Uncategorized


12

Feb 2019

Phantom Users: Deception and Pass the Hash Attacks

Deception in cyber defense Using deception for cyber defense isn’t a new concept. Honeypots, computers with false data designed to have vulnerabilities to lure attackers to keep them occupied, have been around since before the turn of the century. Honeynets, networks of honeypots intended to mimic a legitimate network, were not far behind. By providing some “low-hanging fruit” for attackers to spend their time on,...

Read More


22

Jan 2019

Implementing Defense in Depth in the Cloud

Many companies assume their cloud vendor is responsible for and has adequate tools, policies and procedures in place for protecting the data with which they are entrusted. While this is true to some extent, consumer data protection laws such as GDPR hold the owner of the data responsible if the cloud service is compromised. This is why implementing defense in depth in the cloud is...

Read More


16

Jan 2019

Should I Go Through HITRUST Certification Even If It’s Not Required?

The HITRUST CSF is a set of security controls designed to help organizations that work with sensitive healthcare data to become more secure. Since HITRUST is gaining traction, many organization decision makers are asking the question, “Should my company go through HITRUST certification even though we’re not required to do so?” This article explores what it means to be HITRUST certified and the benefits of...

Read More


25

Sep 2018

Eight Considerations for Remote Worker Cybersecurity

Working from your desk in the corporate office is probably the safest way of doing business since you have both physical and technological protections provided by your organization.  However, this may not always be feasible for either personal or business reasons.  By taking the appropriate remote worker cybersecurity precautions, you can work from home or on the go without jeopardizing your personal security or that...

Read More


18

Sep 2018

Practicing Strong Password Security to Protect Yourself from Hackers

Having a weak password might not seem like a big deal, but it can be dangerous both personally and professionally.  In this post, we discuss what makes a password weak, how attackers take advantage of weak passwords, and how you can practice strong password security to protect yourself from hackers. What Makes a Password Weak? Everyone talks about the fact that strong passwords are a...

Read More


28

Aug 2018

Locked Out: Ransomware Prevention and Incident Response

A ransomware attack can be a debilitating event for an unprepared person or organization.  Depending on the type and value of the data stored on an infected computer, the impact of an incident can range from a minor hiccup in operations to the death of the company. The impact of ransomware on small to medium size businesses (SMBs) can be particularly devastating. In its Second Annual...

Read More


15

Aug 2018

Sticking Around: Common Windows Malware Persistence Mechanisms

Malware authors put a lot of time and effort into writing their malware and finding ways to get it installed and running on target machines. If users could get rid of malware for good by just closing it or restarting their computer, then these attackers would have put in a lot of work for minimal payoff. But hackers leverage malware persistence mechanisms to be sure...

Read More


09

Aug 2018

What do I do if my Network is Hacked?

7 Steps to Achieving Effective Information Security Incident Response Nobody wants to be hacked, but the only thing worse than having an incident is to have one and then botch the incident response procedures. An incorrect response could allow an attacker to gain further access to your network, fail to completely remove the infection, or render evidence of the incident inadmissible in legal proceedings. By...

Read More


02

Jul 2018

Two-Factor Authentication (2FA): Secure or Not?

Passwords are generally considered to be insecure.  With the sheer number of accounts that the average person has, remembering a password for each account requires weak passwords, password reuse, or the use of technology like a password manager.  Even if someone has good password hygiene, a data breach means that someone’s password could be exposed by circumstances completely outside their control. Two-factor authentication is a...

Read More



Page 1 of 41234