The Ins and Outs of Security Awareness Training

One of your customers’ employees logs into their computer. They get an email from someone claiming to be their IT service provider, saying they must reset their password immediately (even though there wasn’t any warning beforehand). They click a link without checking the destination URL, go to a phishing site, and enter the credentials for their email. The criminal now has access to their email … [Read more...]

The Hidden Effects of a Data Breach: What We Can Learn from The Past

I really think we need to look at history as an indicator of the future.   It’s the worst call a C-suite executive can get: A panicked IT technician tells you that your records have been compromised. Customer information may be out in the wild, and there’s nothing you can do to get it back. You know that there will be financial implications, but the dangers are unlikely to end … [Read more...]

IT Risk Management Process: Risk vs. Threat

Every day seems to bring another story of a cybersecurity attack, stemming from a growing range of IT security threats. Everything from new malware strains to new, active phishing attacks. Managing all these challenges to security is daunting for even the most security-conscious organizations. It’s hard to keep up with these IT security threats, especially when there are only so many information … [Read more...]

Why You Should Care About Advanced Threat Protection

In cyberspace, attackers are honing their skills and using more advanced techniques to silently compromise systems. Advanced threat protection systems offer targets a way to defend themselves against determined intruders. Here’s how. To understand what advanced threat protection is and why it’s so important, we have to understand advanced persistent threats (APTs). These are attacks in which an … [Read more...]

Cryptomining Attacks: The Silent Killer? 

Toward the end of December 2017, we saw a sharp decline in the number of ransomware variants being produced by cybercriminals. At the same time there was a massive spike in cryptomining attacks.  Read More … [Read more...]

4 Cybersecurity Predictions for 2019

As 2019 approaches and budgets and plans get finalized, I like to take stock of what cybersecurity trends may emerge in the coming year. Cybercriminals constantly evolve—as does technology—so it’s important to periodically take stock of the current threat and security landscape. Today, I want to emphasize four predictions for the coming year.  Experts will emphasize users and risk Read More … [Read more...]

Don’t Let Nefarious Chinese Threat Actors Ruin Your Holiday

This holiday season, it’s more important than ever to remember your cyberhygiene basics to help keep the bad guys out. Read More … [Read more...]

Making Sense of Cyberthreat Intelligence

Businesses have to step up their cybersecurity game if they want to fend off the bad guys. New attacks emerge every day. … [Read more...]

New DDoS Botnet Chalubo Reminder: Cyberhygiene Matters

Care to dance? Chalubo (aka ChaCha-Lua-bot), a new Distributed Denial of Service (DDoS) botnet discovered by SophosLabs is in the wild targeting a large global subset of Linux servers. Specifically, Chalubo is attacking poorly secured Linux servers running SSH (Secure Shell) for remote administration. This has generated a lot of press interest because SSH servers also manage many IoT devices. But … [Read more...]

Cyberhygiene—The Fundamental Cornerstone of Good Security

"Despite what you might believe, the majority of cyber attacks are not zero-day attacks. They are attacks against misconfigured systems or applications. This is happening every day. The harsh reality is that systems that use default passwords, aren’t patched, or are misconfigured, get compromised quickly. Good 'cyberhygiene' is the most effective method to prevent most of these attacks," says Tim … [Read more...]