More information has been trickling out regarding the massive Target PCI breach that took place during the 2013 Christmas shopping season. Forensic researchers first learned that hackers penetrated Target's network by means of a business transaction portal. It appears that Fazio Mechanical Services was the source. Fazio is a Pittsburgh-area nationwide mechanical contractor that services many large retailers. Now more details are emerging about the mechanism hackers used to infect the HVAC contractor. There are serious lessons here that businesses of all sizes need to learn. It's safe to say the face of PCI compliance will forever be changed as a result of the findings.
Topics: 0day, breach, business continuity, cardholder data environment, chicago computer support, chicago IT support, Chicago PC Support, disclosure, exploit, firefox, firewall, hacker, homeland security, internet, internet explorer, java, Mac, malware, PCI, privacy, security, Security, software, update, virus, vulnerability, zero-day
The "CryptoLocker" virus has been making a great deal of noise lately. Though we at Thom Infotech have not personally encountered it, we know others who have. We've written this post to help you to understand and defend against the CryptoLocker virus.
Topics: 0day, adobe, breach, business continuity, Business Continuity, catastrophic data loss, chicago computer support, chicago IT support, Chicago PC Support, cryptolocker, disaster, disclosure, email, encrypt, encryption, ePHI, exploit, explorer, facebook, firefox, firewall, flash, google, hacker, Hipaa, Hippa, homeland security, infection, internet, internet explorer, java, malware, microsoft, oracle, patch, privacy, security, Security, software, update, UTM, virus, viruses, vulnerability, zero-day
As of this writing there are roughly four useble business weeks left in the current year. As 2013 winds down, businesses should consider performing needed upgrades sooner rather than later. At the risk of creating a lengthy blog post I'm planning to provide 179 reasons to upgrade before January 2014.
Topics: business continuity, Business Continuity, chicago computer support, chicago IT support, Chicago PC Support, exploit, firewall, Healthcare IT, Hipaa, Hippa, homeland security, internet, internet explorer, java, malware, microsoft, patch, Section 179, security, Security, software, update, virus, viruses, vulnerability, zero-day
I've never been a boy scout. Sometimes I wish I had been. I appreciate the fact that preparedness is such a central tenet of the organization. Any good Boy Scout (or wanna-be Boy Scout) should be prepared for a data disaster.
As the owner of a technology consulting firm, I'm occasionally asked to assist with Business Continuity Planning (BCP). As the name implies, BCP is a discipline that attempts to answer the "what if" questions that surround the viability of a business when faced with a disruptive event such as a fire, flood, hurricane, tornado, theft, riot, or any number of contingencies that could interfere with the normal course of business. BCP is meant to plan for such a disruption, giving the business a fighting chance to stay afloat and serve their customers until returning to business-as-usual at some point in the future.
Topics: bcp, business continuity, Business Continuity, business continuity planning, chicago computer support, chicago IT support, disaster, disaster preparedness, Healthcare IT, Hipaa, homeland security, medical, vulnerability
Apple revealed today that they were targeted by the same malware attack leveled against Facebook on February 1st. The earlier comments by Facebook hinted at a working group of high-value targets and Apple now appears to be among them. The attack took advantage of a previously unknown Java zero-day exploit to infect the engineers' computers by means of their web browsers.
Topics: 0day, Apple, breach, business continuity, chicago computer support, chicago IT support, Chicago PC Support, chrome, exploit, facebook, firefox, firewall, hacker, Hipaa, java, Mac, malware, oracle, patch, security, Security, software, update, virus, viruses, vulnerability, zero-day
Are you a Postini user? Postini is an email security platform that was gobbled up by Google a few years ago. Google Apps email users have enjoyed the spam and virus protection ever since, as have many clients who leveraged the Postini tools to cleanse their incoming email before it arrived on their own servers. The first group is in luck - they'll continue to use Postini. The second group, however, will have to look elsewhere for this type of filtering. Naturally, Google would like to have all of them migrate their business email to Google Apps (not a bad choice) but this just isn't feasible for many.