847.221.0200  Main Office
800.925.0559  INCIDENT RESPONSE HOTLINE

Halock Blog

ransomware infected computer

RANSOMWARE: CURRENT STRAINS, ATTACK VECTORS AND PROTECTION »

By Steve Lawn, Senior Consultant
Staying ahead of security threats is no easy task. One threat that should definitely be on your radar is ransomware. From hospital heists to attacks on schools and other businesses, ransomware is costly and is projected to be one of the biggest threats in 2016. According to CNN, … Read More »

W2_thumb

ALERT: CRIMINALS REQUESTING W-2s VIA SIMPLE SOCIAL-ENGINEERING SCHEME »

By Todd Hacke
Tax season is a hectic time of year for not only organizations but their employees.  This year attackers are looking to take advantage of this turbulence with a simple social engineering inquiry that could land them a gold mine of personal and financial information.  It turns out all they have to do … Read More »

mobile_thumb

OPTIONS FOR MERCHANTS USING MOBILE PAYMENT APPLICATIONS TO ACHIEVE AND MAINTAIN PCI COMPLIANCE »

By Morgan Rickel  PMP, QSA
If you are a merchant considering the implementation of a mobile payment acceptance solution, or if you are currently using one, the Payment Card Industry Security Standards Council (PCI SSC) has determined that one of the major risk factors in validating mobile payment acceptance applications with the Payment Application Data … Read More »

pci3-2-thumb

VERSION 3.2 OF THE PCI DSS TO BE RELEASED IN Q2, ARE YOU READY? »


Viviana Wesley, PCI QSA
The Payment Card Industry Security Standards Council (PCI SSC) will be releasing version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) in the second quarter of 2016 and will become effective as soon as it’s published. PCI DSS version 3.1 will be retired three months later to allow organizations … Read More »

emailprivacy_thumb

HIPAA INFORMATION AND EMAIL – HOW TO COMPLY »


by Tod Ferran, CISSP, QSA
According to HHS, “the Security Rule does not expressly prohibit the use of email for sending e-PHI. However, the standards for access control, integrity and transmission security require covered entities to implement policies and procedures to restrict access to, protect the integrity of, and guard against unauthorized access to e-PHI.”
What … Read More »

View Older Posts