Day: July 13, 2016

Information Security, IT & TECHNOLOGY

COBIT 5, Creating an Audit Program and Enabling Compliance

by @PhilipHungCaoLeave a Comment on COBIT 5, Creating an Audit Program and Enabling Compliance
COBIT 5, Creating an Audit Program and Enabling Compliance

Last year I wrote an article that discussed using COBIT 5 to audit cyber controls, in this instance the Australian Signals Directorate (ASD) Top 4. At the time of writing this article I had the privilege of being an expert reviewer on a draft ISACA white paper on creating an audit program. This white paper [...]

Information Security, IT & TECHNOLOGY

What You Need to Know: Navigating EU Data Protection Changes – EU-US Privacy Shield and EU General Data Protection Regulation

by @PhilipHungCaoLeave a Comment on What You Need to Know: Navigating EU Data Protection Changes – EU-US Privacy Shield and EU General Data Protection Regulation
What You Need to Know: Navigating EU Data Protection Changes – EU-US Privacy Shield and EU General Data Protection Regulation

If you’re an organization with trans-Atlantic presence that transmits and stores European citizen data (e.g. employee payroll & HR data, client & prospect data) in the U.S. you will want to pay attention. What we will discuss was administered under the European Union’s Data Protection Directive and a previous EU-U.S. agreement called Safe Harbor.  We [...]

IT & TECHNOLOGY, Palo Alto Networks

How to Track Actors Behind Keyloggers Using Embedded Credentials

by @PhilipHungCaoLeave a Comment on How to Track Actors Behind Keyloggers Using Embedded Credentials
How to Track Actors Behind Keyloggers Using Embedded Credentials

Mo’ key loggers, mo’ problems This past year Unit 42 has seen a resurgence of keylogger activity and it seems like every week a new research blog comes out talking about one of four popular families: KeyBase, iSpy,HawkEye, or PredatorPain. These blogs usually delve into the technical workings of the threats, discuss their relationship to each other, [...]