IT Specialist & Developer

IT Specialist Personal Blog, Specialized in Information Security, Compliance, Business Development, and Active Software Developer

  • Ignoring XP End Of Life May Make Your Company An Attractive Target

    On April 8, Microsoft officially ended all support and ceased providing updates for their Windows XP operating system. This “end of life” (EOL) announcement is not uncommon with software platforms, where continued support of aging software (XP is more than a dozen years old) becomes too expensive or too impractical, and the user is thus encouraged to upgrade to a newer version of that software. Read the rest of this entry »

    No Comments

  • Ignite Visibility Provides Resources on Heartbleed Bug

    Ignite Visibility has released a comprehensive resource on the Heartbleed Bug and provides quick tips on how to handle the Bug.

    San Diego, CA (PRWEB) April 15, 2014heartbleed infographic

    Ignite Visibility, a premier Internet marketing company based in San Diego, has released a comprehensive resource on the Heartbleed Bug.

    Read the rest of this entry »

    No Comments

  • In Their Own Words

    Cylance Founder And CEO Stuart McClure

    Stuart McClure

    If you are familiar with the world of computer and network security, there is a very good chance you are familiar with Stuart McClure. At the very least, the name probably rings a bell.

    I have actually known Stuart for over a decade now. We were doing ask-me-anything style chat sessions before Reddit made it cool. When I first began writing as the About.com Guide for the Internet / Network Security blog, I hosted an online chat session with Stuart and George Kurtz back when they were still leading Foundstone to talk about their book Hacking Exposed. That book is now in its seventh edition, and is an icon of the information security world.

     

    Read the rest of this entry »

    No Comments

  • Is The Exchange Of Personal Information In Your Smartphone Secure?

    Is your phone data secure enough? Pic: thetechjournalcom

    Is your phone data secure enough? Pic: thetechjournalcomUS President Barack Obama once used a BlackBerry as his trusty smartphone of choice instead of other smartphone brands. This is because of BlackBerry’s superior security protocol which is said to be impenetrable.

    Read the rest of this entry »

    No Comments

  • Important lessons from the Target data breach

    Personal Finance: Important lessons from the Target data breach

    Chris Hopkins
    • photo

    The massive hacking attack against Target stores last month marks a turning point in how we view data security in the United States. Heretofore, major incidents involving loss or theft of customer information have been relatively few and ultimately resulted in little disruption. For that reason, American merchants have been slow to adopt more robust and technologically advanced countermeasures. That is about to change.

    The sheer magnitude of the Target infiltration is without precedent. Credit card data on 40 million customers, plus personal information about another 70 million was apparently compromised. And Target is by no means the only company victimized in recent weeks, just the largest. Policy changes and technological upgrades are coming that will address some of these audacious capers, but the most important lesson is that each of us should rethink how we do business.

    Read the rest of this entry »

    No Comments

  • Monster botnet held 800,000 people’s details

    The Mariposa botnet had the power to dwarf Georgia and Estonia cyberattacks if it had been used to launch denial of service attacks, say Spanish police.

    The Mariposa botnet had the power to dwarf Georgia and Estonia cyberattacks if it had been used to launch denial of service attacks, say Spanish police.

    Months of investigations by the Guardia Civil in Spain, the FBI and security firm Panda Security and Defence Intelligence led to the takedown of the 12.7 million strong zombie network in December and the arrest of three suspects in Spain two months later.

    Read the rest of this entry »

    No Comments

  • How to change BAAs to comply with the HIPAA Omnibus Rule 2013

    The final HIPAA Omnibus Rule is slated to go into effect later this year. How should we rework our business associate contracts? If a business associate finds itself in hot water for a HIPAA compliance violation, we don’t want to be dragged along with it.

    No Comments

  • RC4 attack details: Can the RC4 encryption algorithm protect SSL/TLS?

    Could you explain the recent flaw that was discovered in the RC4 encryption algorithm? What are the practical security implications for the security of HTTPS Web connections, and how should organizations ensure they won’t be vulnerable to an attack on the weakness?

    No Comments

  • Data-classification levels for compliance: Why simple is better

    We’re interested in implementing a data-classification program to lower our compliance costs. We’d like to establish different sets of controls for different data types. However, we’re struggling to define our data-classification levels. How do you recommend structuring the data-classification scheme for a Fortune-500-type company?

    No Comments

  • Understanding the PCI DSS prioritized approach to compliance

    I read recently that a PCI DSS official recommended a “risk-based approach” to PCI that allows for partial compliance by meeting the compliance obligations in stages. Is there such a thing, and is it a practical way to achieve PCI compliance?

    No Comments
 
Designed by 110Words InfoZoft
Copyright © 2008 · IT Specialist & Developer