Towerwall's InfoSec Blog

Check out this infographic for the numbers behind BYOD.

By: Solange_Desc1 Security researchers have discovered a new software bug known as the “Bash Bug” or “Shellshock,” or to those more technically “in-the-know” as GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271)(link is external). This bug, more correctly termed, ‘vulnerability’, potentially allows attackers to gain control over targeted computers. The bug is present in a piece of computer software called, Bash, that is typically found on computers running an operating system calledfalse

by Paul Ducklin on September 3, 2014

10. Don't trust uniforms. Wearing shirts with company logos on them can be enough to gain access to restricted areas. Verify that visitors really are who they say they are.

Towerwall Application Security Alert Vol 13.73 Hackers have amassed a vast collection of stolen data, including 1.2 billion unique username/password pairs, by compromising over 420,000 websites using SQL injection techniques. Researchers monitored the gang for over seven months, thought to be "fewer than a dozen men in their 20s who know one another personally" based in a small city in central Russia. They found that the group, working together since at least 2011, had rented time on false

1.2 billion logins scooped up by CyberVor hacking crew - what you need to do Hackers have amassed a vast collection of stolen data, including 1.2 billion unique username/password pairs, by compromising over 420,000 websites using SQL injection techniques. Researchers monitored the gang for over seven months, thought to be "fewer than a dozen men in their 20s who know one another personally" based in a small city in central Russia. They found that the group, working together since at least 2011,false

Despite all the news about hackers infiltrating major corporations, most businesses continue to leave themselves woefully unprotected. Some surveys estimate more than 70% of businesses perform vulnerability tests on less than 10% of their cloud, mobile and web applications. A majority also confess they have been hacked at least once in the last two years. While most large businesses have begun application vulnerability testing, there is still a long way to go. After all, you are only asfalse

Four major challenges when protecting apps and how to solve them Despite all the news about hackers infiltrating major corporations, most businesses continue to leave themselves woefully unprotected. Some surveys estimate more than 70% of businesses perform vulnerability tests on less than 10% of their cloud, mobile and web applications. A majority also confess they have been hacked at least once in the last two years. While most large businesses have begun application vulnerability testing,false

When an international law enforcement action earlier this month knocked out theGameover botnet, one happy consequence was the takedown of the servers that the CryptoLocker ransomware needed in order to do its dirty work. Well, any celebration over CryptoLocker’s demise is certainly premature - encrypting ransomware is alive and well. With many victims paying up, ransomware is a lucrative business for the crooks, and CryptoLocker has inspired copycats who want in on the loot.

A new ransomware program, known as Cryptolocker, was identified recently. Ransomware can freeze your computer and ask you to pay a fee, but this malicious ransomware does more than just that. (You can use a anti-virus tool to remove the virus.) Cryptolocker is different from other ransomware due to the fact that it allows your computer and software to run while your personal files, such as documents, spreadsheets, and images, are encrypted. The only copy of the decryption key is then saved ontofalse