When Startups Forget To Lock Their Doors.

This is a HUGE target-rich environment for cybercriminals. Companies spend money building their products, their sites, and their customer bases. But, they completely forget (or perhaps remain willfully ignorant to) the need for effective cybersecurity.  Startups (and even more established companies) spend millions on development and marketing, but they host their sites on $59/month "cloud-based solutions."  It's absurd, and the criminals know (and love) it.

Source: NYTimes (http://nyti.ms/1mSWd5y)

Hackers Show They've Stolen 828GB of Data from The Las Vegas Sands

The hackers that breached and defaced the websites of several casinos owned by Las Vegas Sands Corp last week have published a video to demonstrate that they’ve stolen 828GB of files from the company’s systems.  The data apparently stolen by the hacktivists hasn’t been published online. They’ve only made the video to show that it’s stored on a local hard drive.

Read more...
(The Story: http://bit.ly/1fvKQaf)  (The Video: http://bit.ly/1kSatcS)

WSJ Report: Half of IT Execs Don’t Tell Boards Truth About Breaches  (It only gets worse.)

CIOs and chief information security officers often tell company executives that cybersecurity breaches are under control, even when they’re not sure that’s the case, according to a survey released Wednesday by IT research firm Ponemon Institute LLC. The survey of 1,083 IT and IT security workers conducted in January 2014 shows that when reporting on cyber attacks to their CEOs and boards of directors, 19% say their CISOs “make a best guess based on initial information,” and 36% say they “take action on what is known and tell the CEO it’s been taken care of.” Overall, 55% make assertions that they can’t actually support. Only 39% tell their CEOs and boards, “it’s too early [to know] and more time is needed to investigate.”

Read the entire WSJ story.

Compliance IS NOT Security, Again.

Here is yet another example of how compliance is not security.

"Restaurant Depot, a College Point, N.Y.-based wholesale supplier, has notified officials in several states of a point-of-sale network breach that exposed a yet-to-be-determined number of customer debit and credit cards.  The company experienced a similar breach in 2011 that affected more than 200,000 individuals. Company officials say they took steps to enhance point-of-sale security after that incident."

At Razorpoint Security, we are constantly analyzing new ways to protect our clients' data and network environments. Contact us today for a real-world analysis of your company's security.

[Source: Bank Info Security - Wholesaler's POS Network Hacked Again]

Watching China While They Watch Us

While China's growing business economy continues to be the popular media story of the last five years, many of its tactics to reach these high levels of productivity have come under scrutiny. Foreign reporters have sent back their observations from the field, which include stories of oppressive labor factories that crank out most of the First World Nations's gadgets. However, China is not only making the gadgets. They're also developing the ability to have our gadgets watch us at work.

The New York Times reports: "'If a company has significant intellectual property that the Chinese and Russians are interested in, and you go over there with mobile devices, your devices will get penetrated,' said Joel F. Brenner, formerly the top counterintelligence official in the office of the director of national intelligence."

The Chinese and Russians have been stealing business and government secrets from all over the globe. Even large cyber security companies like McAree are left somewhat vulnerable.

"What might have once sounded like the behavior of a paranoid is now standard operating procedure for officials at American government agencies, research groups and companies that do business in China and Russia — like Google, the State Department and the Internet security giant McAfee. Digital espionage in these countries, security experts say, is a real and growing threat — whether in pursuit of confidential government information or corporate trade secrets."

At Razorpoint Security, we are constantly looking at new ways to protect your data locally and internationally. Contact us today for how we can save your information for tomorrow.

[Source: The New York Times - Traveling Light in a Time of Digital Thievery]

Along with Falling Stock Prices, Banks Fret Over Cyber Security

In a new survey conducted by Fundtech, a global supplier of banking software, 100 executives from 50 financial institutions were asked what some of the biggest challenges the industry faced. In a dramatic uptick from last year, 65% said fraud monitoring has become an increasing concern. Last year's poll put that number at 53%.

According to Credit Union Times, who carried the story, "74%[of executives surveyed] said they think theihttp://www.blogger.com/img/blank.gifr small and medium-sized enterprise customers would be willing to change financial institutions to get better security and 79% said thttp://www.blogger.com/img/blank.gifhey think that 'only a small fraction of their business client base understands their liability for fraudulent transactions.'"

"'With little expectation that cyber attacks will be brought under control anytime soon, banks, their customers and their technology suppliers must collaborate in order to effectively quell this growing challenge,' said George Ravich, Fundtech’s chief marketing officer."

This is all the more reason to find out what Razorpoint Security can do for safeguarding your online business in retaining and building customer confidence.

Mobile Payment Device Square Shows It's Not In Shape Yet

The tech world has been buzzing for the last year about the mobile payment device Square. Its inventor, Jack Dorsey, who also founded Twitter, has been marketing it as a boon for small businesses and independent vendors.

But it could be cyber criminals who profit the most, stealing credit card data from the device's easily hacked audio recognition software. Tech blog Mashable reports:

Adam Laurie and Zac Franken, directors of Aperture Labs, discovered that due to a lack of encryption in the current Square app and free dongle for swiping cards, the mobile payment system can be used to steal credit card information, without even having the physical credit card.

Square works by converting credit card data into an audio file that is then transmitted to the credit card issuer for authorization.

In order to bypass the need to swipe a card, Laurie wrote a simple program — in fewer than 100 lines of code — that enables him and Franken to feed magnetic strip data from stolen cards into a microphone and convert that data into an audio file. Once that is played into the Square device via a $10 stereo cable, the data is sent directly to the Square app for processing.

Through a combination of proprietary knowledge and cutting edge tools and technology sets, Razorpoint helps security-minded organizations repel potentially lethal cyber threats that often elude mainstream network security providers. Contact us today to learn more about our security services.