This article really hits home on a couple of levels for me. I have personally faced off against senior management in a discussion around the risk/reward proposition of bringing “the Internet of Things” devices into the corporate environment such as Apple TV and AirPlay. This article takes the conversation to another level by considering these devices from the BYOD perspective and how that level of usage exposes potentially sensitive information. It is well worth a read and your consideration. The Internet of Things has quickly gone from a novelty to an annoyance to a genuine security risk. Be aware and be prepared!
Social engineering is in many cases the first attack vector for cyber criminals. A well crafted email or a sincere and confident phone call are often all that is necessary for a criminal to gain access to a targeted computer system or network. Beware and take heed and seriously consider the content and advice provided in this article from Tripwire.
This is a very important proposal for all members of the medical community who participate in Meaningful Use compliance and reimbursement efforts associated with Medicare transactions. This proposal would specifically address incentives and activity taking place in 2017 and beyond.
This alert concerning IP phones is a great example of why security and patching is not simply a function for servers and desktops. Please be aware of all of the IP-enabled devices in your network!
This is a nice overview of SMB targeted security essentials from the (ISC)2 Blog.
This type of Point-of-Sale malware will continue to be a problem as long as card transactions are transmitted from pin pad to the lane CPU in clear text. Hardware level encryption at the swipe is a good way to combat this type of CPU memory level attack, but that swipe must remain encryption all the way through the transmission process to the acquiring bank.
If at first you don’t succeed…Please take note of this second round of OSX patching by our friends at Apple.
This is certainly an important update to note for one of the more widely used content management systems in the world today.
I really like the content of this article in terms of the value of sound security policies and procedures. I would argue that the value is largely inherent, yet grossly undervalued by most organizations.