security

Home/Tag: security

The BEC – Not Your Grandfather’s Phishing Scheme

The BEC - Not Your Grandfather’s Phishing Scheme The FBI has reported cyber criminals are using new tactics to steal millions from US companies. The schemes target companies that do business overseas, and use wire transfer of funds on a regular basis. The schemes is called a Business Email Compromise. As the name implies legitimate business emails are compromised through social engineering or direct cyber attack. This information is then used to make fraudulent wire transfers to banks, usually in [...]

2017-06-22T20:19:37-04:00By |Tags: , , , , , |

Who Can See Your Texts?

With the encryption used on the iPhone in the recent San Bernardino attack (see this CNN article for background information), many are asking how safe their text messages and personal info are on their mobile devices. Most individuals have wondered at one point, "Where do my text messages go?" and "How long are they archived?" To start, there are two types of text messaging transmissions: Through traditional SMS systems, where messages are transmitted to cell towers before reaching their destination; Or through [...]

Layer 8 Security Presents at Rittenhouse Ventures’ Technology Leaders Forum

PRESS RELEASE Contact: Kat Jimenez, Sales and Marketing Assistant  kat.jimenez@layer8cybersecurity.com February 9, 2016 - The Navy Yard, Pennsylvania - Layer 8 Security presented at the inaugural Technology Leaders Forum hosted by Rittenhouse Ventures at their headquarters in Philadelphia. Chief Technology Officers and senior leaders within the Rittenhouse Ventures portfolio of companies attended the event to discuss the challenges and opportunities relating to technology. Following the theme of the forum, Layer 8 Security spoke about Data Security and covered the following [...]

China Is Cutting the Legs Out from Under American Businesses (but please don’t stop them?)

Businesses and their executives everywhere should be aware of this story run by 60 Minutes on Jan 17, and the blog Jeff Lipson wrote about here. The fact that China is stealing U.S. companies’ intellectual property is not news. The fact that President Obama worked with the Western District of Pennsylvania to indict five Chinese officers of theft of intellectual property is not news. So, what is the real news bite here? Some companies and Americans want to fight back and stop [...]

Protecting Philadelphia Companies from Chinese Hacking – Part 1

Last night, 60 Minutes ran a segment on China’s massive theft of intellectual property from US businesses.  http://www.cbsnews.com/news/60-minutes-great-brain-robbery-china-cyber-espionage/ The episode highlighted that the Chinese government is using its military and intelligence services to give its companies an edge over US business, by stealing our trade secrets.   My Team and I spent a number of years working at US Cyber Command and the National Security Agency. We saw first hand just how prolific this theft was.  I’ve spoken numerous times [...]

Today’s SDLC and Cybersecurity – Coding, SMEs, and Spaghetti

One of our friends in the insurance world sent us an email with an interesting article about the nature of "secure programming" (see here for the article) and how it has influenced some of the information security challenges the market is facing. I initially shared my insights (below) to the email, but I figured it was worth posting. Enjoy! -- -- Over 30 years ago, one of my personal heroes (Ken Thompson, coder-extraordinaire and inventor of the B and Go programming languages) said something [...]

What’s the deal with LifeLock?

I often get questions from friends and family about LifeLock, an identity theft protection service - what it's all about, whether I use it (I don't), how effective the LifeLock services are, etc. Ironically, about a week and a half ago, LifeLock agreed to pay $100 million (see here) for allegedly breaching a FTC order by: "Failing to establish and maintain a comprehensive security program to protect its customers' sensitive personal information, including Credit Card, Social Security, and bank account [...]

You Are Only As Secure As Your Weakest Link

And, would you care to guess who your weakest link is, in terms of maintaining good security? According to a recent study, those folks most often tasked with keeping things secure for the enterprise, are also actually the ones most likely to cut corners themselves. When I saw that, I initially wanted to be stubborn and deny it was possible. But after a quick thought, I realized it was more than likely spot on. Think about it. When the company [...]

2015-12-23T17:31:42-05:00By |Tags: , , , , , , , , , |

Networking Reception at The Union League of Philadelphia – October 21, 2015

Layer 8 Security and managed security provider, eSentire, are hosting a networking reception at The Union League of Philadelphia. To register for the event, visit www2.esentire.com/UnionLeageOct21. See below for details!

Supply Chain Management is Not Secure By Any Standard…but there’s hope!

I’ll give you a taste of the NIST Cybersecurity Framework Audit. This is question 4 of 99 asked in the CSF Audit: “ID.BE-4: Dependencies and critical functions for delivery of critical services are established” – In other words, what services do you need to operate your business, and oh by the way, which businesses out there rely on you to conduct their own business? So the third-party vendor vulnerability has become HUGE. This is the reason almost half of our [...]