fbpx
Security, Video Surveillance, Surveillance, Computer Networking, Access Control, Monitoring, LVT, Liquid Video Technologies, Greenville South Carolina

Security Lapse Exposed Honda’s Network

An exposed database at automotive giant Honda allowed anyone to see which systems on its network were vulnerable to unpatched security flaws, potentially giving hackers insider knowledge of the company’s weak points.

The server contained 134 million rows of employee systems data from the company’s endpoint security service, containing technical details of each computer and device connected to the internal network.

There was no password on the database, allowing anyone to access and read the data.

The data included which operating system a user was running, its unique network identifiers and IP address, the status of the endpoint protection and which patches were installed. That could allow an attacker to figure out which systems are at risk of certain vulnerabilities, or tailor attacks toward machines of interest using exploits known to target vulnerable devices. (We’re not naming the endpoint provider as it could prove useful for an attacker.)

In some cases the database would reveal the endpoint security status — including if a device was unprotected.

Security researcher Justin Paine found the exposed database earlier this month. The database was shut down hours after he made contact with the company.

“I thought this was likely to be just a single Honda dealership,” Paine said. “The odds of that seemed far more likely than a database containing information related to all of Honda’s global network of employee machines.”

The database contained records on multiple Honda offices around the world, including Mexico, the U.K. and the U.S., said Paine.

He also found the chief executive’s computer in the logs, including which operating system he uses, the patches installed and more. The records also included his email address and the last time he logged on.

“What makes this data particularly dangerous in the hands of an attacker is that it shows you exactly where the soft spots are,” said Paine. “This data contained enough identifiable information to make it extremely simple to locate specific high-value employees, and in the hands of an attacker this leaked data could be used to silently monitor for ways to launch very targeted attacks on those executives,” he said.

Honda spokesperson Marcos Frommer told TechCrunch: “The security of our data is critical to us, and we are continually reviewing our processes to ensure that our data is protected. We have investigated this specific issue and have taken steps to address the matter.”

“We will take appropriate actions in accordance with relevant laws and regulations, and will continue to work on proactive security measures to prevent similar incidents in the future,” said the spokesperson.

It’s the latest find by Paine in recent months. Earlier this year he found a huge database of call logs and SMS messages exposed on the internet, and also the viewing habits of a library and university streaming service.

Article Provided By: techcrunch

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Networking, Access Control, Monitoring, Security Systems, Liquid Video Technologies, Greenville South Carolina

The 6 Deadly Mobile Security Threats

The emergence of mobile security threats has been there over the past few years. Since mobile devices have become mini computers with complete top-level internet capabilities, the threat to these devices has increased. Many statistics today show that cellular security threats are the most widespread in the device market. Android, the largest cellular platform notes that up to 50% of users can be exposed to risk at any given time for various reasons. There are a number of deadly mobile security threat methods in 2019.

Phishing

As the hacking attacks get more sophisticated, hackers have increasingly turned to phishing. Phishing is the process of soliciting information from especially via unsafe links. Mobile devices are some of the most threatened tools when it comes to phishing. This is because of the delicate nature of mobile screens. Not only is it easy to click on an unsafe link unintentionally, but it is also possible to fail to differentiate between safe and unsafe links. Mobile device users also spend more time on their machines than PC users. This is why phishing is a huge threat in 2019.

When hacking attacks are increasingly sophisticated, hackers are increasingly turning to phishing. Phishing is the process of requesting information from mainly through unsafe links. Mobile devices are some of the most threatened tools for phishing. This is because of the soft nature of the mobile screen. It’s not only easy to accidentally click on insecure links, but also may fail to distinguish between safe and unsafe links. Users of mobile devices also spend more time on their machines than PC users. This is why phishing is a big threat in 2019.

Wi-Fi and Spoofing network

One of the biggest threats with free WiFi is the hacker’s ability to position himself between your mobile and the access point. So, instead of talking directly to a hotspot, you are sending your information to hackers. Hackers will have all the access to all the information that you send like e-mails, telephone numbers, credit card information, business data, and so on. And once a hacker has all the information, they will have a field day.

Similarly, free WiFi is also a main source of insecurity. The network is also in the field of mobile devices. With so many networks scattered across the places, identity spoofing is easy, because they use fake access points. With increasing access to network comes to increasing phishing attacks, often created through cloned networks through several accounts. The victim ends up disclosing all the critical information and ends up losing his asset. There are tools that can help protect you from identity theft.

Exposing Data

In today’s world data is very critical, and on any mobile out there, users store their banking and financial information and personal information. So one has to be sure that someday you are more likely to lose this information. Data leaks occur as a result of installing an app that requires a confusing set-permissions or simply because they do not have clear permission. Most free apps often fall into this category. The user has to make sure that the app that he installs on his mobile is coming from a reputed source.

Spyware

The world of mobile devices has seen many forms of malware. The current threat generation is spyware. This is a small program that tracks and store user information without their consent. Spyware programs are mostly used by malicious companies and individuals who benefit in certain ways of knowing the location of certain mobile users. Spyware is spread in the same way as other malware programs. Therefore, the best spyware is an ordinary antivirus program.

Wrong code

Bad cryptography is also the main source of insecurity. During the application development process, engineers may end up using bad coding techniques. In such cases, apps that are created can be unsafe and become a source of threat to all devices. Today app development requires compliance with modern cryptographic standards. Often when cryptography is badly used, the problem is usually a lack of time or financial resources to allow the complete application process. Application development needs to be done until finality. All processes involved in the development, including testing, must be carried out in accordance with modern requirements. Doing this can eliminate deficiencies in the code and make the application safer.

Responsible Development

The threat of social engineering is increasing. On mobile devices, many different strategies are used by attackers. The main strategies include using false information to try and get data from mobile users. Currently, hackers use inventive language to get a little of their personal information. They can do this for a long time and collect enough data to carry out attacks. Social engineering attacks have increased due to the many applications and communication platforms.

Article Provided By: Hacker Combat

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Access Control, Networking, Monitoring, LVT, Liquid Video Technologies, Greenville South Carolina, Cybersecurity, Practices

Cyber Security: Definition, Practices & More

Learn about cyber security, why it’s important, and how to get started building a cyber security program.

A DEFINITION OF CYBER SECURITY

Cyber security refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access. Cyber security may also be referred to as information technology security.

THE IMPORTANCE OF CYBER SECURITY PRACTICES

Cyber security is important because government, military, corporate, financial, and medical organizations collect, process, and store unprecedented amounts of data on computers and other devices. A significant portion of that data can be sensitive information, whether that be intellectual property, financial data, personal information, or other types of data for which unauthorized access or exposure could have negative consequences. Organizations transmit sensitive data across networks and to other devices in the course of doing businesses, and cyber security describes the discipline dedicated to protecting that information and the systems used to process or store it. As the volume and sophistication of cyber attacks grow, companies and organizations, especially those that are tasked with safeguarding information relating to national security, health, or financial records, need to take steps to protect their sensitive business and personnel information. As early as March 2013, the nation’s top intelligence officials cautioned that cyber attacks and digital spying are the top threat to national security, eclipsing even terrorism.

CHALLENGES OF CYBER SECURITY

For an effective cyber security, an organization needs to coordinate its efforts throughout its entire information system. Elements of cyber encompass all of the following:

The most difficult challenge in cyber security is the ever-evolving nature of security risks themselves. Traditionally, organizations and the government have focused most of their cyber security resources on perimeter security to protect only their most crucial system components and defend against known treats. Today, this approach is insufficient, as the threats advance and change more quickly than organizations can keep up with. As a result, advisory organizations promote more proactive and adaptive approaches to cyber security. Similarly, the National Institute of Standards and Technology (NIST) issued guidelines in its risk assessment framework that recommend a shift toward continuous monitoring and real-time assessments, a data-focused approach to security as opposed to the traditional perimeter-based model.

MANAGING CYBER SECURITY

The National Cyber Security Alliance, through SafeOnline.org, recommends a top-down approach to cyber security in which corporate management leads the charge in prioritizing cyber security management across all business practices. NCSA advises that companies must be prepared to “respond to the inevitable cyber incident, restore normal operations, and ensure that company assets and the company’s reputation are protected.” NCSA’s guidelines for conducting cyber risk assessments focus on three key areas: identifying your organization’s “crown jewels,” or your most valuable information requiring protection; identifying the threats and risks facing that information; and outlining the damage your organization would incur should that data be lost or wrongfully exposed. Cyber risk assessments should also consider any regulations that impact the way your company collects, stores, and secures data, such as PCI-DSS, HIPAA, SOX, FISMA, and others. Following a cyber risk assessment, develop and implement a plan to mitigate cyber risk, protect the “crown jewels” outlined in your assessment, and effectively detect and respond to security incidents. This plan should encompass both the processes and technologies required to build a mature cyber security program. An ever-evolving field, cyber security best practices must evolve to accommodate the increasingly sophisticated attacks carried out by attackers. Combining sound cyber security measures with an educated and security-minded employee base provides the best defense against cyber criminals attempting to gain access to your company’s sensitive data. While it may seem like a daunting task, start small and focus on your most sensitive data, scaling your efforts as your cyber program matures.

Article Provided By: Digital Guardian

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Video Surveillance, Surveillance, Monitoring, Access Control, Computer Networking, LVT, Liquid Video Technologies, Greenville South Carolina

Florida Prepares for Election Security

Local elections offices in Florida received funds on July 8 to be used for 2020 election security improvements, according to a news report.

The report says the awards vary from about $450 to more than $500,000 and that the funds distributed at the beginning of July included:

  • $46,096 to Lake County
  • $12,140 to Marion County
  • $16,741 to Sumter County

Marion County’s Supervisor of Elections Wesley Wilcox says, “We are the largest swing state in the U.S. That is a huge prize. I really feel the 2020 general election in November will be the biggest turnout election that we’ve ever had. We have more people than ever before, but I think interest is also going to be at an all-time high.” In 2018, Lake County received about $242,000, Marion County received $268,000 and Sumter County received $119,000 to go toward election security.

Susan Greenhalgh, programs vice president at National Election Defense Coalition, says problems in election security are difficult because of the combination of computer use and anonymity of the voting process. “We have a secret ballot,” Greenhalgh said, “which is very, very important to the integrity of our elections, but it also creates a security issue. If machinery is somehow corrupted, you won’t know because there’s no way to go back and check like with other transactions. If you go to a bank, you get a receipt. That’s not how voting works.” Greenhalgh adds that if votes were taken by raising a hand, it would be easy to verify how many votes were cast for each option, and problems could be fixed if someone saw their vote was missed in a count.

Aubrey Jewett, a political science professor at the University of Central Florida,  says people focus on computer hacking as the primary source of misrepresentation in elections, but that paper ballots are no less susceptible to mistakes, notes the report.

“Sometimes baskets of ballots appear,” he said. “Sometimes things get misplaced. The potential for old-fashioned election tampering – in the sense of paper ballots – is there.” Jewett says two keys to preventing security breaches in elections are in recognizing that security needs to be maintained “from the very start of the process to the very end” and that security efforts continue to get funding, says the report. Jewett says computer hacking is one of the larger security threats facing U.S. elections. “As anyone who has dealt with computers and software knows, viruses and security threats evolve over time,” he said. “You have to be constantly vigilant to stay on top of those threats and to make sure you’re not vulnerable.”

Jewett says Florida has some systems in place to stop obvious stealing. “It doesn’t mean we can rest on our laurels by any means ’cause hackers are always hacking,” he added. “Even though the tabulating machines are not connected to the internet, there’s the worry that people can hack in and change the vote totals at the (Supervisor of Elections) Office.”

The report notes election hacks could include people filling in absentee ballots for dead family members or registering to vote in two states, which is a huge issue for Florida due to the large population of voters who live in other states, says the report.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Access Control, Video Surveillance, Surveillance, LVT, Liquid Video Technologies, Greenville South Carolina

Facebook Messenger Kids Security Flaw

But this protection somehow wasn’t in place for group chats, The Verge discovered, meaning children were able to communicate with users who hadn’t been parent-approved.

Facebook said on Monday, July 22 that it has been sending out “thousands” of alerts to parents over the past week, explaining that it’s aware of the security flaw and has closed down affected group chats.

“We recently notified some parents of Messenger Kids account users about a technical error that we detected affecting a small number of group chats,” a Facebook spokesperson told Digital Trends. “We turned off the affected chats and provided parents with additional resources on Messenger Kids and online safety.”

Messenger Kids only lets children select from approved users for one-to-one chats. They can also enter a chat group that has been started by an approved user. But until Facebook spotted the bug last week, that chat group could contain other individuals approved by the parent of the person that started the chat group, though not approved by the parent of the child entering that group.

In such cases, children could have been talking to someone in a chat group whom the parent knew nothing about. While everyone in the group should have been approved by someone, the flaw is likely to concern many parents as the app’s security was not as tight as Facebook had claimed.

The social networking giant is yet to offer more detailed information on the incident, including how long the issue was present in the app.

The unsettling revelation comes in the same week that the U.S. Federal Trade Commission is expected to announce a colossal $5 billion settlement with Facebook over its handling of data belonging to 87 million users caught up in the Cambridge Analytica privacy scandal. Whether there will be any fallout in response to this latest slip-up remains to be seen.

Article Provided By: Digital Trends

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Network Security, Liquid Video Technologies, Greenville, South Carolina

10 Most Neglected Data Security Practices

The 2018 Netwrix IT Risks Report explores how organizations are working to ensure compliance and beat cyber threats. Unfortunately, the results indicate that organizations aren’t doing enough to defeat the bad guys. Here are the 10 most neglected security best practices: 

1. Classify data based on its sensitivity.

Security experts recommend that organizations classify data at least twice per year so they can reset access rights and ensure that only the right people have access to data.   

Reality check: 64% of organizations admit that they classify data based on its level of sensitivity just once per year or even less frequently.   

Pro tip: Many organizations rely on users to classify data, which rarely works well. Look for data discovery and classification products that automate the classification process.   

2. Update data access rights.

To prevent unauthorized access to data, security experts recommend strictly enforcing the least-privilege principle, as well as reviewing access rights every six months and after important events like an employee termination.   

Reality check: 51% of organizations do not update data access rights even once a year.   

Pro tip: Look for governance solutions that can assess and control access rights, both as part of an ongoing process as well as ad hoc. Also look for reporting and alerting tools that can ensure it’s all being done correctly and securely.   

3. Review data available to everyone.

To reduce risk to sensitive data, security experts say that at least every three months, organizations should check that folders and shares available to everyone don’t contain sensitive data.   

Reality check: 76% of organizations are not doing this frequently enough, and some never do it at all.   

Pro tip: Look for solutions that can automate a continuous program to discover, classify and secure content regardless of where it resides, so you can reduce your attack surface.   

4. Get rid of stale data.

When you no longer need data for daily operations, it should be archived or deleted. To mitigate security risks, experts recommend doing this every 90 days.   

Reality check: Only 18% of organizations delete unnecessary data once a quarter, meaning that 82% of organizations are needlessly increasing their threat exposure.   

Pro tip: Deploy an automated solution that can find stale data and collaborate with the data owners to determine which data can be archived or permanently deleted.   

5. Conduct asset inventory regularly.

Security experts encourage you to identify all your assets (e.g. databases, software and computer equipment) and determine who is responsible for them at least once a quarter. 

Reality check: Just 29% of organizations stick to the recommended schedule.   

Pro tip: Choose an asset tracking solution that streamlines data collection and analysis to locate every asset within your company. Make sure it is easy to use and fits your needs.   

6. Update and patch software promptly. 

Installing security updates to your software in a timely manner enables you to mitigate vulnerabilities. The recommended frequency depends on patch and system importance and other factors; it varies from weekly for critical security patches to quarterly for less urgent patches, such as maintenance patches.   

Reality check: 33% of organizations do not update their software even once in 90 days.  

Pro tip: Establish a dedicated testing environment or at least a segment for patch testing to avoid incompatibility or performance issues.   

7. Perform vulnerability assessments.

Regular vulnerability assessments help you locate security gaps and reduce your exposure to attacks. Security experts recommend running these assessments at least once a month.   

Reality check: 82% of organizations do this only twice a year or don’t do it at all.   

Pro tip: Find products that can continuously evaluate threats to your data and make sure you know which threat actors do most harm to your business. Even better, find tools that provide alerts to reduce the number of false alarms.   

8. Create and maintain an incident response plan.

There are several parts to a resilient security response plan: Draft a plan, get it approved, regularly train employees and do test runs.   

Reality check: 83% of organizations admit to failing to execute all these stages.   

Pro tip: Conduct random tests to see how admins and regular users react to security threats and evaluate how your plan is working in real life.

9. Update admin passwords regularly.

If an administrator’s credentials are compromised by attackers, whether the credential is shared or not, the entire IT infrastructure is at risk. Security experts recommend changing admin passwords at least every quarter.

Reality check: Only 38% of organizations change their admin passwords at least once every 90 days.

Pro tip: Don’t use shared admin passwords, even if you update them every week. Each privileged user should have their own admin credentials and the passwords should be changed regularly.

10. Update user passwords regularly.

While the goal of threat actors is to get administrative credentials, the gateway to that information is oftentimes accessing a user’s credentials. A security best practice is to require users to change their passwords at least every 90 days.   

Reality check: 42% organizations mandate a password change less frequently than once a quarter.   

Pro tip: Require users to choose strong passwords (with a minimum number of characters and symbols) and change them once every 90 days. Also consider deploying multifactor authentication and single sign-on.   

Following these security best practices can help you reduce your attack surface and minimize the risk of security and compliance issues. Rigorously implementing security basics such as finding, classifying and securing your data is essential to preventing attackers from stealing your sensitive data and ruining your company’s reputation. 

Article Provided By: Information Security Buzz

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Surveillance, Monitoring, Video Surveillance, Access Control, Security Systems, LVT, Liquid Video Technologies, Greenville South Carolina

British Airways Suspends Flights to Cairo

British Airways canceled all flights to Cairo for 7 days for security reasons.

“We constantly review our security arrangements at all our airports around the world, and have suspended flights to Cairo for seven days as a precaution to allow for further assessment,” the airline said in a statement.

“The safety and security of our customers and crew is always our priority, and we would never operate an aircraft unless it was safe to do so.”

The UK Foreign and Commonwealth Office (FCO) updated its advice to travelers on July 19, saying “Terrorists are very likely to try to carry out attacks in Egypt. Although most attacks occur in North Sinai, there is a risk of terrorist attacks across the country. Attacks could be indiscriminate, affecting Egyptian security forces, religious sites, large public gatherings and places visited by foreigners. There is a heightened threat of terrorist attacks in or around religious sites and during religious festivals, such as the month of Ramadan and the Christmas period (including Coptic Christmas), when terrorist groups have sometimes called for attacks. Terrorist attacks have occurred over local holiday weekends. Terrorists have attacked tourists in Egypt in the past. There is a heightened threat of terrorist attacks targeting Coptic Christians from extremists linked to Daesh-Sinai in Egypt.”

The US State Department has issued several travel advisories this year warning Americans to exercise increased caution in Egypt because of terrorism concerns.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Surveillance, Computer Networking, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Do Smartphones Impact Your Cybersecurity?

Remote working is slowly becoming a trend to watch for, and companies all around the world are mostly willing to accommodate. Studies suggest that companies spend as much as $350 per employee every month to provide company-issued smartphones and laptops, which is not that negligible of a number. Regardless of that, only 11 percent have taken more than a single measure to keep their mobile networks safe from a potential data breach.

Cybercrime Is on the Rise

Speaking of recent studies, one of them found that the widespread usage of company smartphones caused several corporate data breaches. And the financial consequences can be downright mind-numbing. In fact, they reached a total of $7.8 million in the last year alone. Taking a look at the statistics presented by ONS doesn’t make things any more reassuring either. Did you know there were more than 1.7 million incidents of cybercrime between April 2017 and March 2018?

The 3 Phases of Cyber-Security

So it goes without saying that companies should invest more resources and effort into reinforcing their cyber-security. This starts with picking the right software. According to the industry experts, cyber-security should be approached in a linear order, and these are the 3 phases of it:

  1. Detection
  2. Prevention
  3. Containment

With that being said, an ounce of prevention is worth a pound of cure, so patching up any holes remains an important part of the overall strategy. Keeping your internal network malware-free today will save you a ton of problems tomorrow.

A Company-Wide Policy Will Get You Far

There is something the companies can do that is beyond the technical cyber-security measures. Namely, coming up with a company-wide mobile threat defense policy. Observing the landscape reveals that numerous companies are starting to recognize the importance of investing money into educating their employees. By undergoing rigorous training, they are able to recognize the most prevalent cyber-security threats and suspicious-looking emails.

Another important aspect of keeping the company tech safe is using a unique password on every account. It’s also important to change them periodically.

What Are the Top 3 Cyber-Security Risks to Be Aware Of?

Knowing the risks is half the battle. Otherwise, how are you going to fight it if you can’t pinpoint the threat you’re up against?

1. Phishing attempts

Phishing is a clever trick designed by hackers to trick you into handing over your sensitive personal details. Often, they are able to accomplish this by passing themselves as a form of authority and pressuring you into handing over your login credentials. They don’t ask for them directly; rather, they try to divert you to a fake login page that serves no other purpose than to steal information from unsuspecting victims.

If sensitive company details fall into the wrong hands, all hell breaks loose. And let’s not even get started on regulatory fines, the loss of trust, etc. Unfortunately, phishing attacks seem to be increasing in frequency, so taking extra care certainly won’t hurt. Bear in mind that these are not limited to email either; text message based phishing is another threat the companies need to be aware of.

2. Being too liberal with syncing company data with personal devices

You can take all the steps in the world to protect your company data. But what good does it do if it finds its way to a personal device with subpar protection against external attacks? On a similar note, using company devices for personal matters poses risks as well.

In normal circumstances, a personal device would get infected with malware in case the user lands on a malicious website. But as much of an impenetrable fortress your company devices may be, there is always something that can weaken their defenses.

3. Not taking enough time when choosing a VPN

VPN is one of the primary ways employees use to access a company network while they’re not physically present in the office. That’s because a VPN allows you to establish a secure connection regardless of your current location.

However, doing your research is a crucial part of the process when choosing a business VPN, as not all of them are equally good. Some free providers, for example, monetize their product in unethical ways, which involve selling your bandwidth, redirecting your browser and installing malware behind your back. Moreover, don’t forget that a VPN will only protect you from certain cyberthreats, so exercising common sense is still needed.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Video Surveillance, Surveillance, Security, Monitoring, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Can Video Surveillance Eliminate Doubt?

Ecommerce retailers face many challenges as consumers become more dependent on the convenience of online purchasing. Beyond the mere logistical challenge of effectively managing an e-commerce transaction, retailers are also challenged with the increased number of package theft which hits their bottom-line. Current home security solutions are missing that delicate dance between effective solutions and convenience.

Video surveillance and smart home technology are two of the most common forms of security that homeowners rely on to reduce theft, but are they doing enough? Or, do these solutions provide a false-sense of security to homeowners? In order to understand theft and security better, we must first take a look at the most common forms of home security – specifically, video surveillance.

In the public domain, there is empirical evidence that CCTV surveillance systems are effective in reducing the instances of theft where cameras are placed. However, there is debate over the impact these systems have at reducing overall theft. Simply put, criminals continue to commit unlawful acts, just outside of the camera view. When it comes to home surveillance, the proliferation of easy-to-install, DIY cameras and surveillance systems would suggest that they are effective in deterring theft. However, if this is the case, then why do we still lock our doors and windows when we leave our homes? Maybe it has something to do with the nuances in video surveillance – sometimes appearing active, while mostly acting as passive security. For the average homeowner, home surveillance solutions, methods and technologies fall into the category of passive security.

Most of us know that the term “security” is fairly broad, with surveillance being no exception. Video surveillance cameras consistently fall into the category of security, yet they are disproportionate to what security actually means – which is freedom from danger, risk and fear. Video surveillance presents a sense of security, but passive functionality means that crimes can and still do occur in plain view of cameras. This is not a claim that home surveillance is not effective, but rather a reinforcement that we need collective measurements of active security in order to take us closer to the freedom and peace of mind we all desire.

It is unrealistic to assume that everyone who is worried about their security has the means to afford or equip their homes with traditional notions of active security, such as privately contracted security guards. However, there are other active security measures individuals can take to experience peace of mind in the home. Active security expands far beyond the scope of security guards. Active security is discriminant. It allows approved activity based on user, time, and even frequency. This form of security is a closed loop system that is “actively” providing real-time feedback and alerts for an intrusion. With that being said, there are cases to be made for an active form of video surveillance. This is because it can perform active security so long as it has a process for monitoring. However, if there is no dedicated person assigned to actively watch the surveillance, then the monitoring is rendered useless.

As traditional video surveillance appears to be quite limited, it requires a more intelligent approach. As myriad of video surveillance systems storm the market, it should be expected that traditional video surveillance adapts in order to become a more active means of security. When done correctly, active video surveillance utilizes technological advancements in motion detection, real-time alerts, IoT technology and remote-control access. This enables users to constantly interact with their video surveillance, while simultaneously giving them autonomy to go about their day without having to constantly monitor a screen. Video surveillance has the opportunity to do more than just store videos and images of theft. When coupled with complementary systems, video surveillance can be a form of active security, and eliminate doubt at doorsteps across the globe.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Computer Networking, Surveillance, Monitoring, Networking, LVT, Liquid Video Technologies, Greenville South Carolina, Microsoft

Microsoft Releases July Security Updates

Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity.

The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including Internet Explorer, Edge, Office, Azure DevOps, Open Source Software, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Exchange Server.

Details of 6 security vulnerabilities, all rated important, were made public before a patch was released, none of which were found being exploited in the wild.

However, two new privilege escalation vulnerabilities, one affects all supported versions of the Windows operating system, and the other affects Windows 7 and Server 2008, have been reported as being actively exploited in the wild.

Both actively exploited vulnerabilities lead to elevation of privilege, one (CVE-2019-1132) of which resides in the Win32k component and could allow an attacker to run arbitrary code in kernel mode.

However, the other actively exploited vulnerability (CVE-2019-0880) resides in the way splwow64 (Thunking Spooler APIs) handles certain calls, allowing an attacker or a malicious program to elevate its privileges on an affected system from low-integrity to medium-integrity.

The publicly known flaws affect Docker runtime, SymCrypt Windows cryptographic library, Remote Desktop Services, Azure Automation, Microsoft SQL server, and Windows AppX Deployment Service (AppXSVC).

Microsoft also released updates to patch 14 critical vulnerabilities, and as expected, all of them lead to remote code execution attacks and affect Microsoft products ranging from Internet Explorer and Edge to Windows Server DHCP, Azure DevOps and Team Foundation Servers.

Some important-rated vulnerabilities also lead to remote code execution attacks, while others allow elevation of privilege, information disclosure, cross-site scripting (XSS), security feature bypass, spoofing, and denial of service attacks.

Users and system administrators are strongly advised to apply the latest Microsoft security patches as soon as possible to keep hackers and cyber criminals away from taking control of their Windows computer systems.

For installing the latest security updates, users can head on to Settings → Update & Security → Windows Update → Check for updates on their Windows computers or can install the updates manually.

For addressing problematic updates on Windows 10 devices, Microsoft also introduced a safety measure in March this year that automatically uninstalls buggy software updates installed on your system if your OS detects a startup failure.

Article Provided By: thehackernews

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

1 2 3 7