Towerwall's InfoSec Blog

For those on our Security Alert and Update list we just emailed this great article by Graham Cluley on the worst possible passwords you could ever choose. Many of you know this is something we preach to our clients on a regular basis and is part of our comprehensive 4E Program. Too many internet users are making poor decisions when choosing their passwords. We've spoken time and time again about the importance of choosing hard-to-crack, unguessable, unique passwords that (provided the websitefalse

TrendMicro has uncovered certain Android apps (detected as ANDROIDOS_BOTPANDA.A) containing a malicious library file, which when executed, renders the infected device as a zombie device that connects to specific command and control (C&C) servers. What is also noteworthy about this file is that it hides its routines in the dynamic library, making it difficult to analyze. The malicious library libvadgo contained in ANDROIDOS_BOTPANDA.A was developed via NDK and loaded using Java Native Interface.false

Many IT departments have weak patching processes - especially on the client-side. And it's no wonder - patching is tough. Across all industries and platforms, the Window of Exploit (WOE) - that is, the time lag between announced discovery and the availability of a patch - for web-based vulnerabilities is a whopping 233 days, according to WhiteHat Security. This leaves your organization exposed for an unacceptably long period of time. It may not be glamorous, but a meticulous patching program isfalse

Web applications – particularly those facilitating collaboration and communication – are a boon to sales, marketing and productivity. Teams work together more effectively, salespeople enjoy better leads and marketing tools and customer service reps can more closely connect with those they serve. All of these gains, though, come at a cost: risk. By their very nature, Web applications circumvent many enterprise security controls. They are designed to enable communication, not security. A paper byfalse

There was a recent article in the Wall Street Journal in which the top cyber cop Shawn Henry, spoke how we are loosing the battle with the hackers. At times the hackers can keep up us all night worrying about our networks, employee actions whether intentional or not, we need to remain vigilant and on the offensive to prevent attacks. Government regulations are not going to control hackers in fact they probably will make companies less secure. Vigilance on the part of organizations will helpfalse

Join us for an unprecedented security event! Friday, April 13th, 8:00 am - AMC Movie Theatre Framingham, MA Join Towerwall, Trend Micro, Application Security Inc., Sophos, Varonis, Vormetric and WAVE for a brief presentation on data and network security followed by a free breakfast and screening of the world premiere movie: The Three Stooges. Click here to reserve your space today! For more information, contact Andrea at 774-204-0700 or email at - andreah@towerwall.com.

Boston Business Journal asked Towerwall for required reading for every entrepreneur. Michelle Drolet recommends “The Power of Nice” by Linda Kaplan Thaler and Robin Koval. Nice companies have lower turnover and higher productivity. Click here to read the article.

Thanks to the blackout of Wikipedia and the efforts of Google and Facebook, the federal bills known as SOPA (Stop Online Piracy Act) and PIPA (Protect IP Act) have been put on the back burner for revision. The actions last month by the three websites generated millions of protest emails against the controversial legislation. But as unpopular as the bills are because of their perception as going against the spirit of keeping the Internet free and open, the problem of stolen goods continues to befalse

The headline reads, “FBI warns of new malware targeting bank accounts," but it could just as well say, “More new victims born from opening emails.” From the simple act of opening an email and clicking on an attachment, the victim's username and password to their bank accounts are stolen by a process called keylogging, where the info is presto, logged directly from your very fingers as you type in your credentials. What's scary is that bogus emails can appear to come from someone you know is afalse

On Jan. 5, federal law enforcement seized several automobiles worth about $100,000 in value. They had belonged to the former president of the Massachusetts Bank and Trust Company and were taken as restitution for his defrauding the bank in 1997. It seems that not a day passes by when news of banking-related fraud, money laundering, or a privacy violation is reported. Last year in May, Bank of America sustained a $10-million loss when an insider sold the bank’s customer data to organizedfalse