Lessons learned from the Equifax Breach – Part 2

Posted by:

Here is Part 2 of Lessons learned from the Equifax Breach. See Part 1.

Own up, make changes and say sorry:

According to Whois, Equifax registered their Equifax Security 2017 site (would Equifax insecurity have been a better name I wonder?) in late August. Incidentally, this is a month *after* they claim to have witnessed suspicious network traffic associated with their US online dispute portal.  

Yet they only informed the world via ...

Read More →
1

Lessons learned from the Equifax Breach – Part 1

Posted by:

First, Props to @briankrebs for the evil Equifax logo. 

While those unaffected by the Equifax breach have been stuffing their faces with proverbial popcorn as they watch the latest unveilings and press announcements, those worried that their most sensitive and identifying details have been leaked simply look on in horror, unknowing how to proceed.

The exact details of how the hackers made off with so much data remain fairly obscure. Equifax has

Read More →
1

US border controls, electronic devices and privacy: what to think about

Posted by:

Since the new US president’s executive order, designed to improve screening and vetting procedures in the name of reducing illegal immigration and terrorist threats, privacy groups like the American Civil Liberties Union and Electronic Frontier Foundation (or the EFF) have voiced concerns about an increase in the number of invasive digital practices during border inspections.

In other words – privacy groups saying that more travellers are being asked to surrender their devices and passcodes are often.

The Privacy groups ...

Read More →
0

Want to be a cybersecurity hero this holiday? Here’s how.

Posted by:

Ahhh December 2016. It is that time of year again. Christmas and other holiday celebrations are just days and weeks away.

However you celebrate, whether you are planning the festive feast, travelling to a far-flung location, or madly getting your gifts ready, you’re likely to be with others: your family, your pals, your in-laws, your friends or work associates.

So we have a proposal for all you IT security-savvy types out there…Join TBG Security’s

IT Security Holiday Lock Down

Here is our ...

Read More →
0

IoT and DDOS: security advice following the Marai botnet attack on Brian Krebs

Posted by:

A giant botnet made up of zombie internet-connected devices (or IoT devices) was used to strike a massive Distributed Denial-of-Service attack (DDoS) against Brian Krebs’ website, the site of a well-known cybersecurity blogger, last month.

Some have estimated the botnet’s size may have been a million strong.

Worse, as Krebs reported on the 1 Oct:

 “The source code that powers the “Internet of Things” (IoT) botnet responsible for launching ...

Read More →
0

OCIE’s Cybersecurity exams 2016: what you need to know now

Posted by:

SEC Cybersecurity ExamsWe are all aware that more high-profile cyber attacks are expected, so it is no surprise that the SEC’s Office of Compliance Inspections and Examinations (OCIE) have stated that cybersecurity will continue to be a priority for 2016.

In fact, The OCIE announced that the cybersecurity exams will include more in-depth assessments procedures and control implementations within organizations, but more ...

Read More →
0
})
SEC Cybersecurity Exams