Why a massive DDoS attack on a blogger has internet experts worried

DOS and DDOS attacks are far from a thing of the past or something that is easily mitigated.  Mr. Krebs has taught us that over the last week.  Organizations should take their preparations very seriously.

https://nakedsecurity.sophos.com/2016/09/29/why-a-massive-ddos-attack-on-a-blogger-has-internet-experts-worried/

Advertisements

End-of-support devices on networks weakening cyberdefenses, report

This article is extremely telling in terms of the true risks many of us face in supporting customers, either external or internal, from an IT security perspective.  A lack of product and equipment maintenance, in terms of replacement schedules and upgrades, causes security issue after security issue, and frankly, the motivation to correct the problem by the customer comes way too late.  Usually a system is either down or compromised or both.

System maintenance and system lifecycle management are important components to the success of any organization and should be talking points for any IT security professional when discussing risk management.

http://www.scmagazine.com/end-of-support-devices-on-networks-weakening-cyberdefenses-report/article/525610/

Krebs – Inside Arizona’s Pump Skimmer Scourge

This is an interesting read detailing the continued growth of fuel pump skimming, in this case with specific examples from the state of Arizona.  One particularly interesting tidbit is the discussion of pump master keys.  As someone who has worked around and supported from the periphery many fuel centers, I have witnessed first hand the challenges of dealing with pump locks.  Most pumps are indeed keyed alike and there is a significant expense to the retailer to convert to non-standard locks.  This is an issue that should be better addressed at the industry level.

https://krebsonsecurity.com/2016/09/inside-arizonas-pump-skimmer-scourge/