An attack that was originally spotted in August affecting DLink routers has spread to over 100,000 routers including 70 different models. The attack originally targeted Brazilian banking customers by compromising their internet router, changing the DNS server and pointing them to a bogus, look-alike banking site. From there, they steal your credentials. Not satisfied with […]
Continue reading → [DISPLAY_ACURAX_ICONS]Former WaPo columnist turned security sleuth (after the Washington Post eliminated his position because cyber security was not important) reported on several recent vishing (voice phishing) scams, two of which involved large sums of money. These are a word to the wise, both personally and for businesses. In the first case, Matt Haughey, creator of the […]
Continue reading → [DISPLAY_ACURAX_ICONS]Ancient Chinese Proverb: May You Live In Interesting Times. Well welcome to interesting times. Today, Facebook said that the accounts of 50 million users were compromised. The hackers compromised the security “tokens” that Facebook uses to authenticate users and not the passwords themselves. Facebook revoked those users “tokens” to stop them from continuing to be used. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Cisco Will Eliminate Hard Coded Passwords One Per Month It seems like every patch cycle, Cisco admits to another app that has an undocumented hard coded password. I have lost track of how many of them they have removed so far, but the number is scary large. What is more scary is that I bet […]
Continue reading → [DISPLAY_ACURAX_ICONS]There are people who think open source is the holy grail of software, I am not one of them. Apparently hackers agree with me. So does the Department of Defense. They have even coined a term – SCRM or Supply Chain Risk Management. Bottom line, developers need to understand that there is a war out […]
Continue reading → [DISPLAY_ACURAX_ICONS]The hackers seem to be winning. One solution I have advocated for over the last many years to reduce credit card fraud is a technique called credit card tokenization. When a merchant accepts a credit card, that card information is immediately tokenized and that token is all that the merchant keeps. If they need to […]
Continue reading → [DISPLAY_ACURAX_ICONS]