How Ethical Hackers Find Weaknesses and Secure Businesses

When people hear about hackers, it typically conjures up images of a hooded figure in a basement inputting random code into a computer terminal. This Hollywood cliché is far from the truth from modern-day cybersecurity experts, and it’s also important to note that not all hackers are malicious. Hackers and their role in information cybersecurity is a vastly growing career on a global scale. Market research predictions in the cybersecurity…

September 11, 2019
Read More >>

New Passive RFID Tech Poses Threat to Enterprise IoT

As RFID technology continues to evolve, IoT security measures struggle to keep pace. The Internet of Things (IoT) industry is growing at a staggering pace. The IoT market in China alone will hit $121.45 billion by 2022 and industry analysts predict that more than 3.5 billion devices will be connected through IoT globally by 2023.  Among the most important technologies precipitating this breakneck growth is RFID or Radio Frequency Identification….

September 11, 2019
Read More >>

Android RAT Exclusively Targets Brazil

A newly discovered Android remote access Trojan (RAT) is specifically targeting users in Brazil, Kaspersky reports.  Called BRATA, which stands for Brazilian RAT Android, the malware could theoretically be used to target any other Android user, should the cybercriminals behind it want to. Widespread since January 2019, the threat was primarily hosted in Google Play, but also in alternative Android app stores.  The malware targets Android 5.0 or later and…

September 2, 2019
Read More >>

Three Strategies to Avoid Becoming the Next Capital One

Recently,Capital One discovered a breach in their systemthat compromised Social Security numbers of about 140,000 credit card customers along with 80,000 bank account numbers. The breach also exposed names, addresses, phone numbers and credit scores, among other data. What makes this breach even more disconcerting is Capital One has been the poster child for cloud adoption and most, if not all, of their applications are hosted in the cloud. They…

August 29, 2019
Read More >>

Why a Business-Focused Approach to Security Assurance Should Be an Ongoing Investment

How secure is your organization’s information? At any given moment, can a security leader look an executive in the eye and tell them how well business processes, projects and supporting assets are protected?    Security assurance should provide relevant stakeholders with a clear, objective picture of the effectiveness of information security controls. However, in a fast-moving, interconnected world where the threat landscape is constantly evolving, many security assurance programs are…

August 29, 2019
Read More >>

If You Don’t Have Visibility, You Don’t Have Security

If you’ve ever watched a thriller or horror movie, you’re probably familiar with the scene where someone is trying to keep a monster or attacker out so they barricade the doors and lock the windows and feel safe for 10 seconds…until someone remembers that the cellar door is unlocked and they discover the threat is already inside. That’s a pretty good metaphor for cybersecurity. IT security professionals scramble to protect…

August 20, 2019
Read More >>

Ransomware: Why Hackers Have Taken Aim at City Governments

When the news media reports on data breaches and other forms of cybercrime, the center of the story is usually a major software company, financial institution, or retailer. But in reality, these types of attacks are merely part of the damage that global hackers cause on a daily basis. Town and city governments are becoming a more common target for online criminals. For example, a small city in Florida, Riviera…

August 19, 2019
Read More >>

5 Limitations of Network-Centric Security in the Cloud

Traditional security solutions were designed to identify threats at the perimeter of the enterprise, which was primarily defined by the network. Whether called firewall, intrusion detection system, or intrusion prevention system, these tools delivered “network-centric” solutions. However, much like a sentry guarding the castle, they generally emphasized identification and were not meant to investigate activity that might have gotten past their surveillance. Modern threats targeting public clouds (PaaS or IaaS…

August 19, 2019
Read More >>

1 Million South Korean Credit Card Records Found Online

Over 1 million South Korea-issued Card Present records have been posted for sale on the dark web since the end of May, Gemini Advisory says.  The security firm could not pinpoint the exact compromised point of purchase (CPP), but believes the records may have been obtained either from a breached company operating several different businesses or from a compromised point-of-sale (POS) integrator.  Amid an increase in attacks targeting brick-and-mortar and…

August 8, 2019
Read More >>

Top Three Cross-Site Scripting Attacks You Need to Know Now

Cross-Site Scripting or XSS is and will remain to be a major pain for anyone trying to create a secure web application for their end-users. Cross-Site scripting attacks occur when an attacker can squeeze nasty code into your web application from any input field or functionality where a user can have their input reflected in the source code of your application. The primary issue usually always falls down to sanitizing…

July 31, 2019
Read More >>