity.news/2019/08/critical-update-now-warning-issued-for-vxworks-os-inside-2-billion-iot-devices/


By KingCorey in fun  .::. Comments Off on Critical ‘Update Now’ Warning Issued For VxWorks OS Inside 2 Billion IoT Devices

Another inside threat

AT&T employees took bribes to plant malware on the company’s network

If you don’t watch what they are doing, what are your employees doing? And if it is offshore or outsourced how can you know what the vendor is doing in a far away land?

https://www.zdnet.com/article/at-t-employees-took-bribes-to-plant-malware-on-the-companys-network/


By KingCorey in fun  .::. Comments Off on Another inside threat

PaloAlto – The choice for secure

I started hearing about PaloAlto devices replacing the CISCO firewalls last year. I’m hearing more and more about them in 2019. Apparently they are doing it right. Keep your eyes on these guys. I’m thinking they are going to be the ones to beat in Firewall protection.

https://blog.paloaltonetworks.com/2019/07/palo-alto-networks-achieves-highest-security-effectiveness-score-recommended-rating-nss-labs-2019-ngfw-group-test/


By KingCorey in fun  .::. Comments Off on PaloAlto – The choice for secure

Another day, and more info on Capital One Hack

https://www.marketwatch.com/story/guid/65F7FE4D-F04C-495D-BD24-5FCD5B3C5B11

AWS is getting a hard look by the FBI, and other companies are working on assessment. Remember the cloud is just somebody else’s computers. How well it is all secured is important.

Ask yourself is the price for that cloud service just too cheap? Often you get what you pay for as one comment says in the above article. You are getting cheap offshore H1B people who are making $20/hour. They may not take it as seriously as you think they should.
Constant reassessment of your security risk and updating security as things change is often your best defense. Apparently this is just the start, expect that we will keep seeing more come out, and other things get uncovered just because everyone is looking this direction. AWS will have people crawling all over it for a while, ask yourself if you should be looking at AZURE or Google as well, and the answer is obviously, YES.

More and different info at the link below.

https://www.msn.com/en-us/money/companies/why-the-capital-one-breach-is-unlike-any-other-major-hack/ar-AAF4qVM


By KingCorey in fun  .::. Comments Off on Another day, and more info on Capital One Hack


You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.