COMTEC 2012 – Chris Mark Training on PCI & Payment Card Security July 6, 2012
Posted by Chris Mark in Industry News, Uncategorized.Tags: Chris Mark, COMTECH, mark consulting group, PCI, PCI DSS, security, TouchNet
add a comment
2012 is the year for COMTEC once again and the fine folks at TouchNet have invited me to conduct a training on Payment Card Security & PCI DSS at their October COMTEC event. COMTEC is a great event for TouchNet’s clients. The name comes from Commerce and Technology.. The session will be titled:
PCI Training: Full Cycle Compliance – Crisis – Recovery
“During this unique pre-conference workshop, you’ll investigate the full spectrum of PCI compliance and readiness. Attendees will better understand everything PCI, from the basics of PCI compliance to planning for the real-world impact of a breach and what to do in its aftermath.”
It is always positive to see that in 2012 there are still organizations that are taking a leadership role to educate their own customers on the importance of information security.
Oh My!! More than 6 Million LinkedIn Passwords Stolen! June 6, 2012
Posted by Chris Mark in cybersecurity, Data Breach, Industry News.Tags: Chris Mark, cybercrime, cybersecurity, InfoSec, LinkedIn, privacy, security, Stolen Passwords
add a comment
Change your LinkedIn password now! According to an article on CNN, over 6 million LinkedIn passwords were stolen by Russian hackers. LinkedIn also confirmed in their own blog post that some of the posted passwords did match LinkedIn accounts. According to the story: “The 6.5 million leaked passwords were posted Monday on a Russian online forum, camouflaged with a common cryptographic code called SHA-1 hash. It’s a format that’s considered weak if added precautions aren’t taken. Roughly half of the “hashed” passwords have already been decoded and posted online in human-readable text.” You can read more about how Hashes are cracked using Rainbow tables in the awesome post here.
Combining Blog Content (GlobalRiskInfo / DrHeatherMark) May 31, 2012
Posted by Chris Mark in News, Politics.Tags: Chris Mark, cybercrime, Dr. Heather Mark, InfoSec, InfoSec & Privacy, risk, risk management, security
add a comment
In the near term I will begin integrating blog content from Dr. Heather Mark’s privacy and payments blog. This will give new information and insight into privacy, regulatory, and information security issues. We will be combing both blogs into GlobalRiskInfo. Please stay tuned and, in the meantime,take a spin through Heather’ blog!
“Flame On!”- New CyberWeapon Discovered in Middle East May 28, 2012
Posted by Chris Mark in cyberespionage, cybersecurity, InfoSec & Privacy, News, terrorism.Tags: Chris Mark, cybercrime, cyberespionage, cybersecurity, data theft, Duqu, Flame, hack, InfoSec, Kapersky, security, Stuxnet
1 comment so far
Complementing the post CyberEspionage, researchers have discovered a new cyberweapon. First there was Stuxnet, then there was Duqu..now there is Flame. Called by a researcher: “…the most complex piece of malicious software discovered to date…” the recently discovered virus is designed to capture data but can also change computer setting and turn on integrated microphones to record what is being said in the room. Kapersky labs discovered the virus, dubbed “Flame”, which has been lurking undetected inside of thousands of computers in the Middle East for as long as 5 years. According to Kapersky, the countries with the most infections include Iran with the most infections followed by Israel/Palestine area, Syria, and Sudan. According to Kapersky senior researcher Roel Schouwenberg: “The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information”. (more…)
“Kiss My QR Code”; Symantec Releases 2011 Internet Security Threat Report May 20, 2012
Posted by Chris Mark in cybersecurity, Data Breach, InfoSec & Privacy.Tags: Chris Mark, cybercrime, cyberespionage, cybersecurity, Internet Threat Report, malware, Phishing, QR Code, Symantec
add a comment
This month Symantec released the results of their 2011 Internet Security Threat Report. It is a very compelling read and highlights just how difficult it is becoming to protect systems, and data. Some of the more interesting findings: 2011 saw variants of Malware increase from 283 million to 407 million (you read that correct…million). Additionally, data thieves have begun using QR codes to infect Android phones with malicious software. One out of every 299 emails is a phishing attempt. This is a document that I recommend you download and read.
Global Security, Privacy, & Risk Management 