Are honeypots illegal?

December 17, 2014
In computer terminology, a honeypot is a computer system set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of IT systems. Generally, a honeypot appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.

Backoff Has Been Upgraded Harder to Detect

November 07, 2014
So when you are a hacker and you write the most successful financial transaction hacking software in history, what do you do next? Well, if you are the makers of Backoff, you upgrade it.

IT Community Shaken By Shellshock Vulnerabilities

October 29, 2014
In the wake of Heartbleed, comes a new form of exposure that could potentially do much more damage than any other vulnerability of its kind. It is known as Shellshock. Shellshock affects Linux and UNIX implementations that use the BASHcommand interpreter.

Top 5 Linux log file groups in/var/log

October 29, 2014
If you manage any Linux machines, it is essential that you know where the log files are located, and what is contained in them. From a security perspective, here are 5 groups of files which are essential. Many other files are generated and will be important for system administration and troubleshooting.

PCI 3.0 – A Wake Up Call for SAQ C Merchants

September 29, 2014
Most merchants who have been validating their PCI compliance for a few years now probably know which SAQ type applies to them. In PCI 2.0, it has been fairly simple. And now we are facing PCI 3.0.

Backoff Is the New Standard by Which Other Malware Will Be Judged

August 25, 2014
Every now and then hackers develop a piece of malware that is so insidious that it changes the landscape of computer security and acceptable practices. While there are many contenders for this dubious list, CodeRed, Zeus, and now Backoff are certainly worthy of inclusion.

Case of the Disappearing Objects: How to Audit Who Deleted What in Active Directory

August 22, 2014
I often get asked how to audit the deletion of objects in Active Directory. It’s pretty easy to do this with the Windows Security Log – especially for tracking deletion of users and groups which I’ll show you first. All you have to do is enable “Audit user accounts” and “Audit security group management” in the Default Domain Controllers Policy GPO.

SIEM and Return on Investment: Four Pillars for Success

July 24, 2014
Return on investment (ROI) - it is the Achilles heel of IT management. Nobody minds spending money to avoid costs, prevent disasters, and ultimately yield more than the initial investment outlay. But is the investment justified?

Top 6 uses for SIEM

April 28, 2014

Security Information and Event Management (SIEM) is a term coined by Gartner in 2005 to describe technology used to monitor and help manage user and service privileges, directory services and other system configuration changes; as well as providing log auditing and review and incident response

How to analyze login and pre-authentication failures for Windows Server 2003 R2 and below

April 16, 2014
Analyzing all the login and pre-authentication failures within your organization can be tedious. There are thousands of login failures generated for several reasons. Here we will discuss the different event IDs and error codes and how you can simplify the login failure review process.

Netsurion services and OpenSSL the Heartbleed issue

April 11, 2014
Many of our customers and resellers have asked how Heartbleed affected Netsurion services. In a nutshell, the managed services that make up our product offerings were not directly affected by Heartbleed.

Will CIO’s Be the Final Victim After a Breach

March 12, 2014
In the wake of their breach, Target announced on March 5, 2014 that their CIO, Beth Jacob was announcing her resignation. This begs the question, Will CIO's be the final victim after a breach?

Monitoring File Permission Changes with the Windows Security Log

February 19, 2014
Unstructured data access governance is a big compliance concern.  Unstructured data is difficult to secure because there’s so much of it, it’s growing so fast and it is user created so it doesn’t automatically get categorized and controlled like structured data in databases.

There Is No Honor Among Thieves – Target Could Take Advantage of This

February 17, 2014
For the past several months, there have been numerous stories about major retailers that have been breached by hackers. The result is that millions of credit cards have been stolen. In the case of Target, so far it is reported that 40 Million customer credit cards have been exposed, and 70 Million total records with personal information have been stolen.

About the PCI Security Standards Council

January 20, 2014
The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management, education, and awareness of the PCI Security Standards, including the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.

Looking back: Operation Buckshot Yankee & agent.btz

January 16, 2014
It was the fall of 2008. A variant of a three year old relatively benign worm began infecting U.S. military networks via thumb drives.

Target Has A Bullseye On Its Chest

January 13, 2014
When Target announced that it had suffered a major breach of approximately 40 million credit cards and 70 million customer records, the nation as a whole took a collective gasp in shock. In the aftermath of the initial disclosure, the public then heard from Neiman Marcus that it too had suffered an electronic breach of data that may include credit cards.

Why Comply with PCI Security Standards

January 01, 2014
Why should you, as a merchant, comply with the PCI Security Standards? At first glance, especially if you are a smaller organization, it may seem like a lot of effort, and confusing to boot. But not only is compliance becoming increasingly important, it may not be the headache you expected.