Security News


Dec 2018

Four Ways to Protect Against Insider Threats

Most cybersecurity defenses and strategies are focused on external threats in an effort to make access costlier for a hacker than the value of what they can obtain. However, developing ways to protect against insider threats is an essential part of an organization’s cybersecurity posture. The Internal Threat Landscape Most organizations are focused on the prospect of external threats. Basic security is perimeter-focused, meaning that the primary...

Read More


Aug 2018

Examining Fileless Malware Threats

Most malware is file-based, meaning that your computer is infected as a result of a file being downloaded and run on your computer. This makes detection and removal easier for antivirus software since it can generate signatures of the malware files and look for those files on disk to detect and remove them. Conversely, fileless malware is designed to not leave a file on disk...

Read More


Aug 2018

Sticking Around: Common Windows Malware Persistence Mechanisms

Malware authors put a lot of time and effort into writing their malware and finding ways to get it installed and running on target machines. If users could get rid of malware for good by just closing it or restarting their computer, then these attackers would have put in a lot of work for minimal payoff. But hackers leverage malware persistence mechanisms to be sure...

Read More


Jul 2018

Lessons Learned from the MD Anderson Breaches

The MD Anderson Cancer Center at the University of Texas was recently fined $4.3 million by the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) concerning data breaches that resulted in the loss of the health information of 33,500 patients. In this article, we called on one of our healthcare experts, Security Consultant Jeremy Bess, to explain what lessons can...

Read More


Feb 2018

Filter Noise, Deceive Attackers: National Cybersecurity Firm Expands Managed Security Platform

Sword & Shield Enterprise Security announces 24/7 perimeter defense and cyber deception services KNOXVILLE, Tenn. Feb. 7, 2018 – Sword & Shield Enterprise Security, a leading national cybersecurity firm based in Knoxville, Tennessee, now offers a proactive, transparent approach to significantly reduce unwanted network traffic and throw hackers off the scent with its new perimeter defense and cyber deception services. Sword & Shield offers these...

Read More


Jan 2018

Migrating to the Cloud the Secure Way

It is 2018 and “The Cloud” continues the trend of upward growth. The Gartner Group predicts by 2021, 28% of all IT spending will be for cloud-based infrastructure, middleware, application and business process services. Online services help make our work and personal lives more productive and easier. Some advantages of the cloud are that you can easily access your data from anywhere and sync it with...

Read More


Jan 2018

What you should know about Spectre and Meltdown

By Corey McReynolds About Spectre and Meltdown Two large exploits, “Spectre” and “Meltdown”, have been released that allow reading privileged memory with side-channel attacks on Intel and ARM processors. This issue is known to affect nearly all processors in personal computers, Macs, servers and mobile devices (both Android and iOS). AMD processors are affected (only to “Spectre”), but to a much lesser degree. The result of...

Read More


Oct 2017

KRACK exploit explained

A recently discovered vulnerability in the most widely used wireless security standard may be one of the biggest in years. The good news is there are precautions that can be taken to keep you and your business safe. Sword & Shield’s Corey McReynolds and Joe Gray explain: What the Attack is This attack exploits a vulnerability in Wireless Protected Access (WPA), both WPA and WPA2 encryption...

Read More


Sep 2017

Stopping an Agency DDoS Attack Just Got Easier

The federal government is no stranger to Distributed Denial-of-Service (DDoS) attacks. In May, the Federal Communications Commission’s (FCC) comment system was hit with multiple Distributed Denial-of-Service (DDoS) attacks making it difficult for the public to access and file comments online. In July 2016, the Library of Congress was attacked and many of it’s public-facing sites were knocked offline. Moreover, several online cyber vandalism groups have...

Read More


Aug 2017

Petya: Cyber Warfare Deception

By Ryan Ernst The following article originally appeared in the August 2017 edition of Gulf Insider online magazine. “All warfare is based upon deception.” – Sun Tzu, The Art of War Petya versus NotPetya Petya, the global cyberattack launched weeks after the WannaCry ransomware, appeared at first as a new variant of the original 2016 ransomware of the same name.  However, security researchers soon identified...

Read More

Page 1 of 41234