Access Management

The 12 Billion Dollar Scam

New FBI statistics suggest compromised business email accounts have led to over 12 billion dollars in losses since 2013… An article review. So much attention has been paid to ransomware, botnets and other relatively recent developments that it’s easy to forget...

New Bill Adds Industrial Control Systems to Homeland Security’s Oversight

While already happening in practice, the new legislation would officially make it one of the agency’s priorities. An article review. In an acknowledgment of what is recognized as a growing threat, legislation introduced recently in the House of Representatives would...

Don’t Believe Your Eyes: Router-Based Malware Can Change Website Data

Previously thought to be designed to deliver a DDoS attack, VPNFilter can alter data in transit and change what you see on your screen. An article review. Initially, researchers thought that a new piece of router-based malware called VPNFilter was a relatively simple tool...

Project Indigo: Blurring The Lines Between Government and Private Sector Cybersecurity

US Cyber Command joins with the FS-ISAC to share threat intelligence… An article review. Threat intelligence sharing is a concept we’re all probably familiar with, at least in passing–it’s hard to imagine where we’d be without the efforts of ...

The Cost of Being Unprepared

A new study has identified the most profitable malware, showing just how much unprepared businesses have paid. An article review. Despite pleas from various experts and authorities, it looks like a significant number of organizations ultimately decide to pay the criminal ...

How Well Do You Know Your Endpoints?

Many organizations spend time and money deploying endpoint protection, then think they can forget about it… An article review. Not too long ago when it came to endpoint security it was common practice to simply install an antivirus program, set it to automatically u...

Temporary Passwords: A Potential Weak Link

Some small organizations continue to use customer data to generate initial passwords, despite the risks. An article review. When rolling out a new online banking platform organizations are often faced with the task of issuing new usernames and passwords to existing users,...

Firewall Log Retention: Beyond The Guidance

In the absence of specific guidance, organizations are left to use their judgement in retaining logs… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Not long ago a Client asked for my input on their firewall lo...

Object Access Limitations

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are im...

The Top 3 Articles of 2018

The Top 3 Articles of 2018 2018 has now come to an end, but what a year it was for articles on the infotex blog! Not only did the “infotex writing team” published twenty-two article reviews, (thanks in large part to our Clients for sending them to us), but we a...