Blog
Insights for Reasonable Cyber Security and Compliance
What’s happening in the world of cybersecurity? How do you define 'reasonable' security controls? Which cyber threats can be prevented? What steps should you take to make your systems safer? Read our blog posts to gain new insights into cybersecurity news, security awareness, the latest threats and risks, penetration testing, compliance, regulations and so much more.
Cyber-Espionage: Every Business is a Target
For those of us in the world of information security, the news of Attorney General Eric Holder bringing a first-of-its-kind criminal cyber espionage case against Chinese military officials is no surprise at all. For years, the Chinese have been known for launching cyber attacks on American industrial and military targets to steal prized military secrets and other intellectual property. (more…)
HALOCK’s Eve Adams Named One of Business Insider’s 100 Most Influential Tech Women on Twitter
Eve Adams (@HackerHuntress), Senior Talent Acquisition Expert, was recently named one of Business Insider’s 100 Most Influential Tech Women on Twitter. (more…)
Understanding and Fixing the Heartbleed Vulnerability
Now that you know that Heartbleed is potentially exposing your secure systems to malicious hackers, you need to know what to do about it. Not only does that mean you need to secure your systems (even the ones you don’t yet know use Open SSL), but you also need to be able to understand the flaw, explain it to people who need assurance that your systems are secure, and communicate to them when your fix is complete. (more…)
Universities Remain a Rich Target for Hackers
Schaumburg, IL, April 9, 2014: In 2013, HALOCK Security Labs noted information security vulnerabilities at colleges and universities along with numerous hacker challenges that plague these institutions across the United States. More breaches may come to light if higher education institutions do not rethink their cyber security measures. (more…)
“The Walking Dead” and Windows XP
The IT world is preparing for one of its highest profile deaths on April 8th, 2014. Microsoft will be discontinuing security updates and technical support for Windows XP and its variants. Microsoft will not mourn, as their call to action is to migrate off of one of its most popular consumer operating systems in history. (more…)
Network Penetration Testing: What’s the Ideal Frequency to Conduct Pen Tests?
Some companies test once a year. Some test several times a year. So what frequency is correct for your organization? Well that all depends on how frequently your environment changes and other unique factors affecting your organization. When determining how often to conduct network penetration tests, consider the following:
The Information Security Agent
If you work in the information security industry go ahead and give yourself a pat on the back. In 2012 information security professionals enjoyed one of the lowest unemployment rates in the country according to the United States Bureau of Labor Statistics. In my line of work I often come across IT and various other industry professionals conveying a desire to get into information security but rarely hear of anyone looking to get out. (more…)
2014 Information Security Hiring Trends: Defense!
Yes, it’s another information security predictions article – security hiring trends. No, I won’t be discussing APT, China, or anything involving our favorite prefix, “cyber.” Instead, here’s a brief glimpse at what we infosec recruiters are seeing in terms of enterprise demands for cyber security roles. While all infosec positions, from firewall jockey to CISO, remain super-hot, here are some roles for which hiring managers will clamor in 2014. (more…)
Darrell Issa Just Learned the Difference Between Compliance and Security. Let’s Hope for a Payoff.
Darrell Issa’s House Committee on Oversight and Government Reform has been busy looking into the security of the healthcare.gov website and its connected systems. (more…)
Some Mortgage Lenders May Be Putting Sensitive Financial Data At Risk, Finds HALOCK
FOR IMMEDIATE RELEASE
HALOCK Investigation finds that over 70% of mortgage lenders may be putting sensitive financial data at risk through their application processes
Schaumburg, IL, January 29, 2014: Cybersecurity firm HALOCK Security Labs found many of the nation’s large and small mortgage lenders allow for information sharing practices that may put applicants’ personal and financial data at risk during transmission from the applicant to the lender. (more…)