Blog

Herjavec Group & Sumo Logic Compliance and Cloud Management Event

Join Herjavec Group and Sumo Logic for an evening focused on Continuous Compliance and Management in the Cloud. For many businesses, compliance, management and data protection in the cloud have been a major challenge due to the shared responsibility model and automation of public cloud infrastructure. Ensuring consistent security controls across hybrid environments requires new methodologies for security and auditing... Read More
July 28, 2015

Threat Advisory | Microsoft Font Driver Vulnerability

Microsoft Windows has reported a critical vulnerability that could allow remote execution if a user opens documents or visits untrusted webpages that contain embedded OpenType fonts. A security update has been made available and will correct how the Windows Adobe Type Manager Library handles OpenType fonts. For more information about this update, see Microsoft Knowledge Base Article 3079904. Most clients... Read More
July 21, 2015

Threat Advisory | Critical OpenSSL Patch Coming Today

Herjavec Group is currently monitoring the developments around an expected high severity vulnerability. It is believed the Open SSL project team will release a critical patch that could require a lengthy upgrade process. We are in the process of patching all managed client devices as updates are released by impacted vendors. This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and... Read More
July 9, 2015

Threat Advisory | Palo Alto Networks Emergency Path Update

Palo Alto Networks has released an emergency content update to add additional coverage for a recent 0-day vulnerability impacting Adobe Flash (CVE-2015-5119). This exploit can lead to arbitrary remote code execution by the attacker upon successful delivery and exploitation via a specially crafted Adobe Flash swf file, typically via a malicious website. Please review the note below and ensure the... Read More

Protecting the Endpoint

As security leaders we recognize that endpoint protection is critical. Over 70% of attacks occur on the endpoint and we recognize that human error still accounts for the majority of desktop breaches. The cybersecurity industry has experienced a surge in the number of endpoint protection offerings available. Offerings exist for on prem or remote endpoint protection in terms of prevention,... Read More
July 6, 2015

Herjavec Group #23 on the Cybersecurity 500 List

Herjavec Group is thrilled to announce that we have been ranked #23 on the Cybersecurity 500 list. This ranking profiles cybersecurity firms globally, creating awareness and recognition for the most innovative cybersecurity companies.  Selection criteria is based on a number of criteria including sector, problem solved, customer base, CISO feedback, company growth, and notable implementations. Herjavec Group has been praised... Read More
June 24, 2015

Coalfire Systems and Herjavec Group Validations Reaffirm Critical Cyber Security Capabilities for Financial Services Community

The Payment Card Industry (PCI) Data Security Standard (DSS) is a worldwide standard, published and maintained by the PCI Security Standards Council (SSC), endorsed by all major credit card brands and intended to protect cardholder data wherever it is processed, stored or transmitted. Nothing is more important than keeping your customer's payment card data secure. In a recent engagement, Herjavec Group, a PCI... Read More

Shark Tank’s Robert Herjavec: On How To Tell If You Are Cyber Secure

Last Monday – the 15th – password storage maker LastPass was hacked, exposing the email addresses and encrypted master passwords of its users. Last Tuesday – the 16th – in Congressional testimony, House Oversight Chairman, Jason Chaffetz, said that federal cybersecurity “stinks” in response to the governmental breach that happened earlier this month, exposing the personal information of millions of current, former,... Read More
June 22, 2015

Evolution of the Next Generation SOC

The need for security programs to shift from tactical to strategic in focus has never been stronger. Rising threats have forced organizations to recognize the importance of a rapid response center, dedicated to network and security incidents. In the past, the separation between NOC and SOC seemed logical – NOCs were mature while SOCs were the “new kids on the... Read More
June 2, 2015

Threat Update | Leap Second June 30, 2015

The term “Leap Second” was coined to reflect that the last minute of June 30th will be one second longer than a standard minute, meaning that June 30, 2015 23:59:60 will be a valid and correct time. This time could cause potential issues across various IT infrastructures. It has been speculated that the Leap Second could cause a server hang... Read More
June 1, 2015