It is 2015, and social media is everywhere. It is embedded in your smartphone, and its logos are printed on nearly every product packaging. A few years ago, having an online presence by way of a website for a company was enough. Today, consumers expect a company to have a presence on the App Store, Play Store and every social media platform out there. It has become a way of social proof for both...

At a recent press conference, U.S. Presidential candidate Hillary Clinton was asked if she wiped the drive that came out of her now infamous personal e-mail server . She responded: “ What, like, with a cloth? ” Please note that I will never make a public political comment. That is not my area of interest. I would like to take a moment, however, to explain exactly what happens when hard drives stop...

The average organization could potentially spend up to $3.7 million per year responding to phishing attacks , says a new report issued by the Ponemon Institute . The study, which surveyed nearly 400 IT professionals at companies with employees ranging from less than 100 to more than 75,000, found that the majority of phishing costs (48 percent) are due to loss of employee productivity. According...

Up until this month, I wasn't aware of Ashley Madison's site or the nature of the services they offered – what may be described ‘RaaS’ (Relationships as a Service). However, since this organisation has come to my attention, I have conducted research and completed interviews for BBC TV, the radio, news publications, and a host of other agencies, which serve non-IT/cyber security related audiences...

An electronic scam involving the use of purchased Voice over Internet Protocol (VoIP) airtime has resulted in three British men receiving jailtime. On Friday, August 21, Ross Faulkes, from Brighton; Mark Thompson, from Worthing; and David Robinson, from Bournemouth, were sentenced to three years, four years, and five years in jail, respectively , by the Inner London Crown Court. These sentences...

After years of working in sales for small- and mid-sized software vendors, I have gotten used to the idea that everyone in the company is a salesperson. Some of my colleagues in other departments often find this view a bit odd, but this approach can offer many benefits to senior managers and executives trying to 'sell' a project or secure additional budget or resources. This is the first in a...

With billions of transactions occurring online every day, business today truly occurs without boundaries. Clients, partners, merchants and other associates all need to access your network—or your cloud—to make purchases, discover information, or use applications. While these new classes of users are critical for sustaining a competitive edge, your business also needs to monitor them and grant to...

A data protection breach at Thomson, a British travel firm, has led to the accidental exposure of more than 450 customers’ personal information. Passenger details, including home addresses, telephone numbers, names and flight information, were unintentionally disclosed in an email, which the company said it quickly recalled. Thomson released a statement apologizing for the “genuine error.” However...

Rutgers University has hired three security firms to test its network for vulnerabilities following a series of targeted attacks during the 2014-2015 academic year. According to The Washington Times , FishNet Security , Level 3 Communications, and Imperva will be working with Rutgers to enhance the university's security as classes resume for the 2015 fall semester. Rutgers officials have also...

Earlier this month, security professionals from all over the world flooded to Las Vegas, Nevada, for Black Hat USA and DEF CON . As two of the largest and most respected events in information security, it is no surprise that they are a preferred choice for security experts and product vendors alike, year after year. Those conferences are indeed popular, but it is important to note that they were...

Every network security manager fights an escalating and asymmetric war against adversaries aiming to penetrate networks or disrupt services hosted there. Symantec reported that major attacker-caused data breaches rose almost 25 percent last year, while Verisign reported almost a 300 percent increase in average DDoS attack size. Asymmetries abound: automated attacks move embarrassingly faster than...

Our security roundup series covers the week’s trending topics in the world of InfoSec. In this quick read summary, we’ll let you know of the latest reports and controversies that the industry has been talking about recently. Here’s what you don’t want to miss from the week of August 17 th , 2015: The Ashley Madison hack went from bad to worse after the data that was stolen from the site’s 37...

The UK data protection watchdog has stated Google must remove all links to articles which were initially removed from search results under the ‘right to be forgotten’ ruling. The Information Commissioner's Office issued the order on August 18 , and has given Google 35 days to remove the links. However, Google has the right to appeal the notice to the General Regulatory Chamber, if they wish...

From phishing attacks to ransomware to malicious advertisements, fraudster's methods for obtaining and exploiting our information are varied and, for the most part, well-known among today’s avid Internet users. Even among the less avid Internet users, security is now more of a concern than it used to be after the numerous giant hacks that have happened recently, which compromised the information...

Organizations spend so much time defending against external attackers that they sometimes neglect to address insider threats. This oversight may reflect the extent to which some organizations trust that their employees will respect their intellectual property and sensitive information, among other factors. Such a mindset is well intentioned. However, it misinterprets the realities of data security...

Imagine a circumstance where a significant investment has been made into a data loss prevention (DLP) solution in which it paves the way for a lip-service approach towards cyber security, with the very real-world association of unknown exposures. As amazing as it may seem, here is such a case in history that may leave you with two opinions, which are, in the first instance – ‘amazement’ followed...

In early August, Tripwire security analyst Travis Smith conducted a presentation at Black Hat USA on combining open source and commercial security tools to correlate and build context on security events. As part of his presentation, Travis introduced Tripwire’s Automated Reconnaissance and Deep Inspection System (TARDIS), a framework that ties together a wide variety of threat feed data and log...

In part one of this article, we reviewed how the Nigerian Prince scam is no longer the primary email scam in use, being replaced by more clever and devious methods. The article also examined some of the emotional and personal aspects of the second most popular Internet scam, known as the “urgent wire-transfer” scam, as reported by the FBI’s Internet Crime Complaint Center . This article examines...

If Microsoft calls a vulnerability "critical," warns that it affects all versions of Windows, and is prepared to issue a patch outside of its normal Patch Tuesday monthly schedule, you should sit up and listen. Today, Microsoft has issued an advisory about a zero-day vulnerability, dubbed CVE-2015-2502 , that could allow an attacker to hijack control of your computer via Internet Explorer – just...

Hacker Eric Croker has been charged with helping to illegally gain access to more than 77,000 computers through an online hacking forum, Darkode. Crocker, 39, of New York, who pleaded guilty on Monday in a U.S. District Court , was among 12 people charged in July when the hacker forum known as “The best malware marketplace on the net” was taken down by a US-European sting operation involving over...