Sunday, January 08, 2017

Cyber Security Vulnerability and Patch Report, January 8, 2017

 

CYBERSECURITY VULNERABILITY

AND PATCH REPORT


Important Security Updates

KeePass: KeePass has released version 1.32 of its open source password manager. Updates are available from the KeePass website.

Current Software Versions

Adobe Flash 24.0.0.186
Adobe Reader DC 2015.020.20039
Dropbox 16.4.30 [Citadel warns against relying on security of Dropbox or other cloud-based file exchange systems. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the master Dropbox [or other] password be at least 15 characters long and different from other passwords.]
Firefox 50.1.0 [Windows]
Google Chrome 55.0.2883.87
Internet Explorer 11.0.9600.18538
Java SE 8 Update 111 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
Microsoft Edge 39.14986.0.0
QuickTime 7.7.9 [Citadel recommends removing QuickTime. On April 14, US-CERT advised Microsoft Windows users to remove QuickTime. This followed a report in ars technica that Apple has no plans to update the Windows app despite at least two reliable QuickTime vulnerabilities that threaten Windows users who still have the program installed.]
Safari 9.1.3 [Mac OS X Mavericks, Yosemite, El Capitan]
Skype 7.30.0.105

For Your IT Department

Cisco Multiple Products: Cisco reports patched vulnerabilities in its Network Time Protocol Daemon. Apply updates. Additional details are available at Cisco’s website.

*******************
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2017 Citadel Information Group. All rights reserved.

 

 

Jeff Snyder’s, SecurityRecruiter.com, Jeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810



Cyber Security News of the Week, January 8, 2017


CYBERSECURITY NEWS

FROM OUR FRIENDS AT CITADEL INFORMATION GROUP


Individuals at Risk

Cyber Privacy

People Are Praising Pope Francis for Taking Cybersecurity Very Seriously: He has 10.2 million followers on Twitter, opened an Instagram account last year, has met with tech executives, sold his old iPad for a good price, and addressed mankind’s pervasive use of gadgets in his teachings. Fortune, January 5, 2017

Cyber Update

Google Patches Android Custom Boot Mode Vulnerability: A high-risk Android custom boot mode vulnerability was one of many bugs patched by Google as part of its January Android Security Bulletin released earlier this week. On Thursday, the IBM security team that discovered the vulnerability disclosed details about the flaw which leaves Nexus 6 and P6 model handsets open to denial of service and elevation of privilege attacks. ThreatPost, January 6, 2017

Cyber Warning

Tech Support Scammers Targeting Mac Users with DoS attacks: The IT security firm has revealed that scammers are targeting Apple‘s Mac users with a new kind of malware that hijacks its Mail App and Safari browser to conduct denial of service (DOS) attacks. HackReed, January 6, 2017

Cyber Defense

Top 5 Free Encryption Messaging Apps: This year saw an increase in the level of security for some major messaging services, including Facebook Messenger and WhatsApp. Yahoo, December 30, 2016

Information Security Management in the Organization

Information Security Management and Governance

Strong Cybersecurity Talent in Short Supply in Face of Rising Demand: Can armies of interns close the cybersecurity skills gap? asked a Fast Company story in September of 2016. Not likely. In the U.S., and internationally, there’s not enough cybersecurity grads — or computer science grads with cyber credits. In the U.S., students can graduate from some of the top computer science programs with little to no cybersecurity courses. CSO, January 6, 2017

Cyber Warning

Cyber Criminals Using Twitter To Snatch Bank Info From Unsuspecting Customers: Cyber criminals are waiting for banks to have online technical difficulties and then step in to target bank customers who complain about technical problems online. Using fake Twitter accounts that look just like the banks, they trick customers into handing over their banking credentials. Robert Capps, VP of Business Development at NuData Security commented below. InformationSecurityBuzz, January 7, 2017
Hackers Target Schools With Ransomware By Mimicking Department Of Education: Following the news that hackers are sending ransomware-infected emails directly, to head teachers after posing as officials from the Department of Education. The cyber criminals have been gaining email addresses by calling schools and offering exam guidance or mental health assessments. The ransom is believed to be up to £8,000. Fraser Kyne, EMEA CTO at Bromium commented below. InformationSecurityBuzz, January 7, 2017
KillDisk Ransomware Gets Update. Encrypts files, demands ransom & leaves Linux systems unbootable: Disk-wiping malware known as KillDisk, which has previously been used in hack attacks tied to espionage operations, has been given an update. Now, the malware works on Linux as well as Windows systems and also includes the ability to encrypt files, demand a bitcoin ransom and leave Linux systems unbootable. BankInfoSecurity, January 6, 2017
Cardless ATM” Fraud Danger As Cyber Criminals Use Stolen Passwords: Some financial institutions are now offering so-called “cardless ATM” transactions that allow customers to withdraw cash using nothing more than their mobile phones. But as the following story illustrates, this new technology also creates an avenue for thieves to quickly and quietly convert stolen customer bank account usernames and passwords into cold hard cash. Worse still, fraudulent cardless ATM withdrawals may prove more difficult for customers to dispute because they place the victim at the scene of the crime. KrebsOnSecurity, January 5, 2017

Cyber Danger

4 information security threats that will dominate 2017: The Information Security Forum (ISF), a global, independent information security body that focuses on cyber security and information risk management, forecasts businesses will face four key global security threats in 2017. Supercharged connectivity and the IoT will bring unmanaged risks. Crime syndicates will take quantum leap with crime-as-a-service. New regulations will bring compliance risks. Brand reputation and trust will be a target.

Cyber Defense

Class Breaks – What They Are and the Magnitude of Their Danger: There’s a concept from computer security known as a class break. It’s a particular security vulnerability that breaks not just one system, but an entire class of systems. Examples might be a vulnerability in a particular operating system that allows an attacker to take remote control of every computer that runs on that system’s software. Or a vulnerability in Internet-enabled digital video recorders and webcams that allow an attacker to recruit those devices into a massive botnet. Schneier on Security, December 30, 2016

Cyber Security in Society

National Cyber Security

Intelligence Agency Report Attributing Breach of DNC to Russia: “Assessing Russian Activities and Intentions in Recent US Elections” is a declassified version of a highly classified assessment that has been provided to the President and to recipients approved by the President. Office of the Director of National Intelligence, January 6, 2017
What Intelligence Agencies Concluded About the Russian Attack on the U.S. Election: The office of the director of national intelligence on Friday released a long-awaited unclassified version of its report for President Obama on what the intelligence agencies said was a multifaceted attempt to influence the 2016 presidential election. The report included only the agencies’ conclusions, not the actual intelligence or technical information on which they were based. The New York Times, January 6, 2017
Why Proving the Source of a Cyberattack is So Damn Difficult: President Barack Obama’s public accusation of Russia as the source of the hacks in the US presidential election and the leaking of sensitive emails through WikiLeaks and other sources has opened up a debate on what constitutes sufficient evidence to attribute an attack in cyberspace. The answer is both complicated and inherently tied up in political considerations. Schneier on Security, January 5, 2017
White House fails to make case that Russian hackers tampered with election: Talk about disappointments. The US government’s much-anticipated analysis of Russian-sponsored hacking operations provides almost none of the promised evidence linking them to breaches that the Obama administration claims were orchestrated in an attempt to interfere with the 2017 presidential election. ars technica, December 30, 2016
Krebs Opines on the DNC Hack … and Other Cyber Incidents: Over the past few days, several longtime readers have asked why I haven’t written about two stories that have consumed the news media of late: The alleged Russian hacking attacks against the U.S. Democratic National Committee (DNC) and, more recently, the discovery of malware on a laptop at a Vermont power utility that has been attributed to Russian hacker groups. KrebsOnSecurity, January 3, 2017
Task Force Issues ‘From Awareness to Action: A Cybersecurity Agenda for the 45th President: A task force co-chaired by two U.S. lawmakers and a former federal CIO is issuing a 34-page report recommending a cybersecurity agenda for the incoming Trump administration. The report recommends the new administration jettison outdated ways the federal government tackles cybersecurity, noting: “Once-powerful ideas have been transformed into clich├ęs.” BankInfoSecurity, January 4, 2017
DHS Designates Election Facilities as Critical Infrastructure, Ups Cybersecurity Assistance: The U.S. Department of Homeland Security Friday designated U.S. election infrastructure as critical, widening the options the government has to protect voting machines from cyberattacks. Voice of America, January 7, 2017
DHS head: Nation’s cybersecurity has improved, but work remains: An exit memo authored by Secretary of Homeland Security Jeh C. Johnson outlined a number of DHS cybersecurity accomplishments achieved during the Obama administration but warned that “more work remains to be done.” CIODive, January 6, 2017
How Hackers Could Jam 911 Emergency Calls: It’s not often that any one of us needs to dial 911, but we know how important it is for it to work when one needs it. It is critical that 911 services always be available—both for the practicality of responding to emergencies, and to give people peace of mind. But a new type of attack has emerged that can knock out 911 access—our research explains how these attacks occur as a result of the system’s vulnerabilities. We show how these attacks can create extremely serious repercussions for public safety. FastCompany, January 6, 2017
Stewart Baker Cyberlaw Podcast – News Roundup: We start 2017 the way we ended 2017, mocking the left/lib bias of stories about intercept law. Remember the European Court of Justice decision that undermined the UK’s new Investigatory Powers Act and struck down bulk data retention laws around Europe? Yeah, well, not so much. Maury Shenk walks us through the decision and explains that it allows bulk data retention to continue for “serious” crime, which is really the heart of the matter. Steptoe Cyberblog, January 3, 2017

Cyber Law

FTC Charges D-Link With Unsecure Routers And IP Cameras: Federal Trade Commission voices concerns in US district court that D-Link products had put consumers’ privacy at risk. DarkReading, January 6, 2017

Cyber Standard

Integrate Cyber Security Into Product Life Cycle Says FDA to Medical Devices Manufacturers: Protecting medical devices from ever-shifting cybersecurity threats requires an all-out, lifecycle approach that begins with early product development and extends throughout the product’s lifespan. FDA, December 27, 2016

Critical Infrastructure

Fixing Critical Infrastructure Means Securing The IT Systems That Support It: IT security can mean the difference between life and death, just as much as a well-designed bridge. DarkReading, January 6, 2017
Hacker threats to smart power grids: Europe is investing in power grids that save consumers money and easily handle surges from wind and solar sources — features critical to curbing climate change and cutting the Continent’s reliance on coal. But these electricity networks of the future also create big risks. Politico, January 4, 2017

Internet of Things

Bosch at CES 2017 puts focus on airtight end-to-end cybersecurity for next generation of connected cars: Cars are already computerized out the wazoo, but the next generation of connected cars will present plenty of opportunities for digital malcontents to compromise car systems. Bosch, a supplier for a wide variety of automakers, thinks it has solutions to this problem at its CES 2017 stand. CNet, January 6, 2017
The FTC’s Internet of Things (IoT) Challenge: One of the biggest cybersecurity stories of 2017 was the surge in online attacks caused by poorly-secured “Internet of Things” (IoT) devices such as Internet routers, security cameras, digital video recorders (DVRs) and smart appliances. Many readers here have commented with ideas about how to counter vulnerabilities caused by out-of-date software in IoT devices, so why not pitch your idea for money? Who knows, you could win up to $25,000 in a new contest put on by the U.S. Federal Trade Commission (FTC). KrebsOnSecurity, January 4, 2017

Jeff Snyder’s, SecurityRecruiter.com, Jeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810



Tuesday, January 03, 2017

It's Your Future...Do Something About It!


It's Your Future...Do Something About It



Recent statistics based on Clifton StrengthsFinder assessment results suggest that 6.1% of men and 2.5% of women have the Self-Assurance trait in their top 5 traits. 

Self-Assurance translates to Self-Confidence. Based on these numbers, most people could benefit from stronger Self-Confidence and I can show you precisely how to develop it.

Statistics are one thing.  I prefer statistics that are followed by results.  Here you go!




Cyber Security Vulnerability and Patch Report, January 1, 2017


 

CYBERSECURITY VULNERABILITY

AND PATCH REPORT

 


Important Security Updates

Viber: Viber has released version 6.5.3 for Windows. Updates are available on Viber’s website.

Current Software Versions

Adobe Flash 24.0.0.186
Adobe Reader DC 2015.020.20039
Dropbox 16.4.30 [Citadel warns against relying on security of Dropbox or other cloud-based file exchange systems. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the master Dropbox [or other] password be at least 15 characters long and different from other passwords.]
Firefox 50.1.0 [Windows]
Google Chrome 55.0.2883.87
Internet Explorer 11.0.9600.18538
Java SE 8 Update 111 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
Microsoft Edge 39.14986.0.0
QuickTime 7.7.9 [Citadel recommends removing QuickTime. On April 14, US-CERT advised Microsoft Windows users to remove QuickTime. This followed a report in ars technica that Apple has no plans to update the Windows app despite at least two reliable QuickTime vulnerabilities that threaten Windows users who still have the program installed.]
Safari 9.1.3 [Mac OS X Mavericks, Yosemite, El Capitan]
Skype 7.30.0.105

For Your IT Department

Cisco Multiple Products: Cisco reports patched vulnerabilities in its CloudCenter Orchestrator. Apply updates. Additional details are available at Cisco’s website.

*******************
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2017 Citadel Information Group. All rights reserved.

 

Jeff Snyder’s, SecurityRecruiter.com, Jeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810



Cyber Security News of the Week, January 1, 2017

CYBERSECURITY NEWS

FROM OUR FRIENDS AT CITADEL INFORMATION GROUP


Individuals at Risk

Cyber Privacy

Airline passenger details easy prey for hackers, say researchers: The worldwide system used to coordinate travel bookings between airlines, travel agents, and price comparison websites is hopelessly insecure, according to researchers. The Guardian, December 30, 2016
Nevada Medical Marijuana Data Breach Highlights Need For Industry Information Security: News broke yesterday that over 11,000 people had their personally identifiable information breached after a State of Nevada medical marijuana database was hacked. Application information was compromised, including applicants’ name, social security number, race, address, and citizenship information. The State of Nevada has come out saying that no patient information was part of the breach. Weed News, December 29, 2016
The Year Encryption Won: Between the revelations of mega-hacks of Yahoo and others, Russia’s meddling in the US electoral system, and the recent spike in ransomware, it’s easy to look at 2016 as a bleak year for security. It wasn’t all so, though. In fact, the last 12 months have seen significant strides in one of the most important aspects of personal security of all: encryption. Wired, December 23, 2016
EU court slams indiscriminate data collection, opening challenge to British cyber law: The law requires telecommunications companies to store the web and message history of Britons for the government to access. But Europe’s highest court ruled such a law is unjustifiable in a democratic society. Christian Science Monitor, December 21, 2016

Cyber Update

PHPMailer, SwiftMailer Updates Resolve Critical Remote Code Execution Vulnerabilities: Critical remote code execution vulnerabilities in two different libraries used to send emails via PHP were patched this week. ThreatPost, December 29, 2016

Information Security Management in the Organization

Cyber Awareness

Mitigating internal risk: Three steps to educate employees: IT security is usually focused on how to prevent outsiders with malicious intent from causing harm to your IT systems and data. While this is a valid concern, people within organizations who simply do not understand the consequences of their everyday habits and behavior on company computers pose an equivalent if not greater risk. HelpNetSecurity, December 20, 2016

Information Security Professional

5 Great ‘Starter’ Cybersecurity Certifications: Looking for a career change in the new year? There’s no better time to consider a career in cybersecurity: U.S. businesses and government agencies are spending billions of dollars each year to protect their data and assets from malicious attacks, with Forbes reporting that $170 billion will be spent worldwide by 2020. BusinessNewsDaily, December 28, 2016

Cyber Law

Op-ed: Five unexpected lessons from the Ashley Madison breach: On December 14, 2016, the Federal Trade Commission settled a complaint with the company running the adult finder site Ashley Madison over the 2015 data breach that exposed the personal data of more than 36 million users and highlighted the site’s unfair and deceptive practices. ars technica, December 29, 2016
New York Financial Services Regulator Issues Revisions to Proposed Cybersecurity Regulation: Today, the New York Department of Financial Services (DFS) released a revised version of the proposed cybersecurity regulations that it first issued in September. According to a press release issued by DFS Superintendent Vullo, the new version of the proposed rules will be finalized following a 30-day notice and public comment period. Alston & Bird, December 26, 2016

Cyber Security in Society

Cyber Crime

Topps Customer Database Potentially Breached by Hackers: The Topps Now program has been a brilliant way for collectors to get cards of the day’s top stories. However, that platform also became a target for hackers, as customer information may have been compromised. Fox Sports, December 30, 2016
Cornell breached in 2014 by what it believes were Government-Sponsored hackers: When two Cornell network administrators began a routine investigation into why a University website had rebooted, they had no idea they would be handing their passwords over to a hacking group sponsored by a foreign government possibly seeking “revenge” against the United States. CornelSun, December 29, 2016
Holiday Inn Parent IHG Probes Breach Claims: InterContinental Hotels Group (IHG), the parent company for more than 5,000 hotels worldwide including Holiday Inn, says it is investigating claims of a possible credit card breach at some U.S. locations. KrebsOnSecurity, December 28, 2016
Miami Beach ‘Still Reeling’ From $3.6 Million Bank Fraud: MIAMI BEACH — City Commissioner Kristen Rosen Gonzalez is still shell shocked after being informed by the city manager last week that $3.6 million of taxpayer funds had been siphoned out of an online account at SunTrust Bank. She said that officials are not ruling out the possibility of legal action against the bank. Miami Beach Patch, December 27, 2016

Cyber Attack

Ukrainian Power Grid Blackout May Have Been Cyber Attack: Reports emerging this week in Ukraine suggest that a blackout affecting the country’s national power company, Ukrenergo, may have been the result of a hack attack. BankInfoSecurity, December 23, 2016

Know Your Enemy

KillDisk Disk-Wiping Malware Adds Ransomware Component: A malware family previously used to sabotage computers by deleting and rewriting files has added a ransomware component, now encrypting files and demanding a huge ransom. BleepingComputer, December 29, 2016
Playing the blame game: Breaking down cybersecurity attribution: Attributing the adversary behind a cyber attack ranks as perhaps the hardest challenge in all of cyber security, well beyond securing networks from intrusions, for the simple reason that bits are simply bits and do not belong to any single person. In other words, I can flawlessly copy any digital content including malware and other attack exploits and re-use it without leaving behind my personal fingerprints. Furthermore, I can leverage existing infrastructure or other people’s machines I’ve compromised to run my attacks from someone you might be inclined to blame for political reasons to exploit the confirmation bias people inherently have. HelpNetSecurity, December 19, 2016

National Cyber Security

Obama Strikes Back at Russia for Election Hacking: WASHINGTON — President Obama struck back at Russia on Thursday for its efforts to influence the 2016 election, ejecting 35 suspected Russian intelligence operatives from the United States and imposing sanctions on Russia’s two leading intelligence services. The New York Times, December 29, 2016
How Russia Recruited Elite Hackers for Its Cyberwar: MOSCOW — Aleksandr B. Vyarya thought his job was to defend people from cyberattacks until, he says, his government approached him with a request to do the opposite. The New York Times, December 29, 2016
Following the Links From Russian
Hackers to the U.S. Election:
The Obama administration announced sanctions on Thursday against Russia and released a report that stated that the Russian government deployed computer hackers to attack the Democratic Party’s computers. The New York Times, December 29, 2016
DHS and FBI Report on Russian Hacking of DNC to Influence Election: The F.B.I. and Department of Homeland Security released a report on Thursday detailing the ways that Russia acted to influence the American election through cyberespionage. The New York Times, December 29, 2016

Internet of Things

Drones, IoT influencing information security regulations: Calls are growing louder for information security regulations to target consumer-centric technology such as the IoT and drones, but legislating their use could prove difficult. SearchCompliance, December 2016

Cyber Enforcement

Police ask: “Alexa, did you witness a murder?”: In November of 2015, former Georgia police officer Victor Collins was found dead in a backyard hot tub at the Bentonville, Arkansas, home of acquaintance James Andrew Bates. Bates claimed it was an accidental drowning when he contacted police at 9:30am, claiming he had gone to bed and left Collins and another man behind in the tub. But Bentonville Police investigators determined that Collins had died after a fight, while being strangled and held underwater—and that Bates was the only person at the scene at the time. Now investigators have reportedly served a search warrant to Amazon in hopes of getting testimony from a possible witness: the Amazon Echo that was streaming music near the hot tub when they arrived at the scene. ars technica, December 28, 2016

Cyber Stupid

GOP rep: Russia ‘did what the media should have done’ if info accurate: Rep. Trent Franks (R-Ariz.) on Thursday appeared to praise the publication of Democratic emails, believed to be stolen by Russian operatives, on WikiLeaks. The Hill, December 29, 2016

Cyber Sunshine

Online Bank Fraud Hacker Arrested After Failing to Cover Tracks: Memo to would-be cybercriminals: Want to move stolen money internationally to bank accounts that you control? Need to route funds to a few money mules to get it laundered? Don’t do it from a system tied to an IP address registered to your home. BankInfoSecurity, December 21, 2016

Cyber Miscellany

Congrats Brian!!!Happy Seventh Birthday to KrebsOnSecurity!: Hard to believe it’s time to celebrate another go ’round the Sun for KrebsOnSecurity! Today marks exactly seven years since I left The Washington Post and started this here solo thing. And what a remarkable year 2016 has been! KrebsOnSecurity, December 29, 2016
Wave of cybersecurity breaches is no surprise to expert exposing online crime: Brian Krebs does not use heroin, but sometimes people send it to him anyway. The 43-year-old Alabama native writes Krebs on Security, a one-man operation focused on digital crime. His encyclopedic knowledge of the subject and his network of contacts has made his blog essential reading for anyone interested in cybercrime and a coveted lecturer at some of the biggest companies in the world. It has also made him some dangerous enemies – hence the heroin, meant as a sinister, silencing message. The Guardian, December 23, 2016

Jeff Snyder’s, SecurityRecruiter.com, Jeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810



SecurityRecruiter.com's Security Recruiter Blog