Towerwall's InfoSec Blog

Watch out for April Fools scamming on Friday by Kevin Frey Annually, businesses and organizations often put up jokes or pranks for April Fools’ Day. Google, Starbucks, Amazon, etc. are frequent participants. E.g. Last year, Amazon revamped their site to look their old, original 1999 version... and Google (known for multiples) turned its "Maps" app into the classic arcade game "Pac-Man." However, it is important to remember to think twice before clicking on things you receive on email or see onfalse

Complacency in addressing known vulnerabilities puts users at risk If you have even a passing interest in security vulnerabilities, there’s no chance that you missed the news about the DROWN vulnerability. It’s one of the biggest vulnerabilities to hit since Heartbleed, potentially impacting a third of all HTTPS websites. By exploiting the obsolete SSLv2 protocol, this flaw makes it possible for an attacker to eavesdrop on a TLS session. Because we use SSL and TLS encryption to shop, sendfalse

According to Cisco’s 2015 Annual Security Report, 91 percent of companies have an executive with direct responsibility for security, but only 29 percent of them have a Chief Information Security Officer.

Click here for more information & to register! Please save the date and plan to join us for this timely forum on what you need to know about the latest security issues, threats, and technologies that will help you protect your business!

Privacy and data protection issues confront all organizations—whether you handle employee information, credit card data, sensitive financial information, or trade secrets. Securing data is a daunting task that is further complicated by cross-border transfer issues and the differences in privacy laws around the world. The team at BakerHostetler has developed a prompt and practical PDF to assist and inform your data protection policies. Download the 2015 International Compendium of Data Privacyfalse

10. A hedge against a breach A virtual chief information security officer can serve as security consul or as an interim CISO to fill the gaps during a planned information-technology security policy review. Better to be safe than sorry.

As threats evolve and grow more sophisticated, securing IT systems is more important than ever. We may welcome in the New Year with open arms, but we must also prepare for the cybersecurity threats ahead of us. The 2015 Cost of Data Breach Study from IBM and the Ponemon Institute put the average cost of a data breach at $3.79 million, and that figure is expected to grow in the year ahead. With the right resolutions, you can drastically reduce your chances of falling prey to cybercriminals.

Ransomware-as-a-service, help desks, third parties -- all point to a mature yet illegal enterprise undergoing serious growth. Here are tips to protect yourself and your company. Ransomware is big business. Over the last few years we've observed the steady rise of ransomware, with some trepidation. It is fast becoming a multi-billion dollar business, and it's getting surprisingly sophisticated. The ransomware industry is continually innovating, offering cybercriminals new technology, variousfalse

Friday, May 20 2016 (Training) Saturday, May 21 2016 (Conference) Follow BSidesBoston on Twitter: #BSidesBOS @BsidesBoston @MicrosoftNERD Questions: help@bsidesboston.org

Online security trends continue to evolve. This year, online extortion will become more prevalent. We also expect that at least one consumer-grade IoT smart device failure will be lethal. Ransomware will make further inroads, since the majority go unreported. China will drive mobile malware growth to 20M, and cybercrime legislation will take a significant step towards becoming a truly global movement. Here are five information security trends on track for the New Year: