Author: Admin

  Point-to-Point Encryption (P2PE) technology makes data unreadable so it has no value to criminals even if stolen in a breach. Merchants can take advantage of this technology with a P2PE solution, a combination of secure devices, applications, and processes that encrypt payment card data from the point it is used at a payment terminal until it reaches a secure point of decryption. PCI P2PE Solutions are those that have been validated as meeting the…

A misconfiguration error has exposed personal data belonging to customers of New England’s largest energy provider. On March 16, Eversource discovered that one of its cloud data storage folders had erroneously been set to open access rather than to restricted access.  The company serves more than 3.6 million electric and natural gas customers in Connecticut, Massachusetts, and New Hampshire. An investigation into the data breach launched by Eversource’s security team found that the unsecured folder…

Video-sharing social networking service TikTok is being sued for billions of dollars over its alleged mishandling of children’s data.  TikTok, which is owned by Chinese company ByteDance, has more than 800 million users worldwide. Internal company data from July 2020 reported by the New York Times showed 18 million TikTok users were aged 14 years or younger. The claim against the company has been filed by Anne Longfield, children’s commissioner for England, on behalf of the millions of minors in…

In the working world, there’s a chance you’ve come across your fair share of team-building exercises and workshops. There’s one exercise that comes to mind that often results in worried, and uneasy faces during these seminars: The Trust Fall. This is where you fall backward with the expectation that your colleague will catch you before you hit the ground.    Whether you have been with an organization for many years or just started, the same “pit in stomach” feeling reverberates across bellies as…

Most of us don’t have responsibility for airports, but thinking about airport security can teach us lessons about how we consider, design and execute IT security in our enterprise. Airports have to be constantly vigilant from a multitude of threats; terrorists, criminals, rogue employees and their security defenses need to combat major attacks, individual threats, stowaways, smuggling as well as considering the safety of passengers and none of this can stop the smooth flow of…

Rapid7 has announced the acquisition of open source software technology and community Velociraptor. The move will enable Rapid7 to enhance its incident response capabilities by leveraging Velociraptor’s open source platform, which is used for endpoint monitoring, digital forensics and incident response. Velociraptor was developed to help digital forensics and incident response (DFIR) professionals to discover and monitor malicious activities. The platform’s community style also allows DFIR pros to share their insights with one another. It’s…

Cybercriminals go to great lengths to hack personal devices to gather sensitive information about online users. To be more effective, they make significant investments in their technology. Also, cybercriminals are relying on a tactic called social engineering, where they capitalize upon fear and urgency to manipulate unsuspecting device users to hand over their passwords, banking information, or other critical credentials.  One evolving mobile device threat that combines malware and social engineering tactics is called BRATA. BRATA has been recently upgraded by its malicious creators and several strains have already been downloaded thousands of times, according to a McAfee Mobile Research Team report.  …