ISSQUARED Acquires Starnet Data Design
May 29, 2018
Newbury Park, California-headquartered ISSQUARED®, Inc. Acquires Starnet Data Design, Inc., and Expands Networking, Security and Services offerings....
Cryptocurrency Mining Malware Abuses 4000 Websites
February 12, 2018
Driver Was To Use Idle Computing Power of Computers to Mine Cryptocurrency, Monero....
ISSQUARED Proud to Sponsor the Southern California Minority Supplier Diversity Council's 2017 Corporation of the Year Award
October 10th, 2017
Award Ceremony Held at the Dorothy Chandler Pavilion in Downtown Los Angeles....
Equifax: 2.5 million more consumers may be affected by data breach than originally stated
September 20th, 2017
The massive data breach at Equifax, one of the nation's three major credit reporting agencies, may be even larger than originally thought, according to an investigation by a cybersecurity firm....
Equifax CEO Rick Smith "retires" after data breach debacle
September 20th, 2017
Lesson of the day: allow data breach, "lose" $1.45MM salaried CEO job
For the 3rd time, ISSQUARED® Appears on the Inc. 5000 list
September 20th, 2017
Inc. Magazine 36th Annual List of America’s Fastest-Growing Private Companies—the Inc. 5000
For the 3rd Time, ISSQUARED® Appears on the Inc. 5000 list, Ranking No. 2116 with Three-Year Sales Growth of 174%...
Equifax CIO and CISO to Retire Effectively Immediately After Cyberbreach
September 19th, 2017
Equifax said Friday that its top information and security executives were retiring, effective immediately as the company reels from its disclosure last week that it suffered a massive data breach potentially affecting 143 million people in the U.S. ...
Stephen Colbert Jokes HBO Will Have to Melt Half the Emmy Awards Won to Pay for Hacker Ransom
September 18th, 2017
At the 69th Emmy Awards held last night at the Microsoft Theater in downtown Los Angeles, and broadcasted on CBS, host Stephen Colbert took several swipes at HBO, the awards-dominating cable network, owing to the cyber breach they were a target of, a few weeks ago...
Equifax intrusion over 10 weeks exposed 143MM US Consumers' Social Security Number and Birthdates
September 7th, 2017
Equifax made public the fact that their computer systems had been breached, leading to the unauthorized access of Social Security numbers and birthdates of up to 142 million U.S. consumers. The company disclosed that a website vulnerability had enabled the breach, which occurred from mid-May through July 2017 -- approximately 10 weeks...
HBO Continues to Bleed from Hack
August 8th, 2017
Last week we covered the nascent story of a hack that may rival Sony’s in magnitude as it broke. Now, it seems those same hackers have made good on their threat and have released additional compromising information. The additional load of their purported hoard of at least 1.5 terabytes of data contains a cache of internal documents, including...
HBO CyberAttack
July 31st, 2017
Richard Plepler, Chairman and CEO of HBO, confirmed Monday that cyberattackers targeted original programming involving the network’s most popular shows, including the much acclaimed Game of Thrones series.
CrowdStrike Falcon Search Engine
July 30th, 2017
Our cybersecurity partner, Crowdstrike, has just unleashed the first component of their Falcon Search Engine, Falcon MalQuery. As a whole, the Falcon Search Engine exists to provide the advantages search engines have provided in other fields to cybersecurity professionals. The need to quickly and comprehensively understand the endless streams of potentially virulent data streaming across your dashboard is vital in the seconds before becoming compromised. This understanding can help your organization adapt and eliminate threats as they are happening.
SailPoint Unveils IdentityAI
July 28th, 2017
Our identity partner, SailPoint, will release its newest identity analytics offering later this year. Using machine learning techniques and artificial intelligence, their IdentityAI will help organizations manage their identities more intelligently, boost identity governance solution impact, and manage potential identity related threats.
Fortune Ranked Companies Targeted by Cloud-to-Cloud Brute Force Attacks
July 27th, 2017
A report from Skyhigh Networks detailed a sophisticated assault upon senior level Office 365 accounts in likely hopes of obtaining access of additional cloud service accounts for further penetration. The coordinated drive resembled a “slow and low” attack pattern, using techniques such as varying IP address attacks, utilizing different access points, and only targeting high value users, unlike typical brute force attacks. The hackers attempted over 100,000 Office 365 logins through at least 67 IP addresses and 12 networks. These attempts have currently been detected at 48 different organizations.
Highlights from the 2017 RSA Security Conference
February 13th, 2017
It seems that every major hardware and software security provider, and every IT security consulting firm in the world had gathered together at the RSA Security Conference held in San Francisco this year. There were lots of great topics that stalwarts gave talks on, and even the keynote sessions were interesting. The talk that we thought was the most helpful was the opening day (Monday, February 13th, 2017) seminar put together by the Cloud Security Alliance entitled “The Treacherous 12 – Cloud Computing Top Threats in 2016”.
FDA’s Requirements from Medical Device Manufacturers for Post-market Management of Cybersecurity
December 28th, 2016
On December 28, 2016, the Food and Drug Administration (FDA) of the United State of America published guidelines that put forth requirements for Medical Device manufacturers, to manage within the devices they have previously sold, so as to protect from cybersecurity threats. Medical device manufacturers are required to implement comprehensive cybersecurity risk management programs and documentation consistent with the Quality System Regulation (21 CFR part 820) including for software validation and risk analysis (21 CFR 820.30(g)) and servicing (21 CFR 820.200), including vulnerability handling processes that need to comply with ISO/IEC 30111:2013.
Securities and Exchange Commission (SEC) 2017 Examination Priorities Emphasize Cybersecurity
October 6, 2016
The SEC’s Office of Compliance Inspections and Examinations (OCIE) published a warning to all firms serving investors or working with the capital markets, and warned them that the OCIE would be ensuring market-wide risks are covered from a Cybersecurity perspective. The OCIE is specifically going to be examining firms for compliance procedures and controls, including testing the implementation of those procedures and controls.