This is a guest diary submitted by Chris Sanders.
The Association of Certified Fraud Examiners today announced they have selected Yours Truly as the recipient of this year’s “Guardian Award,” an honor given annually to a journalist “whose determination, perseverance, and commitment to the truth have contributed significantly to the fight against fraud.” The Guardian Award bears the inscription “For Vigilance in Fraud Reporting.” Previous honorees include former Washington Post investigative reporter and two-time Pulitzer Prize winner Susan Schmidt ; Diana Henriques , a New York Times contributing writer and author of The Wizard of Lies (a book about Bernie Madoff); and Allan Dodds Frank , a regular contributor to Fortune.com and The Daily Beast . I’d like to thank the ACFE for this prestigious award, and offer a special note of thanks to all of you dear readers who continue to support my work as an independent journalist. The ACFE’s blog post about the award is here .
Vulnerability Note VU#447516 Linksys SMART WiFi firmware contains multiple vulnerabilities Original Release date: 31 Oct 2014 | Last revised: 31 Oct 2014 Overview Linksys EA series routers running the Linksys SMART WiFi firmware contain multiple vulnerabilities. Description CWE-320 : Key Management Errors – CVE-2014-8243 An unauthenticated attacker on the local area network (LAN) can read the router’s .htpassword file by requesting http(s):// /.htpasswd . The .htpasswd file contains the MD5 hash of the administrator password
ISC StormCast for Friday, October 31st 2014 http://isc.sans.edu/podcastdetail.html?id=4217, (Fri, Oct 31st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
The Obama administration recently issued an executive order requiring that federal agencies migrate to more secure chip-and-PIN based credit cards for all federal employees that are issued payment cards. The move marks a departure from the far more prevalent “chip-and-signature” standard, an approach that has been overwhelmingly adopted by a majority of U.S.
Often the start of a problem and its solution is receiving a call from a manger, project manager or other non-technical decision maker. Youll know going in that the problem is absolutely real, but the information going in might be a total red herring. Some classic examples are: The network is slow I ran a speed test, we should being seeing 10x the speed
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.