It is important to know and understand the devices you have deployed throughout your organization and what roles those device play in the function and security of your environment. If you have any Cisco ASR 1000 devices in play, specifically on the edge of your network or with some form of public facing interface, take notice of this patch and apply as soon as possible. Given the ease of exploitation, this vulnerability will be leveraged in the wild.
I am excited to see NIST produce a new series of helpful guidelines and best practices. This SP 1800 has strong potential.
This is yet another disturbing vehicle hack, but in this case, the vulnerability lies in the OnStar related mobile app and not in the vehicle embedded system. At least the security stop gap does not mean you have to stop driving your car.
For those of you managing a big data analytics platform or repository, this article is for you. Teradata is a fairly popular platform and these types of vulnerabilities should be taken seriously. All systems should be part of a standardized patching cycle. No systems are bulletproof. Even airgaps can be overcome.
Michael Chertoff is an opinion worth heeding, so I would highly recommend reading through his comments on the dangers of mandatory crypto backdoors.
This is both some valuable statistical data to tuck away when preparing for a debate around preparedness as well as a nice outline of to-do’s from an incident response perspective.
Patching is always important, especially when related to core web infrastructure. If you use WordPress as your site’s foundation, now is the time to patch.
For those of you not lost in the world of credit card transactions and security measures, EMV is the standard for moving branded credit cards from swipe and sign technologies to chip and pin. Though sad, the results detailed in this article are in no way surprising. Many retailers simply do not understand the value of EMV or do not care enough for their customers relative to the potential cost for new pin pads.
It is good to see an auto maker take this type of threat seriously and respond with both patches to the software and mass communications to owners. That said, I do believe the research team deserves more recognition and credit for the work they performed.