It is time to improve you cybersecurity protection, especially after recent massive ransomware campaigns like WannaCry. Limit your vulnerability and your organizations chances of being breached by following these 7 guidelines.
DetailsOver the weekend security experts witnessed how the new iteration of WannaCry ransomware spread over thousands of users and networks worldwide. This virus is neither old, nor extremely complex however it was able to launch a massive attack on both computer users, companies and even government institutions.
DetailsThe globe was recently hit by a massive ransomware campaign that stretched across 150 countries and infected tens of thousands of systems. The Russian Interior Ministry was affected, certain NHS hospitals were turning patients away and a few manufactures had to cease operations. Needless to say, this was a really big deal. Companies were left scrambling on Friday afternoon in attempts to make sure they weren’t the latest victim of the WannaCryptor 2.0, also known as WannaCry, malware from wreaking havoc in their network. This is the second iteration of this malware and it uses exploits previously found within leaked NSA hacking tools (ETERNALBLUE) that takes advantage of a bug within Windows SMBv1 protocol.
DetailsDigital computers and human brains have different strengths and weaknesses. If you give me a long list of arthimetic problems to solve, at some point I’ll slip up. “How did I get the wrong answer on that division problem? Oh yeah, I thought there was a 3 in the tens place of the dividend when it’s actually a 6. I’ve just been staring at all of these numbers for so long that I’m starting to get tired!” But CAPTCHAs are easy for me to use, and they somehow impede malicious web bots that try to break through authentication barriers.
DetailsAdvanced persistent threats (APT) are among the most difficult cyber threats to defend against. APTs are sneaky and stealth, slipping into your network quietly and remaining there undetected for days, weeks or months while hackers gather sensitive information or spread more malware. All the while, the APTs evade or manipulate security systems to avoid detection.…
DetailsWe hear about a new major security breach almost every week. Some of them rely on weak keys to do so. In the famous TJ Maxx breach, it is believed the hackers exploited a weak pre-shared key for Wifi. Had they been using WPA2-802.1x the key would have been infinitely stronger. This means the hackers would need to be in the same location for a longer period time and potentially dissuading them from continuing the hack. Even if they stuck around, it would have been obvious to staff that a car was lurking around for too long. Identity management would have helped to enable 802.1x and Radius, which generates unique keys and regenerates them in shorter intervals.
DetailsThe rise of DDoS and the proliferation of booter and stresser tools. Where once sophisticated DDoS attacks required sophisticated skills, these attacks can now be done by or at the behest of people with low to no hacking ability. There are more players in the game now with better tools at their disposal.
DetailsThe Internet of Things (IoT) is sometimes called the Internet of Threats, and for good reason. IoT devices, employee- and customer-owned, are proliferating exponentially across the enterprise, with Gartner expecting to see 25 billion Internet-connected things in use by 2020. IoT devices are also notoriously difficult to secure, creating an attractive target for attackers looking…
DetailsRansomware is still one of the biggest growing threats to your business. With over 18 million new malware samples in Q3 of 2016, it’s obvious that trying to keep your IT team, vendors, and company in front of the threat is a difficult challenge.
DetailsWe are in the post-signature era of antimalware software. Attackers are driven by the profit motive, and are also driven by a lust for power. About a decade ago, malware researchers determined that the amount of malicious files in the computing collective doubled every two years. Now, in a manner similar to Moore’s Law, the rate of malware growth is probably exponentially greater. Malware deployers aren’t only script kiddies who buy executables and crypters in the Dark Web. They’re also national militaries… Stuxnet anyone?
DetailsWhen Amazon Web Service (AWS) suffered a catastrophic outage recently after its servers crashed, millions of companies were left reeling from the disruption – everything from larger websites to people’s smarthomes and even library catalogues were rendered temporarily useless.
DetailsThe old anecdote of the frog placed in slowly increasing heated water, unaware of the gradually escalating danger of the situation until it is too late, is a poignant one for reasons other than the gruesome ending. It supposed purpose is to teach us that desensitisation to our sense of danger is possible when change occurs slowly enough not to be noticed.
DetailsAs organizations step-up initiatives to improve their cybersecurity protections, many are looking at outsourcing as a viable and efficient way to manage. Outsourcing cybersecurity can come with a host of advantages, yet no two managed security service providers (MSSPs) are alike. It’s vital to carefully evaluate providers to ensure you choose the MSSP that can…
DetailsI recently received an email from my Auto Manufacturer containing a report about my car’s ‘health’. I initially thought it was just a typical service email, or maybe it was some covert email to try and sell me a new car, product, or other offering from a local dealer. As a matter of fact, it…
DetailsThe idea of defense-in-depth has been around for nearly two decades. While it provided effective protection in the past, the recent spate of high-profile breaches and nation-state attacks proves defense-in-depth alone is no match for today’s threat environment. Defense-in-depth, the layering on of security controls to ensure that attacks breaching one layer will be caught…
DetailsWith the digital transformation underway, IT departments are looking to evolve, or risk being left behind. Yet funds for this “coming-of-age” don’t just appear, so IT has to keep ROI and TCO top of mind. To handle this fine balance, companies are flocking to the cloud to transform business in a cost-effective manner. State of Cloud…
DetailsHiring a CISO is not an easy task, but with more executive managers realizing the value of having an executive level information security position and cybersecurity regulations like 23 NYCRR 500 requiring it, finding qualified candidates is paramount.
DetailsI remember when I drove my new, fast, car off of the dealer’s lot and although it feels like yesterday, it’s no longer new or fast. It continues to break down and doesn’t support my growing family. Just like how cars have an optimal life span, so does your network infrastructure. It may have been ‘State of the Art Technology’ at the time of installation, but will it be able to handle everything you throw at it now?
DetailsAs the digital landscape continues to evolve, protecting student’s personally identifiable information has never been more important. From K-12 institutions to higher education campuses — network security is paramount to providing engaging, interactive and meaningful instruction to cohorts of digital natives. Derek Manky, Fortinet’s global security strategist, shared with CNBC his insights on a cybersecurity…
DetailsDangerous virus infections continue to spread and as they evolve, the distribution methods change as well. In the last few months we observed several high severity virus attacks that were done against various institutions and businesses using direct software vulnerability intrusion attempts. Continue reading about the changing ways of some of the most devastating viruses.
DetailsNew York is launching a new regulation in cybersecurity which will come into effect March 1. This new regulation will target banking and insurance sectors with the aim of better protecting institutions and consumers against the bad actors that target these firms.
DetailsThe ransomware surge that dominated headlines in 2016 shows no signs of abating. With experts predicting an uptick in targeted attacks in 2017, businesses need to make ransomware protection a priority. In 2016, the FBI put a price tag on ransomware, noting that in the first three months of the year, it cost victims $209…
DetailsComputer hackers assemble together in dangerous underground forums and markets where they both trade viruses and hacking tools and engage in discussions and plan the next major attack or virus outbreak. If you have been wondering what kinds of dangers does the Dark Web hideouts hide then continue reading. In this article we will delve…
DetailsDistributed Denial of Service (DDoS) attacks have been around for years. However, just like with many other forms of cyber-attacks, criminals are using technological advancements to supercharge DDoS malware. As a result, experts predict that 2017 will see a rise in the number, scale and ferocity of DDoS attacks. The question; therefore, remains: Does your…
DetailsArtificial intelligence has helped the medical field and car industry immensely in the past couple of years. Now, artificial intelligence is being used to help fight against cyber attacks. Along with the growing advancements of technology, there are increasing cyber threats. Cyber security is becoming more and more of an issue every day. Several organizations,
DetailsIf you think Certs are a circular shaped candy that comes in a roll; then this blog is probably not for you. The question should not be whether we are talking about the minty kind or the fruity kind. However, if you are asking yourself whether we are talking about SAN certs or wildcard certs you are on the right track: keep reading.
DetailsEndpoint security is shaping up to be one of the biggest cybersecurity concerns of the coming year. That’s why if you’re a CIO or other IT security professional, you should be working towards developing a robust endpoint security strategy for your organization.
DetailsWiFi for Dummies sounded too cliche and I suspect is a registered trademark, so I am going with WIFI for Rookies. This topic reminds me of when my old friend and former governor of California called me asking for help understanding WiFi. He explained that although he had played superheroes, he was not actually a superhero nor was he extremely technical.
DetailsBusinesses, in this day and age, are in dire need of solutions to deal with the constant and ever-increasing cyber threats. 2016 proved to be disastrous in terms of cyber threats; several businesses fill victims to hacking attempts and data breaches and this is reason why the threat has reached an alarming stage. Keeping this in mind, businesses need to understand the importance of business VPNs and the benefits it offers.
Details
