A hacker or your cloud provider. Who presents the greatest risk to your data?

Posted on April 6th, 2019 by Responsible Cyber

It’s your worst nightmare. All of your most important and sensitive data, the thing your business values most, the thing your company cannot operate without, the thing your regulators require you to protect, has been taken hostage. Your business grinds to a halt. Your customers and business partners are livid. Your regulators are demanding an […]

Read More

Best antivirus software: 9 top tools

Posted on April 6th, 2019 by Responsible Cyber

The AV-TEST Institute recently tested the most popular Windows 10 client antivirus products on three primary criteria: protection, performance, and usability. Only four of the 16 products tested earned a perfect rating of 6 for each of those criteria: PSB Computer Protection 18 and 19, Kaspersky Lab Endpoint Security 11, Symantec Endpoint Protection 14.2 and Symantec […]

Read More

Apache needs a patchy! Carpe Diem, update now

Posted on April 6th, 2019 by Responsible Cyber

by John E Dunn The maintainers of one of the world’s most popular web servers, Apache HTTP Server, have patched a critical vulnerability that could give an attacker a way to gain full ‘root’ admin control on Unix-based systems. Named ‘Carpe Diem’ by the researcher who discovered it, Ambionics engineer Charles Fol, techies might prefer […]

Read More

Why Phone Numbers Stink As Identity Proof — Krebs on Security

Posted on March 24th, 2019 by Responsible Cyber

Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on […]

Read More

Review: Bitglass manages the mobility monster

Posted on March 14th, 2019 by Responsible Cyber

It’s no secret that most businesses and organizations work better when they embrace mobility. The old formula of having droves of suited workers sitting at their desks from nine to five every day, typing away with desktop computers or even older technology simply doesn’t hold up in today’s always on, always connected world. Modern workers […]

Read More

How to hack a smartcard to gain privileged access

Posted on March 14th, 2019 by Responsible Cyber

I can change an email address and steal your most privileged credentials. One of the most consistent IT security best practice recommendations is to require that admins use multi-factor authentication (MFA). In many corporate environments, this means using smartcards. Most smartcard environments don’t know that using smartcards (in an Active Directory environment) makes privilege escalation […]

Read More

There May Be a Ceiling on Vulnerability Remediation

Posted on March 14th, 2019 by Responsible Cyber

Most organizations are doing all they can to keep up with the release of vulnerabilities, new research shows. Security has no shortage of metrics — everything from the number of vulnerabilities and attacks to the number of bytes per second in a denial-of-service attack. Now a new report focuses on how long it takes organizations […]

Read More

Insert Skimmer + Camera Cover PIN Stealer — Krebs on Security

Posted on March 14th, 2019 by Responsible Cyber

Very often the most clever component of your typical ATM skimming attack is the hidden pinhole camera used to record customers entering their PINs. These little video bandits can be hidden 100 different ways, but they’re frequently disguised as ATM security features — such as an extra PIN pad privacy cover, or an all-in-one skimmer […]

Read More

F5 Networks Acquires NGINX For $670 Million

Posted on March 14th, 2019 by Responsible Cyber

One of the most important software companies NGINX, which is also behind the very popular open-source web server of the same name, is being acquired by its rival, F5 Networks, in a deal valued at about $670 million.While NGINX is not a name that you have ever heard of, the reality is that you use […]

Read More

MyEquifax.com Bypasses Credit Freeze PIN — Krebs on Security

Posted on March 14th, 2019 by Responsible Cyber

Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal, it may be simple for identity thieves […]

Read More