Blog
Dairy Queen Data Breach Impacts Arizona Business Owners
Posted by: Garrett Stiles in Data Breach 4 months, 2 weeks ago
After a few weeks of speculation, Diary Queen has confirmed that nearly 400 locations were compromised in a recent data security breach. Among the 400 locations affected, 9 were local Arizona businesses.
Wi-Fi for SMB - Things to consider
Posted by: Jerry Lozen in Information Security 4 months, 3 weeks ago
Weekly Wrap Up | Oct 10, 2014
Posted by: Garrett Stiles in News 4 months, 3 weeks ago
Schneier Says Incident Response is Failing
Key Details
- Hacking attacks are inevitable, so organizations need to move from protection and detection towards breach management
- Proper response can make the difference in surviving a breach
- "A sufficiently motivated, funded and skilled hacker will always get in"
- 90's were about protection, 00's about detection, and this decade is about response.
- Security is a mix of people, processes, and technology
Lessons Learned
With most organizations not investing enough in protection and detection, it becomes more critical that they take response seriously. With the growing demand for skilled security professionals, and incident response being a highly specialized and technical niche in security, it might prove difficult to find people qualified when needed. It is crucial in this threat landscape of "When" not "If" you get breached that all organizations think about how to respond to a breach, have a plan, and practice the plan. Key to success is making sure those involved understand their role and can respond quickly.
Weekly Wrap Up Oct, 3 2014
Posted by: Jerry Lozen in Data Breach, Information Security, News, Security News 4 months, 4 weeks ago
Jimmy John's Data Breach
Shellshock! Bash vulnerability.
Posted by: Jerry Lozen 5 months, 1 week ago
This past Wednesday, September 24th a vulnerability in bash was announced and I wanted to give a quick summary or run-down of the situation and how it may effect some of us. The vulnerability allows code execution in bash simply by setting certain specific environment variables. The vulnerability was originally found by Stephane Schazelas, and later Travis Ormandy disclosed a secondary exploit that manages to circumvent the initial patch. Given the fact this vulnerability revolves around using bash shells it has been given the name "shellshock". It has also been assigned two separate CVE numbers, CVE-2014-6271 for the original vulnerability and CVE-2014-7169 for the secondary variation.
Contact
Corporate Headquarters
Aeris Secure2432 West Peoria Ave, Ste 1303
Phoenix, AZ 85029
sales@aerissecure.com
(480) 382-8230
News
Recent Tweets
Æris Secure @aerissecure
Join @aerissecure & @azrestassn for a L&L on The Rising Cyber Threat to SMB | food, prizes & insight | http://t.co/s6cMRZ5f1D | #SMBsecurity
5 months, 1 week ago
Æris Secure @aerissecure
Get our take on this week stories in #InfoSec news | @aerissecure Weekly Wrap Up - Aug, 29 2014 | http://t.co/74y8Py02uU #SMBSecurity
6 months, 1 week ago
Æris Secure @aerissecure
"We ask that you exercise extreme caution when using remote access" Restaurant Association Warns | http://t.co/FbfgjnMrxm #MSSP #SMBSecurity
7 months ago