information security

Michaels Retailer Loses 3 Million Credit Cards

This week, as in many occasions in the past, there is news of a massive theft of credit card data. This time it is the retailer Michaels, who lost 3 million credit cards. I don’t say “stolen,” I say “lost,” because anyone still using magnetic card readers (i.e., most of America) has only themselves to blame for that. Cards protected with a pin or chip are worthless on the black market, because the card number by itself is not sufficient to make a purchase. Because of the disaster at Target, that retailer is moving to the European and Latin American type card readers, which are much more secure, because they authenticate using a pin or the chip on the card.

 Read more…

The Heartbeat Bug

By now you have heard about the Heartbeat security issue with OpenSSL. Here we are going to describe what exactly the problem is and how it affects Apache and Nginx web servers. Read more…

How Malware Actually Infects the Computer

People know that phishing lets hackers invade computers using drive by downloads. But how does this actually work? Let’s look at one example. Recently Microsoft released this security advisory: * Microsoft Security Advisory (2934088) – Title: Vulnerability in… Read More

Security – the Insider Threat

The military and intelligence communities are taking measures to keep a closer eye on their own employees in the wake of the massive loss of data taken by Private Bradley Manning and NSA contractor Edward Snowden. You would… Read More

White Hat Hackers

A white hat hacker is a company or individual that probes your network and computers to look for weaknesses. They try to breach the security of your systems and gain access to your computers. The goal is to show how your systems can be breached, so that you can then fix any gaps that they find. What they find would show that certain systems need patching (operating systems plus software), that you might need to boost employee training, and that you might need to change system audit and logging policies and install new software or network appliances or change the configuration in what you already have. Read more…

The EU Plans to Keep Data Inside Its Boundaries

We have written before about the impact of data privacy concerns in hosted applications. Some countries are concerned about eavesdropping by foreign government agencies, and this has the potential to impact the way SaaS applications are deployed (take… Read More

Target Malware Revealed

Since we first reported that hackers had stolen credit card data from Target, the news has grown worse for the retailer.  Now they say that the original estimate of 40 million credit and debit card stolen was short. … Read More

How Secure is your Encryption?

Recently The Washington Post and others – reported that the NSA is working to build a quantum computer so powerful that it could, according to the newspaper, “… break nearly every kind of encryption used to protect banking, medical,… Read More