Monthly Archives: December 2014

Sony Cyber-Attack Timeline

Also, Sony is hiring a Director of Vulnerability Management, among other Information Security roles.

Posted in Security Blog | Tagged , , , , | Comments Off on Sony Cyber-Attack Timeline

JP Morgan Follow Up: 2 Factor Authentication Fail

Back in October, I wrote about JP Morgan getting breached, and 76 million households and 7 million small businesses were affected. (83 Million in total) Most big banks use two-factor authentication, which requires a second one-time password to gain access … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on JP Morgan Follow Up: 2 Factor Authentication Fail

German Steel Mill Hacked

A spear phishing attack led to a German steel mill to perform an unscheduled shut down and a blast furnace could not be shut down as normal. Attackers were very skilled and used both targeted emails and social engineering techniques … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on German Steel Mill Hacked

Arnold on Passwords

How strong are your passwords?

Posted in Security Blog | Tagged , , , , , | Comments Off on Arnold on Passwords

Anunak, Russian/Ukraine Bank Hackers

An ATM gang has stolen more than $15 million from Eastern European banks, To gain a foothold inside financial institutions, the “Anunak group” — sent bank employees targeted, malware-laced emails made to look like the missives were sent by Russian … Continue reading

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on Anunak, Russian/Ukraine Bank Hackers

Social Engineering

No, not that Taylor Swift, this Taylor Swift.

Posted in Security Blog | Tagged , , , | Comments Off on Social Engineering

Staples Follow-Up

Back in October, it was announced that banks were investigating Staples based on fraudulent card activity. Staples’ data security experts detected that criminals deployed malware to some point-of-sale systems at 115 of its more than 1,400 U.S. retail stores. Upon … Continue reading

Posted in Security Blog | Tagged , , , , | Comments Off on Staples Follow-Up

ICANN Targeted in Spear Phishing Attack

Internet Corporation for Assigned Names and Numbers have announced that their system were compromised by a phishing attack. Some of the staff of ICANN fell victim to a spear phishing attack. From their website: ICANN is investigating a recent intrusion … Continue reading

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on ICANN Targeted in Spear Phishing Attack

PCI Professional Certification

I got my PCI Professional Certification today.

Posted in Security Blog | Tagged , , , , | Comments Off on PCI Professional Certification

8 Videos on Strategic Planning Management

It’s easy to forget some of the basics that I don’t deal with every day. Erica gives a great review without getting too deep into it all. Erica Olsen seems to know her stuff.

Posted in Security Blog | Tagged , , , , , , , , , | Comments Off on 8 Videos on Strategic Planning Management