My Software is End-of-support, Who Cares?
With the ultimate demise of Windows XP comes questions of what it really means that software is "unsupported?" I get this question a lot when a client reads through a penetration test report for their environment and wants to know why they can't use an out-of-date version of XYZ webserver software or Windows XP (which, by the way, was supported for just shy of twelve years).
QSA Educational Discussion | Q.E.D.
We are having the first ever QSA Educational Discussion Group (Q.E.D.) next month. If you are in the Phoenix metro area, please join us.
Death of Antivirus & Indicators of Compromise
This week there have been articles popping up all over the Internet with quotes from a Symantec executive stating that antivirus software is DEAD. The articles state that antivirus solutions are only catching about 45% of cyber attacks. Both the Wall Steret Journal and Brian Krebs (Krebs on Security) posted great articles on the topic and the current state of antivirus solutions.
Heartbleed: 0-day Vulnerability in OpenSSL
A widespread and impactful 0-day vulnerability has been identified in current versions of OpenSSL that is utilized in most Linux and Unix based web servers that serve pages over SSL/TLS encryption
Everyday Cybercrime and What You Can Do
I'm a big fan of Ted Talks. I came across one that was very interesting and relevant to security. James Lyne, a cybersecurity specialist with Sophos, discussed the basics of everyday cybercrime and the simple steps each of us can take to protect ourselves from cyber attacks.