If your business hosts a DNS (Domain Name Service) server, you may be at risk for attackers remotely connecting to your DNS server and gaining vital knowledge on your internal network structure, making attacks easier and more likely to occur. If not properly configured, your DNS server will respond to an attackers request for information about your internal network.
Does your business use email? The CAN-SPAM Act is a law that sets the rules for commercial email, gives the recipients the right to have you stop emailing them, establishes requirements for commercial messages, and issues tough penalties for violations.
In the past, the number one rule has always been “Don’t talk about security” or “Need to know basis regarding security”. Today, security is a mainstream topic that is taking over news headlines globally as technology becomes more and more advanced and data breaches and hacks are occurring more frequently. Security innovation has since become a mainstream focus and a strategic imperative for business. This is both good news and bad news for information security firms. The plus side, is that a companies C-suite finally understands why security innovation is an important factor. The negative side to this, they will now expect more of it from you. The question that is currently being asked, where do you begin? and what do you do?
The holiday season is in full swing, which means consumers are taking to the internet to do their shopping for the holidays in an effort to avoid long lines and wild crowds at stores within the mall and other popular locations. They are also doing this because the internet often offers “cyber deals”, or products at a much lower price than in the store itself. Unfortunately, a new threat has been discovered in social login services that are provided by Amazon and LinkedIn. This threat, is known as “SpoofedMe”.
President Barack Obama issued Executive Order 13636 that calls for the strengthening of "Critical Infrastructure Cybersecurity" nearly a full year ago on Feb. 19, 2013. Yesterday, the National Institute of Standards and Technology announcingthe release of version 1 of a Cybersecurity Framework.
The File Transfer Protocol is a standard network protocol that is used to move files from a client to a server. Today we generally know it if we have ever uploaded a web page to a hosting provider. The FTP protocol was written by Abhay Bhushan in April 1971, and the current version of the protocol dates back to September 1998. Today FTP is still used to transfer files between clients and servers. But the recent news about the British Broadcasting Co.’s server ftp.bbc.co.uk being compromised by a Russian hacker shows that FTP might be showing signs of being obsolete.
We know that writing a blog is fun, and you can get information out or just talk to a set group of interested people about a topic you like. This is great and gives all of us an equal platform for our opinions. Although there always seems to be one thing that we forget, and that is Information Security regarding our blogging material. We see a lot of exploits for Wordpress on a regular basis. We have seen 6 exploits just in this month for Wordpress and associated plugins.
3 Easy Steps to Safer Computing
A former co-worker of mine once mused, "De-nile is not just a river in Egypt," in response to a client who stated that the security problem we had identified didn't matter to him, his manager or in fact, the organization. This was despite the company in question was paying my former employer vast sums of money so that they didn't have to employ those with the expertise, namely us, directly.