Security Longreads — Issue

September 12, 2014

Security Longreads

Issue #16

With a wealth of security reading available, the Security Longreads weekly e-mail is designed to highlight particularly interesting longer reads. Our “Security Reads” covers topics related to Information Security while our “Other Reads” are topics that have nothing to do with security but could be of interest to Information Security professionals.

Security Reads

In Wake of Confirmed Breach at Home Depot, Banks See Spike in PIN Debit Card Fraud — Krebs on Security

The card data stolen from Home Depot customers and now for sale on the crime shop Rescator[dot]cc includes both the information needed to fabricate counterfeit cards as well as the legitimate cardholder’s full name and the city, state and ZIP of the Home Depot store from which the card was stolen (presumably by malware installed on some part of the retailer’s network, and probably on each point-of-sale device).

Exploiting Ammyy Admin – developing an 0day « Thoughts on Security

I was amused, but thought little about it until the scam hit closer to home when I discovered one of these groups had managed to scam my grandparents and leave their computer an infected mess for me to clean up. So I set out to find out if I could counter an attempted scam with a full fledged remote exploit, and turn the tables on the scammers.

U.S. firm helped the spyware industry build a potent digital weapon for sale overseas — The Washington Post

U.S. firm’s work helped develop “network injection appliances†that are sold to foreign security services.

Why Social Engineering Should Be Your Biggest Security Concern

We all know the basics — strong passwords, two-factor authentication, and so on. However, the most recent security and privacy breaches have had less to do with bad passwords and more to do with social engineering. Let’s look at what that is, why it can happen without you knowing, and how you can protect yourself.

Other Reads

How to Hire Engineers: Step 1 (Sourcing) — Medium

Software startups need two kinds of resources: capital and talent, and right now capital is the easy one.

Thanks! Longreads is published every Friday, just in time for the weekend.

Comments to [longreads@jayschulman.com](mailto = longreads@jayschulman.com).

Collect and curate content easily for brilliant newsletters. Try Goodbits for free!