HTCS Blogs

now browsing by category

 

Website/IP www.jrsurreal.com may be hackable , #hackerproof

Personal Notes: No Personal Notes Industry: Website Vulnerabilities: 4 Scan Date/Time: Fri, 10 Aug 2018 12:49:05 Purchase: Click here to Purchase the Report for $25 YOU CAN VIEW THIS REPORT FOR FREE VIA NATIONAL CYBER SECURITY 5.0 APP FOR YOUR PHONE AND TABLET. GET AmIHackerProof.com For FREE Via NATIONAL CYBER SECURITY 5.0 APP FOR YOUR […] View full post on AmIHackerProof.com | Can You Be Hacked?

Website/IP gcox.com may be hackable , #hackerproof

Personal Notes: No Personal Notes Industry: Accounting/Finance Vulnerabilities: 11 Scan Date/Time: Tue, 11 Sep 2018 06:22:44 Purchase: Click here to Purchase the Report for $25 YOU CAN VIEW THIS REPORT FOR FREE VIA NATIONAL CYBER SECURITY 5.0 APP FOR YOUR PHONE AND TABLET. GET AmIHackerProof.com For FREE Via NATIONAL CYBER SECURITY 5.0 APP FOR YOUR […] View full post on AmIHackerProof.com | Can You Be Hacked?

Website/IP collectivelabs.us may be hackable , #hackerproof

Personal Notes: No Personal Notes Industry: Website Vulnerabilities: 4 Scan Date/Time: Wed, 19 Sep 2018 13:57:02 Purchase: Click here to Purchase the Report for $25 YOU CAN VIEW THIS REPORT FOR FREE VIA NATIONAL CYBER SECURITY 5.0 APP FOR YOUR PHONE AND TABLET. GET AmIHackerProof.com For FREE Via NATIONAL CYBER SECURITY 5.0 APP FOR YOUR […] View full post on AmIHackerProof.com | Can You Be Hacked?

Website/IP solar.lowtechmagazine.com may be hackable , #hackerproof

Personal Notes: No Personal Notes Industry: Blog – Technology Vulnerabilities: 11 Scan Date/Time: Mon, 15 Oct 2018 11:27:39 Purchase: Click here to Purchase the Report for $25 YOU CAN VIEW THIS REPORT FOR FREE VIA NATIONAL CYBER SECURITY 5.0 APP FOR YOUR PHONE AND TABLET. GET AmIHackerProof.com For FREE Via NATIONAL CYBER SECURITY 5.0 APP […] View full post on AmIHackerProof.com | Can You Be Hacked?

Website/IP impots.com may be hackable , #hackerproof

Personal Notes: No Personal Notes Industry: Government Vulnerabilities: 11 Scan Date/Time: Fri, 09 Nov 2018 04:54:08 Purchase: Click here to Purchase the Report for $25 YOU CAN VIEW THIS REPORT FOR FREE VIA NATIONAL CYBER SECURITY 5.0 APP FOR YOUR PHONE AND TABLET. GET AmIHackerProof.com For FREE Via NATIONAL CYBER SECURITY 5.0 APP FOR YOUR […] View full post on AmIHackerProof.com | Can You Be Hacked?

Website/IP impots.cm may be hackable , #hackerproof

Personal Notes: No Personal Notes Industry: Government Vulnerabilities: 1 Scan Date/Time: Fri, 09 Nov 2018 06:02:59 Purchase: Click here to Purchase the Report for $25 YOU CAN VIEW THIS REPORT FOR FREE VIA NATIONAL CYBER SECURITY 5.0 APP FOR YOUR PHONE AND TABLET. GET AmIHackerProof.com For FREE Via NATIONAL CYBER SECURITY 5.0 APP FOR YOUR […] View full post on AmIHackerProof.com | Can You Be Hacked?

October is #National #Cybersecurity #Awareness Month

Source: National Cyber Security – Produced By Gregory Evans

Malware. Ransomware. Data breaches and hack attacks. These may have all been foreign terms just a year ago, but not anymore. Consumers are much more aware of digital threats, thanks in large part to that massive attack on the credit reporting bureau Equifax.

Millions of Americans had their data compromised in that attack. While many took steps to protect themselves, we know a lot of consumers simply ignored the threat altogether.

Are you guilty of procrastinating when it comes to your digital defenses? Don’t worry, now is your chance to act. October is National Cybersecurity Awareness Month. Over the next several weeks, Better Business Bureau Northwest + Pacific will offer you tips and advice to protect yourself, your family, your business and your community.

First things first, follow these steps to protect your personal information:

Keep a clean machine: Ensure all software on internet-connected devices – including PCs, smartphones and tablets – is up to date to reduce risk of infection from malware.

Lock down your login: Your usernames and passwords are not enough for the personal data protection of email, banking and social media. Begin your spring cleaning by fortifying your online accounts and enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device.

Declutter your mobile life: Most of us have apps we no longer use and some that need updating. Delete unused apps and keep others current, including the operating system on your mobile device. An added benefit of deleting unused apps is more storage space and longer battery life. Actively manage your location services, Bluetooth, microphone and camera – making sure apps use them appropriately.

Do a digital file purge: Perform a good, thorough review of your online files. Tend to your digital records, PCs and phones and any device with storage just as you do for paper files. Start removing digital clutter by doing the following:

Clean up your email: Save only those emails you really need, and unsubscribe to email you no longer need/want to receive.

Back it up: Copy important data to a secure cloud site or another computer or drive where it can be safely stored. Password protect backup drives. Make sure to back up your files before getting rid of a device, too.

Stay tuned. Next week we will discuss tips to help protect your business and work information.

For cybersecurity tips, other scams and the latest alerts, download the BBB App at bbbapp.org. Anyone who feels they may be a victim of a cybercrime should report it to local law enforcement and BBB Scam Tracker at bbb.org/scamtracker.

Stephen Mayer is marketplace manager of the Better Business Bureau, serving the Snake River Region from Ontario to Jackson, Wyoming. For more information, visit bbb.org or call (800) 218-1001.

Source: https://www.argusobserver.com/business/october-is-national-cybersecurity-awareness-month/article_ad90f79a-c453-11e8-8f66-93d95f51fefb.html

The post October is #National #Cybersecurity #Awareness Month appeared first on National Cyber Security .

View full post on National Cyber Security

What the #Eir #breach and #GDPR can teach us about #multilayered #data #security

Source: National Cyber Security – Produced By Gregory Evans

Amit Parbhucharan analyses the recent Eir data breach and what it says about the state of GDPR at this early point in its tenure.

Recently, Irish telecommunications company Eir experienced a data breach event in which the theft of a staff member’s laptop resulted in the potential exposure of personal data belonging to 37,000 of its customers. While the laptop itself remained password-protected, the data on it was wholly unencrypted having unfortunately been stolen during a window of time in which a faulty security update from the previous working day rendered the device decrypted and vulnerable.

Because the computer held customer data that included specific names, email addresses, phone numbers and other legally protected data, Eir followed the procedure dictated by the General Data Protection Regulation (GDPR) that went into effect on 25 May, reporting the incident to the Irish Data Protection Commissioner.

‘Portable devices with access to sensitive data will always be an area of potential data breach risk to organisations, and the worst-case scenarios can and will occur’

GDPR introduced data privacy regulations requiring companies to meet specific standards when handling the personal data of EU citizens and residents, including the responsibility to notify the information commissioner’s office within 72 hours of discovering a data breach. GDPR is enforced through steep penalties for non-compliance, which can reach as high as the greater of €20m or 4pc of a business’s total worldwide revenue for the previous year.

However, GDPR regulators will consider an enterprise’s organisational and technological preparedness, and intentions to comply when judging whether such penalties are necessary.

Risky human behaviour

It appears that Eir did many things right in its data breach response. The company demonstrated its established capability to recognise the breach and to report it promptly.

That said, data was still put at risk. Laptops and other such portable devices with access to sensitive data (phones, USB drives etc) will always be an area of potential data breach risk to organisations, and the worst-case scenarios can and will occur. Loss and theft are facts of life, as are other high-risk circumstances that can be much more difficult to anticipate.

In one odd case from our experience, a resident of an in-patient healthcare organisation actually threw a laptop containing protected health data out of a window due to frustration that those devices were for staff use only. A technician deployed to site to understand why the laptop wasn’t online discovered it near the street, where it lay for hours before (luckily, that time) being recovered.

Obviously, wild circumstances like these are unforeseen, but they need to be prepared for nevertheless. There are also those cases where an employee’s lapse in judgement opens the possibility for dire consequences. Laptops get left unattended during credentialed sessions, passwords get written on sticky notes for convenience and stolen along with devices. To ‘Eir’ is human, if you’ll excuse the pun, and small windows of risk too often turn into major (and costly) incidents.

Beyond encryption

This is why organisations need to implement robust, layered data security strategies such that devices have more than one line of defence in place when challenges pop up. Encryption is essential to protecting data, and should serve as the centrepiece of any data security strategy – GDPR compliance requires as much.

But measures must also go beyond encryption. Employee training in secure practices is certainly another critical component to a successful execution. Similarly, capabilities such as those that enable remote data deletion when a device is out of hand offer a reliable safeguard in those circumstances where encryption is rendered ineffective.

‘Each effective layer of data security in place beyond encryption demonstrates a genuine commitment to protecting individual privacy’

Ensuring the security of customer data has always been critical to protecting an organisation’s reputation and maintaining customer trust – GDPR only raises those stakes.

In the unfortunate event that a data breach must be reported under GDPR, and regulators conduct an official audit, each effective layer of security in place beyond encryption demonstrates a genuine commitment to protecting individual privacy. That commitment serves as a positive factor in the eyes of both those auditors and the public who must continue to trust the organisation with their data going forward.

By Amit Parbhucharan

Amit Parbhucharan is general manager of EMEA at Beachhead Solutions, which provides cloud-managed PC and mobile device encryption, security, and data access control for businesses and managed service providers.

Source: https://www.siliconrepublic.com/enterprise/eir-breach-encryption-layered-data-security

The post What the #Eir #breach and #GDPR can teach us about #multilayered #data #security appeared first on National Cyber Security .

View full post on National Cyber Security

Intel asks #customers to #halt #patching for #chip #bug, citing #flaw

Source: National Cyber Security – Produced By Gregory Evans

Intel Corp (INTC.O) said on Monday that patches it released to address two high-profile security vulnerabilities in its chips are faulty, advising customers, computer makers and cloud providers to stop installing them.

Intel Executive Vice President Navin Shenoy disclosed the problem in a statement on the chipmaker’s website, saying that patches released after months of development caused computers to reboot more often than normal and other “unpredictable” behavior. 

“I apologize for any disruption this change in guidance may cause,” Shenoy said. “I assure you we are working around the clock to ensure we are addressing these issues.”

The issue of the faulty patches is separate from complaints by customers for weeks that the patches slow computer performance. Intel has said a typical home and business PC user should not see significant slowdowns.

Intel’s failure to provide a usable patch could cause businesses to postpone purchasing new computers, said IDC analyst Mario Morales.

Intel is ”still trying to get a handle on what’s really happening. They haven’t resolved the matter,” he said.

Intel asked technology providers to start testing a new version of the patches, which it began distributing on Saturday.

The warning came nearly three weeks after Intel confirmed on Jan. 3 that its chips were impacted by vulnerabilities known as Spectre and Meltdown, which make data on affected computers vulnerable to espionage.

Meltdown was specific to chips from Intel, as well as one from SoftBank Group Corp’s (9984.T) ARM Holdings. Spectre affected nearly every modern computing device, including ones with chips from Intel, ARM and Advanced Micro Devices Inc (AMD.O).

Problems with the patches have been growing since Intel on Jan. 11 said they were causing higher reboot rates in its older chips and then last week that the problem was affecting newer processors.

The post Intel asks #customers to #halt #patching for #chip #bug, citing #flaw appeared first on National Cyber Security .

View full post on National Cyber Security

SANS London March

Source: National Cyber Security – Produced By Gregory Evans

General Cybersecurity Conference

 March 5 – 10, 2018 | London, United Kingdom

Cybersecurity Conference Description 

* Choose from 10 hands-on cyber security courses.
* Prepare for: GSEC, GCED, GCIH, GMON, GXPN, GCFA, GNFA, GCTI and GREM Certifications.
* Take SANS Training in a classroom-like environment and under the supervision of a SANS Instructor.

The following SANS Instructors will be teaching courses at SANS London 2018:

Keith Palmgren – Keith has over 30 years experience working in cyber security and runs his own consultancy practice. He holds 11 security certifications and is the course author of SEC301.

Bryce Galbraith – Bryce is currently the owner of Layered Security where he provides specialised vulnerability assessment and penetration testing services for clients. He teaches several of the SANS Institute’s most popular courses and develops curriculum around current topics.

Chris Pizor – Chris is a civilian employee working for the U.S. Air Force as the lead curriculum designer for cyber warfare operations training. Chris served on active duty in the USAF as a Network Intelligence Analyst before retiring in 2010. He was part of the initial cadre of the NSA Threat Operations Centre and helped develop tactics to discover and eradicate intrusions into U.S. government systems.

James Lyne – James is Global Head of Security Research at the security firm Sophos. He is a self-professed ‘massive geek’ and has technical expertise spanning a variety of the security domains from forensics to offensive security.

Stephen Sims – Stephen is an industry expert with over 15 years of experience in information technology and security. Stephen currently works out of San Francisco as a consultant performing reverse engineering, exploit development, threat modelling, and penetration testing.

The post SANS London March appeared first on National Cyber Security .

View full post on National Cyber Security