Article posted: Oct 16, 2018

By Joakim Thorén, CEO

It's official: Version 5.3 of vSEC:CMS, a powerful new iteration of our industry-leading identity and access management solution, is now available. This version includes support for additional popular Gemalto eTokens and smart cards, and offers a slew of additional important features, including the ability to speed new user validations and enable license and Operator Store issuance.

Continue Reading...

Article posted: Sep 19, 2018

By Joakim Thorén, CEO

It seems like companies will never learn. Passwords continue to be the culprit of data breaches, especially temporary password-only security measures. ABC reported Westpac is the latest banking organization to suffer a temporary password only breach. And while data breaches are generated by outside hackers, the Westpac breach was caused by an employee, who accessed the temporary passwords and handed them over to a mortgage broker.

Continue Reading...

Article posted: Aug 23, 2018

By Joakim Thorén, CEO

While large enterprises across the US most certainly have sophisticated cybercrime fighting measures in place, the same is not true of many of the nation's small- and medium-sized businesses (SMBs).

That's why the NIST Small Business Cybersecurity Act, S. 770, previously referred to as the Main Street Cybersecurity Act, was signed into law by President Trump last week. S. 770 charges the National Institute of Standards and Technology (NIST), a division of the commerce department, with helping the nation's smaller businesses better prepare for and address the potential of cybercrime through better education. The Act specifically states NIST is to help SMBs "identify, assess, manage and reduce their cybersecurity risks."

Continue Reading...

Article posted: May 14, 2018

By Joakim Thorén, CEO

A U.S. Senate Intelligence Committee report released earlier this week confirms there was some meddling in the 2016 election cycle by Russian-linked operatives. While the publicly released report summary, entitled "Russian Targeting of Election Infrastructure During the 2016 Election," shows voting systems in as many as 21 states were targeted, the impact was largely negligible.

Continue Reading...

Article posted: Jan 17, 2018

By Joakim Thorén, CEO

Lots of computer users still don't realize how or even that their personal information is gathered, shared and used. But, as with the law, ignorance isn't an excuse, and companies that don't make every effort to secure and protect their data can find themselves in legal and financial troubles, and with potentially fatal damage to their brand.

Continue Reading...

Article posted: Jan 09, 2018

By Joakim Thorén, CEO

It's a new year and corporations - and their shareholders -- are hoping for fewer corporate data breaches. They want to forget about 2017, which saw record breaches, many preventable. In this blog, we identify four security lessons learned from 2017's high-profile security breaches every IT manager should consider, to prevent similar breaches in 2018:

Continue Reading...

Article posted: Dec 13, 2017

By William Houry, VP of Sales

It was inevitable: the scammers are now going after companies in Europe and elsewhere that are preparing for the European Union's cybersecurity General Data Protection Regulation (GDPR), also known as EU 2016/679. The GDPR privacy rules go into full effect in May 2018.

In early December in France it was reported that companies preparing for the GDPR, which is known as the RGPD in France, were being targeted with some less-than-sophisticated phishing-type schemes. According to what was reported, the scheme involved alarm-inducing urgent phone calls and faxed messages to companies, purportedly from the Commission nationale de l'informatique et des libertés (CNIL).

Continue Reading...

Article posted: Oct 16, 2017

By Marcus Hartwig, Versasec GM Americas

Versasec has repeatedly warned that text messages should noy be used as two-factor authentication. Now, Positive Technologies has proved that point decisively but demonstrating the ease of hacking into a bitcoin wallet by intercepting a text message. The Verge reported Positive Technologies posted a video about how easy it is to access a bitcoin wallet by intercepting text messages in transit.

Continue Reading...

Article posted: Oct 10, 2017

By Joakim Thorén, Versasec CEO

If you live in the US, it's likely the Equifax breach has affected you personally. While Equifax is still evaluating the cause of the breach, we're already hearing a number of excuses from the company. And the excuses aren't sitting well with Equifax's board, as Chief Security Officer Susan Mauldin and Chief Information Officer Dave Webb are "retiring". According to an article in ZDNet, Equifax is blaming open-source software for its debilitating security breach that compromised 143 million records. Some industry experts may argue that Equifax shouldn't have relied on open source software to protect American's names, social security numbers, birthdates and home addresses. Others feel that by immediately updating security patches, the breach wouldn't have occurred.

Continue Reading...

Article posted: Aug 23, 2017

By Adam Bostwick, Versasec

Amidst a sea of controversy, the current United States government just made a significant announcement about US cyber security. Covered in Wired Magazine, "the Trump administration will elevate United States Cyber Command, currently a division of the National Security Agency, to the status of a unified military command."

What does this mean for the US?

Continue Reading...

Article posted: Aug 21, 2017

By Yvonne Möbius, HR, Versasec

U.K.-based analyst firm Juniper Research estimates criminal data breaches will cost businesses more than $8 trillion over the next five years. Juniper's new research report, "The Future of Cybercrime & Security: Enterprise Threats & Mitigation 2017-2022," also states that personal records stolen by cybercriminals will reach 2.8 billion in 2017 and almost double to 5 billion in 2020, despite new security technologies to thwart cyberattacks entering the market.

Continue Reading...

Article posted: Aug 09, 2017

By Adam Bostwick, Versasec

It's happened again: A third-party contractor has been deemed responsible for the latest, highly-publicized data breach. This time the company hit was Anthem, where a contractor has been charged with emailing a document containing more than 18,500 Anthem members' information to his personal email address. This information included Medicare ID numbers containing social security numbers, Health Plan ID numbers, as well as Medicare contract numbers and enrollment dates.

Continue Reading...

Article posted: Jul 10, 2017

By William Houry, Vice President of Sales

No matter the industry or its level of security, at least some employees at every enterprise today require access to their corporate networks via mobile devices. Most rely on physical smart cards for user authentication and access, yet there's another low-cost and even simpler solution: Just-in-Time (JIT) virtual smart cards (VSCs) (find more information about smart cards here: https://versasec.com/smart-cards.php).

Continue Reading...

Article posted: Jun 29, 2017

By Joakim Thorén, CEO

The recent Republican National Committee (RNC) data breach took center stage on June 20, 2017 as a huge security misstep. In fact, it was called "the mother lode of all leaks," in a recent article in Business Insider.

Continue Reading...

Article posted: Jun 28, 2017

By Nick Budden, Versasec Technical Consultant

Notch another victory for hackers, courtesy of weak passwords. It appears hackers were able to take down the British Parliament's email system by identifying accounts with weak passwords and breaching them.

Continue Reading...

Article posted: Jun 21, 2017

By Joakim Thorén, CEO

It seems lately that more countries are turning to biometrics to ensure the safety of their borders. This January, Australia vowed it will replace passports as a means of identifying passengers after installing the latest biometric identification platforms, such as facial, iris or fingerprint recognition systems by 2020.

Continue Reading...

Article posted: Jun 19, 2017

By Anders Adolfsson, Technical Consultant

Keeping your admin rights current is a necessity today. Verelox, a provider of dedicated KVM and VPS servers based in The Hague, Netherlands, is a good case in point. The company recently endured a devastating data outage after a former administrator deleted all customer data and wiped most of the company's servers, per Bleeping Computer.

Continue Reading...

Article posted: May 31, 2017

By Joakim Thoren, CEO

This week, Fortune reported Target reached an $18.5 million settlement with 47 states and the District of Columbia over a massive data breach in late 2013. The hits keep coming for Target: over the past four years, the mega retailer has shelled out $202 million as part of this costly data breach.

Continue Reading...

Article posted: May 18, 2017

By Joakim Thoren, CEO

Everyone is talking about the recent worldwide ransomware cyberattack, named WannaCry. A suitable name as the WannaCry ransomware attack was particularly vicious, shutting down hospitals and disrupting high-profile operations like Telefonica, FedEx and Renault.

According to a recent ECNMag article, this was the "largest ransomware attack observed in history." Europol Chief Rob Wainwright added, "More than 200,000 victims have been hit in 150 countries as of last week."

Continue Reading...

Article posted: May 09, 2017

By Joakim Thoren, CEO

Social engineering is a cybercriminal's best friend. That's according to Juniper Research, which recently published the "Cybercrime and The Internet of Threats 2017" whitepaper. In its report, the Juniper team says that even with evolving methods for attempting unauthorized access of computing systems, the preferred route taken by most hackers is still this: duping users into opening the door. Simply put, cybercrime is often perpetrated through social engineering.

Continue Reading...