Blog

World at Risk From WannaCry Ransomeware Attack

Less than two weeks after the “Google Docs” ransomware attack infected more than 1 million people, another attack has been wreaking havoc across the world. The Wcry ransomware has attacked hospitals, government organizations, and businesses by exploiting a Windows vulnerability dubbed “Eternal Blue”. While Microsoft released a patch for this vulnerability in March, many organizations […]

Too Small to Fail?

I saw some statistics the other day about small business cybercrime and they were quite illuminating.   According to a Ponemon Institute research project, each compromised customer account costs $217.00 in damage. According to a recent NuSecure Labs report, data port scanning for potential targets by hackers is up 38% at auto dealerships over 2015. […]

Continuous Improvement for Optimal Prevention

The classic insurance salesman pitch is that “Nothing in life is guaranteed but if somehting goes wrong, you’ll be glad that you have it.” I was reading an article the other day (link at the bottom) that makes some relatively modest assumptions. It estimates that a successful phishing attack could cost upwards of $7m based […]

Fraud Activity on the Rise…Again

I was drawn to an article recently. Two large fraud and payment industry organizations are reporting substantial spikes in fraud since 10/2015. Forter ( a fraud prevention firm) and PYMNTS (a media company focused on the payment industry) reported an 11% rise in fraud related crime from Q3 2015 to Q4 2015. In a year […]

Creating a Culture of Compliance

After reading through a lot of recent articles around occupational fraud, I started to think back to something I had heard in a class regarding the role of culture in fraud prevention. The more you think about it, it becomes clear that a culture of compliance, as it’s called, is probably one most effective controls […]

Lesser Known Attack Vector

As technology advances, so do the loopholes! I received a google alert the other day about new uses for QR codes, uses being developed by social engineers. The topic piqued my curiosity and I found this great article on tripwire:   http://www.tripwire.com/state-of-security/security-data-protection/malicious-qr-codes/   The article points this out but think about how often you use […]

Another Reason to Look Forward to Tax Season

As if you needed another reason to look forward to tax season! The Irs released a warning earlier this month that they have seen a roughly 400% surge in phishing attempts, particularly spoofing attempts, as a means to obtain PII through tax related scams. In particular the IRS has seen attempts such as C-Suite emails […]

Don’t FREAK Out!

You may have read the news this week about the NSA website getting hacked. Well, it is a new RSA exploit that the NSA actually helped to develop! Also, just to be clear, the “hack” isn’t really a hack it is just some man in the middle software that intercepts user information when they try […]

Gone Phishin’

Here we go again, yet another instance where a company fell victim to a phishing attack resulting in the compromise of the personal information of their employees.  This time, it was actually several companies including Snapchat and Seagate. Head in the Sand It’s somewhat funny to me at this point.  The more I talk to […]

Internet-of-things-security-privacy-liability-and-ethics

Internet of Things (IoT) Security, Privacy, Liability, and Ethics

Picture this.  You are on your way home after a long day at work.  When you’re about 20 minutes from your home, your thermostat picks up your GPS signal in your car and turns the heat on to bring temperature in your home up to 69 degrees by the time you arrive.  When you left […]