Security News


17

Oct 2017

KRACK exploit explained

A recently discovered vulnerability in the most widely used wireless security standard may be one of the biggest in years. The good news is there are precautions that can be taken to keep you and your business safe. Sword & Shield’s Corey McReynolds and Joe Gray explain: What the Attack is This attack exploits a vulnerability in Wireless Protected Access (WPA), both WPA and WPA2 encryption...

Read More


16

Dec 2016

Russel Van Tuyl Discusses Latest Yahoo Breach

Sword & Shield Managing Consultant of Security Assessments Russel Van Tuyl talks with WATE News 6 about how to protect yourself after the latest Yahoo! breach. Yahoo says it believes hackers stole data from more than one billion user accounts in August 2013. The California company says it’s a different breach from the one it disclosed in September, when it said 500 million accounts were...

Read More


12

Dec 2016

SOC Warning: Stealthy Stegoloader Can Evade Analysis Tools

By Lee Tibbals and Brian Lowe An interesting relic from the past came to visit recently in the form of a threat called Steganography. Steganography is a well-known and ancient practice of concealing a file, or a message inside of another file or message. The first recorded uses of steganography are accepted to have been around 440 BC in ancient Greece, where a message was...

Read More


09

Dec 2016

Experts: IoT Will Be Hacked Again in 2017

It was nearly two weeks before Halloween and nearly three weeks before Election 2016 when millions were denied access to such popular websites like Twitter, Reddit, The New York Times and PayPal. Some thought it was the Russians attempting to hack the election. Others thought it might be an early seasonal prank, but the event that blocked Internet access for large sections of the country...

Read More


01

Dec 2016

What Direction Will Trump Take on CyberSecurity?

Last week, President-Elect Donald Trump signaled that cybersecurity is an imminent challenge that requires immediate attention by announcing the creation of a Cyber Review Team to provide recommendations during the first 100 days of his presidency. In addition to a focus on trade, energy, regulations, national security and immigration, Trump plans to include cybersecurity as a top priority, but many in the industry believe Trump...

Read More


17

Nov 2016

Holiday Shopping Safety Series

Avoid holiday cyber scams and hoaxes By Joe Gray Because the cash flow is on the rise, the activity of cyber criminals are increasing as well. The purpose of this blog series is to educate you, the reader, about how to be safe through this season including Black Friday, Small Business Saturday, and Cyber Monday. While I try to be thorough, I cannot possibly cover...

Read More


16

Nov 2016

Holiday Shopping Safety Series

Shopping Safely via Credit Card and e-Commerce By Joe Gray It’s that time of year again: stores closing for a couple of hours (if at all) on Thanksgiving while others are completely closed. Black Friday is creeping into Thursday and cutting into turkey overload time. Starbucks has the peppermint syrup for our frappuccinos, lattes, and mocha drinks. Families are shopping for the best deals for...

Read More


10

Aug 2016

Turn Your Employees into CyberSecurity “Specialists”

Now that we know our employees are cyber security’s weakest link, what can you do to turn your employees into cyber security “specialists?” Having a strong data safety culture is one of the first rules for improving your organization’s security practices. This includes having written security policies that have been developed based on your organization’s particular needs. A Strategic Security Assessment can tell you everything...

Read More


20

May 2016

PCI DSS 3.2: What You Need to Know

New multi-factor authentication rules, added service provider regulations and extended migration dates are among the features of the newly-released Payment Card Industry Data Security Standard 3.2 upgrade. The upgrade, released in late April, spells out some significant changes in how cardholder data is accessed. The move comes as a result of the Verizon 2016 Data Breach Investigations Report that confirms 63 percent of all breaches...

Read More


29

Mar 2016

Sword & Shield’s MSSP Deploys Samsam Ransomware Protections

Although it has been around for a few months, Samsam is the newest ransomware campaign surging and is targeted at the healthcare industry. SamSam infects machines differently than traditional ransomware such as crypto-locker. It does not spread by spam/phishing emails, it actively scans for vulnerable servers that have unpatched software on the network. Unlike other ransomware campaigns, there is no need for any user action...

Read More



Page 1 of 3123