
“Diligence is the mother of good fortune and idleness, its opposite never brought a man to the goal of any of his best wishes.” -Miguel De Cervantes JPMorgan Chase customers targeted in massive phishing campaign http://www.scmagazine.com/jpmorgan-chase-customers-targeted-in-massive-phishing-campaign/article/367615/ http://www.darkreading.com/jp-morgan-targeted-in-new-phishing-campaign/d/d-id/1306589? C-IT Recommendation Provide social engineering awareness for your customers. Ensure you communicate specifically how your organization will communicate […]
Aug 25, 2014
8 min

“Out there in some garage is an entrepreneur who’s forging a bullet with your company’s name on it.” -Gary Hamel Cybercriminals Deliver Point-of-Sale Malware to 51 UPS Store Locations http://www.securityweek.com/cybercriminals-deliver-point-sale-malware-51-ups-store-locations http://www.scmagazine.com/ups-announces-breach-impacting-51-us-locations/article/367257/ C-IT Recommendation Create new non-intuitive usernames for POS accounts. Disable the default usernames. Use Strong password for Terminal log in accounts and change them […]
Aug 21, 2014
9 min

Bulk of Ex-Employees Retain Access to Corporate Apps: Survey http://www.securityweek.com/bulk-ex-employees-retain-access-corporate-apps-survey http://www.infosecurity-magazine.com/news/uk-smbs-manage-exemployee-risk/ C-IT Recommendation Verify your company has an effective and enforced access control standard and policy which requires that access be removed when an employee transfers within the organization or leaves the organization. Use Role based Access Control. Roles should be specifically defined by the […]
Aug 18, 2014
9 min

“It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.” – Charles Darwin Windows tech support scammers take root in the U.S. http://www.csoonline.com/article/2464030/security-leadership/windows-tech-support-scammers-take-root-in-the-u-s.html Article Resources Malwarebytes blog on the scare tactic https://blog.malwarebytes.org/fraud-scam/2014/08/beware-of-us-based-tech-support-scams/ 2014 So Far: The Year of the Data Breach http://www.infosecurity-magazine.com/news/2014-the-year-of-the-data-breach/ C-IT […]
Aug 13, 2014
11 min

“It doesn’t take great men to do things, but it is doing things that make men great.” -Arnold Glasow PCI Council Publishes Guidance on Working With Third-party Providers http://www.securityweek.com/pci-council-publishes-guidance-working-third-party-providers http://www.scmagazine.com/pci-council-releases-third-party-security-assurance-guidance/article/365658/ C-IT Recommendation Require your third party service provider to provide a report of compliance and require the entity to conform to conducting a risk analysis […]
Aug 12, 2014
14 min

“Great men undertake great things because they are great; fools, because they think them easy.” -Luc de Vauvenargues Hackers Demand Automakers Get Serious About Security http://www.securityweek.com/hackers-demand-automakers-get-serious-about-security http://www.darkreading.com/application-security/automakers-openly-challenged-to-bake-in-security/d/d-id/1297902 C-IT Recommendation Find out if your organization has Security embedded into the Product Development Life Cycle. There should be no new systems released to the public or deployed […]
Aug 12, 2014
12 min

“The purpose of business is to create and keep a customer.” ― Peter F. Drucker Over 90% of Enterprises Exposed to Man-in-the-Browser Attacks: Cisco http://www.securityweek.com/over-90-enterprises-exposed-man-browser-attacks-cisco http://www.csoonline.com/article/2459954/data-protection/cisco-patches-traffic-snooping-flaw-in-operating-systems-used-by-networking-gear.html C-IT Recommendation Perform regular security assessments in your organization Corporate leaders must establish a security debrief cadence with the information security teams. CSOs/CISO’s should meet with operational teams weekly […]
Aug 7, 2014
16 min

“Genius is one percent inspiration and ninety–nine percent perspiration.” – Thomas A. Edison Android malware SandroRAT disguised as mobile security app http://www.scmagazine.com/android-malware-sandrorat-disguised-as-mobile-security-app/article/364455/ Article Resources McAfee Blog Post http://blogs.mcafee.com/mcafee-labs/sandrorat-android-rat-targeting-polish-banking-users-via-e-mail-phishing Emory Libraries Information Security Awareness covering Phishing http://it.emory.edu/security/security_awareness/phishing.html Most Top Free and Paid Mobile Apps Pose Threat to Enterprises: Report https://www.securityweek.com/most-top-free-and-paid-mobile-apps-pose-threat-enterprises-report C-IT Recommendation Perform an asset […]
Aug 5, 2014
12 min

“If you work just for money, you’ll never make it, but if you love what you’re doing and you always put the customer first, success will be yours.” – Ray Kroc C-Level Execs to CISOs: No Seat for You! https://www.securityweek.com/c-level-execs-cisos-no-seat-you http://www.scmagazine.com/study-ciso-leadership-capacity-undervalued-by-most-c-level-execs/article/364231/ C-IT Recommendation Corporate leaders must establish a security debrief cadence with the information security […]
Aug 4, 2014
20 min
Load more
