Security

Having just returned home to New Jersey from Cisco Live US in Orlando, Florida, I thought I’d share my experiences as a Network Security Engineer both attending and presenting at this year’s conference. There were approximately 20,000 attendees at this year’s conference, which I believe set a new Ci…

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Omnibus Final Rule, released January 2013, introduced some significant changes and updates. At the same time, over 100 HIPAA audits concluded in 2012. The Office of Civil Rights (OCR) released initial analysis of these audits in…

Within many organisations offering online services to the public, there must be a great temptation to expire redundant user accounts that occupy desirable user IDs but which are never used by their users. Presumably the user IDs have been registered by someone, used on a couple of occasions, and the…

It is not new that people are referring to Bring Your Own Device (BYOD) as Bring Your Own Malware (BYOM). In 2012 alone, Android malware encounters grew 2,577 percent (for details, see Cisco’s Annual Security Report). Many organizations are struggling to keep up with the BYOD trend by allowing…

UPDATE: This blog post is related to the redirection of domain name servers that occurred back in June 2013.  This post is NOT related to the ongoing activity occuring July 16, 2013.  Cisco TRAC is currently analyzing the ongoing issues with Network Solutions’ hosted domain names and has more…

Are you thinking about the evolving threat landscape? You should be. Each day, new vulnerabilities are found and new exploits are crafted. Attackers are becoming increasingly sophisticated, while industry trends such as cloud computing and mobility are rapidly expanding the attack surfaces. Your mob…

Back in the old days, when security was much more of an afterthought, it was obvious that miscreants were familiar with the principle of least effort. Information security was still in its Wild West days. Managed disclosure and patching did not really exist. Most companies were just coming to realiz…

On June 6, 2013, malwaretracker.com released an analysis of Microsoft Office-based malware that was exploiting a previously unknown vulnerability that was patched by MS12-060. The samples provided were alleged to be targeting Tibetan and Chinese Pro-Democracy Activists. On June 7, 2013, Rapid7 relea…

Life is generally a lot easier when you have all the facts.  Especially if those facts are actually accurate.  Nowhere does this ring more true than in the life of an IT professional. Often times a day in an IT shop is a lot like that grade school game of telephone where information gets passed down…