Cyber Security Chicago Blog

 
 

Malware is dominating the sandbox

Thursday May 24 2018

At parks and playgrounds, a sandbox is a relatively safe place to play. Little children who tend to fall will softly land on a cushiony pile of sand. The enclosed space also gives them room to experiment with how sand tools, toys, and their own hands and feet interact with the sand environment. A different kind of sandbox offers the same safe experimental environment in the IT world.

Read more



Why Facebook’s data controversy could happen to your company

Thursday May 24 2018

Facebook recently has been at the center of a media controversy as allegations have surfaced that Cambridge Analytica inappropriately obtained data from around 50 million Facebook users, used this data to influence the 2016 presidential election, and failed to delete the data upon Facebook’s request.

Read more



DevSecOps and Formal Security Programs: Friends or Foes?

Thursday October 05 2017

DevOps is supposed to be fast and efficient. Formal security programs, such as those based ISO 27001, are not typically thought of in those terms. So how can these two work together? Let’s look at the goals of each of these, and how DevSecOps can be achieved.

Read more



Equifax mega-breach: Don't be the next victim

Thursday September 14 2017

Last week, credit report giant Equifax revealed that 143 million customers may have had their data compromised in one of the largest breaches ever reported in the US.
 
Malicious cyber-criminals hacked into the system through a web application vulnerabilityproviding identity thieves with everything they need such as social security numbers, birth dates and addresses.

Read more



Ondrej Vlcek, CTO and General Manager, Consumer - Comments on Equifax Hack

Friday September 08 2017

“It is still not clear what kind of vulnerability was taken advantage of in the Equifax breach, however it is likely it was a leak through a web application flaw. It is unacceptable that credit bureaus which hold so much personal information which they then sell, can allow such a breach to happen and practice poor security hygiene.  We speculate that the attackers used a SQL injection to gain access. 

Read more



HUNT: Securing the Commercial Sector Since 2013 - Hear from root9B at Cyber Security Chicago

Wednesday August 30 2017

The current approach of cybersecurity is not working. This has been made abundantly clear by the media reports of a multitude of recent events and breaches (and other incidents not publicly reported). The damage caused by these events has affected every business sector: energy, retail, manufacturing, finance, medical, insurance, private and public.

Read more



Top