Questions? Contact Us

 

What is gained from Cybersecurity and Physical Security Convergence?

It amazes me that I still sometimes hear people talking about cybersecurity (logical security) and physical security as if they're separate issues to address and manage. Today, in our connected world, that's not the case at all. Our digital world has produced a convergence of physical and logical security that brings value to how you protect your m...
Continue reading
2336 Hits
0 Comments

Two-Factor vs. Multi-Factor Authentication: Which One is Right for You?

By now, most organizations serious about security have implemented some form of two-factor or multi-factor authentication. While both have been around for a long time and widely discussed and debated in security circles, they garnered the spotlight in mainstream media several years ago when Hollywood actresses had their iCloud accounts hacked and t...
Continue reading
988 Hits
0 Comments

Cybersecurity Awareness Event to Offer Practical Tips on Identity Theft Protection for Individuals and Small Businesses

Local business owners and the general public are invited to a free Cybersecurity Awareness Event on August 17 at 6:30 PM in the Pembroke Office Park Building in Virginia Beach.Industry experts will explain – in layman's terms – why cybersecurity is more important than ever and what practical steps individuals can take to protect themselves from onl...
Continue reading
1217 Hits
0 Comments

The importance of physical security in protecting your cyber investments

​Data breaches have made plenty of headlines the past few years and it's widely known that companies such as Target and Home Depot and government organizations such as the Office of Personnel Management have been hacked.With these high-profile hacks of prominent companies and organizations comes plenty of information about cybersecurity. But what a...
Continue reading
3874 Hits
0 Comments

The importance of vulnerability scanning

In a world where the threat of a data breach is ever evolving, securing complicated IT networks is critical to a business' ability to meet industry data security requirements. Even if your company has tested your IT system's security defenses in the past, maintaining this security is a continuous process. Each time your system is updated and upgrad...
Continue reading
1894 Hits
0 Comments

Disabling of SSLv3 and TLS on ZZ Servers Services January 8, 2016

Disabling of SSLv3 and TLS on ZZ Servers Services January 8, 2016
​With widespread and disastrous SSL/TLS vulnerabilities taking place such as POODLE and FREAK, SSL and early TLS versions are no longer considered strong cryptography and any web site that still uses them is insecure.For PCI Clients:According to the new rules in PCI DSS v3.1, companies have until June 30, 2016 to update to a more recent version of ...
Tags:
Continue reading
1250 Hits
0 Comments

EMV Rollout’s Impact To Online Retailers

EMV Rollout’s Impact To Online Retailers
Online retailers breathed a sigh of relief last month when they didn't have to muddle through the EMV migration alongside traditional retailers.EMV, which stands for Europay, MasterCard, and Visa, is a new global standard for credit cards equipped with computer chips and security technology to authenticate transactions. In the wake of several large...
Continue reading
1904 Hits
0 Comments

Bash Security Vulnerability Patch Instructions

A new major security vulnerability impacting Linux customers who leverage Bash as their shell was announced in Sepetember. ZZ Servers strongly recommends customers exposed to this vulnerability apply the appropriate security patch as soon as possible. Below are instructions for patching your systems: For Debian or Ubuntu, run the following comman...
Continue reading
1552 Hits
0 Comments

ZZ Servers Managing Partner to speak at #Shmoocon #Firetalks

ZZ Servers Managing Partner, David M. Zendzian (@dmz006) will be presenting How Do You Know Your Colo Isn’t “Inside” Your Cabinet, A Simple Alarm Using Teensy” which is based on a prior blog post. Shmoocon Firetalks are hosted by the NOVAHackers Who: ShmooCon/NovaInfosecPortal.com What: ShmooCon 2012 FireTalks When: 1/27 to 1/28/2011 Where: Wash...
Continue reading
1566 Hits
0 Comments

OSSEC Daily Reports

As with any user of OSSEC, analyzing and working with the data is the key to successfully managing your environment.  From a prior post you can see we are monitoring events as they occur which is good for catching serious issues as they occur; however, it is not usually the best way to document what was identified and track what is being done to co...
Continue reading
1749 Hits
0 Comments

ZZ Servers Expands to Equinix Ashburn

ZZ Servers a premier compliance based hosting provider has completed the migration of their old datacenter facility in Beltsville Maryland to Equinix Ashburn, a world class facility in Ashburn Virginia. This migration brings substantial upgrades to existing infrastructure with fully redundant n+1 UPS, generator and air conditioning. Additionally, n...
Continue reading
1400 Hits
0 Comments

Kerio Connect Protects Your Privacy with "Remote Wipe"

Smart phones have become an essential part of our lives, and we store everything on them, from our emails, facebook, text messages, events, tasks and contacts. Losing such a device is therefore a real nightmare, as you will not only lose access to all of this information, but if your device falls into the wrong hands, this person will know everythi...
Continue reading
1671 Hits
0 Comments

Anti Virus and PCI Compliance

Last year PCI DSS 1.2 was released changing the intent of the controls required for anti-virus software. In version 1.1 anti-virus software was only required for systems commonly affected by viruses and excluded UNIX based operating systems and mainframes. Version 1.2 now requires all operating system types commonly affected by malicious software b...
Continue reading
1503 Hits
0 Comments

PCI Compliant Hosting - Are you sure your host knows what PCI is and what they are selling?

I recently had a discussion with a potential customer on why they should work with ZZ Servers instead of one of the now hundreds of other hosting providers offering PCI "compliant" hosting services. After spending the last 5 years doing PCI Level 1 validations I have run into many areas that hosting providers just do not get PCI and what hosting pr...
Continue reading
1474 Hits
0 Comments

Understanding PCI Levels and Types

Any merchant who accepts credit cards and has a merchant account must validate compliance. It does not matter if you use a 3rd party processor or if you outsource all of your credit card processing. It's the ownership of the merchant account that defines if you must validate compliance. The only to avoid PCI compliance is by not having a merchant a...
Continue reading
1429 Hits
0 Comments

Credit Card Data Stolen and Distributed in a Dilebarate Attack

In an ongoing saga, one of the most popular web hosting message boards www.webhostingtalk.com has been dealt another serious blow to it's security.  Late last month, Webhostingtalk was hacked in a deliberate, sophisticated and calculated manner. The attacker was able to circumvent their security measures and access via a backdoor protected by a fir...
Continue reading
1546 Hits
0 Comments

PCI Data Security Standard version 1.2 now active.

As of October 1, 2008 the PCI Data Security Standard version 1.2 became active. There are a number of changes to PCI DSS since version 1.1. Version 1.2 removes much of the ambiguity from earlier versions and provides additional details on items such as the use wireless devices. One of the largest and possibly most hard hitting change is how the t...
Continue reading
1329 Hits
0 Comments

What Are The Benefits Of PCI Compliance?

One of the most valuable commodities in this day and age is your own personal information. The more we make purchases over the Internet or over the phone, in other words: not in person, the more important that information becomes. However, as security breaches receive more coverage and are more well known to the public, trust in the current securi...
Tags:
Continue reading
1785 Hits
0 Comments

OpenSSL Vulnerability

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of...
Continue reading
1600 Hits
0 Comments

Securing Xen in a Distributed Environment

Xen is one of the newest virtualization platforms available that can securely run multiple virtual guest servers, each running its own operating system, on a single physical system with close to native performance.  It is available on many Linux platforms as an open source application and directly from XenSource Inc.  With the advent...
Tags:
Continue reading
1570 Hits
0 Comments