Monthly Archives: August 2015

Home/2015/August

Why Companies Respond Slowly To Breaches

You'd think it would be a long, drawn out reason, with lots of calculations and pretty charts. It's not. Per a recent piece in CSO, firms respond slowly to most of these breaches because, in spite of what you might have thought, the costs are relatively low. For an example, the article cited the recent Home Depot credit card debacle. The net cost wound up being around $28 million dollars-which doesn't seem too small to most of us. Take out [...]

A Reminder On The Danger Of An Inside Job

If you haven't heard this before, then get ready to hear it a lot more now. While outsider threats can be and are a big deal, and obviously a major concern, one of the biggest areas of risk for ANY company is and will be it's internal resources. Put another way, you have to be as careful about those who you give access to, as you are with those who don't have access to your network and corporate resources. Just [...]

Why Ashley Madison Matters…To Everyone

Yes, there are no doubt some 36 million individuals who may be a bit uncomfortable currently, but the massive Ashley Madison hack ought to have a lot more people paying attention, for several reasons. For one thing, I've read the comments online, and so many people feel that this is justified, that neither Ashley Madison nor its customers deserve sympathy or leniency. Perhaps from a moral perspective that is true, but I am not the moral police and I won't [...]

Phishing Alert: Ashley Madison Scams Quickly Spreading

This week 36 million names, addresses, and phone numbers of registered users of the Ashley Madison website (which makes it easy to cheat on your spouse) were posted on the Internet.  All these records are now out in the open, exposing highly sensitive and personal information. Internet criminals are wasting no time exploiting this in many ways, sending spam, phishing and possibly blackmail messages. There have already been reports of social engineering tactics which try to convince people to click on links [...]

Latest Android Exploit Is A Doozy

Imagine if I told you that a full 95% of a particular system or device would be exploitable in the most amazingly simplistic method possible. Crazy, right? Sadly, not so crazy. Very real, in fact. In news that has broken ahead of the Black Hat Conference, as many as 95 Percent of the Androids in use today find themselves vulnerable to an exploit which apparently only requires the bad actor to send you an embedded video file via SMS. Android [...]

2017-06-22T20:19:41-04:00By |

Layer 8 Security and Expert Technology Associates – A New Partnership

Layer 8 Security is pleased to announce its newly established partnership with Expert Technology Associates (ETA). ETA is an award winning provider of Business Communications, Cloud, and Connectivity Solutions. Layer 8 Security partnered with ETA to further enhance its expertise in providing in-depth information security analysis and consulting to clients around the country. While people are the first line of defense against information security attacks, the technology businesses rely on to operate must be configured and protected to best meet their strategic [...]

IT and Security: One Team or Two?

Stop me if you've heard this request before..."we need project X delivered, as soon as possible."  To the requester, there is no corner not worth cutting. Whether they know it or not, they have a disregard for the processes that are usually in place to make sure things are done by the book. Put plainly, in an IT department, speed has a troubling tendency to trump security or general processes, most especially when the security arm for your firm is [...]

New E-mail Extortion Campaigns Threatening DDoS Attacks

A warning to our clients and those concerned with the latest cybersecurity threats.  The FBI has issued an Extortion email PSA stating that there has been an exponential jump in the number of extortion threats sent via email to businesses of all sizes.  The threat involves the launching of DDoS attacks against a victim’s website unless or until a ransom is paid. This type of attack has been around for years, however they have recently grown in size, impact, and duration.  DDoS (Distributed [...]