Do You Accept Credit Cards? How Credit Card Breaches Happen

If your business accepts credit cards for payment, then your a subject to the regulations of the Payment Card Industry.  This is known as PCI-DSS Compliance.  PCI compliance company Security Metrics recently released an infographic that shows the main compliance failures that lead to credit card breaches in 2017.  Here are some of the startling take-aways:

  • Businesses that took credit cards ...
Continue Reading →
0

Phishing Sites Using HTTPS Too

When you see the secure HTTPS protocol at the beginning of a web address, or see the green “secure site” padlock symbol, does this mean that the site is safe?  Unfortunately, the answer is NO.  There is some confusion among computer users about what HTTPS really means.  This confusion is being exploited by cyber-criminals running phishing exploits.

HTTPS or secure hypertext transport ...

Continue Reading →
0

How Email Accounts Are Hijacked

The most devastating exploit that can happen to you is to have your email account hijacked.  We have spilled a lot of pixels on this subject (see below).  The reason we find this so dangerous is that it is that this is the attack most likely to happen to you.

Google recently released a study that analyzed how Gmail accounts are hijacked.  If you have an Android smartphone, you have a Gmail ...

Continue Reading →
0

The End of Passwords?

Every year some pundit declares that the password will soon be dead.  I have been proclaiming for several years now that the password, by itself, is no longer a suitably strong form of security, and have been a champion for two-factor authentication.

Microsoft has recently stated that their Windows Hello facial recognition system is a suitable replacement for passwords.  Windows Hello was ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


 Top 9 Free Phishing Simulators

Looking to run a phishing attack against your team?  Here’s a article from Infosec institute on the top 9 free phishing simulation products.


Your Nigerian Prince is a 67 year old from Louisiana

Sure looks like a prince to me.  Like Prince Charles.  (Those ...

Continue Reading →
0

Free Dark Web Report from Experian – Part Three

On Monday and Wednesday we took an in depth look at the free dark web scan being offered by Experian.  As we found out on Wednesday, I was not too impressed with the results of the free scan.  Better information is available from HaveIBeenPwned.com.

What is Experian really offering?  The free scan just looked for the email address I provided, the ...

Continue Reading →
0

Free Dark Web Report from Experian – Part Two

On Monday we started an investigation into the free dark web scan that is being offered by credit agency Experian.  Again, this is NOT Equifax, who breached our information last year.  This is a different credit agency.

When we ran the free scan on Experian, they found three results.  But I knew there was more to find, because I had already ...

Continue Reading →
0

Free Dark Web Report from Experian – Part One

I caught an ad on TV the other night that made me curious.  Experian is offering a “free dark web report,”  ostensibly to see if any of your personal data is for sale on the Dark Web.  Well I don’t really need a test to tell me that.  Since the Equifax breach, I am pretty sure all of us have information for sale ...

Continue Reading →
0

Privileged Accounts Are Poorly Managed

Privileged accounts, typically administrator accounts, are the all powerful user accounts who can do anything on a computer, server, network, or domain.  These are the top targets for cyber-criminals and other malicious hackers.  And they generally are poorly managed.  Here are some common mistakes we see when conduction security reviews for clients.

  • Domain, Network, and Server Administrators – These accounts are often used as ...
Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


 Made a Fortune in BitCoin?  Be careful who you tell.

From Naked Security – Crypto Coins Robbed at Gunpoint.

Good old fashioned stick-ups still a possibility.


Watch out – fake support scams are alive and well this Christmas

Fake support scams – where the crooks help you “remove” malware you don’t have – are still a real ...

Continue Reading →
0
Page 4 of 20 «...23456...»