ADHERE Announces Security Awareness Sessions Welcome to ADHERE’s Information Security Awareness Sessions. Sarah A. Lynn is the CEO and Practice Leader of ADHERE and will be your guide through these sessions.

roma★
🪼

No title available

Origami Around
Monterey Bay Aquarium

★
Today's Document
dirt enthusiast
Cosimo Galluzzi
wallacepolsom
Keni
Xuebing Du
DEAR READER
tumblr dot com
h
Jules of Nature
I'd rather be in outer space 🛸
art blog(derogatory)
TVSTRANGERTHINGS
One Nice Bug Per Day
seen from Ukraine

seen from Malaysia

seen from Ukraine

seen from Ukraine
seen from United States
seen from India

seen from United States
seen from United States
seen from United States

seen from United States
seen from United States
seen from United States

seen from United States

seen from United States
seen from United States
seen from Türkiye
seen from United Kingdom
seen from T1
seen from United States

seen from Germany
@adhereinc
ADHERE Announces Security Awareness Sessions Welcome to ADHERE’s Information Security Awareness Sessions. Sarah A. Lynn is the CEO and Practice Leader of ADHERE and will be your guide through these sessions.
Remote users and weak passwords still causing issues
Remote users and weak passwords still causing issues
Even though many of us in security and technology have heard about weak passwords and remote user security, apparently it is still a top issue with PoS systems. According to this article:
“…weak remote security and passwords contributed to 94 percent of the PoS breaches “
I have to think about this a bit, because I also hear of many other breaches, attempted breaches, invisible breaches, and…
View On WordPress
Squirrels and HOT Weather can be added to Security Risks?
Squirrels and HOT Weather can be added to Security Risks?
Yes, I said it, at this rate squirrels and hot weather need to be added as a security risk. If either of these two items, or similar, can wipe out power and transportation (and who knows what else – like banking and other surveillance cameras) so easily, we have some grave issues to security, stability and terrorism threats. Each business needs a Continuity Plan that includes UPS or generator,…
View On WordPress
Google wants a piece of the Home Security Business
Google wants a piece of the Home Security Business
Last week I read a few articles about Google and their patents filed and their desire to get into the Home Security market. There were several articles and some seemed targeted to scare the already existing Home Security business leaders (e.g. – ADT, Honeywell, Brinks, etc.).
These leaders, instead of fearing Google in the market, can gain from these patents and inventions in the area of…
View On WordPress
Bots still threaten our Personal Yystems, POS Systems and Banking Systems
Bots still threaten our Personal Yystems, POS Systems and Banking Systems
Virus search
The 2014 Dell SecureWorksreport shows us that bots are still out there, are probably always going to be, but need management and patches. We still see huge amounts of bots attacking our POS (retail “point of sale” computer cash registers) and the banking systems. The retailers and the banks have security experts, teams, software to help them improve and hopefully they will all…
View On WordPress
Cell Phone charging turns into Juice Jacking
Cell Phone charging turns into Juice Jacking
If you watch CSI Cyber, like me, you get introduced to new methods of hacking or internet crime on a weekly basis. This past week’s episode was about “Juice Jacking”.
If you charge your cell phone with the USB type cables into Public networks, you are vulnerable to hackers that could live or bot that network. In this show, the “Juice Jacker”placed a bot that retrieved data from phones, made the…
View On WordPress
VULNERABILITY AND POLICY MANAGEMENT FOR NERC COMPLIANCE
VULNERABILITY AND POLICY MANAGEMENT FOR NERC COMPLIANCE
NERC Defined NERC Standards are a U.S. regulation managing the Critical Cyber Assets of Bulk Electric Systems. CIP-002 through CIP-009 provides a cyber security framework for the identification and protection of these assets, and supports reliable operation of the Bulk Electric System. In other words, vulnerabilities of these assets can be reduced. Business and operational demands for…
View On WordPress
Sinful Change Practices are just not good
Sinful Change Practices are just not good
In agreeing with and encouraging businesses to read this article:
I really was focused on SIN 3,4, and 6. It seemed to me, as I see on a weekly basis that “lack of communication” and yes…encouraging such is a terrible disaster to companies and also aligned with 4, “lack of documentation”, and 6 “cowboy actions”. In all these cases what I have mostly seen are businesses or teams trying to do…
View On WordPress
TV can be dramatic but there are real lessons to be learned
TV can be dramatic but there are real lessons to be learned
This week, on one of my new trending shows, CSI Cyber, we saw a trick to infiltrating networks that I have personally never seen. I always say “I’ve seen everything but a pink elephant in the data center…” but alas here was another. The Twin Wireless Router was introduced in this episode.
For those of you who don’t know about this way your network can be easily compromised watch the show or…
View On WordPress
Target still running from responsibility
Target still running from responsibility
In this article, you will see, as I did, that Target is settling for up to $10,000 damages for each card user that was breached during Targets big Black Friday breach.
Settlements are to put a cap on the breaches cost to Target, not really to assist the consumer. However, Target also does not wish to take responsibility for holding the credit card data incorrectly to start with. Target violated…
View On WordPress
Password Complexity and why we do it
Password Complexity and why we do it
Last week a user asked me why did “we”(I guess they meant security professionals or I.T. Professionals) have to make passwords so hard to deal with. I explained why simple passwords, passwords easy to guess and password re-use can all lead to a breach of your personal data and even a company’s data. If you access personal applications, with weak passwords, from your work computer, you are…
View On WordPress
Personal Responsibility for Tailgaters and others
Personal Responsibility for Tailgaters and others
It occurred to me last week, that people do not take tail-gaters and non-badged people as seriously at work as they should. As I asked people about if they let people into their workplace building without knowing them personally and/or seeing a badge, they said they did it. That it wasn’t a big deal. That security, they didn’t think, was their responsibility.
Well first off, in most companies,…
View On WordPress
Take Security Awareness Training off the shelf and use it
Take Security Awareness Training off the shelf and use it
This article talks about Security Awareness Training Programs being just as important, to companies like Target, Sony, etc., in fighting the battle against hacks. It rings true to me as all the efforts and tools in the world, without the people to implement and follow beest practice, will fail.
If we place excellent technology in our environments, but don’t know how to configure it properly or…
View On WordPress
Your Cell Phone at the Border vs. in the States
Your Cell Phone at the Border vs. in the States
In this article, you will see where a gentleman was arrested for not allowing a Customs Agent his passcode or access to his cell phone. While the US Supreme Court ruled that cell phones carried personal information and therefore police need a warrant before for inspection, the Customs and Border agents have a different precedent. Their precedent suggests that “…all searches and seizure by…
View On WordPress
PCI Compliance - What are the basics for even Small Businesses
PCI Compliance – What are the basics for even Small Businesses
I hear so many small to medium businesses who think that PCI Compliance either does not apply to them, they are too small to be a target of hackers who steal credit card data, say they do not take credit cards (but then they do), or believe that if they do not use a terminal/computer/cash register…they are safe. Well, two things PCI Compliance audited and doing business securely for your…
View On WordPress
Don't put your money there or just be prepared
Don’t put your money there or just be prepared
In this story from Krebs, also reported in December 2014, cyber fraud was utilized to gain big money from small to medium banks. Many individuals ask what they can do about such incidents and the answer is only:
A) Don’t put your money in a small to medium bank Or
B) Just be prepared for fraudulent transactions, report things you see and wait for it to be corrected (financially) by your bank
Why…
View On WordPress
SMiShing - Hacked phones and SMS Scams
SMiShing – Hacked phones and SMS Scams
For several years now I have been requesting customers do a risk assessment and penetration test against their phone systems. Most don’t believe their systems can be hacked or have never thought about such. Well in this story referenced below, Holiday Innsure wishes they listened and tested for possible hacks while their phones were being used for a Phishing SCAM or the newer term for Phishing…
View On WordPress