Expirian Board of Directors: Growth Through Acquisition – But Without Security Testing

by

David Krebs story: http://krebsonsecurity.com/2015/10/at-experian-security-attrition-amid-acquisitions/   I want to focus on Board of Directors decisions to grow through acquisition, wanting to do growth securely, but in practice has lots of problems. The term I like the most is Black Box Magic.  (as if security is gotten with a black box magic)    image from Martin’s Magic collection: http://www.martinsmagic.com/product-tag/wagoncollector/  … Read more

Hackers Wiped Out Casino Computers 10min

by

http://arstechnica.com/security/2014/12/iranian-hackers-used-visual-basic-malware-to-wipe-vegas-casinos-network/ A very interesting story of Iranian hackers (whether government sponsored or sanctioned does not matter) attacked and deleted a lot of files using Visual Basic.  (I know from 2014 attack – but that is when we get the most amount of data sometimes…) Apparently the billionaire owner pissed off some hacktivists in Iran after … Read more

Defeat Phishing: Train Emotional Detachment to Scams

by

Here are some great articles that showed how some unsuspecting people get sucked into online scams: http://www.wired.com/2015/10/online-dating-made-woman-pawn-global-crime-plot/ Everyone has to learn how to defeat their own potential phishing attack…   Are you interested in vision loss?  or staying at a nice hotel for a weekend getaway? Or reducing your energy costs?   You can see … Read more

Study: Cybercrime Up 19% USA

by

The New Ponemon study (sponsored by HP) http://www8.hp.com/us/en/software-solutions/ponemon-cyber-security-report/index.html?jumpid=va_rmaig2786p Global Study at a Glance 252 companies in 7 countries 2,128 interviews with company personnel 1,928 total attacks used to measure total cost $7.7 million is the average annualized cost 1.9 percent net increase over the past year 15 percent average ROI for 7 security technologies Even … Read more

Bank Hacked In Minutes – Executives Don’t Know Nothin

by

In less than a minute a Hacker found out that the bank was giving out too much information. http://sijmen.ruwhof.net/weblog/584-how-i-could-hack-internet-bank-accounts-of-danish-largest-bank-in-a-few-minutes As the hacker studied the website information, it was evident that it will not take long to hack the website. Which means access to customer server information, so that means PII (Personal Identifiable Information), banking information … Read more