Tag Archives: security awareness

Your Employees are Targets. Social Engineering is Increasing.

Even with advanced technology and security, your data is still at risk. Studies indicate that hackers are focusing on your teams to gain access to your networks and information. Social engineering is on the rise. This is a method of manipulating your teams into performing actions in order for an unauthorized person to get access […]


The use of social media like Twitter, Facebook, Instagram, Tumblr, Google Plus, LinkedIn and others have been steadily growing. It is used not only between individuals connecting with their “tweeps,” but also for businesses connecting with their customers, and even politicians with their constituents. Social media platforms have become a forum for sharing all manner […]

Understanding and Fixing the Heartbleed Vulnerability

Now that you know that Heartbleed is potentially exposing your secure systems to malicious hackers, you need to know what to do about it. Not only does that mean you need to secure your systems (even the ones you don’t yet know use Open SSL), but you also need to be able to understand the […]

“The Walking Dead” and Windows XP

The IT world is preparing for one of its highest profile deaths on April 8th, 2014. Microsoft will be discontinuing security updates and technical support for Windows XP and its variants. Microsoft will not mourn, as their call to action is to migrate off of one of its most popular consumer operating systems in history.

PHEATS OF PHISHING – Will you be prepared when it happens to you?

Author: Todd Becker, PCI QSA, ISO 27001 Auditor Phishing is by no means a new topic in today’s news. But the increasing complexity and targeted nature of attacks have evolved to a level of sophistication that is even phooling knowledgeable members of the IT community. The end result could just be embarrassing, but it could also […]


HALOCK Investigates. An all-too-common cyber-crime today is spoofing, which is the practice of deceiving people into believing an email or website originates from a source that it does not. In a recent case we are investigating, the perpetrator substituted a number in the URL to mimic the actual URL with the hopes that the recipient wouldn’t notice […]

Security Awareness training is required by PCI DSS

I often write about security awareness training, but it bears repeating periodically.  Cyber security awareness training is required by some standards – the PCI DSS is pretty specific about requiring it.  Security awareness training for the general employee population on at least an annual basis is a good idea.  More technical training for IT or […]