• CYBER SECURITY
    FOR THE 21ST CENTURY

    Many organizations have security policies, IDS or encryption’s in place. However, they are still being compromised and are not focused on the most effective practices. This is where Milli Micro Systems comes in. Rely on us to stop major breaches of security and even the most elementary of mistakes.

ABOUT MILLI MICRO SYSTEMS

OFFERING VITAL SECURITY
TRAINING FOR A
DANGEROUS WORLD

The Military uses independent training programs,
can you afford not to?

Our customers have included the US Army, US Navy,
US Air Force, National Guard, Department of Interior,
Department of Veterans Affairs, Metropilitan
Water District, County of Los Angeles, State of
California, Chicos FAS, and many more.

CYBER NEWS FEED
  • 23% off iClever Backlight Bluetooth Folding Keyboard for Smartphone, PC, or Tablet – Deal Alert December 5,2016

    23% off iClever Backlight Bluetooth Folding Keyboard for Smartphone, PC, or Tablet - Deal Alert

    This lightweight and super portable keyboard from iClever features a compact design with full standard-size keys, but folds down into ⅓ of the size. This model has a convenient backlight feature with red, blue, or green selectable at two brightness levels, so you can type in every environment...

  • Hackers exploit Jenkins servers, make $3 million by mining Monero February 20,2018

    Hackers exploit Jenkins servers, make $3 million by mining Monero

    If you run a Jenkins server, you might want to make sure it is fully patched, since researchers found “one of the biggest malicious mining operations ever discovered.” The cyber crooks have already made more than $3 million by installing malware that mines for Monero on vulnerable Windows...

  • IDG Contributor Network: Data as a smart superstructure: a warning to the wise February 14,2018

    IDG Contributor Network: Data as a smart superstructure: a warning to the wise

    In “Identity and the smart city,” I wrote about how we need to build a smart identity for a smart city. The article, hopefully, pointed to building a perspective on what smart actually means.But, smart cities are built up from many smart pieces. These smart pieces are really just an...

  • Verizon’s risky business: Acquiring the world’s biggest hack February 24,2017

    Verizon's risky business: Acquiring the world's biggest hack

    The Verizon RISK Team - which publishes the popular Data Breach Investigations Report (DBIR) and performs cyber investigations for hundreds of commercial enterprises and government agencies across the globe - just released its 2017 Data Breach Digest. Yahoo suffered the biggest known hack of...

  • What is a virtual CISO? When and how to hire one March 9,2018

    Chief information security officers (CISOs) are highly sought after, to the point where good ones are expensive and hard to come by. So this is a challenge when more and more organizations, reeling in the wake of CISO-less breaches like Target and the UK’s TalkTalk, recognize the value in...

  • What is DevSecOps? Developing more secure applications January 9,2018

    What is DevSecOps? Developing more secure applications

    The simple premise of DevSecOps is that everyone in the software development life cycle is responsible for security, in essence bringing operations and development together with security functions. DevSecOps aims to embed security in every part of the development process. It is about trying to...

  • Qualcomm-powered Android devices plagued by four rooting flaws August 8,2016

    Qualcomm-powered Android devices plagued by four rooting flaws

    Hundreds of millions of Android devices based on Qualcomm chipsets are likely exposed to at least one of four critical vulnerabilities that allow non-privileged apps to take them over.The four flaws were presented by security researcher Adam Donenfeld from Check Point Software Technologies on...

  • IDG Contributor Network: Why staging a fake attack is only real thing to keep you secure December 21,2017

    IDG Contributor Network: Why staging a fake attack is only real thing to keep you secure

    Being a Northern Californian, you can imagine that the Napa County wildfires in October and November impacted me. Granted that, while I did not suffer the monetary or psychological loss those directly affected by this disaster endured, being just 50 miles of the southern tip of the wildfire for...

  • BrandPost: Container Sprawl: The Next Great Security Challenge September 20,2016

    Containers, the younger and smaller siblings of virtualization, are more active and growing faster than a litter of puppies. Recent stats for one vendor show containers now running on 10% of hosts, up from 2% 18 months ago. Adoption is skewed toward larger organizations running more than 100...

  • 75% off Phaiser BHS-730 Bluetooth Sweatproof Sport Earbuds, Magnetic – Deal Alert November 11,2016

    75% off Phaiser BHS-730 Bluetooth Sweatproof Sport Earbuds, Magnetic - Deal Alert

    Phaiser's BHS-730 Bluetooth Sport earbuds are both highly rated and dramatically discounted on Amazon. Averaging 4.5 out of 5 stars on Amazon from over 4,600 people (read reviews), the list price of $160 has been reduced a significant 75% to just $39.99.  The BHS-730 uses the highest quality...

  • BrandPost: Compliance in a World of Dissolving Network Boundaries January 24,2018

    BrandPost: Compliance in a World of Dissolving Network Boundaries

    Between high-visibility data breaches and new requirements such as the European Union’s General Data Protection Regulation (GDPR), compliance is more important than ever. But the dissolving network perimeter, with more users accessing more corporate systems from more devices, makes it much...

  • Dropbox patches Android SDK vulnerability March 11,2015

    Dropbox patches Android SDK vulnerability

    Dropbox has released an update to their Android Core and Sync/Datastore SDKs, after researchers at IBM discovered a vulnerability that would enable an attacker to connect applications to a Dropbox account under their control. Dropbox claims the vulnerability is minor, but that didn't stop them...

  • Worries and uncertainty cloud outlook for digital privacy under President Trump November 10,2016

    Worries and uncertainty cloud outlook for digital privacy under President Trump

    When President-elect Donald Trump officially takes office, he’ll inherit a powerful U.S. surveillance apparatus, including the National Security Agency, that’s already been accused of trampling over privacy rights. This has some legal experts worried, but like almost every other aspect of a...

  • New ‘Breaking Bad’ ransom Trojan is no laughing matter, says Symantec May 12,2015

    New 'Breaking Bad' ransom Trojan is no laughing matter, says Symantec

    Windows users across the English-speaking world have been warned to be on the lookout for a new Trojan campaign that borrows imagery from the TV show Breaking Bad as part of a not-so-amusing attempt to extort money from anyone infected by it.In truth if it weren't for the TV gimmick noticed by...

  • Hyatt resets Gold Passport passwords after security incident April 22,2015

    Hyatt resets Gold Passport passwords after security incident

    On Tuesday, Hyatt alerted some 200 customers that their Gold Passport account had been flagged for suspicious activity, while the other 18 million members have had their account passwords reset out of an abundance of caution. “As part of Hyatt Gold Passport’s routine monitoring of member...

  • These 10 people may be your greatest inside security risks March 22,2017

    These 10 people may be your greatest inside security risks

    Internal threatsImage by ThinkstockLast year was the worst on record for information security incidents, and the majority of those were due to inside sources, many studies agree. Prime suspects are employees and contractors with privileged user access, says Sam Elliott, director of security product...

  • Your secure developer workstation solution is here, finally! June 19,2017

    Your secure developer workstation solution is here, finally!

    For decades, one of the thorniest problems in computer security is how to better secure developer workstations while still giving them the elevated permissions and privileges--and freedom--they need to get their job done. All the proposed solutions missed the mark. Then, as a side-effect of...

  • Can a DDoS attack on Whitehouse.gov be a valid protest? January 18,2017

    Can a DDoS attack on Whitehouse.gov be a valid protest?

    When Donald Trump is inaugurated as the U.S. President on Friday, Juan Soberanis intends to protest the event -- digitally. His San Francisco-based protest platform is calling on Americans to oppose Trump’s presidency by visiting the Whitehouse.gov site and overloading it with too much...

  • IDG Contributor Network: CRASHOVERRIDE poised to affect Natural Gas? June 14,2017

    IDG Contributor Network: CRASHOVERRIDE poised to affect Natural Gas?

    The bad day is getting closer The latest threat on the energy horizon is the ELECTRUM group its CRASHOVERRIDE malware, as reported by Dragos, Inc. The combination of the apparent two-tiered development (malware coding and ICS/SCADA system experts) and modular functions makes this an attractive...

  • 3 areas in which CISOs are becoming more proactive March 13,2018

    3 areas in which CISOs are becoming more proactive

    I’ve spent a good amount of time speaking with CISOs over the past month and plan to write up a report about what I’m learning sometime after the RSA Security Conference.In the meantime, it’s become crystal clear to me that CISOs are becoming more and more proactive in their jobs in a few...

GET THE LATEST CYBER SECURITY NEWS & UPDATES
WHAT TO KNOW

IMPORTANCE

Why Is Cyber Security Important?
The increasing number and sophistication of cyber threats (targeting phishing scams, data theft, and other online vulnerabilities) require us to remain vigilant securing our systems and information.

The average computer does not have proper security controls in place. New attack methods are found every day. There were 183 million accounts compromised in Q3 of 2014 [1]. The number of phishing sites leaped by 10.7 percent over the fourth quarter of 2013[2]. These are just a few examples, and they highlight the importance of cyber security for protecting data and systems.

With BYOD becoming ubiquitous in the workplace, the “trend in cyber security is that IT leaders are losing control of their technology. It’s a trend that obliterates how security has traditionally worked and it can’t be stopped.”[3] Refusing to adapt is more expensive than investing in a new approach.

MMS has that new approach. We know Cyber Security should never be an afterthought, but instead integrated into every new project from the start. Our 5-step program is designed to deal with 95% of security problems right off the bat.

But wait, why aren’t all computer systems secure?
Partly due to hard technical problems, but also due to cost/benefits issues, Security costs and Security usually only pays off when there’s trouble. Typically, it’s the users’ perception that there is no real threat to themselves and they trust everyone, “Here is my password, I trust you’re not going to do anything bad, I don’t have any secrets.” and when that information gets out the user is now compromised. The user is not taking into account how their infected computer can hurt others.

This isn’t just an end user issue either, many key decision makers, as well as the employees in organizations, have this attitude. That is why we have added the 5th step to our program: Training. With the proper training stakeholders and employees can understand the importance of cyber security as a business process, not just something for the I.T. department. The I.T. department exists in an advisory and support capacity but cannot solve all problems by itself. It is in user’s and organization’s best interest to obtain the right knowledge to protect themselves from cyber threats. Our training in cyber security will ensure users will be aware of all important threats and how to be a smart user.

Cyber Security is an important Business issue, but like everything else unless you get buy-in across the board, Cyber Security policies and procedures will be ignored.

  1. http://www.safenet-inc.com/news/2014/q3-data-breaches-compromise-183-million-customer-accounts/
  2. http://docs.apwg.org/reports/apwg_trends_report_q1_2014.pdf
  3. John Pescatore, director of emerging security trends at the SANS Institute

LEADING THREATS

There are many threats, some more serious than others. Some examples of how your computer and systems could be affected by a cyber-security incident – whether because of improper cyber security controls, manmade or natural disasters, or malicious users wreaking havoc-include the following:

Interruption Threats:Denial-of-service refers to an attack that successfully prevents or impairs the authorized functionality of networks, systems or applications by exhausting resources. What impact could a denial-of-service have if it shut down a government agency’s website, thereby preventing citizens from accessing information or completing transactions? What financial impact might a denial-of-service have on a business? What would the impact be on critical services such as emergency medical systems, police communications or air traffic control? Can some of these be unavailable for a week, a day or even an hour?

Malicious Code Attacks:Malware, worms, and Trojan horses: These spread by email, instant messaging, malicious websites, and infected non-malicious websites. Some websites will automatically download the malware without the user’s knowledge or intervention. This is known as a “drive-by download.” Other methods will require the users to click on a link or button.

Botnets and zombies: A botnet, short for robot network, is an aggregation of compromised computers that are connected to a central “controller.” The compromised computers are often referred to as “bots” or “zombies”.These threats will continue to proliferate as the attack techniques evolve and become available to a broader audience, with less technical knowledge required to launch successful attacks. Botnets designed to steal data are improving their encryption capabilities and thus becoming more difficult to detect.

“Scareware” – fake security software warnings: This type of scam can be particularly profitable for cyber criminals, as many users believe the pop-up warnings telling them their system is infected and are lured into downloading and paying for the special software to “protect” their system.

Social Network Attacks: Social networks can be major sources of attacks because of the volume of users and the amount of personal information that is posted. Users’ inherent trust in their online friends is what makes these networks a prime target. For example, users may be prompted to follow a link on someone’s page, which could bring users to a malicious website.

Top 5 Social Networking Attacks

  1. Fake offering
    These offers invite users to use a free gift card or discount coupon; to receive these offers the user must share personal information with the scammer.
  2. Fake Plug-in Scams
    These trick the user into downloading a fake extension or web browser. The infected extension or browser will begin to steal password data and other sensitive information.
  3. Like-jacking
    The fake “Like” button on websites to get users to click on the button; once the user clicks on the “Like” button an installation begins with malware and other malicious code.
  4. Fake-Apps
    Typically, the app is legitimate, but it’s bundled with malware then released again by the attacked and once the user installs or uses the app the malware is released on their machine to wreak havoc.
  5. Manual Sharing
    User is sharing the infected offering that will intrigue other users without knowing what was shared was malicious.

For more information visit: http://msisac.cisecurity.org/

SECURITY VS SAFETY

Safety: Protection from negligence, accidental damage and hurt.

Security: Protection from malign intent.

The difference is People cause security events. This distinction is critical to understanding the role security must play in your organization. Security is therefore a “people problem.” Security programs are only effective when they control the people who have access to those assets.

There are many laws and regulations surrounding safety, but very little time and energy is based on security.

Security is often seen as a checkbox or a list of compliance requirement by an agency. It is often an afterthought and a poorly executed one at that. Frequently the focus is to just make it work and worry about security later. This is of course detrimental to the organization.

  1. http://www.rmasecurity.com/2014/07/the-difference-between-safety-and-security/


REQUEST MORE INFO.

Complete the request form below to learn more about Our Cyber Security Options.

captcha