Please contact us for details.
New England Safety Partners 61 Chapel St Newton, MA 02458 ph: (617)219-9760 fax:(617)663-6153
Proud Sponsor of the Boston Chapter of InfraGard
NESP consultants had a very thorough understanding of the PCI-DSS requirement. (The word ‘encyclopedic’ comes to mind.) This was very helpful in areas where the written standard leaves room for interpretation. In those situations, they helped us to assess our risk and to develop practical solutions.
They brought strong operating systems and networking expertise. They quickly earned the respect of, and collaborated effectively with, our technical staff. Consistently their recommendations were technically sound.
Working with technology and people can be messy and a sometimes befuddling proposition. NESP exercised effective people skills in balance with deep understanding of project technical issues to yield positive results for ITG.
NESP was a strong business partner on information security issues particularly as they related to our employees, data security, data access and data controls. They were instrumental in putting a robust information security program in place for the organization, and for educating senior management on the criticality of security awareness. They demonstrated strong technical expertise, but also had the ability to align with business demands/appetite.
The other day I shared this video on Facebook. The video is by a friend of mine, Richard Johnson, who runs a website called Guns, Holsters and Gear. He reviewed the Steyr S9-A1, which is my concealed carry semi-auto of choice.
In the Facebook comments, a fellow named Andy wanted to know about my gun. He asked if I’d ever blogged about my choice of the Steyr pistol; I checked my archives, and though I’ve mentioned it from time …
It’s not uncommon for crooks who peddle stolen credit cards to seize on iconic American figures of wealth and power in the digital advertisements for these shops that run continuously on various cybercrime forums. Exhibit A: McDumpals, a hugely popular carding site that borrows the Ronald McDonald character from McDonald’s and caters to bulk buyers. Exhibit B: Uncle Sam’s dumps shop, which wants YOU! to buy American. Today, we’ll look at an up and coming credit card shop called Trump’s-Dumps, which invokes 45’s likeness and promises to “make credit card fraud great again.”read more
Earlier this month, KrebsOnSecurity featured a story about a basic security flaw in the Web site of medical diagnostics firm True Health Group that let anyone who was logged in to the site view all other patient records. In that story I mentioned True Health was one of three major healthcare providers with similar website problems, and that the other two providers didn’t even require a login to view all patient records. Today we’ll examine such a flaw that was just fixed by Molina Healthcare, a Fortune 500 company that until recently was exposing countless patient medical claims to the entire Internet without requiring any authentication.read more
Another week and more quality articles for you to peruse! In this edition: a defensive encounter where the good guy did a lot of bad things; how to make your training more realistic; smart TV warning; what apartment burglars do; testing you and your gear over a weekend; dealing with disruptive airline passengers; a Sikh yoga instructor uses a revolver and wins; and why we harp about safety in force-on-force training.
Not something to emulate
Lots of people …
A few weeks back, HR and financial management firm Workday.com sent a security advisory to customers warning that crooks were sending targeted malware phishing attacks at customers. At the same time, Workday is publishing on its site a list of more than 800 companies that use its services, making it relatively simple for attackers to chose their […]read more
In March 2017, KrebsOnSecurity warned that thieves who perpetrate tax refund fraud with the U.S. Internal Revenue Service were leveraging a widely-used online student loan tool to find critical data on consumers that allows them to claim huge refunds with the IRS in someone else’s name. This week, it emerged that a Louisiana-based private investigator is being charged with using the same online tool to glean tax data on then-presidential candidate Donald J. Trump.
A story today at Diverseeducation.com points to court filings in the U.S. District Court for the Middle District of Louisiana, in which local private eye Jordan Hamlett is accused by federal prosecutors of abusing an automated tool at the U.S. Department of Education website that is designed to make it easier for families to complete the Education Department’s Free Application for Federal Student Aid (FAFSA) — a lengthy form that serves as the starting point for students seeking federal financial assistance to pay for college or career school.read more
Good news for revolver owners! I’ll be back in Phoenix, AZ this November 11th & 12th, teaching my Threat-Centered Revolver course!
In the last couple of years this has become my most popular course, and for good reason — very few people in the training world take the revolver seriously as a defensive tool. Many don’t understand them or, worse, don’t like them.
That’s certainly not me! Not only do I understand the revolver at a level most people …
If you didn’t see Training Talk last night, you missed a great show!
My special guest was Aaron Israel of Fundamental Defense, and we talked about something we both have some experience with: the similarities and differences in competition and defensive shooting. It was a wide-ranging discussion, and you might be surprised at some of the answers he gave!
Be sure to watch the replay.
Identity thieves who specialize in tax refund fraud had big help this past tax year from Equifax, one of the nation’s largest consumer data brokers and credit bureaus. The trouble stems from TALX, an Equifax subsidiary that provides online payroll, HR and tax services. Equifax says crooks were able to reset the 4-digit PIN given to customer employees as a password and then steal W-2 tax data after successfully answering personal questions about those employees.
In a boilerplate text sent to several affected customers, Equifax said the unauthorized access to customers’ employee tax records happened between April 17, 2016 and March 29, 2017.
Beyond that, the extent of the fraud perpetrated with the help of hacked TALX accounts is unclear, and Equifax refused requests to say how many consumers or payroll service customers may have been impacted by the authentication weaknesses.read more
Be sure to join me tonight at 6:pm PDT/9:pm EDT for PDN Training Talk, the live webcast about self defense: training, equipping, and preparing!
My special guest expert tonight is Aaron Israel, and we’ll be talking about competition vs. defensive training. As Aaron told me, expect some sacred cows to get barbecued!
Here’s the link to the show page, which goes LIVE this evening. I hope you can join me! (If you can’t make the live show, you can always watch the replay …