IT Specialist & Developer
IT Specialist Personal Blog, Specialized in Information Security, Compliance, Business Development, and Active Software Developer
-
No Comments
On April 8, Microsoft officially ended all support and ceased providing updates for their Windows XP operating system. This “end of life” (EOL) announcement is not uncommon with software platforms, where continued support of aging software (XP is more than a dozen years old) becomes too expensive or too impractical, and the user is thus encouraged to upgrade to a newer version of that software. Read the rest of this entry »
-
No Comments
Ignite Visibility has released a comprehensive resource on the Heartbleed Bug and provides quick tips on how to handle the Bug.
San Diego, CA (PRWEB) April 15, 2014
Ignite Visibility, a premier Internet marketing company based in San Diego, has released a comprehensive resource on the Heartbleed Bug.
-
No Comments
Cylance Founder And CEO Stuart McClure
If you are familiar with the world of computer and network security, there is a very good chance you are familiar with Stuart McClure. At the very least, the name probably rings a bell.
I have actually known Stuart for over a decade now. We were doing ask-me-anything style chat sessions before Reddit made it cool. When I first began writing as the About.com Guide for the Internet / Network Security blog, I hosted an online chat session with Stuart and George Kurtz back when they were still leading Foundstone to talk about their book Hacking Exposed. That book is now in its seventh edition, and is an icon of the information security world.
-
No Comments
Is your phone data secure enough? Pic: thetechjournalcomUS President Barack Obama once used a BlackBerry as his trusty smartphone of choice instead of other smartphone brands. This is because of BlackBerry’s superior security protocol which is said to be impenetrable.
-
No Comments
Clearly written and easy to use, Payment Card Industry Data Security Standard Handbook is your single source along the journey to compliance with the Payment Card Industry Data Security Standard (PCI DSS), addressing the payment card industry standard that includes requirements for security management, protection of customer account data, policies, procedures, network architecture, software design, and other critical protective measures. This all-inclusive resource facilitates a deeper understanding of how to put compliance into action while maintaining your business objectives.
-
No Comments
The Mariposa botnet had the power to dwarf Georgia and Estonia cyberattacks if it had been used to launch denial of service attacks, say Spanish police.
The Mariposa botnet had the power to dwarf Georgia and Estonia cyberattacks if it had been used to launch denial of service attacks, say Spanish police.
Months of investigations by the Guardia Civil in Spain, the FBI and security firm Panda Security and Defence Intelligence led to the takedown of the 12.7 million strong zombie network in December and the arrest of three suspects in Spain two months later.
-
No Comments
The final HIPAA Omnibus Rule is slated to go into effect later this year. How should we rework our business associate contracts? If a business associate finds itself in hot water for a HIPAA compliance violation, we don’t want to be dragged along with it.
-
No Comments
Could you explain the recent flaw that was discovered in the RC4 encryption algorithm? What are the practical security implications for the security of HTTPS Web connections, and how should organizations ensure they won’t be vulnerable to an attack on the weakness?
-
No Comments
We’re interested in implementing a data-classification program to lower our compliance costs. We’d like to establish different sets of controls for different data types. However, we’re struggling to define our data-classification levels. How do you recommend structuring the data-classification scheme for a Fortune-500-type company?
-
No Comments
I read recently that a PCI DSS official recommended a “risk-based approach” to PCI that allows for partial compliance by meeting the compliance obligations in stages. Is there such a thing, and is it a practical way to achieve PCI compliance?
