How Do Business Continuity & Disaster Recovery Plans Work?

“Institute Business Continuity / Disaster Recovery” is an excerpt from Introduction to Information Security LiveLessons (Video Training).

Introduction to Information Security LiveLessons provides technical professionals with a relatively brief, high-level overview of information security concepts, including the fundamental steps needed to secure a system, the types of threats and vulnerabilities they may encounter, and what steps can and should be taken to mitigate those threats and vulnerabilities.

Description

Information security directly impacts virtually every type of business. While related issues appear in the media more and more, it’s typically in a fragmented fashion that really doesn’t help give the people tasked with protecting organizational data and other assets a “big picture” view of what the real threats and vulnerabilities are, or what steps should be taken to mitigate them. In this video training, Scott offers a relatively brief, coherent high-level overview of the various types of threats and what steps can and should be taken in response.
Read more ›

Tagged with: , , , , , , , , , , , , , ,
Posted in Network Security

Phone Spoofing – Yes, It Can Happen to You

A screenshot of an early spoofing app (they've gotten better)

A screenshot of an early spoofing app (they’ve gotten better)

By Scott Aurnou

Not so long ago, a senior executive at Insurance Thought Leadership received a phone call on his smartphone in which the caller said that they were calling him back. He politely let the caller know that he hadn’t called them and then came another… and another. Each one said that they had received a call from his mobile number and that the caller hadn’t left them a message. All told he received about a call a day for about a week. Naturally, he called his mobile provider to find out what was going on. They said it sounded like phone spoofing

How It Works

Spoofing is effectively falsifying a piece of identifying information, like a bogus return email address. “Phone spoofing” relates to the number that shows up on caller ID. It’s used to trick people into picking up calls they otherwise wouldn’t (and get around the National Do Not Call Registry). For a shady caller from outside the area – and often the country – a local number is less likely to raise suspicion.
Read more ›

Tagged with: , , , , , , , , , ,
Posted in Fraud & Scams, Smartphones & Tablets

What is Trojan Horse Malware?


Computer Security Tip of the Week

Scott Aurnou – A Trojan horse (or Trojan, for short) is the security world’s version of a wolf in sheep’s clothing. Learn more about them – and what you can do to protect yourself – here.

Helpful websites referenced in this video include:
Secunia
FileHippo
AppFresh for Mac

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.

Tagged with: , , , , , , ,
Posted in Fraud & Scams, Laptops & Desktops, Network Security, Security Tip of the Week

What Happens to Stolen Credit Card Data?

Credit Cards - 1By Scott Aurnou

Reports of high profile data breaches have been hard to miss over the past year. Most recently, it was a breach involving 56 million customers’ personal and credit card information at Home Depot over a five-month period.

This is just the latest volley in a wave of sophisticated high profile electronic thefts including Target, Neiman Marcus, Michaels, P.F. Chang’s and Supervalu. Much like the other attacks, the suspected culprit in the Home Depot data breach is a type of malware called a RAM scraper that effectively steals card data while it’s briefly unencrypted at the point of sale (POS) in order to authorize a given transaction. Reports of this type of attack have become increasingly common in the months since the Target breach.

Whether it’s a RAM scraper or an “older” threat like a physical skimmer placed directly on a POS machine used to swipe a credit or debit card, phishing attack or simply storing customers’ card information insecurely, the result is the same: credit card data for millions of people winds up in the hands of criminals eager to sell it for profit. How does that process unfold? And how can you – or people you know – get sucked into it?

The Basic Process: The journey from initial credit card data theft to fraudulent use of that data to steal goods from other retailers involves multiple layers of transactions. The actual thief taking the card numbers from the victim business’ POS or database doesn’t use it him or herself.
Read more ›

Tagged with: , , , , , , , , ,
Posted in Fraud & Scams, Privacy Issues

Are You Giving Away Your Location When You Post Photos Online?


Computer Security Tip of the Week

Scott Aurnou – Many modern cameras and smartphones include location data when taking photos and, when those photos are then uploaded to the Net, that information goes with it. This can include personal photos, shots of your kids, etc. What steps can you take to control (or eliminate) that location data?

Websites referenced in this video include:
Ver EXIF

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.

Tagged with: , , , , , , , , , , , ,
Posted in Fraud & Scams, Privacy Issues, Security Tip of the Week, Smartphones & Tablets
Twitter: saurnou
TheSecurityAdvocate Youtube Channel
Subscribe for updates to TheSecurityAdvocate
Name
Email Address*