Cyber Access Control | MFA Enterprise Password Management | Access Smart

Archive for hacking threats

Are you an SEO Cyber Mule? I was.

Cyber MuleAn SEO Cyber Mule or SEO Hack is when unauthorized links are embedded into your website without your knowledge for the sole purpose of increasing Google rankings. For Google to increase a site rankings they look for the number of one-way backlinks. That’s why the hackers do it. In most cases these links are to pornographic movies, material and services that have nothing to do with your business. These links are positioned so they don’t actually appear on the webpage, but Google can still see them when they send in the spiders. So why is this problem?

Other than the obvious reason that someone has injected code into your site without your permission, the bigger issue is that if Google discovers these links and deems them inappropriate, your site will be blacklisted. Blacklisting is when Google and other search engines no longer index your site. When someone is searching using your keywords, your site will never come up.  Google often never informs web owners that they have been blacklisted, and the effort to get off the list can be very time consuming. Read More→

Employees Are Not Evil…

They Are Just Drawn That Way

PData security begins with network access authentication of employeesaraphrasing a line from Jessica Rabbit from the movie Roger Rabbit seems the appropriate comment from Geoffrey A. Fowler’s article “What’s a Company’s Biggest Security Risk? You.” Hence the headline: Employees Are Not Evil – They Are Just Drawn That Way. It is critical that employers be diligent in training their employees in online safety.

When your employees are online they are opening the door to danger. Be it opening phishing email attachments, writing passwords on sticky notes, plugging in USB drives found in the parking lot, using personal devices to access the company’s network, of hundreds of other social engineering attacks, data is the new currency of the internet age. And if it has value, there will always be someone wanting to steal it. Read More→

Company’s Identity Theft Worries Elevate to Cyber Crime

Cyber Crime Protection – Evaluate and Segment Data

Data SecurityIt only seemed like yesterday that when business owners were asked about network security their focus was on identity theft protection and/or compliance with the different state and federal privacy laws. Those concerns are now elevating to the more destructive and finacially devistating risks of cyber crimes. At the beginning of this year I wrote a blog about how I was advancing my security skills from identity theft protecter to cyber warrior. I even posted a chapter-by-chapter review of the book “Cyber Warfare”, by Jason Andress and Steve Winterfeld. It doesn’t mater what industry your in, the size of your company , or the complexity of your computer network because if you can be found on Google, Bing, Yahoo, LinkedIn, FaceBook, Twitter, etc.then your business is at risk. All you can do now is limit your exposure and midigate the damages.

Here is a recent article on how cyber crime is targeting companies.

A Risk-Based Approach to Combating Cyber Crime

—by Rich Baich, principal, and Peter Makohon, senior manager, Deloitte & Touche LLP and leaders of the Deloitte Center for Security & Privacy Solutions. Read More→

Google may be doing Harm

Google is gathering your personal and corporate data.

Cloud security Google Inc. (GOOG) motto is, “do no harm.” But who defines what is harmful? Employees recently testified to the U.S. Federal Communications Commission that they didn’t initially know that their mapping-service project software was gather personal data, even though an undisclosed engineer told a few fellow workers. The software would access payload data like e-mails, text messages, passwords, internet-usage, and other highly sensitive personal information. The FCC ended up not penalizing Google for data gathering, but assessed a $25,000 fine for not cooperating with the FCC during the initial inquiry. The fine would not even be considered a slap on the wrist. Read More→

Cyber Warfare: Chapter 5

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners by J. Andress and S. Winterfeld

Cyber warfare is real. That’s why each Friday I will post a review on this book: Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners, and today I am sharing what I am reading in…

Chapter 5: Logical Weapons.Cyber Warfare Techniques Tactics and Tools for Security Practitioners - Book review by Dovell Bonnett of Access Smart.com

This chapter is chocked full of valuable information. Instead of going through the details of all the tools discussed, I think that startling insight into the defense of these attack tools is more important. I do, however, strongly suggest your read this chapter to get a better perspective on the types and capabilities of the available logical access weapons.

The weapons or tools available to cyber warriors are vast and many are free and open sourced. The non-government and non-military attackers are using common or customized tools. At times the same tools used to investigate an attack are also the same tools used to attack. While many may believe that the government and military warriors have highly specialized tools, the authors suggest that they are using some of the same commercially available tools.

Read More→