Hacker Defense: How to Make Your Law Firm a Harder Target

PRESENTED BY

You’re supposed to be protecting your clients. But what if you’re the problem? It’s up to you to protect your client’s most sensitive information if you want to keep that client, and your reputation.

In security, you are only as strong as your weakest link. A recent FBI investigation has shown that a company’s weakest link might be its law firm. Every law firm keeps valuable and sensitive information on each of its clients—information that hackers would love to get access to. And that makes the firm an attractive target.

It is up to law firms to protect both themselves and their clients with security measures that keep up with increasing risk. The firm can’t risk losing the trust of its clients. Here are some important ways that individual lawyers, and their firms, can improve the security of the information entrusted to them.

http://www.law.com/native-ad?mvi=dac8cfca9d5d4ae089e2b51b8f16f2b2#!/

Google Announces More Secure Gmail

Mar 20th, 2014 by Lucie Olejnikova

In a recent Google Official Blog post, Staying at the Forefront of Email Security and Reliability: HTTPS-only and 99.978 Percent Availability, Google announces that

Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email. Gmail has supported HTTPS since the day it launched, and in 2010 we made HTTPS the default. Today’s change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers—no matter if you’re using public WiFi or logging in from your computer, phone or tablet.

Additionally, all emails sent or received are encrypted internally ensuring that messages are safe even when moving between Google’s data centers. Google further announces that these security enhancements do not affect the availability of the services since in 2013 Gmail was available 99.978 percent of the time.

http://library.blogs.law.pace.edu/2014/03/20/google-announces-more-secure-gmail/?utm_source=twitterfeed&utm_medium=twitter

Was Your Twitter Password Just Reset? Don’t Panic — Twitter Screwed Up

Posted 12 hours ago by Greg Kumparak (@grg)

• 1
• inShare33
• More

Next Story

Over the last hour or so, there’s been a big spike in the number of folks reporting that Twitter had sent them an email asking them to change their password for security reasons.

What was going on? Had Twitter been hacked? Were these emails real? Was this some mega phishing attempt?

Yes, the emails were real — but no, you weren’t being hacked. Someone at Twitter just hit the wrong button somewhere, triggering an onslaught of password reset emails to go out to people who didn’t actually need them. Your account likely wasn’t ever in any danger (unless, of course, you actually were being hacked and the timing was an unfortunate coincidence.)

http://techcrunch.com/2014/03/03/twitter-password-reset-hacked/?utm_campaign=sfgplus&%3Fncid=sfgplus

You locked the front door, but did you neglect the back?

You can't be too safe in todays distributed environment.  The following details how:
----------------------------------------------------------------------------------------------------------

Locking the backdoor: Reducing the risk of unauthorized system access

There are multiple kinds of "backdoors" that can be used to compromise the security and privacy of a system. While many of these secret access methods are put in place by vendors and service providers, some backdoors create a remotely exploitable vulnerability that gives an attacker root system access. These backdoors -- which have existed for most of the modern computing era -- have become a hot security topic in the wake of an NSA scandal.

A backdoor is a secret way into a network, application or system that nobody else knows about -- at least, in theory.

In this tip, we'll look at the history of IT backdoors, the threats they pose to enterprises and what can be done to mitigate he risks.

http://searchsecurity.techtarget.com/tip/Locking-the-backdoor-Reducing-the-risk-of-unauthorized-system-access?asrc=EM_ERU_26748155&utm_medium=EM&utm_source=ERU&utm_campaign=20140224_ERU%20Transmission%20for%2002/24/2014%20(UserUniverse:%20681996)_myka-reports@techtarget.com&src=5215000

Google And VMware Make Accessing Windows Apps, Desktops From ChromeOS Easier

 Frederic Lardinois (@fredericl

Google and VMware today announced that they are working together to make it easier for Chromebook users in the enterprise to access Windows apps and the Windows desktop on their machines. Using VMware’s Horizon desktop as a service (DaaS), which uses VMware‘s HTML5 Blast protocol, it will now be easier for Chromebook users to connect to a traditional Windows experience.

Remote access to a Windows machine on Chrome OS is nothing new. Google offers its own Remote Desktop app for this, and there are a number of third-party options that offer the same kind of service. For the most part, though, these solutions don’t offer the kind of security features that enterprises look for in a remote access tool. According to the companies, today’s launch will bring an enterprise-ready solution to the growing number of businesses that have deployed Chrome OS devices.

http://techcrunch.com/2014/02/12/google-and-vmware-make-accessing-windows-apps-desktops-from-chromeos-easier/
=====================================================================
Chrome is definitely making inroads into what was a Windows only kingdom just a short time ago.  That is good for everyone - more industry competition means greater development, which in benefits us all.

Nude Bodies, Free Booze, Endless Radiation: An Ex-TSA Agent Tells All

ADAM CLARK ESTES on GIZMODO

SEXPAND

Nobody likes the TSA. They slow you down at the airport. They pat you down. They take away your Christmas presents. Their tactics are questionably effective at making everyone resent them. It's easy to forget that the TSA is made up of real human beings like you and me being told what to do in the name of national security.

Your Worst Flying Fears Are True: TSA AgentsAre Making Fun of Your Naked Body

Well, maybe it's not your worst flying fear — that probably involves a plane full of babies and fire balls — but it's pretty damn awful.… Read…

It's rare that we actually get to hear from one. But Jason Edward Harrington, a five-year TSA veteran, has changed all that, afterlaunching an anonymous blog that offered a behind-the-scenes look at the airport security process and the sometimes twisted logic that dictated it. Long story short: the last line of defense we have to prevent another 9/11 is a total shitshow. And, yes, the TSA officers were laughing their asses off at those revealing body scans.

http://gizmodo.com/nude-bodies-free-booze-endless-radiation-an-ex-tsa-a-1513342093?utm_source=gplus&utm_medium=gplus&utm_campaign=gplus

Privacy and Information Security Alert

The Democrats have created a total police state

Welcome to The Michael Savage Newsletter, your daily insider report on all things "Savage."

In today's issue: Dr. Savage was unimpressed by President Obama's assurances that the men and women employed at the National Security Agency are as concerned about online security and privacy as the rest of us.

Savage says that at this juncture, the Democratic Party can no longer present itself as a champion of civil liberties, at least not with a straight face.

---

"Obama tries to reassure us by saying that the people who work at the NSA are our 'friends and neighbors,' who care about our privacy and security," said Savage, who added sarcastically:

Aren’t you glad to hear that the people spying on us are our "friends and neighbors"?

In East Germany, the Stasi were the friends and neighbors of everyone they spied on and threw into prison camps.

In the former Soviet Union, it was the same.

I guess we're supposed to believe that we Americans are better than the Russians and East Germans. We would never dare violate each other's rights.

Obama seems to be saying, "If we like our spy, we can keep our spy."

I feel much better now.

The Democrats are now finished as champions of civil liberties.

They are liars who have created a total police state.

Whatever domestic monitoring may have begun under Bush has increased by an order of several magnitudes.

Obama has lied on this and every other issue.

Visit the Michael Savage website here. 

This FBI agent had a boneheaded plan to copyright a secret interrogation manual

Rodney N. Warner

• Intellectual Property Law  -  Dec 23, 2013

 #Copyright

Some things can't be copyrighted.  That doesn't stop people who should know better from trying.

http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/

Predictions: Anticipated Outcomes of a Data Breach Perfect Storm /lawtechnologynews/

The number of data breaches experienced and reported are expected to continue to rise in 2014, with healthcare, energy, financial services, retail and telecom industries top targets.

By Judy Selby Contact All Articles 

Law Technology News

December 20, 2013

Over several years, thanks in part to a steady stream of headline-grabbing incidents and lawsuits, the term "data breach" has gone from relative obscurity to part of the average person's vernacular. The number of breaches, whether caused by a negligent or disgruntled employee or an international hacker, has climbed over the years, as has the interest of regulators and class action lawyers. Most states and more and more countries have enacted laws to protect private information and to regulate an affected entity's response to a breach. The last few years also have seen entities creating and storing data at a record pace and becoming more reliant on third party vendors and cloud providers to help manage and secure their data. All these factors have led to a frightening data breach perfect storm.

Read more: http://www.law.com/jsp/lawtechnologynews/PubArticleLTN.jsp?id=1202634116324&Predictions_Anticipated_Outcomes_of_a_Data_Breach_Perfect_Storm#ixzz2o31yNYLY

Target Security Breach

TARGET SECURITY BREACH: Cyber criminals have reportedly stolen millions of Target customers' credit and debit card information.

The breach apparently started on Black Friday at Target stores across the country, and it may still be going on.

Target has not commented on the report.

MORE: http://bit.ly/1kjP9Lr

Like ·  · Share · 3941391,088 · 18 hours ago · 

Creating and Enforcing Email Security Policies

Email security policies are critical to keeping sensitive enterprise data safe. However, there are many different thoughts on the proper way to create and enforce them.

This expert guide examines effective methods of instituting and enforcing email security policies, such as putting the rules in writing and creating penalties for policy violation. Read on to find out which approach is best for your organization.

http://searchcontentmanagement.bitpipe.com/detail/RES/1385049218_764.html

Obama to Keep Security Agency and Cyberwarfare Under a Single Commander

By DAVID E. SANGER and THOM SHANKER

WASHINGTON — President Obama has decided to keep the National Security Agency and the Pentagon’s cyberwarfare branch under the same command despite concerns that it concentrates too much power in the hands of a single military official responsible for both surveillance and directing a growing arsenal of cyberweapons.

http://www.nytimes.com/2013/12/14/us/politics/obama-to-keep-security-agency-and-cyberwarfare-under-a-single-commander.html?_r=0

Creating and Enforcing Email Security Policies

http://searchsecurity.bitpipe.com/fulfillment/1385049218_764?uid=16500211&li=813429&utm_medium=EM&asrc=EM_DWP_25548936&utm_campaign=20131213_Expert+guide+to+email+security+policies_&utm_source=DWP&res_id=1385049218_764

Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet

Hijacked traffic went all the way to Iceland, where it may have been copied before being released to its intended destination. The green arrows show the path the traffic should have traveled; the red arrows show the path it took.Map courtesy of Renesys

In 2008, two security researchers at the DefCon hacker conference demonstrated a massive security vulnerability in the worldwide internet traffic-routing system — a vulnerability so severe that it could allow intelligence agencies, corporate spies or criminals to intercept massive amounts of data, or even tamper with it on the fly.

http://www.wired.com/threatlevel/2013/12/bgp-hijacking-belarus-iceland/

Homeland Security must disclose cell network 'kill switch' protocols, court says

Summary: The U.S. government's rules governing its ability to shut down cellular and wireless networks to prevent remote bomb detonation must be disclosed, a court has ruled.

By Zack Whittaker for Zero Day | November 14, 2013 -- 17:52 GMT (09:52 PST)

DHS' Transportation Security Operations Center (Image: Homeland Security

http://www.zdnet.com/homeland-security-must-disclose-cell-network-kill-switch-protocols-court-says-7000023217/