Monthly Archives: August 2012

Obama and Romney election apps suck up personal data, research finds

Millions of US voters could be downloading smartphone apps created to promote the campaigns of President Obama and his Republican   election rival Mitt Romney without noticing the intrusive permissions demanded by the software, GFI Software has reported. Looking at the … Continue reading

Posted in News, Security Awareness | Leave a comment

Microsoft warns of ‘man-in-the-middle’ VPN password hack

Microsoft yesterday warned Windows users of possible “man-in-the-middle” attacks able to steal passwords for some wireless   networks and VPNs, or virtual private networks. It won’t issue a security update for the problem, however. The security advisory was Microsoft’s reaction to … Continue reading

Posted in IT Compliance, News, Security Awareness | Leave a comment

‘Crisis’ malware targets VMware virtual machines

Security researchers have discovered a single piece of malware that is capable of spreading to four different platform environments, including Windows,MacOSX, VMware virtual machines, and Windows Mobile devices. First uncovered last month by security company Integro, Crisis was originally described … Continue reading

Posted in IT Compliance, News, Security Awareness | Leave a comment

Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information

Several vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user’s system. A remote user can obtain potentially sensitive information. A remote user can create specially crafted content that, … Continue reading

Posted in News, Security Awareness | Leave a comment

Apple iOS SMS Issue Enables Sender Identity Spoofing

The ability to spoof the reply-to information on Apple iOS SMS messages is a reminder that such messages should not be considered any more secure than email when it comes to authenticating senders, experts say. A scheme for spoofing the … Continue reading

Posted in News, Security Awareness | Leave a comment

Network Exposure and Healthcare Privacy Breaches

435 PHI breaches documented by HHS impacted 20,066,249 individual records. Under Federal law requiring disclosure, the HHS reports on data breaches of over 500 records (these are the ones they know about, not the incidents never detected at healthcare provider … Continue reading

Posted in IT Compliance, News | Leave a comment

Protect yourself from smishing

We’ve all heard about phishing attacks — those spammy e-mails you get in your in-box imploring you to divulge your personal information. Now those annoying scams are coming to a cell phone near you — it’s called smishing, or phishing … Continue reading

Posted in News, Security Awareness | Leave a comment

Internal Security Audits Play Critical Role in Preventing Breaches

A strong internal audit can be the difference between catching a security failure and spending weeks and months doing a forensic investigation of a breach. With this in mind, professional services firm PricewaterhouseCoopers (PwC) released a whitepaper outlining how internal … Continue reading

Posted in IT Compliance, Sarbox Services | Leave a comment

Microsoft Patches Critical MS12-060 Office Flaw Being Used in Targeted Attacks

Microsoft on Tuesday fixed a critical vulnerability in a component of Office, SQL Server and other widely deployed applications that attackers already are using in targeted attacks. The flaw in the Microsoft Common Controls component, which was one of the … Continue reading

Posted in News, Security Awareness | Leave a comment

When a few hundred Dropbox users began receiving spam emails about online casinos and gambling sites two weeks ago, it seemed like something was up. And indeed there was. The online file storage service confirmed today that hackers accessed usernames … Continue reading

Posted in News, Security Awareness | Leave a comment