Blog Stats
- 75,640 hits
Monthly Archives: December 2014
It’s THAT Time of Year
The year end is the time to start giving predictions of how next year will roll. Here are a few reports that have already been published (they all open in a new tab): WebSense Trend Micro Tech Republic CSO Online … Continue reading
Posted in Security Blog
Tagged 2014, 2015 Security Predictions, Information Technology Security Awareness, NIST 800-34, NIST 800-61, Security Awareness
Comments Off on It’s THAT Time of Year
Honeywell Point-of-Sale Systems Buffer Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Honeywell OPOS Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific … Continue reading
Posted in Security Blog
Tagged 2014, credit card, honeywell, overflow, point-of-sale, vulnerability
Comments Off on Honeywell Point-of-Sale Systems Buffer Overflow Vulnerability
Iran vs. Las Vegas Sands
You may have heard that Las Vegas Sands was hacked recently, but it happened nearly a year ago on February 10th of 2014. PCs and Servers were getting shut down and their hard drives started to erase. The phone lines … Continue reading
Posted in Security Blog
Tagged 2014, billionaire Sheldon Adelson, hacked, hackers, Iran, Iran’s Supreme Leader Ayatollah Ali Khamenei, Sands Las Vegas
Comments Off on Iran vs. Las Vegas Sands
Hypercom of Scottsdale, Arizona’s Equinox Payments
Equinox is working with customers, distributors, and channel partners to replace the certificates to return terminals to an operational state after all payment terminals bricked themselves. Why? Because cryptographic certificates used in the devices has expired en masse. Many merchants … Continue reading
Posted in Security Blog
Tagged 2014, Arizona, Brian Krebs, business resiliency, certificate management, credit card, equinox, hypercom, Scottsdale
Comments Off on Hypercom of Scottsdale, Arizona’s Equinox Payments
Iowa Might Go Walletless
With Google Wallet and Apple Pay starting to take off, Geico putting your insurance on an app on your phone with digital ID cards, the only thing left for wallets is the driver’s license. Well, that too may go digital. … Continue reading
Posted in Security Blog
Tagged 2014, digital drivers license, iowa, wallets
Comments Off on Iowa Might Go Walletless
US Navy Laser Weapon System
The Afloat Forward Staging Base (Interim) USS Ponce (ASB(I) 15) conducts an operational demonstration of the Office of Naval Research (ONR)-sponsored Laser Weapon System (LaWS) while deployed to the Arabian Gulf. The LaWS consists of a 30-kilowatt solid-state infrared laser, … Continue reading
Posted in Security Blog
Tagged 2014, Lasers, military, Navy, pen test, vulnerability scan, Weapons
Comments Off on US Navy Laser Weapon System
POODLE attack through TLS
POODLE = Padding Oracle On Downgraded Legacy Encryption Once upon a time, in October, I wrote about SSL POODLE, a flaw in how browsers handle encryption; by negotiating down to SSL 3.0, attackers can alter padding data at the end … Continue reading
Posted in Security Blog
Tagged 2014, eavesdropping, man-in-the-middle, mitm, Padding Oracle On Downgraded Legacy Encryption, POODLE, ssl, tls
Comments Off on POODLE attack through TLS
Smartwatch to Smartphone Data Interception
Data sent between a Smartwatch and an Android smartphone could be a subject to brute force hacks to intercept and decode users’ data, including everything from text messages to Google Hangout chats and Facebook conversations. Liviu Arsene explains. Read more … Continue reading
Posted in Security Blog
Tagged 2014, android, bluetooth, cyber risk, Google, nfc, risk, smart-watch, sniffing, video tutorial, wearables
Comments Off on Smartwatch to Smartphone Data Interception
Robocops is Now
Robotics firm Knightscope has announced its plans to deploy autonomous guards for hire in Silicon Valley. You can rent some too, starting as low as $6.25/hour with at least a year contract on a MaaS (Machine-as-a-Service) rental basis. The robots … Continue reading
Posted in Security Blog
Tagged 2014, botnet, botnets, killer robots, MaaS, Robocop, robot, robots
Comments Off on Robocops is Now