Many industries rely on revenue generated by sales and if credit is used, Payment Card Industry (PCI) compliance is mandated. This includes all industries that process, store or transmit credit card information. Like any compliancy standard, this is the minimal level of real security and should not be considered the goal to protect sensitive data. All compliance mandates that matter must go through various review and audit processes that take time and cause the results to be dated compared to the speed of new attacks you should expect against your network. This means meeting mandates such as PCI should just be part of your overall security strategy. Continue reading
The people from Cyber Crimebusters developed a Infographic about how Internet forensics has changed criminal investigations. The original can be found HERE.
The interesting points to me are how social media and mobile devices are becoming a common source for investigations. I find it humorous when people post pictures of themselves doing crazy things on social media sources and shocked when that comes back to haunt them later such as in job interviews. I’ve provided examples of how I used people’s data on Facebook (previous job roles, friend’s current location, etc) to pretend I’m a friend from years ago using a fake Facebook ID to obtain data during an authorized penetration testing (more on that HERE). Its critical to know what you have public about yourself and question anybody that seems fishy. Trust me, its better to ask for proof of identity when you don’t know who you are speaking with rather than assume the wrong person is a trusted friend. Continue reading
There are many SIEM solutions available however I was extremely impressed with recent innovations from Splunk regarding a free Application that can be used to centralize security data from multiple cisco solutions. By definition, a security information and event monitoring system aka SIEM is typically just that; either a good information sorting tool or solution that helps identify and react to events.
One of Splunk’s key market differentiators is their extensive application library developed by customers and Splunk engineering. These applications turn the traditional SIEM into a business enabler to meet specific use cases. Splunk has developed cisco applications in the past however recently face-lifted the cisco Security Application to include Cisco access control (ISE), email security (ESA), web security (WSA), Cisco firewalls, and even SourceFire (both network and only SIEM as of today to support malware aka AMP). This application can link findings with other vendor data such as taking ISE context (IE Joey’s windows 7 laptop on port 1/0/14) and matching it to any captured log by Splunk (For example a McAfee IPS event). This provides a true centralized view of data across a network.
Tara Heath provided her thoughts on when to use apps to protect young adults while they are using the internet.
The internet is a wonderful tool, especially for young adults who are looking for new ways to express themselves, connect with people, and discover their personal interests and talents. The internet isn’t always a safe and helpful place, though. Teens are constantly faced with problems like cyberbullying and connecting with strangers online who aren’t honest about who they are. We’ve all heard horror stories about online predators, and while it’s unlikely that your child will get into a situation where their safety is at risk, it’s important to do everything you can to make sure they feel safe and protected while using technology. Continue reading
Many security professionals will make the claim “there is no silver bullet security solution”, which is completely true … but why? Why can’t large security vendors spending millions on research develop a way to ensure we are protected? We landed on the moon many years ago. Why not solve this? Well it comes down to a few concepts. Continue reading
My buddy Aamir Lakhani wrote a post on the reaction to Heartbleed. He points out the media attention on Heartbleed is opening new opportunities for phishing attacks. The original post can be found HERE.
Everyone is in frenzy due to the OpenSSL Heartbleed bug. The mainstream media has been reporting on it for a few days. Unfortunately, with this much publicity, there is also opportunity for attackers to take advantage of the hype. In the last 24 hours I am seeing a major rise in phishing emails and other scams.
As people understand and hear about the bug, I expect scams and malicious phishing emails to exponentially increase. Continue reading
The people at toptenreviews provided a interesting infographic about facts and statistics on computer viruses. They break up where they tend to come from as well as the most common infections. There is also a brief blurb on conficker since its the most prolific virus to date. The original can be found HERE. Continue reading