Category: Information Security
Why Security Awareness Training
Enterprises invest in all the latest security technologies but often neglect an absolute fundamental component of information security – end users. Organizations can employ the best technology practices of next generation firewalls, anti-malware and intrusion prevention system. Corporations these days understand security should be ‘baked… Continue reading
KRACK Attack – Secure Your Wireless
Wi-Fi Protected Access is a protocol which secures all modern WiFi networks. This month, Belgian researchers Mathy Vanhoef & Frank Piessens of the University of Leuven recently identified serious security flaws in the WiFi standard itself which are cause for concern. This attack, known as… Continue reading
WannaCry Ransomware – 5 Lessons Learned
Unfortunately malicious software is an everyday occurrence. As of Friday May 12th a massive ransomware attack dubbed WannaCry infected over 230,000 Windows computers in over 150 countries. It’s spread was fast and furious. WannaCry ransomware held the victims computer/data for ransom by encrypting it. Among… Continue reading
What are Advanced Persistent Threats
APT or Advanced Persistent Threat is a continuous, stealthy and sophisticated process of hacking a particular target until a defined object is achieved. Herein we’ll explore in more detail of what an APT is as well as define the targets, methods and motivation of them.… Continue reading
Addressing the Insider Threat
Technology is a powerful tool in assuring the confidentiality, availability and integrity of your critical data – but it is no failsafe. Even the best of breed technology deployed in a layer approach (defense in depth) will have flaws. The most well meaning and resourced… Continue reading
Protecting Against Malicious USB
If you found a random USB device what would you do with it? Would you be curious and plug it into your computer to find what juicy secrets it holds? Or would you leave it where you found it? Most often, unsuspecting, ill-informed users take… Continue reading
Average Cost of Data Breach Increases to $4M in 2016
Data breaches are no joke, they bring real risks & serious quantifiable costs. A data breach is a security incident in which sensitive or confidential information is copied, transmitted or stolen by an unauthorized party. This data can be anything from credit card records, PHI… Continue reading
Defending Your Company From Ransomware
A recent high profile ransomware attacks at Ho11ywood Presbyterian has lessons for organization in healthcare and elsewhere. This organization is but one of the hundreds of thousands that have fallen victim to this type of malware. Ransomware is a particularly pernicious type of malware that… Continue reading
Protect Your Company from Phishing
Phishing attacks are a constant threat to organizations small and large. This post will explore some basic tips (technology and process) to keep you and your business safe in the face of this seemingly endless threat. According to the APWG (Anti-Phishing Working Group), The number… Continue reading
Lenovo Superfish Lessons – Manufacturers It’s Time to End Crapware
Sadly, the adware, spyware, crapware problem has been around for ages. PC makers, smartphone manufacturers, tablet makers and many others have loaded up new computing devices with oodles of junk software on with claiming they want to offer customers choices and much needed “features”. In… Continue reading
Recent Comments