Media & Resources
Check out the latest JurInnov media by clicking the headers below.
Videos
Presentations
Social Media Links
Connect with us on your favorite social media sites!
Click below to view some of our favorite online resources.
Websites
Videos
Presentations
Teaching Users to Spot Malicious Programs
Posted by: JurInnov | Posted on: June 1st, 2011 | 3 Comments
We have worked hard to educate users of the need for computer hygiene, using anti-spyware, multiple browsers, data backups, and antivirus programs. Unfortunately, users are getting fooled into installing fake antivirus programs through clever pop-ups that work off the fear users have of viruses. These programs install themselves and trick users into paying for bogus services or they gather private information on user activities and send it off to spammers and thieves.
Mitigating the Threat of Corporate Espionage
Posted by: JurInnov | Posted on: May 10th, 2011 | 0 Comments
The term corporate espionage often stirs thoughts of big evil companies, high tech equipment, and government-trained spies. As disturbing as this might sound, it seems far removed from everyday corporate life, thus corporate espionage seems of little concern for the organization. In reality, however, corporate espionage often doesn’t take the face of a big evil company, nor does it require high tech equipment or government-trained spies. It is performed in the everyday workings of a company. Maybe even your company.
This article aims to shed light on the tools of corporate espionage used against everyday businesses and the strategies companies can use to reduce the threat of corporate espionage that ultimately comes down to the unauthorized disclosure of sensitive information.
Leveraging Vulnerability Scoring in Prioritizing Remediation
Posted by: JurInnov | Posted on: April 21st, 2011 | 0 Comments
Eric Vanderburg
The average organization has numerous types of equipment from different vendors. Along with the equipment, businesses also utilize multiple software applications from various developers throughout the organization. This diversity provides many helpful opportunities, but also creates a higher probability for vulnerability. Risk managers are able stay aware of new vulnerabilities through vendor systems or services such as SANS @RISK, the National Vulnerability Database (NVD), the Open Source Vulnerability Database (OSVDB), or Bugtraq, but how do they prioritize the vulnerabilities. Certainly risk managers need to know which vulnerabilities with the highest risk can be resolved before lesser vulnerabilities? Understanding these vulnerabilities and their impact relevant to other vulnerabilities is quite a challenge.
To overcome this challenge, several scoring systems have been developed. These include the US-CERT (United States Computer Emergency Readiness Team) Vulnerability Notes Database and the Common Vulnerability Scoring System (CVSS). This article provides an overview of both systems and how risk managers can use them to prioritize remediation.
Does One Bad App Spoil the Bunch?
Posted by: JurInnov | Posted on: March 28th, 2011 | 0 Comments
Eric Vanderburg
Smartphones are replacing traditional phones. These handheld devices offer users more than just the ability to make calls; smartphones such as the iPhone, Google Android, or Blackberry let owners browse the Internet, check email, and run applications. In many ways, the modern smartphone is a merger of the computer and the phone into one small pocket sized device delivering information to you anytime, anywhere. But what else is your smartphone up to? With all its similarities to the PC, smartphones also share one of the PC’s less desired attributes…malware.
All three vendors, Google, Apple, and RIM maintain a directory of applications, or apps, allowing developers to publish applications to a directory for downloading. Some of those applications contained malicious code allowing phones to be converted into “zombies” for launching attacks or giving attackers access to data on smartphones such as contacts, emails, attachments, browsing history, or passwords. Some applications made calls to 900 numbers or premium texting services that you could be billed for. Both Google and Apple have identified and removed malicious apps from their directory and Google has implemented measures to remotely remove malicious apps from users’ phones. However, even this fact is disturbing because it demonstrates that Google has backdoor access to the Android phone. This system that today is used to remove malware, could one day be used to deploy it. Read More
Achieving High Availability with Change Management
Posted by: JurInnov | Posted on: February 22nd, 2011 | 1 Comments
Eric Vanderburg
Change management is a key information security component of maintaining high availability systems. Change management involves requesting, approving, validating, and logging changes to systems. This process can bring significant benefits to an organization. Namely, it can strengthen the decision making ability of an organization by training personnel to fully think on and evaluate changes before they are made and it provides a knowledge base of past changes and the lessons learned from situations.
Is your approach to information security on target? Take the quiz to find out! (Coming Soon)
