Other Archive
iso 27001

Do You Monitor Your Suppliers? ISO/IEC 27001 Regulations Say You Should

Suppliers, in general third parties, have become one of the weaker links in the system. Recent TicketMaster data breach show how third parties may carry too much risk to your organization. Thus, they should be constantly monitored as ISO 27001 standard suggests. What is ISO/IEC 27001? ISO/IEC 27001 (some only write ISO 27001) is an […]
supply chain hacker attacks

Are You Ready for Hackers Incoming Supply-Chain Attacks?

Are you ready for hackers’ incoming supply-chain attacks? A recent report released by 401TRG (the Threat Research & Analysis Team at ProtectWise) reveals that Chinese hackers, who have abundant experience on APTs, are now getting prepared for software supply-chain attacks. Are your ready? What is software supply-chain attack? Hackers usually insert a backdoor to a […]
normshield supply chain

Supply Chain Cyber Risk are Finally Part of the NIST Cybersecurity Framework!

Recently, National Institute of Standards and Technology (NIST) released new version of its Cybersecurity Framework (v. 1.1), which includes several additions such as cyber risk originated from supply chains. The version 1.1 is a risk-based framework to improve cybersecurity of critical infrastructure in the US. However, it is used by many companies as a guideline […]
iot devices security

Add Your IoT Devices to your Third-Party Cyber Risk Assessments

Internet of Things (IoT) is a new concept surrounding us every day. But security of IoT devices is defined by S in the abbreviation of the term. You may say “but there is no S in IoT”. Well, that is exactly my point. In April, a casino was hacked through a thermometer, an IoT device […]
cyber security risk brief 2018

How hackers leverage your IP addresses? IP Reputation as a Cyber Risk Assessment Metric

IP Reputation can be used as a cyber risk assessment metric to better understand how hackers leverage and exploit your IP addresses listed in websites used by hackers. What is IP Reputation? Employees may download applications that compromise computers and network. As a result, IP address can become part of a hacker’s network and hosting […]
Malicious JavaScripts

Malicious JavaScripts: How Can You Get Hacked?

Malicious JavaScripts: How Can You Get Hacked? Detecting the vulnerabilities and leaking are of the essence in hacking. That’s why maintaining cyber security is quite crucial for individuals and corporations. In 2017, even a big firm like Yahoo was hacked by a simple phishing e-mail. Equifast -one of the largest credit bureaus- was hacked through […]
Cyber Insurance GDPR

General Data Protection Regulation (GDPR) and Cyber Insurance

The countdown has begun: the General Data Protection Regulation (GDPR) will be applicable  as of May 25th,2018, aiming to strengthen the rights of the citizens of EU on the internet. This regulation will be implemented by the European Union, but it is also interest of  companies located in other countries, including the United States, which […]
memcached ddos attack

Are your assets at risk of being victimized or weaponized in a Memcached DDoS attack?

Two record-breaking DDoS attacks, which used misconfigured Memcached servers for amplification/reflection, created 1.35 Tbps and 1.7 Tbps bogus traffic towards GitHub and an unnamed US-based company, respectively. Even though amplification/reflection DDoS attacks are not new to the cyber security world, the amount of traffic created is terrifyingly huge thanks to misconfigured Memcached servers’ amplification by […]
cybersecurity technology summit

Cybersecurity Technology Summit

Cybersecurity Technology Summit; Winners from five Shark Tank Events all come together for the final round of presentations and judging. The 8th Annual Cybersecurity Technology Summit reflects the DC chapter’s longstanding commitment to supporting the armed forces’ on-going development of cybersecurity strategies and tactics. As before, the summit will provide attendees with insights into emerging innovations from the government […]
bitcoin exchange safe

Are Bitcoin Exchange Sites Safe?

Are Bitcoin Exchange Sites Safe and What Are the Vulnerabilities? Bitcoin Mania is all over the world. Bitcoin interest has expanded from Wall Street habitues to housewives in South Korea. Bitcoin trading became so popular that several major websites had to pause the admittance of new accounts. Cyber security is naturally a significant part of this […]