As a precautionary measure, Twitter sent password reset emails to all users listed in the five-page online dump.

The source behind this breach is unknown, although some security experts allege that the attack was conducted to alarm Twitter’s 140 million users that their accounts could be readily exposed.

So what’s the lesson learnt?

Ensure that you regularly change your passwords and use caution and common sense while navigating through the cyber highway.

However, a recent survey according to SSL Pulse, reported that 90% of the Internet’s top 200,000 HTTPS-enabled websites are vulnerable to known types of SSL (Secure Sockets Layer) attacks.  The SSL Pulse consisting of experts from Google, Twitter, PayPal, Qualys and other firms, conducts scans of the top-ranked sites as measured by Alexa for pages that use the SSL protocol to prevent man-in-the-middle eavesdropping.

The vulnerability resides in the SSL protocol itself and can be exploited by renegotiating the protected session, something that often happens to generate a new cryptographic key.

This survey only validates the inherent vulnerability of the Internet security.  It falls on organizations to consistently evaluate their network’s security for any risks. Keeping up with security advances is a given but staying abreast of loopholes that introduce risks to your systems is equally indispensible.

Research conducted by Harris Interactive Poll reported that more than 80% of employees use some kind of personal portable devices for work related functions.  These devices include not only smartphones and tablets, but also laptops and flash drives.

The research’s reported a number of “unsafe computing” practices.  The key findings included:

• More than 30 percent of employees using their own devices for work have connected to the company via a ‘free’ or public network.
• Employees often allow family or friends, access to their devices.  Thus giving these individuals access to the company network and proprietary data.
• 37 percent of those surveyed do not use basic security features on their devices, such as auto-lock mechanisms.  This gives easy access to strangers, should the device be stolen or forgotten in public areas.

The study further highlighted that two thirds of these organizations who permit the use of these personal devices, have not even implemented any BYOD security policies.

Businesses rapidly need to enforce effective BYOD polices to avoid compromising company networks and confidential data.  Some suggestions include:

• Train employees on good security practices
• Enforce password protected auto-locking on personal devices used for work
• Implement clear, written policies on data access and enforce security measures on personal devices used for work.

The below infographic highlights some of the key findings of the study, ‘BYOD security is no LOL matter‘ http://www.zdnet.com/blog/igeneration/byod-are-businesses-prepared/15936?tag=content;feature-roto

BrowseControl can now fully control the HTTPS traffic on Internet Explorer, Mozilla Firefox, Google Chrome, Safari and other popular Internet browsers. This will stop employees from browsing websites through the HTTPS protocol.

With the new HTTPS Filtering feature we have fully addressed the issue of students browsing proxy websites. The new HTTPS Filtering method will block students from accessing websites through proxies available on the Internet.

Employees will also be blocked from Facebook and other social media networking websites completely since they will no longer be able to access those websites using a different browser through the HTTPS protocol.

You can fill out the download form and download BrowseControl version 4.2.0.2 on your computers:
http://www.currentware.com/browsecontrol/download-form/

If you are already running version 4.2, you will not need a new license key. If you are running version 4.1 and below, please contact us at info@currentware.com for your new license key (a valid support and maintenance plan is required).

Feel free to contact info@currentware.com for more details.

Global Payments claims that while card numbers may have been downloaded from its systems, no other personal data — such as names, addresses, or Social Security numbers — were accessed.

This latest security breach of credit card data sends an important reminder for cardholders to practice precaution when dealing with sensitive data online:

1. Update your Internet browser with the latest version to ensure that any security loop holes have been addressed.
2. Implement Internet restriction software to block access to compromised sites
3. Install an anti-virus with auto update enabled, to guarantee the latest updates.
4. Employ strong passwords that are not vulnerable to cracking.

The CurrentWare Suite delivers an enterprise level security solution, encompassing, Internet filtering, web monitoring, endpoint security and power management functions.

While the Internet has become an indispensable business tool, its abuse in the workplace can be damaging.  CurrentWare offers Internet restriction and filtering, to block users from unauthorized sites.  Administrators can employ the White (Allowed) and Black (Blocked) lists, application blocker, along with the port and file download restrictions to limit the abuse of Internet usage.

The Internet monitoring tool gives managers an additional means of detecting individuals that are misusing company Internet polices.  Drill down reports and charts can serve to isolate users of excessive Internet and bandwidth consumption. The reports can be scheduled to be generated automatically and emailed to management.

Complementing the Internet security components, CurrentWare includes an integrated endpoint security module for reducing the risk of data loss and malware infection.  The software will establish comprehensive control over employee access of mobile storage devices, reducing the risk of confidential data loss and network infection from personal removable devices.

Committed to the cause of energy conservation, CurrentWare includes a Power Management utility for managing the energy consumption of workstations and laptops.  Administrators can power down PCs that are not in use. For off hour maintenance, the machines can be powered up to deploy patches, upgrades and new software, scheduling them back to shutdown or sleep mode and booting them up in the morning just before the employees arrive.

By leveraging an efficient blend of Internet filtering, web monitoring, endpoint device restriction and power management, the CurrentWare Suite delivers a comprehensive enterprise security solution http://www.currentware.com/

The disparity in the numbers between hacktivists and criminal groups may be explained by the kinds of organizations each group has targeted.  Cybercriminals tend to target small and medium size business whose networks can easily be compromised. While hacktivists primarily focused on large organizations, attacking these institutions through social engineering and phishing attacks. Employees of these high profile enterprises would be tricked into clicking on malicious email attachments or links that would install malware to steal employee credentials.

Below are some recommendations according to Verizon to prevent data breaches:

Recommendations for Enterprises

• Eliminate unnecessary data. Unless there is a compelling reason to store or transmit data, destroy it.  Monitor all important data that must be kept.

• Establish essential security controls. To effectively defend against a majority of data breaches, organizations must ensure fundamental and common sense security countermeasures are in place and that they are functioning correctly. Monitor security controls regularly.
• Place importance on event logs. Monitor and mine event logs for suspicious activity – breaches are usually identified by analyzing event logs.
• Prioritize security strategy. Enterprises should evaluate their threat landscape and use the findings to create a unique, prioritized security strategy.

Recommendations for Small Organizations

• Use a firewall. Install and maintain a firewall on Internet-facing services to protect data. Hackers cannot steal what they cannot reach.
• Change default credentials. Point-of-sale (POS) and other systems come with pre-set credentials. Change the credentials to prevent unauthorized access.
• Monitor third parties. Third parties often manage firewalls and POS systems.  Organizations should monitor these vendors to ensure they have implemented the above security recommendations, where applicable.

However, the tournament has the potential of significantly reducing productivity at work as employees busy themselves streaming videos, checking games scores and filling out brackets. Streaming basketball games will result in extensive bandwidth hogging, slowing down the Internet speed and ultimately impacting the productivity of the rest of the employees.

According to a survey just released by MSN, 86% of respondents plan to devote some time during their work day to follow games, scores and updates, this being a 5% increase from last year (81%).

What can you do?

1. Block sites that will stream the games, using Internet blocking and filtering software
2. Allow employees access to the Internet, but closely monitor their browsing activity with Internet monitoring and tracking solutions
3. Alternatively, you can take advantage of March Madness, to build team spirit, allowing employees limited access to the relevant sites at specific times of the day. Implement an Internet Quota Limit, allowing users an assigned time of Internet usage for the day.

1. Phrase searchTo search for exact words, add double quotes around a set of words. For example “freedom of speech”, will only display pages with the exact term “freedom of speech”.
2. Wildcards (*)The wildcard symbol * can be used as a placeholder for unknown terms in a search. For example, use wildcards to help complete a phrase when you are unsure of some of the words in a penny * is a penny earned.
3. AND, OR operatorsOR Operator: The OR operator will search for either one of several words. For example the search term cake recipe carrot OR chocolate, will yield search results with recipes for a carrot cake or a chocolate cake

   AND Operator: The search term cake recipe carrot AND chocolate, will display cake recipes that include both carrot and chocolate as the ingredients.

   Note, that these operators have to be specified in uppercase.

4. Exclude keywords To exclude pages that contain a specific word, add a hyphen immediately before the word in your search term. For example, chocolate recipe –cake, will display recipes with chocolate, but chocolate cake recipes will be excluded.
5. Search for a rangeTo search for a range between two numbers, add two periods between the numbers. For example, best books 2010..2012 will return a list of best books from 2010 to 2012.
6. Site Specific searchesYou can limit your search to a specific web site only. The following search term will limit the search for best books in the New York Times site only
   best books nytimes.comThe search term best books 2000..2010 nytimes.com, will restrict the search to best books between 2000 and 2010 in the New York Times site.

Happy Googling!

The new feature is called Internet Quota Limit and it allows the administrator to assign a designated amount of time that employees can have access to the Internet on a daily basis.

The Internet Quota feature provides employees access to the Internet for a specified amount of time each day. Users will have full access to the Internet during the allocated Quota time, except for those URLs listed in the Blocked list. Once the assigned Quota is used up, Internet access will be restricted to those sites in the Allowed List. The Internet Quota will not be available until the next day. The Quota time is assigned on a per computer or per user basis.

Download the latest version of BrowseControl from:
http://www.currentware.com/browsecontrol/download-form/

Upgrade instructions can be found on this page:
http://www.currentware.com/browsecontrol/upgrade/

A screenshot of the Internet Quota Limit in BrowseControl: