Towerwall Information Security/Malware Alert Vol 13.67 – Notorious “Gameover” malware gets itself a kernel-mode rootkit…

By Michelle Drolet . 3 Mar 2014

Zeus, also known as Zbot, is a malware family that we have written about many times on Naked Security. We’ve covered it as plain old Zbot. We’ve covered the Citadel variant, which appeared when the original Zbot code was leaked online. We’ve even written about the time it pretended to be a Microsoft fix for CryptoLocker, a completely different … Continue reading Towerwall Information Security/Malware Alert Vol 13.67 – Notorious “Gameover” malware gets itself a kernel-mode rootkit…

Internet Explorer, .NET, IPv6 and Shockwave top the February 2014 Patch Tuesday list

By Michelle Drolet . 12 Feb 2014

For today’s Patch Tuesday, Microsoft released seven bulletins (a surprise after only announcing five last week) and Adobe released one. There are four critical advisories, to me the most important of which is MS14-010 affecting Internet Explorer versions 6 through 10. This patch fixes 24 vulnerabilities, one of which has been publicly disclosed. Considering that … Continue reading Internet Explorer, .NET, IPv6 and Shockwave top the February 2014 Patch Tuesday list

Why wasn’t healthcare.gov security properly tested?

By Michelle Drolet . 17 Jan 2014

When the healthcare.gov website was launched on Oct. 1 it didn’t take long for technical issues to hit the headlines. Americans trying to register for health care found the website unusable. There were glitches, extremely long loading times, and serious errors, but most worrying of all for anyone entrusting sensitive data to the system was the lack … Continue reading Why wasn’t healthcare.gov security properly tested?

Introducing our Quarterly Newsletter: the Data Security Review

By Michelle Drolet . 16 Jan 2014

I am excited to announce the launch of our quarterly newsletter, the Data Security Review. Each quarter I will be sharing with you what I am hearing from customers, colleagues and data security experts to keep you aware and protected. As we enter 2014, human risk is on everyone’s mind. Even with the most sophisticated … Continue reading Introducing our Quarterly Newsletter: the Data Security Review

Towerwall Security Patch Alert Vol 13.63

By Michelle Drolet . 15 Jan 2014

Patch Tuesday January 2014 – Microsoft, Adobe and Oracle by Chester Wisniewski As expected Microsoft delivered four patches on patch Tuesday covering Windows XP, 2003, 7, 2008 R2, Word and Dynamics. All four patches are rated important, the first time in memory that none of the fixes were critical. The Word fix applies to all … Continue reading Towerwall Security Patch Alert Vol 13.63

Towerwall Security/Vulnerability Alert Vol 13.62

By Michelle Drolet . 9 Jan 2014

Recent vulnerabilities for which exploits are available compiled by the Qualys Vulnerability Research Team. This is a list of recent vulnerabilities for which exploits are available. System administrators can use this list to help in prioritization of their remediation activities. The Qualys Vulnerability Research Team compiles this information based on various exploit frameworks, exploit databases, … Continue reading Towerwall Security/Vulnerability Alert Vol 13.62

Establishing Security Goals

By Michelle Drolet . 8 Jan 2014

Implementing security practices in your organization’s employees’ daily work habits, and ensuring the integrity and confidentiality of information security, the goals of the Security Awareness Program are: Put information security and its importance into the forefront of your staff’s minds. Spread information security policy and awareness throughout corporate ranks. Build security awareness into the technical … Continue reading Establishing Security Goals

10 Things I Know About … Passwords

By Michelle Drolet . 6 Jan 2014

10. Be clever Create passwords from easy-to-remember sentences, such as < Patriots Win the Super Bowl>, using the first letter of each word and adding numbers and special characters at the beginning or end. (e.g., <12=PwtSB!>) 9. Create a management system Consider creating one, very strong password and appending it with identifiers, such as <!Kr0y-W3n$TOM> … Continue reading 10 Things I Know About … Passwords

MetroWest Chamber of Commerce: 118th Annual Meeting

By Michelle Drolet . 18 Nov 2013

Well, it was certainly a night to remember and much to celebrate With over 325+ people coming to celebrate the 118th MetroWest Chamber of Commerce Annual Meeting! It was a great night with much money raised for United Way’s Feed a Family and our hero’s  – Military Veterans. Watch some of the fun we had:

Sophos expert talks about Cryptolocker and bitcoin ransom on CNBC (Video)

By Michelle Drolet . 13 Nov 2013

And it keeps getting worse… A widespread outbreak of a sneaky, file-encrypting piece of ransomware called Cryptolocker has many people talking. One very important question raised by Cryptolocker’s success to date: Should you ever pay a ransom to a cybercriminal? Sophos security expert James Lyne, head of global security research at Sophos, went on cable … Continue reading Sophos expert talks about Cryptolocker and bitcoin ransom on CNBC (Video)

Tags