Uncategorized

/Uncategorized

Phishing Attacks and Multifactor Authentication

Stop the Password Reset Insanity How much time does your IT department spend changing a user’s network and or email account passwords because they clicked on a phishing link that they should not have? How many users do you have who do this repeatedly? Have you trained your users to identify, report, and ignore these phishing attempts? Why make the only procedure to resolve this resetting the password when it just keeps happening again and again? Stop the insanity and look at a new way of solving this problem. “The definition of insanity is doing the same thing over and [...]

By | 2018-10-02T13:59:26+00:00 September 19th, 2018|Uncategorized|Comments Off on Phishing Attacks and Multifactor Authentication

Cloud Computing and Security

Cloud Computing In its broadest term, Cloud Computing can be defined as the practice of using a network of remote servers hosted by a provider on the Internet (“the Cloud”) to store, manage and process data. In the current enterprise landscape, organizations (called tenants) are steadily migrating technologies to and services into the Cloud looking for a competitive advantage that will enable the business to set themselves apart from the rest of the pack. These advantages of Cloud computing include a reduction in start-up costs, lower capital expenditures, utilization of on-demand IT services, and the dynamic allocation of computing resources [...]

By | 2018-10-02T13:56:38+00:00 August 31st, 2018|Uncategorized|Comments Off on Cloud Computing and Security

Budgeting for Cyber Security for 2019

Cyber-Security Budgeting is a Layered Approach Cyber-Security is arguably the hottest market right now.  Organizations are now willing to spend $$ now more than ever to avoid becoming the next headline.  When planning, it is easy to focus on available products that vendors are spending millions of dollars to push at us every day.  Products are required, but it is the process around these that keep you secure.  Best practices in security follow a layered approach, and budgeting is no different.  Where should you focus your efforts? The Basic Layers:  Reduce Known Risks These are not sexy, but neither is [...]

By | 2018-10-02T13:53:58+00:00 July 31st, 2018|Information Security, Uncategorized|Comments Off on Budgeting for Cyber Security for 2019

Everything you wanted to know about Ransomware…but were afraid to ask

What is Ransomware? Ransomware is a type of malicious software that prevents users from accessing their computer system or files until a sum of money (ransom) is paid. In the malware landscape, ransomware has earned itself a well-deserved nasty reputation. There are two types of ransomware identified in this branch of the malware family tree; 1) locker ransomware and 2) crypto ransomware Locker ransomware effectively locks Windows access preventing the user from accessing their desktop or files. Typically designed to prevent access to one’s computer interface, Locker ransomware mostly leaves the underlying system and files unaltered.  A message would be [...]

By | 2018-10-02T13:46:28+00:00 May 18th, 2018|Data Breach, Encryption, Information Security, Malware, Privacy, Uncategorized, Viruses, Vulnerabilities|Comments Off on Everything you wanted to know about Ransomware…but were afraid to ask

A Vulnerability Scan is NOT a Penetration Test (Pentest)

What is the difference between a Penetration Test and a Vulnerability Scan? Understanding the difference between a penetration test and a vulnerability scan is critical to understanding security posture and managing risk. Vulnerability scans and Penetration tests (pen test for short) are very different from each other in both process and outcome. However, sometimes the terms are incorrectly used interchangeably. In this article, we will explore the differences between the two as well as how they relate to each other. Starting with the definitions of each you can see an immediate differentiator, the objective. The objective of a vulnerability scan [...]

By | 2018-10-02T13:36:44+00:00 May 3rd, 2018|Uncategorized|Comments Off on A Vulnerability Scan is NOT a Penetration Test (Pentest)

Best Practices for Service Account Management

Service Account Management We spoke previously on the management of privileged accounts and how important it is to keep them accountable. Privileged accounts are one of many different types of accounts that should fall under your organizations Account Management Program and another one to add to that would be service accounts. What is a service account anyway? In basic terms, a service account is an account that a service on your computer uses to run under and access resources. This should not be a user’s personal account. While they may look the same, the separation of users from services is [...]

By | 2017-08-08T05:59:30+00:00 August 8th, 2017|Uncategorized|Comments Off on Best Practices for Service Account Management

Best Practices for Privileged Account Management – Part 1

Basic Privileged Account Management Abused and Misused privileges are often seen as being the cause of breaches within organizations around the world.  Privileged account management should be a major focus for Security and IT management who are looking to mitigate the risks of data breaches and insider risks. What is Privileged Account Management? Privilege Account Management is the definition and management of policies and processes that define the ways in which the user is provided access rights to enterprise systems.  It governs the management of the data that constitutes the user’s privileges and other attributes, including the storage, organization and [...]

By | 2017-08-08T05:58:16+00:00 July 5th, 2017|Uncategorized|Comments Off on Best Practices for Privileged Account Management – Part 1

WannaCry – Worldwide Ransomware Attack – Updated

A widespread ransomware attack has spread across the globe infecting tens of thousands computers in as many countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan.  The software can run in many languages.  There have been several versions and updates, but the ways to protect remain the same.  Recently, a decryption tool has been discovered – see here. Technical Details Initial reports indicate the hacker or hacking group behind the WannaCry campaign is gaining access to enterprise servers either through a Remote Desktop Protocol (RDP) compromise or the exploitation of a critical Windows SMB vulnerability.  Microsoft [...]

By | 2017-05-24T14:02:22+00:00 May 13th, 2017|Uncategorized|Comments Off on WannaCry – Worldwide Ransomware Attack – Updated

Security Incident Case Study – A MSSP Run Amok

This is a case study of a security incident that occurred recently. The purpose of sharing this case study is to provide an example as to why proper security measures must be constantly validated both internally AND externally to include Managed Service Providers.     Security Incident Overview A valid user account (UserX) downloaded a malicious executable file on the Remote Desktop Protocol (RDP) server used by employees for remote desktop access in the middle of the afternoon. The updated security software on the server blocked the file from executing and placed it into Quarantine. Upon closer inspection, after being alerted [...]

By | 2017-01-17T23:33:08+00:00 January 17th, 2017|Computer & Network Security, Data Breach, Uncategorized, Vulnerabilities|Comments Off on Security Incident Case Study – A MSSP Run Amok