John Black

When you’re on a tight budget for cybersecurity, it can seem almost impossible to secure every part of your businesses’ network without going over budget with the latest technologies in place. You may not be able to solve all your security needs immediately with a small budget, but the important thing is that you are working towards your security goals and taking steps to move the needle forward. Start with examining your current security landscape. This is always a critical first step for any company with or without budget restrictions. Find out where the holes are, what needs work, what’s being protected and what isn’t. Once you do that, you’ll understand where your infrastructure stands, which you can then factor in regulatory requirements that might apply to your organization and the data that you are securing. Unfortunately, you won’t be able to fix everything right away. Determine what actions are …

An iOS feature called iTunes Wi-Fi sync, which allows a user to manage their iOS device without physically connecting it to their computer, could be exploited by attackers to gain lasting control over the device and extract sensitive information from it. The vulnerability was discovered by Symantec researchers, disclosed to Apple and now to the RSA Conference 2018 attendees and the wider public. Apple has implemented a mechanism that should prevent easy exploitation of the feature, but the researchers say that it doesn’t address the “Trustjacking” problem in an holistic manner. When users connect their iOS device to a computer or, for example, a free charger at an airport, they are asked whether they will trust the computer (meaning, that its settings and data will be accessible from it when connected). Most users believe that they have to trust the computer to get their device charged and believe the trust/access works only …

Social Engineering is the art of manipulating, influencing, or deceiving you in order to gain control over your computer system. The hacker might use the phone, email, snail mail or direct contact to gain illegal access. Phishing, spear phishing, and CEO Fraud are all examples. Top 10 Techniques Used By Social Engineers Understanding the different attack vectors for this type of crime is key when it comes to prevention. This is how the bad guys do it:  Pretexting An invented scenario is used to engage a potential victim to try and increase the chance that the victim will bite. It’s a false motive usually involving some real knowledge of the victim (e.g. date of birth, Social Security number, etc.) in an attempt to get even more information.  Diversion Theft A ‘con’ exercised by professional thieves, usually targeted at a transport or courier company. The objective is to trick the company into making the …

Smart cities, and the components which comprise them, will save us all time – and a new study puts the total at 125 hours per citizen per year. The study, put together by Intel alongside Juniper Research, found that 125 hours, or 15 working days, will be claimed in four buckets. Mobility, such as smart traffic systems, smart parking, and ‘open data platforms’ – so users can pick the least congested bus and train services – will account for 60 hours. Greater public safety – predicting crime spots through machine learning – will account for 35, while healthcare comprises nine and productivity – digital services simplifying administrative processes – will account for 21. What could inhabitants of smart cities do with all that free time, the report asks? They could take a long holiday, get active, or spend it with family and friends. What’s more, wounds will heal quicker – …

Even when hotels have strong security policies and procedures in place, they are still vulnerable to cyber attacks, break-ins, theft, fraud, and other crimes. That’s why it’s vital to take precautionary measures and continually evaluate security programs. “Having robust security in place means a better, safer, guest experience,” says Chad Callaghan, principal of Premises Liability Experts and AH&LA security consultant. “When department managers and other employees think more about safety and security, you can prevent a lot of theft and minimize dangers.” Inadequate security has repercussions beyond guests losing belongings to theft. Hotels can be held liable for the criminal acts of third parties. Civil litigation against property owners and managers has become commonplace ever since Garzilli v. Howard Johnson. And hotels are still targets of lawsuits because of theft and injury. Before becoming AH&LA’s security consultant, Callaghan spent 35 years with Marriott International. As the vice president of global …

Co-management is the deep integration between ConfigMgr and Intune that enables you to easily begin begin moving traditional, domain-joined and ConfigMgr-managed solutions to a deployment of Azure Active Directory and Intune with #Just4Clicks.  An organization can move any workload, at any speed, at any time – based entirely on that organization’s unique needs. Here are a few of the features I’m talking about that you instantly have once you turn on Co-Management: Compliance policies and Conditional Access.  This is a BIG one (I’m sure you’ve heard about it) and it’s available for use right now.Conditional access enables you to ensure any device requesting access to corporate data is compliant with your policies and can therefore be trusted in your network. Intune is the only EMM solution that can set the conditional access policies for Office 365 across Windows, iOS, Android, and Mac. A wide variety of real-time actions, like remote factory reset or wipe for a …