US CERT warning – Backoff POS agent impacts over 1000 businesses

Uncategorized Comments Off on US CERT warning – Backoff POS agent impacts over 1000 businesses

US CERT warning related to dangers of point-of-sale malware that attempts to steal credit card numbers and sensitive customer information  https://www.us-cert.gov/ncas/alerts/TA14-212A QUOTE: Over the past year, the Secret Service has responded to network intrusions at numerous businesses throughout the United States that have been impacted by the “Backoff” malware. Seven PoS system providers/vendors have confirmed that […]

Insurance and Financial organizations – Changing the Security Mindset

Uncategorized Comments Off on Insurance and Financial organizations – Changing the Security Mindset

This excellent article from “Insurance and Technology” magazine, highlights the need for organizations to take security protection seriously by performing a risk assessment, developing an incident response plan in advance, and exercising the principle of continuous improvement in both technology and human behavioral controls … Just as one does not wait until it starts raining to patch […]

Leadership – Importance of research and probing questions

Uncategorized Comments Off on Leadership – Importance of research and probing questions

John Maxwell’s leadership blog shares excellent advice regarding the need to ask meaningful questions and seek the best solutions during project research phases. http://www.johnmaxwell.com/blog/curiosity-may-have-killed-the-cat-but-it-will-build-the-leader QUOTE:   “I have no special talents. I am only passionately curious.” – Albert Einstein Curiosity = Asking … You only get answers to the questions you ask. There is a yawning […]

FBI Warning – Fake Fraduluant Corporate Purchase orders

Uncategorized Comments Off on FBI Warning – Fake Fraduluant Corporate Purchase orders

The FBI warns of an increase in highly realistic purchase orders used to defraud corporate suppliers http://www.fbi.gov/news/stories/2014/october/cyber-crime-purchase-order-scam-leaves-a-trail-of-victims/cyber-crime-purchase-order-scam-leaves-a-trail-of-victims QUOTE: What began as a scheme to defraud office supply stores has evolved into more ambitious crimes that have cost retailers around the country millions of dollars—and the Nigerian cyber criminals behind the fraud have also turned at-home […]

Microsoft Security Development Lifecycle – a historical account

Uncategorized Comments Off on Microsoft Security Development Lifecycle – a historical account

This historical account shared by Microsoft is excellent as it lead to the strategic Trustworth Computing directive and improved security protection and update processes http://www.microsoft.com/security/sdl/story/default.aspx#chapter-1   Across thousands of developers and millions of lines of code, one company learns to build secure software in an increasingly insecure world. It was 2 a.m. on Saturday, July […]

Windows 10 – Preview version guided tour by Network World

Uncategorized Comments Off on Windows 10 – Preview version guided tour by Network World

These 20 slides share highlights of the new features that are part of the Windows 10 Preview version  http://www.networkworld.com/article/2835036/windows/windows-10-a-guided-tour.html QUOTE: Microsoft released a technical preview of the next version of Windows for the public to download and try for free. Although a final release with additional features isn’t expected until the middle of 2015, there […]

Leadership – Principles apply regardless of position you are in

Uncategorized Comments Off on Leadership – Principles apply regardless of position you are in

Leadership is more of a special attribute of someone that makes them stand out from the rest, rather than a title or position. http://www.johnmaxwell.com/blog/how-can-you-be-a-leader-right-where-you-are QUOTE:  Often hear this question from younger aspiring leaders. They want to apply my teaching to their current situation, but they don’t know how. The good news is that you can […]

SSL version 3.0 – Testing and Disabling services for POODLE vulnerability

Uncategorized Comments Off on SSL version 3.0 – Testing and Disabling services for POODLE vulnerability

To test your browser in determining if your PC client is vulnerable: https://www.poodletest.com For corporate users to test server vulnerabilities https://ssltest.com Excellent documentation on how to disable SSL3 on servers and clients: https://isc.sans.edu/diary/POODLE%3A+Turning+off+SSLv3+for+various+servers+and+client.++/18837 To turn off SSLv3 support in Internet Explorer 11: Setting -> Internet Options -> Advanced Tab -> Uncheck “SSL version 3.0” under “Security”.

SSL version 3.0 – POODLE vulnerability compromises security

Uncategorized Comments Off on SSL version 3.0 – POODLE vulnerability compromises security

The Internet Storm Center has excellent resources on the new POODLE vulnerability which can greatly compromise encrypted sessions for the legacy SSLv3 protocol under the right circumstances https://isc.sans.edu/diary/SSLv3+POODLE+Vulnerability+Official+Release/18827 https://isc.sans.edu/diary.html?storyid=18837 https://technet.microsoft.com/en-us/library/security/3009008.aspx QUOTE: Finally we got an official announcement. SSLv3 had issues in the past. Remember the BEAST attack? It was never resolved (other then moving to […]

Microsoft Security Updates – OCTOBER 2014

Uncategorized Comments Off on Microsoft Security Updates – OCTOBER 2014

Critical Security updates to Microsoft Windows, Internet Explorer,  Framework, Office and other products became available on Patch Tuesday.  Users should promptly update to enjoy best levels of protection. So far, no issues encountered in early use after installation.   https://isc.sans.edu/diary/Microsoft+October+2014+Patch+Tuesday/18819 http://technet.microsoft.com/en-us/security/bulletin/ms14-oct


© 2019 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in