Insider Threat
There are colleges and universities located throughout the nation in small and large communities. One of these of special notice is the Savannah College of Art and Design (SCAD), located in Georgia. The school naturally has to monitor and secure the campus. The area could not be open and accessible to anyone without having some form of a staff there to protect the students. SCAD, to accomplish this, contracted with G4S Secure Solutions. Unauthorized Data Exfiltration There we
One of the last things they needed: Minnesota Department of Human Services Phished
The state agencies tend to be in a rather unique circumstance. The revenue source is relatively stable year after year. Their circumstances are not like a retailer which can have a sale and generate additional revenue/income periodically through the year. On the other side are the expenses. These generally increase annually at various levels based on the products or services. Inflation does not stop, increasing the expenses or inputs to the product or service. The municipalit
Employees continue to be a viable internal threat
Employees continue toThe InfoSec team for a business plan at length for attacks from the various sources, and compromises, if these were to occur, in the form of incident response. These external threats are from across the globe and take a significant amount of time to plan for. The teams may harden the network, provide training, and other measures against these external threats. One area, however, that has not been significantly examined has been the insider threat. This is
New FTC Small Business Online Resources
Small businesses now have an online resource center, provided by the U.S. Federal Trade Commission (FTC) that focuses on cybersecurity tips and advice. The FTC has two primary focuses 1) protect consumers and 2) promote competition. Strong cybersecurity measures adhered to by small businesses can help do both. The FTC collaborated with the U. S. Department of Commerce National Institute of Standards (NIST), U. S. Small Business Administration (SBA), and the Department of Hom
PDQ Restaurants: Issues
PDQ is a chain restaurant in several states in the US. Although based in Florida, the chicken chain had grown through many states northward. Although popular, there was recently an issue affecting primarily the restaurants in the Triangle in North Carolina (NC). Attack If you enjoyed eating at the restaurant within the last year and paid with a credit card, it would be prudent to check your credit accounts in detail, as the credit card information may have been affected by an
Three Days of the Cosmos Bank
Banks are a universal feature through the world. These are present in the varied governmental forms, in various asset sizes, and to make loans in various amounts. The loan sizes vary from the micro-loan of a few hundred dollars to millions of dollars in most cases. India is no different than the other countries as it relates to banking. One of the banks in India is Cosmos Bank, which is the 2nd largest cooperative bank. The bank is based in the western city of Pune. Attack B
Tips Small Businesses on Printer Security
A new printer comes with so many fabulous features. It is like a mini-computer into itself. And there lies a problem. Like a mini-computer or Internet of Things device, it can be hacked. And hackers are finding printers an attractive option for penetrating computer networks. In one study of over 200 companies, more than half had a data breach linked to a printer security gap. Some security experts believe that printer cyber-attacks will grow as more hackers start to use unsec
Data breach at ed tech
Data breach at Chegg Inc. is a publicly traded company, which went public in 2013. The company, based in the US, rents online textbooks, and offers tutorials. Thus, the company does hold and manage sensitive and confidential client information. As this is the case, and the data is very marketable, the company would naturally be a target. Issue! The company was targeted and experienced a data breach. Chegg learned of the breach on September 19, 2018. This is the good news. The
Attacking the power grid: Kyiv Targeted
The power grid, along with other utilities continue to not receive their due cybersecurity attention. Unfortunately, the population does not appreciate, in general, how very vulnerable a significant portion of these are. More to the point the subsequent potential affects of a breach (i.e. no electricity for extended periods) are not appreciated...until it happens to a set of users. Attackers Well, this issue has two sides, as do most. While one side has not given this the app