Towerwall's InfoSec Blog

10. Don't trust uniforms. Wearing shirts with company logos on them can be enough to gain access to restricted areas. Verify that visitors really are who they say they are.

Criminals are evolving with their techniques for hacking and breaching corporate assets, so security managers need to as well. Here are some ways companies are going beyond standard pen testing in order to increase awareness By Maria Korolov Security professionals have long been running penetration tests against their firewalls and other security systems to find weaknesses that need to be addressed. The Common Vulnerability Scoring System is an industry standard, but has been around for afalse

Hi all, there is an e-mail scam doing the rounds. The message is an invite from some random person you won’t know with a link (how original). If you get such a message don’t use the link, check your LinkedIn account as if it’s a legit request it will be there waiting for approval. Even if it is legit, make sure you vet all invite requests carefully. I have had several dodgy requests from what I believe to be bogus profiles who are likely up to no good. LinkedIn is about the quality of yourfalse

Everyday there is a new threat with seemingly innocent emails being sent out that look close to an official correspondence from a company, from Paypal, ADP and BBB - to name a few. Cybercriminals are mimicking the online payment processor PayPal in a malicious spam campaign that attempts to dupe customers into downloading malware from links in seemingly authentic emails, according to a Webroot report written by Dancho Danchev. The piece of malware in use here is a backdoor that, oncefalse

According to the article in Dark Reading, Study: Phishing Messages Elude Filters, Frequently Hit Untrained Users, many people are still being tripped up by phishing emails. The article summarizes the findings of a survey that was conducted at the Black Hat USA security conference held in July 2012. Of the 250 conference attendees that were polled, 69% said that phishing messages get past spam filters and into users’ inboxes on a weekly basis. Over 25% indicated that top executives and otherfalse

Beware any emails which claim to come from privacy@microsoft.com - it could be that you're being targeted in an attack designed to steal your AOL, Gmail, Yahoo or Windows Live password. At first glance, if you don't look too carefully, the emails entitled "Microsoft Windows Update" may appear harmless enough. But the grammatical errors and occasional odd language should raise alarms bells that the emails may not really be from Microsoft. Dear Windows User, It has come to our attention thatfalse

Cybercriminals have spammed out malware, attached to emails claiming to be related to discounts for offers on Groupon. The emails, which have the poorly spelt subject line of "Groupon discount gifts" (in itself something which should ring alarm bells), pretend to come from Groupon, and claim that one of your friends has found a deal on the website. The website says that your friend has decided to share the deal with you, and that you are receiving a discount code as a result. Part of the emailfalse

Cybercriminals are attempting to infect the computers of internet users, via a spammed-out email that has a malware-infected file attached. Computer users are being warned to be wary of email messages which suggest they contain nude photographs of girlfriends, or claim that they have been reported to the police, as the attached file (Photo.zip) really contains a Trojan horse. There are many different subject lines being used in the malware campaign, including: