According to a blog post on the PCI DSS website, building a secure culture in your online business is essential. “As long as there’s money to be made, we can expect criminals to continue their attacks on businesses worldwide,” wrote Lindsay Goodspeed. She is a communications specialist for the Payment Card Industry (PCI). That’s the organization that […]
PCI Says Passwords Need Strengthening
The Payment Card Industry Data Security Standard (PCI DSS) has released version 3.2. One of the key changes is an update to requirement 8.3. According to Crystal Bedell, Journalist with CIO.com, “This update highlights what the security industry already knows: Passwords are no longer a sufficient means of controlling access to sensitive data. In a word, […]
Tips During Cybersecurity Awareness Month
No matter what type of online business you do, all websites warrant some level of cybersecurity scrutiny. Spend some time during Cybersecurity Awareness Month thinking about what you need to do to make yourself less vulnerable to attack as you use the Internet. Passwords Changing passwords and making sure that you don’t use the same […]
NSA Contractor Hacks Russia with Stolen Secret Code
Have you heard about the NSA contractor who was arrested because he had stolen a secret code to hack Russia? The FBI has secretly arrested a National Security Agency (NSA) contractor. He is suspected of stealing a secret code. The secret code was reportedly used to hack the computer systems of foreign governments including Russia and […]
Understanding the DoC’s NIST Cyber Security Framework
The Department of Commerce Provides Website Owners with High-Level Security Guidelines The DoC issued the NIST Cyber Security Framework in February 2014. NIST stands for National Institute of Standards and Technology. Its framework organizes security around five functions: Identify, Protect, Detect, Respond, and Recover. These represent the high-level activities that help organizations make sound decisions around risk/threat […]
Google to Warn Consumers of Unsafe Websites
Chrome will explicitly mark web pages as unsafe if they use HTTP for transmitting sensitive data starting January 2017. Google has a goal to make the internet a safer place for everyone. It will soon start publicly shaming unsafe websites. Beware if you fail to use the HTTPS protocol for transmitting passwords and other sensitive data. […]
New Ransomware Could Post Your Personal Data Online
A new strain of ransomware called “Cry” encrypts data with its .cryextension. It harvests your location data from Google Maps and pasting it as an image onto imgur.com. A lot of ransomware variants simply send the victim’s information directly to the attacker’s Command and Control (C&C) servers. Cry, however, uses Portable Network Graphic (PNG) image […]
Seven Deadly Sins of Cyber Security
David Blumberg, Founder and Managing Partner at Blumberg Capital, takes a look at the seven deadly sins of cyber security. Those of us involved professionally with cyber security know that the underbelly of the Internet is a treacherous and ever-shifting domain where menacing actors motivated by the most basic human vices threaten us all. It is […]
The Ten Most Common Online Security Vulnerabilities (Part 2)
As discussed in Part 1 or this blog post, too many companies wait until after a data breach has occurred until online security becomes a priority. With daily instances of small and large-scale hacks, it’s odd that many still maintain the “it won’t happen to me” attitude until it happens to them. An effective approach to […]
The Ten Most Common Online Security Vulnerabilities (Part 1)
For all too many online companies, it’s not until after vulnerabilities have been located and a data breach has occurred that website security becomes a priority. With daily instances of small and large-scale hacks, it’s odd that many still maintain the “it won’t happen to me” attitude until it happens to them. An effective approach […]