FireEye , a security research firm, recently disclosed an interesting attack against iOS devices. Apparently, iOS allows a rogue iPhone app to replace a genuine iPhone app. Once that rogue app is now installed, it can do anything the real app could do – PLUS send a copy of your banking credentials Moscow or Kiev […]
Continue reading → [DISPLAY_ACURAX_ICONS]An article in SC Magazine recommends that organizations apply this month’s Microsoft patches very quickly. Among the patches: One vulnerability, CVE-2014-6332, had been remotely exploitable for 18 years prior to its patch, and could be used by an attacker to circumvent Microsoft’s free anti-exploitation tool EMET and its Enhanced Protected Mode (EPM) sandbox in Internet […]
Continue reading → [DISPLAY_ACURAX_ICONS]The US Department of Homeland Security through the Computer Emergency Readiness Team (CERT) at Carnegie Mellon issued an alert to owners of a number of Linksys routers to patch those routers ASAP. The alert referenced two vulnerabilities – the first one allowed anyone on the internet to read or modify sensitive information on the router; […]
Continue reading → [DISPLAY_ACURAX_ICONS]An article in American Banker talks about the fight that all the banks are fighting right now. JP Morgan Chase CEO Jamie Dimon Says the bank plans to double its $250 million annual computer security budget within the next five years. I think Chase understands the problem; Dimon said “It’s about firewall protection, it’s about […]
Continue reading → [DISPLAY_ACURAX_ICONS]Sometimes not using best practices gets us. Other times it is fatal. Check out this article about an admin who had his (or her) entire universe fall down around his/her ankles. The article shows how, in this case, not following best practices was more than a little inconvenient. The admin was reading his email, apparently […]
Continue reading → [DISPLAY_ACURAX_ICONS]An article in the Times a week ago says that the Feds and States want banks and brokerage firms to close some gaping holes in their defenses. What is that gaping hole? OUTSIDE VENDORS! Many people are aware that the suspected source of the Target breach was a small HVAC contractor. They didn’t do anything […]
Continue reading → [DISPLAY_ACURAX_ICONS]