Towerwall's InfoSec Blog

In a great article by Ted Samson at InfoWorld, that not even a complex, 16-character password guarantees that your cloud-based data and devices are secure. Here is what Ted had to say: This past weekend, Apple co-founder Steve Wozniak predicted that cloud computing would yield "horrible problems" in coming years. By extraordinary coincidence, Wired reporter Mat Honan experienced firsthand a series of horrible, cloud-related problems, all of which reportedly started when an unnamed Applefalse

Cybercriminals have spammed out malware, attached to emails claiming to be related to discounts for offers on Groupon. The emails, which have the poorly spelt subject line of "Groupon discount gifts" (in itself something which should ring alarm bells), pretend to come from Groupon, and claim that one of your friends has found a deal on the website. The website says that your friend has decided to share the deal with you, and that you are receiving a discount code as a result. Part of the emailfalse

For those on our Security Alert and Update list we just emailed an article by Graham Cluley on how a malware attack spread as email from your office's HP scanner, yes that's right a scanner! In these high-tech times, scanners and photocopiers aren't just dumb machines sitting in the corner of the office. They are usually connected to the corporate network, and - in some cases - can even email you at your desk to save you having to wear out your shoe leather. And it's precisely thisfalse

For those on our Security Alert and Update list we just emailed this great article by Graham Cluley on the worst possible passwords you could ever choose. Many of you know this is something we preach to our clients on a regular basis and is part of our comprehensive 4E Program. Too many internet users are making poor decisions when choosing their passwords. We've spoken time and time again about the importance of choosing hard-to-crack, unguessable, unique passwords that (provided the websitefalse

Like it or not, the line between the workplace and the home is blurring. Work-at-home arrangements are becoming more common and cloud services make it easier to coordinate teams online. People are constantly on call, with the ability to check their emails and stay in touch wherever they are. The days of having a personal mobile and a work device are fast disappearing as the BYOD (Bring Your Own Device) trend continues to grow. A recent SkyDox survey survey found that 77 percent of informationfalse

Cybercriminals are attempting to infect the computers of internet users, via a spammed-out email that has a malware-infected file attached. Computer users are being warned to be wary of email messages which suggest they contain nude photographs of girlfriends, or claim that they have been reported to the police, as the attached file (Photo.zip) really contains a Trojan horse. There are many different subject lines being used in the malware campaign, including:

TrendMicro has uncovered certain Android apps (detected as ANDROIDOS_BOTPANDA.A) containing a malicious library file, which when executed, renders the infected device as a zombie device that connects to specific command and control (C&C) servers. What is also noteworthy about this file is that it hides its routines in the dynamic library, making it difficult to analyze. The malicious library libvadgo contained in ANDROIDOS_BOTPANDA.A was developed via NDK and loaded using Java Native Interface.false

Many IT departments have weak patching processes - especially on the client-side. And it's no wonder - patching is tough. Across all industries and platforms, the Window of Exploit (WOE) - that is, the time lag between announced discovery and the availability of a patch - for web-based vulnerabilities is a whopping 233 days, according to WhiteHat Security. This leaves your organization exposed for an unacceptably long period of time. It may not be glamorous, but a meticulous patching program isfalse

Web applications – particularly those facilitating collaboration and communication – are a boon to sales, marketing and productivity. Teams work together more effectively, salespeople enjoy better leads and marketing tools and customer service reps can more closely connect with those they serve. All of these gains, though, come at a cost: risk. By their very nature, Web applications circumvent many enterprise security controls. They are designed to enable communication, not security. A paper byfalse

There was a recent article in the Wall Street Journal in which the top cyber cop Shawn Henry, spoke how we are loosing the battle with the hackers. At times the hackers can keep up us all night worrying about our networks, employee actions whether intentional or not, we need to remain vigilant and on the offensive to prevent attacks. Government regulations are not going to control hackers in fact they probably will make companies less secure. Vigilance on the part of organizations will helpfalse