By Ed Fox, Met’TelFollowing the data breaches of 2014 (think Home Depot, Target and Sony Entertainment Pictures), it’s clear that security should be top of mind for both businesses and consumers in 2015. Read More >>>
The notorious PlugX APT group is continuing to evolve and launch campaigns, most recently a five-month-long campaign targeting organizations in India. PlugX now uses a new backdoor technique – hiding the payload in the Windows registry instead of writing it as a file on disk – according to a new technical paper from SophosLabs Principal Researcher Gabor Szappanos. Although not unique to PlugX, this backdoor approach is still uncommon and limited to a few relatively sophisticated malware families.
Socially conscious and active individuals have been around for a long time, possibly even longer than politics. However, as the world changes and new means of social activism are placed within their reach, subsequent generations adapt, taking the established methods of activism onto new forums and stages of public life, such as hashtag campaigns on Twitter, mobile apps and special interest groups on Facebook. Old-fashioned, traditional demonstrations, like rallies, protests, petitions, and marches, are still the most common and effective forms of activism, but a new branch – hacktivism – has been steadily gathering momentum and gaining relevance.
This has come true, and the time is not far when entire businesses are going to be run from the cloud. Businesses will also use the other arms of the Nexus of Forces — social, mobile and information — to drive employee productivity and deepen customer relationships in the next few years. But a day will come when this will not be enough to compete. Companies will need to use the Internet of Things (IoT) to build innovative business models with smart machines. By 2020, there will be over 30 billion devices wirelessly connected to the IoT.
2014 will surely go down in the history books as the “Year of the Data Breach.” Hundreds of millions of records, including PII (personally identifiable information), were stolen – the consequences of which may ripple out for years to come. These consequences include not only the credit and identity monitoring that affected individuals must undertake but the good faith of those individuals toward the companies that suffered breaches.
By Dave Eichorn, Zensar TechnologiesEnterprises understand the value of hybrid cloud models to achieve a variety of benefits, including lower startup costs, simplified management, and flexibility to scale storage on an as-needed basis. In fact, according to Gartner, nearly half of large enterprises will have hybrid cloud deployments by the end of 2017. Read More >>>
In what appears to be one of the largest and most highly sophisticated cyberheists ever, more than 100 financial institutions in 30 countries have been the victim of a cyberheist that lasted in some cases nearly 2 years. Most of the banks that were hit are in Russia, but also include banks in Japan, Europe, and the United States. The gang appears to be the first international cybermafia, a group of cybercriminals from Russia, Ukraine and other parts of Europe and China. Kaspersky could not release the names of the banks because of nondisclosure agreements.
When trying to manage a large office, business owners must make sure to use monitoring software on all computers, tablets, laptops and electronic devices. The monitoring software your company invests in will lead the accountability of business, and help keep track of what happens within your office. Furthermore, it’s important to look for a few things in monitoring software before you buy, and understand how it’s going to work in your office.
by Aaron Kelly, IpswitchLet’s face it, we don’t really pay a great deal of attention to delivery methods. As long as things arrive when they are supposed to and in good condition, we give the process very little thought. Read More >>>
Most companies of scale have cyber security measures in place – software solutions, policies and protocols, and regular assessments conducted by IT staff members around compliance and efficacy. With these measures in place, the executive management team might feel confident that their digital data is secure – until they’re blind-sided by crisis-inducing error or a data leakage event.
KnowBe4 CEO Stu Sjouwerman issued an alert to security professionals today about a newly discovered piece of ransomware dubbed ”Fessleak” by security firm Invincea. The ransomware is Russian and delivers its malicious code straight into system memory and does not drop any files on a disk. That means almost all antivirus software is unable to catch this. The infection vector is malicious ads on popular websites that the cybercriminals are able to display by bidding on the ad space through legit ad networks.
by Richard Rabins, Alpha SoftwareDespite the opportunities that mobilizing the workforce offers, enterprises have deployed a surprisingly small number of apps due to the challenges inherent with mobile app development. Read More >>>
by Yo Delmar, MetricStreamNow that we are well on our way into 2015, we can look back on the year past to reflect on some of the challenges faced, and also on some of the lessons learned. Hindsight is always 20/20. Read More >>>
Watch this webcast and listne to Neail MacDonald and Jim Brennan discuss specific techniques that can help you prevent sophisticated attacks, detect stealthy and persistent threats already inside your organization, and how to best respond in the event of a security breach.
by David Kidd, Peak 10Data security continues to be a growing concern for all businesses – small and large – as part of a macro trend taking grip in 2015. While improving technologies are essential for protecting data, studies have shown that internal incidents continued to top the list of 2014 breaches. Read More >>>
by John L. Myers, EMAAs we enter the middle of the second decade of the 21st century, many organizations are recognizing and utilizing cloud infrastructure as a way to implement their analytical and business intelligence requirements. Read More >>>
with Rawdon Messenger, TeenSafeSocial media — and the way teens use it — is changing quickly. Parents can’t be expected to keep up, even as they’re expected to keep their kids safe online. From Yik Yak to Medium to Tumblr, social media and smartphone apps have evolved far beyond facebook. Read More >>>
Businesses today are smart. They consider all kinds of outcomes for every business decision and use complex sets of variables to predict the future. If challenging times are coming for the company, they can often see it in advance and make preparations to lessen the storm. But among all the maybes and possibilities is one situation that many businesses tend to overlook: emergencies within the office itself. It may be a natural disaster, fire or even threat of violence.
The Email Exposure Check (EEC) is a one-time free service. KnowBe4 customers with a Gold package get an EEC sent to them regularly so they can address the issues that are found. An example would be the email address and password of one of your users on a crime site. Fill out the form below, and we will email you back with a PDF containing the list of exposed addresses. The number is usually higher than you think. No need to talk to anyone. (We need a valid email address from the domain of your own organization, so Gmail, AOL, Yahoo or any other ISP are not accepted)
with Bernie Spang, IBM’s Systems & Technology GroupIn this interview, Bernie Spang from IBM’s Systems & Technology Group speaks with IT Briefcase on how users are adopting a more agile software defined storage approach, and how this philosophy prepares them for 2015 and the future. Read More >>>
IT professionals working for merchant organizations face specific security and compliance requirements beyond those of other industries. For instance, the Payment Card Industry Data Security Standard (PCI DSS) has established scores of requirements to ensure a consistent framework for payment card data security in a merchant’s environment. Though merchants are required to comply with these standards, compliance in itself does not make for a complete security strategy.
by Robert Kaloustian, CommVaultWith adoption rates soaring, it’s safe to say that the “cloud” is here to stay. While companies of all shapes and sizes rush to jump on the cloud bandwagon, data management miscues could make their journey a long and bumpy ride. Read More >>>
by Dan Pickett, nfrastructureWe predict that through next year, technology will only continue to become “consumerized” as devices become more connected, everything becomes software-defined and the Internet of Things becomes completely engrained in our everyday life. Read More >>>
with Jerry Melnick, SIOS TechnologyIn this interview, Jerry Melnick, COO, SIOS Technology discusses the difference between SAN-based and Cloud data storage clusters, and the benefits and drawbacks of each approach. Read More >>>
The holidays are approaching as quickly as a sleigh pulled by magic reindeer, and every year it seems like the shopping season starts earlier and earlier. In many places, Christmas decorations are now put up before Halloween, ensuring a long and profitable season for merchants. And while most of us have had the experience of opening a disappointing gift on Christmas morning, one thing that can ruin your holiday faster than a homemade sweater is finding out that someone has obtained your credit card number, or compromised your account on your favorite shopping website.
The security of personal information remains a top concern for consumers and retailers. There is good reason for that. The Target breach compromised approximately 70 million records. The Home Depot breach potentially impacted another 60 million consumers. The National Retail Federation reported in 2012 that service companies lost more than $11 billion due to credit card fraud. We can no longer deny that cybercrime is a real and growing threat to the retail sector. Consumers are becoming more sensitive to the security of their personal information, and they expect more from the business community in general and information technology professionals in particular.
Today’s IT is one of convergence, applications and a demand for constant availability. And when it comes to downtime, all of these elements combined with the fact that many new applications are being provisioned with SaaS providers have created the perfect storm for IT pros tasked with getting to the root of problems and keeping business running. The question, “Is it the network or the app?” has never been more critical, nor more difficult to answer.
This webcast will take a high-level look at technology trends within several major Data Protection domains, such as data loss prevention, storage system recovery, and data security.
Each year, retailers hustle and strain to get their online and in-store merchandise ready to entice shoppers for the annual Black Friday rush. Their main concern, of course, is whether this season’s merchandise will prove popular. But what might get overlooked, is whether they’ve done enough to ward off the worst kind of shopper: the Cyber Hacker — who preys on stores at peak holiday season and can cause serious financial and reputational damage.
By Michael Laurie, Silanis TechnologyElectronic signatures are a critical technology for new business process improvements in industries such as banking, insurance, real estate and healthcare. With security understandably being a top concern for those looking to implement a cloud-based e-signature solution, it is not enough to simply look for one that is ESIGN compliant. Read More >>>