Browsing Category: SMB Security

Categories: Compliance, SMB Security

By David Mortman

After a long 2.5 years Gene Kim, Kevin Behr, George Spafford, the authors of the awesome Visible Ops series, have just launched their latest book, The Phoenix Project.  I was fortunate enough to get to read some early drafts, so I am extra excited that it is finally shipping. When Gene first mentioned the book to me, I was rather surprised that it was a novel. I was a bit skeptical of the choice of genre but dove in anyway, and I am so glad I did.

Read more...

Categories: SMB Security

Working with forensics experts from the FBI, Ernst & Young’s Fraud Investigation and Dispute Services Practice developed a piece of linguistic, fraud-monitoring software that identified language commonly used among employees engaged in corporate malfeasance. The accounting giant plans to offer their newly developed fraud-detection capacity as a service to their clients.

Read more...

Categories: Compliance, Hacks, SMB Security

In an alert issued by the Office of the Comptroller of the Currency (OCC), Deputy Comptroller for Operational Risk Carolyn G. DuChene warned financial and other critical institutions about the wave of ongoing distributed denial of service (DDoS) attacks targeting their networks. DuChene is urging the banks in particular to share data about the attacks with one another and reiterated the OCC’s expectation that banks have risk management plans designed to mitigate such attacks in place ahead of time.

Read more...

Phishers are using a typosquatted domain name designed to mimic the URL of a popular e-commerce destination in order to lure their victims to a malicious Website that prompts its visitors to download a malicious add-on that will guide users to phishing sites, even when they type legitimate URLs into their browser’s address bar.

Read more...

UPDATE – America’s largest book retailer, Barnes & Noble, announced this morning it has detected evidence of tampering in 63 PIN-pad devices used in as many stores by criminals trying to steal payment card information. Barnes & Noble claims to have disconnected all the affected devices from service on Sept. 14. The retailer did not disclose how many customers may have been affected by the tampered devices.

Read more...

Criminal hackers launched an attack campaign earlier this week in which they sent a slew of emails purporting to come from the financial software developer Intuit. The emails contained links that led to sites hosting the Blackhole exploit kit in an apparent attempt to infect the machines of corporate users.

Read more...