Is Shellshock the biggest vulnerability ever? Maybe so, but not for long. Be prepared for more.

Posted by Les Dunston

Sep 25, 2014

img_2014-09-25_Ars-Technica

NEWS

The techno-sphere is on fire again, this time with news of a newly discovered vulnerability present in a ubiquitous component of the internet infrastructure. Just a few months ago, Heartbleed gave us all a lesson on how OpenSSL works and how to secure network communications. It also demonstrated that the infrastructure we rely on has gaping security holes. At the time, experts called Heartbleed the “worst security flaw ever.” But the industry responded and the furor died down. Now, a vulnerability in Bash dubbed Shellshock has taken Heartbleed’s place as the worst ever.

Topics: News

Trust, but verify -- better yet: Trust, but contain!

Posted by Scott Petry

Sep 24, 2014

img_2014-09-23_Ars-Technica

NEWS

Hackers recently compromised Home Depot’s data, exposing as many as 52 million credit card transactions. Commentators quickly jumped on the story, reporting that the company had suffered from lax cybersecurity standards for years and ignored repeated warnings of potential vulnerabilities. Now, ArsTechnica reports that their Home Depot’s Senior Architect for IT Security, Ricky Joe Mitchell, had been convicted of sabotaging the network of a former employer.

Topics: News

Data security in healthcare – the perfect storm

Posted by Dr. Jasper zu Putlitz

Sep 23, 2014

img_2014-09-23_JasperPutlitz

SECURITY

There is a data security crisis looming in healthcare. The recent theft of 4.5 million patient records from Community Health Systems is a case in point. Nobody expects attacks like this will stop anytime soon, and the next one could happen today or tomorrow. It is like a perfect storm. First, healthcare is going through the honeymoon period of IT adoption, trailing many industries who accomplished this decades ago. Second, they are continuously generating exquisitely sensitive, HIPAA-protected data. And third, we live in a time where attack sophistication reaches new heights every day!

Topics: Security

How much is your customer database worth?

Posted by Scott Petry

Sep 15, 2014

img_2014-09-08_SC-Magazine

NEWS

Last week, SC Magazine reported that Salesforce customers are being specifically targeted by Dyre, a  malicious exploit first uncovered in June that has previously been used to target customers of large financial institutions. Although no specific compromises have yet been reported, the bad guys have put substantial time and effort to creating a way to steal the credentials of Salesforce users. The full article can be found here.

Topics: News

Authentic8 Adds Powerful Directory Integration Features to Flagship Product

Posted by Ramesh Rajagopal

Sep 11, 2014

img_2014-09-11_DirSync

CORPORATE NEWS

MOUNTAIN VIEW, CA--(Marketwired - Sep 11, 2014) - Authentic8, maker of Silo, the cloud-based secure browser for businesses, has released Silo DirSync, a framework to integrate and synchronize data between Silo and Microsoft Active Directory. Silo DirSync is designed for large enterprises with geographically dispersed teams that have a need to simplify management of access to sensitive web data. Read the press release here.

Topics: Corporate News

Hackers gonna hack - why breaches are inevitable

Posted by Drew Paik

Sep 9, 2014

img_2014-09-08_hackers-gonna-hack

NEWS

Celebrity stories, though they do not materially affect businesses or the general public, will always make headlines. But, often, less potentially salacious stories get relegated to the background if they are reported at all. The fact is that data breaches and hacks can be catastrophic as we have seen in the cases of Code Spaces and ZenDesk.

Topics: News

The data breaches that didn’t make the headlines this week

Posted by Scott Petry

Sep 4, 2014

img_2014-09-04_HIPAA

SECURITY

This week’s headlines are all about the latest hacking scandal: over a dozen celebrities, including Jennifer Lawrence, had private photos stolen and shared on the internet. The story made headlines not because it impacts a large number of people, but because it is about celebrities and somewhat salacious. Last month’s Community Health Systems security compromise highlighted the vulnerability of HIPAA-protected data.

Topics: Security

Customer Spotlight: Employee Benefit Services

Posted by Drew Paik

Sep 2, 2014

img_2014-09-02_EBS

CUSTOMERS

Employee Benefits Specialists, Inc. (EBS) is a national company that provides a comprehensive menu of benefits to organizations ranging from small businesses to national corporations and municipalities. EBS services include online enrollment and eligibility management, flex spending accounts, COBRA and retiree administration, voluntary insurance and invoice reconciliation and eligibility tracking. With so many services and programs to administer, ensuring the confidentiality of client data is both challenging and absolutely essential

Topics: Customers

Monthly news roundup - August 2014 (TL;DR)

Posted by Drew Paik

Aug 29, 2014

img_2014-08-29_HTTP-Shaming

NEWS

It’s been a big month for security and account compromise in the news. Whether it is the theft of patient information from a healthcare system or the possible compromise of over 1 billion credentials from sites across the web, this type of story is getting more and more common. But, as this thought piece from CNET states, that doesn’t mean we should stop paying attention. Here’s the TL;DR on a few stories that we found interesting:

Topics: News

Turn that WiFi off! WiFi is for victims only.

Posted by A8 Dev Team

Aug 28, 2014

img_2014-08-28_WIFI-MANA1

SECURITY

A few weeks ago, we talked about how easy it is to steal data over WiFi. We even did a demonstration with a device called a WiFi Pineapple and program called Karma to prove it. Now a new set of tools called MANA has been released that makes it even easier for the bad guys to launch attacks that steal your data over compromised WiFi networks.

Topics: Security

The official blog of Authentic8

Blog Home
Sign up for Silo
Contact Us

Subscribe to Email Updates