January 2022 Update: Vulnerability in Apache Log4j

RiskLarge and medium business entities  HighSmall business entities  HighHome users  HighIn review, a serious vulnerability in the Java logging package, Log4j (CVE-2021-44228) was disclosed, posing a severe risk to millions of consumer products to enterprise software and web applications. This vulnerability is being widely exploited by a growing set of attackers.When vulnerabilities are discovered and exploited, it risks a loss or breach of personal information, financial loss, and other irreversible harms. It is critical that companies and their vendors relying on Log4j act now, in order to reduce the likelihood of harm. To update your Log4j software package?to?the most current [...]

January 2022 Update: Vulnerability in Apache Log4j2022-01-24T03:25:22-07:00

Vulnerability in Apache Log4j: Executive Briefing

RiskLarge and medium business entities  HighSmall business entities  HighHome users  HighA vulnerability has been discovered in Apache Log4j, a very ubiquitous logging package for Java. Successful exploitation of this vulnerability could allow for arbitrary code execution within the context of the systems and services that use the Java logging library, including many services and applications written in Java. Depending on the privileges associated with these systems and services, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If these systems and services have been configured to have fewer user rights, [...]

Vulnerability in Apache Log4j: Executive Briefing2021-12-11T17:45:33-07:00

Seasick…on a computer?

The coronavirus pandemic forced people to dedicate much of their lives, including work, entertainment, and personal interactions, online. All this screen time has taken a toll, as more people of all ages are reporting symptoms of "cybersickness."Cybersickness is a form of motion sickness, characterized by nausea, disorientation, and oculomotor disturbances, according to a study by Kay Stanney and colleagues, published in 2020 in the International Journal of Human-Computer Interaction. Cybersickness was a phenomenon before the pandemic but was studied mostly in the context of virtual reality games.A 2021 article published on the subject by National Geographic explains how cybersickness is [...]

Seasick…on a computer?2021-12-06T10:46:15-07:00

Dodge the ever-looming gift card scams

"Any time someone asks you to solve a problem using gift cards, it’s a scam."The warning could not be blunter. Such is the advice given by consumer fraud experts as we stride through the holiday season — an especially popular time for scammers who love trapping people into buying gift cards as step one of their own nefarious schemes. And once they’ve wormed the PIN number on the back of those cards from their victims, as the Federal Trade Commission notes, "they can get quick cash while staying anonymous."How much cash?More than $429 million since 2018, according to the latest [...]

Dodge the ever-looming gift card scams2021-12-02T10:01:52-07:00

Shedding Light on Artificial Intelligence in the Architectural, Engineering and Construction (AEC) Industries

The information contained within this article serves to raise the awareness of possible benefits, implications, and impacts of using artificial intelligence solutions across the AEC industry; many ideas presented, though, do apply to a broader range of organizations.AI and machine learning are elements of business intelligence (BI) strategies and technologies, which are used by enterprises for data analysis and information extraction. Traditional challenges, functions, or actions that AI techniques can address include reasoning, knowledge representation, planning, learning, natural language processing (and understanding), perception, and the ability to move and manipulate objects.In each challenge area, AI technologies are proving to have [...]

Shedding Light on Artificial Intelligence in the Architectural, Engineering and Construction (AEC) Industries2021-11-15T09:52:15-07:00

Understanding the “D’s” in BIM

Building Information Modeling (BIM) enables process transformation across the design, construction, operation, and retirement of an infrastructure asset. The following seven D's, or dimensions, of BIM break down the importance of BIM, from maintaining accurate data to the advanced applications that rely upon it.1DDataAt its core, BIM is comprised of data—zeros and ones. If those data points are not reliable and up-to-date, trust erodes and the value of BIM diminishes. As data is generated and shared, it should be exchanged in machine-readable formats that align with established interoperability standards such as the International Organization for Standardization (ISO) and the National [...]

Understanding the “D’s” in BIM2021-10-07T15:11:16-06:00

Secure Boot: Executive Briefing

Secure Boot is a boot integrity feature that is part of the Unified Extensible Firmware Interface (UEFI) industry standard; most modern computer systems are delivered with a standard Secure Boot policy installed.UEFI is a replacement for the legacy Basic Input Output System (BIOS) boot mechanism. UEFI provides an environment common to different computing architectures and platforms. UEFI also provides more configuration options, improved performance, enhanced interfaces, security measures to fight persistent firmware threats, and support for a wider variety of devices and form factors.Cybercriminals target firmware to persist on an endpoint. Firmware is stored and executes from memory that is [...]

Secure Boot: Executive Briefing2021-10-07T10:41:14-06:00

Can I shred paper originals after they are scanned?

In short, yes.Records management laws and rules do allow for records to be kept electronically in addition to, or instead of, physical copies. However, bear in mind that once a record is digitized, it must be accessible and maintained for the full life-cycle of the record and minimum retention period, which can be forever in the case of permanent records.As a general rule of thumb, you should store the documents at least six months prior to shredding the paper copies. Further, make certain to complete a visual quality control check on all scanned documents to make sure that they are [...]

Can I shred paper originals after they are scanned?2021-09-29T16:59:13-06:00

Understanding the Security Impact of Juice Jacking

Executive BriefJuice jacking is a common term that refers to compromising your mobile device through public charging stations, like those found in airports, hotels and coffee shops. Hackers can install special USB devices that contain malware in public charging stations.How does it work?When a phone is plugged in to charge, a piece of malware is automatically downloaded and installed onto the phone. The malware then provides hackers the ability to access your mobile device remotely and capture your activities, including email, online company files, banking credentials and much more.Guarding Against Juice JackingThe following are recommended safeguards to protect you from [...]

Understanding the Security Impact of Juice Jacking2021-08-18T10:54:38-06:00
Go to Top