Tuesday, October 7, 2014

FBI: "THERE ARE 2 KINDS OF COMPANIES"

FBI Director, James Comey, said on this week's 60 minutes, "There are two kinds of [companies]: There are those who've been hacked ... and those who don't know they've been hacked..."

Get it?  Cybercrime is getting worse!

The majority of companies still approach cybersecurity incorrectly.  Buzzwords like firewall, and VPN, and encryption, and compliance provide only a false sense of security.  Corporate networks are still weak and vulnerable.

Cybercrime rises each year because companies continue to fumble with the wrong cybersecurity solutions.   
Or worse, companies convince  
themselves 
 
that waiting (and doing nothing) on cybersecurity until "next month" or "next year" is the correct approach.  Ridiculous.

Over the past 14 years, Razorpoint's real-world security expertise in cybercrime and corporate espionage have broken from the mainstream network security providers.  Razorpoint offers the necessary real-world security expertise that help identify and prevent malicious cyber attacks.

Razorpoint regularly demonstrates the realities of cybersecurity to its global client base.  Stop wasting time and money on security buzzwords that keep your business weak and vulnerable.

Monday, April 28, 2014

A New Zero-Day Exploit Attacks Internet Explorer Versions 9 through 11

Online spies are using a previously unknown flaw in Microsoft's Internet Explorer browser for targeted attacks. A patch to fix this flaw is not yet available.
http://bit.ly/1hKKeyh


Thursday, April 24, 2014

Fmr. CIA Director Michael Hayden Talks Realities of Cybersecurity

(Hint: Firewalls aren't adequate and cybersecurity is a MANAGEMENT issue and NOT an IT issue!)

Video Link: 

Friday, April 11, 2014

The Heartbleed vulnerability is real.

Yes, you must change ALL of your online passwords.  Now.  And, before you start whining, admit it, you don't even remember the last time you changed them, right?

For more information on the Heartbleed vulnerability see: this, this and this.

Monday, March 17, 2014

PCI Compliance Is -Still- NOT Security.

Target was certified as "PCI compliant" in September 2013.  In December 2013, they lost the credit card numbers and other personal information of more than 40 million of their customers to hackers.

PCI Compliance Is NOT Security!  Sorry for repeating ourselves.

Read more: Target's compliance certification and subsequent breach.

Tuesday, March 4, 2014

When Startups Forget To Lock Their Doors.

This is a HUGE target-rich environment for cybercriminals. Companies spend money building their products, their sites, and their customer bases. But, they completely forget (or perhaps remain willfully ignorant to) the need for effective cybersecurity.  Startups (and even more established companies) spend millions on development and marketing, but they host their sites on $59/month "cloud-based solutions."  It's absurd, and the criminals know (and love) it.

Source: NYTimes (http://nyti.ms/1mSWd5y)

Tuesday, February 18, 2014

Hackers Show They've Stolen 828GB of Data from The Las Vegas Sands

The hackers that breached and defaced the websites of several casinos owned by Las Vegas Sands Corp last week have published a video to demonstrate that they’ve stolen 828GB of files from the company’s systems.  The data apparently stolen by the hacktivists hasn’t been published online. They’ve only made the video to show that it’s stored on a local hard drive.

Read more...
(The Story: http://bit.ly/1fvKQaf)  (The Video: http://bit.ly/1kSatcS)

Friday, February 14, 2014

WSJ Report: Half of IT Execs Don’t Tell Boards Truth About Breaches  (It only gets worse.)

CIOs and chief information security officers often tell company executives that cybersecurity breaches are under control, even when they’re not sure that’s the case, according to a survey released Wednesday by IT research firm Ponemon Institute LLC. The survey of 1,083 IT and IT security workers conducted in January 2014 shows that when reporting on cyber attacks to their CEOs and boards of directors, 19% say their CISOs “make a best guess based on initial information,” and 36% say they “take action on what is known and tell the CEO it’s been taken care of.” Overall, 55% make assertions that they can’t actually support. Only 39% tell their CEOs and boards, “it’s too early [to know] and more time is needed to investigate.”

Read the entire WSJ story.