• CYBER SECURITY
    FOR THE 21ST CENTURY

    Many organizations have security policies, IDS or encryption’s in place. However, they are still being compromised and are not focused on the most effective practices. This is where Milli Micro Systems comes in. Rely on us to stop major breaches of security and even the most elementary of mistakes.

ABOUT MILLI MICRO SYSTEMS

OFFERING VITAL SECURITY
TRAINING FOR A
DANGEROUS WORLD

The Military uses independent training programs,
can you afford not to?

Our customers have included the US Army, US Navy,
US Air Force, National Guard, Department of Interior,
Department of Veterans Affairs, Metropilitan
Water District, County of Los Angeles, State of
California, Chicos FAS, and many more.

CYBER NEWS FEED
  • Insider threats force balance between security and access April 23,2015

    Insider threats force balance between security and access

    WASHINGTON -- There may be no single solution to the complex challenge of protecting against insider threats within the enterprise, but IT leaders can help their cause with prudent policies that put limits on who can access what kinds of data, and working to boost awareness of security issues...

  • R2Games compromised again, over one million accounts exposed April 25,2017

    R2Games compromised again, over one million accounts exposed

    Online gaming company Reality Squared Games (R2Games) has been compromised for the second time in two years, according to records obtained by the for-profit notification service LeakBase. The hacker who shared the data with LeakBase says the attack happened earlier this month.Headquartered in...

  • Customers roast Microsoft over security bulletins’ demise April 24,2017

    Customers roast Microsoft over security bulletins' demise

    When Microsoft asked customers last week for feedback on the portal that just replaced the decades-long practice of delivering detailed security bulletins, it got an earful from unhappy users."Hate hate hate the new security bulletin format. HATE," emphasized Janelle 322 in a support forum where...

  • A mystery user breached an email account on Clinton’s server September 6,2016

    A mystery user breached an email account on Clinton's server

    In 2013, an unknown user accessed an email account on Hillary Clinton’s private email server through Tor, the anonymous web surfing tool, according to new FBI documents. On Friday, the FBI provided details on the possible breach in newly released files about its investigation of Clinton’s...

  • Machine behaviors that threaten enterprise security January 26,2017

    Machine behaviors that threaten enterprise security

    Machine learning has moved enterprise security forward, allowing for visibility inside the network in order to better understand user behavior. However, malicious actors are using what is done with machine learning on the inside in order to attack the perimeter. Specifically, these types of...

  • Your secure developer workstation solution is here, finally! June 19,2017

    Your secure developer workstation solution is here, finally!

    For decades, one of the thorniest problems in computer security is how to better secure developer workstations while still giving them the elevated permissions and privileges--and freedom--they need to get their job done. All the proposed solutions missed the mark. Then, as a side-effect of...

  • Google researchers hack computers using DRAM electrical leaks March 12,2015

    Google researchers hack computers using DRAM electrical leaks

    Google researchers have written the first-ever attack code that takes advantage of electrical interference between densely packed memory cells, a unique style of attack that could require changes in chip design.The work builds on a paper published last year by Carnegie Mellon University and...

  • IDG Contributor Network: Social engineering scam doesn’t fool this writer February 18,2016

    IDG Contributor Network: Social engineering scam doesn't fool this writer

    (*Updated 2/19/16*)Last week I received what appeared to be a legitimate email from a woman at LinkedIn who was inviting me to join ProFinder, a pilot program for freelance writers.Here's the message I received: It looks authentic, but I've had a lot of conversations with security professionals,...

  • Snake cyberespionage malware is ready to bite Mac users May 5,2017

    Snake cyberespionage malware is ready to bite Mac users

    A sophisticated Russian cyberespionage group is readying attacks against Mac users and has recently ported its Windows backdoor program to macOS.The group, known in the security industry as Snake, Turla or Uroburos, has been active since at least 2007 and has been responsible for some of the...

  • BrandPost: Will Obama’s Cybersecurity Executive Order Make a Difference? March 23,2015

    BrandPost: Will Obama’s Cybersecurity Executive Order Make a Difference?

    Will Obama’s Cybersecurity Executive Order Make a Difference?We continue to live in a world that is exciting with new, easy-to-use technology that allows all of us to be more effective and efficient in our business and personal lives. Yet the ease of use of this technology also puts all of us...

  • BrandPost: Evolving Towards Intent-Based Security July 19,2017

    In this second installment, begun with ”The Evolution of the Firewall,” we will take a look at the direction security is headed. From its humble beginnings, the firewall has evolved through several stages of development. Its latest incarnation, built on the legacy of its first two...

  • War stories: the vulnerability scanning argument October 4,2016

    War stories: the vulnerability scanning argument

    Over the last couple of decades I have had all sort of different jobs. I have to count myself as rather fortunate for the experiences I have had along the way. They really went a long way to teach me some valuable lessons. Also, in some cases, they taught me how to hold my tongue.In one such job...

  • IDG Contributor Network: Promoting efficiencies through security metrics January 5,2017

    IDG Contributor Network: Promoting efficiencies through security metrics

    While the end of the year is a time to reflect on our past accomplishments and possible seconds at family gatherings, it also is a time when we prepare our strategic objectives for the upcoming year. For security objectives associated with PCI DSS requirements, we may overlook some key...

  • PC-nuking malware sneakily replaces popular free software on FossHub August 4,2016

    PC-nuking malware sneakily replaces popular free software on FossHub

    This isn't good. Two of the most popular programs on download site FossHub were recently replaced with malware that nuked the master boot records on any PC unlucky enough to install it.The free software site had to act quickly after hackers infiltrated it through compromised user accounts. While...

  • 44% off Logitech Bluetooth Multi-Device Keyboard – Deal Alert April 28,2017

    44% off Logitech Bluetooth Multi-Device Keyboard - Deal Alert

    Here's a Bluetooth keyboard for your computer that you can also use with your tablet and smartphone -- switch between all three effortlessly by just turning the dial. And unlike other Bluetooth keyboards, Logitech has integrated a cradle so your device stays propped up at just the right angle as...

  • IDG Contributor Network: A guide to business continuity planning in the face of natural disasters May 3,2017

    IDG Contributor Network: A guide to business continuity planning in the face of natural disasters

    Natural disasters often strike with little to no warning, but their operational and economic impact to organizations can be devastating. As scientists expect the future will likely include more cases of extreme weather, organizations should leverage the calm before the storm to ensure that...

  • Ransomware fighting coalition adds new members and decryption tools December 15,2016

    Ransomware fighting coalition adds new members and decryption tools

    The No More Ransom project, a coalition of law enforcement and security companies, has expanded with 30 new members and added 32 new decryption tools for various ransomware variants. The project, which consists of a website dedicated to fighting ransomware, was originally launched by...

  • 60% off ZeroLemon ToughJuice USB-C 30000mAh Macbook Compatible Power Bank – Deal Alert September 21,2016

    60% off ZeroLemon ToughJuice USB-C 30000mAh Macbook Compatible Power Bank - Deal Alert

    ZeroLemon describes their ToughJuice power bank as the world's toughest external battery pack, with 30000mAh capacity and a rugged anti-shock exterior. With enough juice to get you up and running again and again on a single charge, ToughJuice provides up to ten charges to a smartphone, two...

  • 38% off Miracle-Gro AeroGarden Harvest with Gourmet Herb Seed Pod Kit – Deal Alert December 18,2016

    38% off Miracle-Gro AeroGarden Harvest with Gourmet Herb Seed Pod Kit - Deal Alert

    AeroGardens are the world’s leading indoor gardening systems. You can grow up to 6 plants in this garden and they’ll love the 20 watts of high performance, energy efficient LED lighting. The LED lights are tuned to the specific spectrum that allows plants to maximize photosynthesis,...

  • IDG Contributor Network: The silver lining on the Equifax breach October 13,2017

    IDG Contributor Network: The silver lining on the Equifax breach

    By any measure, the recent Equifax data breach was and is a disaster: in exposing the personal information of 143 million American consumers, it could cause years of trouble for all involved. It also revealed all too clearly the tenuous protections provided for consumer data in the credit...

GET THE LATEST CYBER SECURITY NEWS & UPDATES
WHAT TO KNOW

IMPORTANCE

Why Is Cyber Security Important?
The increasing number and sophistication of cyber threats (targeting phishing scams, data theft, and other online vulnerabilities) require us to remain vigilant securing our systems and information.

The average computer does not have proper security controls in place. New attack methods are found every day. There were 183 million accounts compromised in Q3 of 2014 [1]. The number of phishing sites leaped by 10.7 percent over the fourth quarter of 2013[2]. These are just a few examples, and they highlight the importance of cyber security for protecting data and systems.

With BYOD becoming ubiquitous in the workplace, the “trend in cyber security is that IT leaders are losing control of their technology. It’s a trend that obliterates how security has traditionally worked and it can’t be stopped.”[3] Refusing to adapt is more expensive than investing in a new approach.

MMS has that new approach. We know Cyber Security should never be an afterthought, but instead integrated into every new project from the start. Our 5-step program is designed to deal with 95% of security problems right off the bat.

But wait, why aren’t all computer systems secure?
Partly due to hard technical problems, but also due to cost/benefits issues, Security costs and Security usually only pays off when there’s trouble. Typically, it’s the users’ perception that there is no real threat to themselves and they trust everyone, “Here is my password, I trust you’re not going to do anything bad, I don’t have any secrets.” and when that information gets out the user is now compromised. The user is not taking into account how their infected computer can hurt others.

This isn’t just an end user issue either, many key decision makers, as well as the employees in organizations, have this attitude. That is why we have added the 5th step to our program: Training. With the proper training stakeholders and employees can understand the importance of cyber security as a business process, not just something for the I.T. department. The I.T. department exists in an advisory and support capacity but cannot solve all problems by itself. It is in user’s and organization’s best interest to obtain the right knowledge to protect themselves from cyber threats. Our training in cyber security will ensure users will be aware of all important threats and how to be a smart user.

Cyber Security is an important Business issue, but like everything else unless you get buy-in across the board, Cyber Security policies and procedures will be ignored.

  1. http://www.safenet-inc.com/news/2014/q3-data-breaches-compromise-183-million-customer-accounts/
  2. http://docs.apwg.org/reports/apwg_trends_report_q1_2014.pdf
  3. John Pescatore, director of emerging security trends at the SANS Institute

LEADING THREATS

There are many threats, some more serious than others. Some examples of how your computer and systems could be affected by a cyber-security incident – whether because of improper cyber security controls, manmade or natural disasters, or malicious users wreaking havoc-include the following:

Interruption Threats:Denial-of-service refers to an attack that successfully prevents or impairs the authorized functionality of networks, systems or applications by exhausting resources. What impact could a denial-of-service have if it shut down a government agency’s website, thereby preventing citizens from accessing information or completing transactions? What financial impact might a denial-of-service have on a business? What would the impact be on critical services such as emergency medical systems, police communications or air traffic control? Can some of these be unavailable for a week, a day or even an hour?

Malicious Code Attacks:Malware, worms, and Trojan horses: These spread by email, instant messaging, malicious websites, and infected non-malicious websites. Some websites will automatically download the malware without the user’s knowledge or intervention. This is known as a “drive-by download.” Other methods will require the users to click on a link or button.

Botnets and zombies: A botnet, short for robot network, is an aggregation of compromised computers that are connected to a central “controller.” The compromised computers are often referred to as “bots” or “zombies”.These threats will continue to proliferate as the attack techniques evolve and become available to a broader audience, with less technical knowledge required to launch successful attacks. Botnets designed to steal data are improving their encryption capabilities and thus becoming more difficult to detect.

“Scareware” – fake security software warnings: This type of scam can be particularly profitable for cyber criminals, as many users believe the pop-up warnings telling them their system is infected and are lured into downloading and paying for the special software to “protect” their system.

Social Network Attacks: Social networks can be major sources of attacks because of the volume of users and the amount of personal information that is posted. Users’ inherent trust in their online friends is what makes these networks a prime target. For example, users may be prompted to follow a link on someone’s page, which could bring users to a malicious website.

Top 5 Social Networking Attacks

  1. Fake offering
    These offers invite users to use a free gift card or discount coupon; to receive these offers the user must share personal information with the scammer.
  2. Fake Plug-in Scams
    These trick the user into downloading a fake extension or web browser. The infected extension or browser will begin to steal password data and other sensitive information.
  3. Like-jacking
    The fake “Like” button on websites to get users to click on the button; once the user clicks on the “Like” button an installation begins with malware and other malicious code.
  4. Fake-Apps
    Typically, the app is legitimate, but it’s bundled with malware then released again by the attacked and once the user installs or uses the app the malware is released on their machine to wreak havoc.
  5. Manual Sharing
    User is sharing the infected offering that will intrigue other users without knowing what was shared was malicious.

For more information visit: http://msisac.cisecurity.org/

SECURITY VS SAFETY

Safety: Protection from negligence, accidental damage and hurt.

Security: Protection from malign intent.

The difference is People cause security events. This distinction is critical to understanding the role security must play in your organization. Security is therefore a “people problem.” Security programs are only effective when they control the people who have access to those assets.

There are many laws and regulations surrounding safety, but very little time and energy is based on security.

Security is often seen as a checkbox or a list of compliance requirement by an agency. It is often an afterthought and a poorly executed one at that. Frequently the focus is to just make it work and worry about security later. This is of course detrimental to the organization.

  1. http://www.rmasecurity.com/2014/07/the-difference-between-safety-and-security/


REQUEST MORE INFO.

Complete the request form below to learn more about Our Cyber Security Options.

captcha