Results for Search Submit Filter by: Advanced Filter All results Solutions Industry Typelist People Client Story Insights/Blogs Filter Search Sort by RelevanceDate Order AscDesc Blog March 7, 2018 A Modern Approach to Hacking Modems In a technology world where terms like Internet of Things (IoT), big data, augmented reality and bots are hot, a conversation about modems might seem painfully antiquated. But phone modems are still a surprisingly viable way for hackers to gain access to your organization’s valuable data. So today, we’re talking about the process for setting up an environment for interacting with modems, as well… Blog March 7, 2018 Understanding Server Message Block from the Ground Up The Server Message Block (SMB) is an integral part of any successful organization’s technology assets. In this blog post, we’ll take an easily digestible look at SMB, including its history, why and how it is used and what SMB is used for during penetration tests. SMB was first referenced as “IBM PC Network SMB Protocol” in a 1985 document by IBM, and in 1987 as “Microsoft Networks/OpenNet-FILE… Blog March 7, 2018 Saving Analytical Data Without Violating GDPR With an effective date less than four months away, the General Data Protection Regulation (GDPR), known officially as "REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016," is becoming a pressing concern for companies inside and outside the European Union (EU). Broadly, the regulation specifies that personal data protection of natural persons residing in… Blog March 8, 2018 Security Advisory: Meltdown and Spectre – Processor Flaws Expose Networks to New Class of Vulnerabilities Security researchers have identified a flaw, present in most computer processors, that allows unauthorized disclosure of information. The flaw, which affects most major processor manufacturers, is the first known instance of a security vulnerability at the processor level, and could be exploited in servers, workstations (including laptops), network infrastructure, mobile devices, IoT devices and… Blog March 12, 2018 New IT Security Awareness Learning Library Designed to Help Workers Become Frontline Cyber Defenders for Their Employers Taking advantage of a user’s poor security practices is often a critical first step for malicious hackers or other cybercriminals seeking to compromise an organization’s systems and data. More than 80 percent of hacking-related breaches leveraged stolen or weak passwords, according to research for the 2017 Data Breach Investigations Report from Verizon. The report also says that about… Blog March 14, 2018 Undetected Breaches and Ransomware Change How We Think About Cybersecurity Undetected Breaches and Ransomware Change How We Think About Cybersecurity As new possibilities in information technology continue to transform organizations, they may outpace any cybersecurity protections already in place. Controls that seemed adequate yesterday might not be equal to the challenges presented by new technology and ever-evolving threats today. Our issue of Board Perspectives:… Blog March 19, 2018 Recent Roundtable Perspectives on Cloud Security As cloud adoption accelerates within well-established businesses and emerges across nearly all industries and company sizes, security executives have been presented with thematic challenges to managing cloud governance, security, and regulatory risk. Protiviti recently held a roundtable of Chicago-area CISOs and Security Leaders to discuss the thematic challenges, share strategies, and gain… Blog March 20, 2018 Even After Patching, Meltdown & Spectre Continue to be a Big Deal First, a recap of the vulnerability For the first time, performance-enhancing features of most modern processors (known as out-of-order superscalar execution, speculative prediction, and HW caching) were discovered to contain (as a unit) a flaw that allows unauthorized disclosure of information. The fact that this flaw is at the processor level differentiates it from other potential… Blog March 26, 2018 What’s Ahead in Vendor Assessments? Rapidly changing information security threats and regulatory requirements continue to put pressure on vendor risk management programs and capabilities for all organizations globally. We anticipate that the number and comprehensiveness of vendor assessments required of, and conducted by, organizations will continue to substantially increase in 2018 and into 2019 before the requests begin to… Blog April 4, 2018 With GDPR Deadline Looming, the First Step Is Discovery With the new EU General Data Protection Regulation (GDPR) scheduled to take effect on May 25, 2018, organizations with EU employees or customers need to be able to demonstrate compliance. GDPR expands the scope of previous EU regulations to include any data processor or data controller that collects, stores, or processes the personal data of EU residents. It mandates data portability,… Load More
