720-891-1663

Third Party Risk Management in Light of Hezbollah and Twilio Attacks

I know I sound like a broken record, but as businesses start to improve their internal security, attackers focus on compromising businesses’ supply chains. In the case of the Hezbollah attack, the attackers must have, some how, known (a) that they were buying new walkie-talkies and pagers, (b) who they were buying them from, (c) […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Another Open Source Software Supply Chain Issue

Lets combine all the possible cyber risk concerns into one sentence. A bug in an open source library used by major IoT vendors is raising the spectre of software supply chain/vendor risk management issues for all developers. The vendor in question is Axis Communications.  Whether you know it or not, you have seen their security cameras across the country including […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Yet Another Outsourcer Hacked

Aptos, an outsource point of sale vendor for many businesses, announced that they were breached.  Sort of announced, but not really. The breach was active from February 2016 thru November 2016, but they didn’t notify their merchants until February of this year.  Now the vendors are slowly notifying their customers.  Potentially, customers are not going […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Partners and Too Much Data Equals Data Breach

The Australian Red Cross recently apologized for losing control of 1.74 gigabytes of donor data. Included in the breach are name, address, email, phone number, date of birth and other information from blood donors. The data, 1.3 million records stored in 647 database tables is all the information the Australian Red Cross had on donors […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Outsource Payroll Processer Sage Breached – Lessons to Learn

Sage Group, an international cloud based accounting,  payroll, HR and CRM services company acknowledged a breach this week.  The breach affects around 300 companies based in the U.K. but the value of the breach is not in who got breached, but rather the lessons to be learned from it. The company provides accounting and payroll […]

Continue reading → [DISPLAY_ACURAX_ICONS]

The Point of Sale (POS) Breaches Continue

So far this week (and it is only Monday), we have two POS breaches in the news. HEI Hotels and Resorts, which manages almost 60 hotels for Starwood, Hilton, Marriott and other chains announced that 20 of their locations, covering all of their brands, had suffered breaches. While they have not said how many cards […]

Continue reading → [DISPLAY_ACURAX_ICONS]