When you think of a security threat, what comes to mind? A ransomware attack? A thief drilling into your vault and stealing your money? An unpatched vulnerability that could expose sensitive data? While all of these threats represent external forces, it’s just as important to remember your internal threats, too. In this post, we’ll discuss a few ways you can stay on top of insider threats to your organization’s data and reputation and take appropriate steps to protect your employees–not …

Now that we’ve had half a year to process the Spectre and Meltdown flaws released in January, what’s been done about it? Are we now “safe” or are there other CPU flaws out there that we just don’t know about? Unfortunately, there’s always the risk of as-yet unknown vulnerabilities that could be exploited for malicious purposes. But in the meantime, security researchers and other organizations are working hard on fixes to make the Internet (and in this case, computer architecture itself) …

If you use Azure, you know you need to know about the Security Center. Why? One of the biggest challenges (and a major concern for executives) to using the cloud successfully is security, and for good reason. Recent public revelations about data breaches due to poorly configured Amazon S3 buckets are making users think twice before moving to the public cloud. For current Azure users, that risk can be mitigated by properly understanding  how to apply Azure Security Center to your …

IT magazine The Register reported that there was a major flaw with Intel, AMD, ARM and POWER chips that affect virtually every single computer ever made in the past 20 years. What a way to bring in the new year, eh? There are two flaws: One is called Spectre, and the other is Meltdown. Meltdown primarily affects Intel and ARM chips, where bad actors can get the CPU to reveal application information from the machine kernel, such as passwords. The good …

We gave Amazon’s S3 storage buckets an honorable mention on our biggest data breaches of 2017 list, and in this post, we’ll explain why we did that. What makes these types of breaches so important to point out? For those who missed it, here’s what happened: AWS users can store their files (known as objects) in what are known as S3 storage buckets. Amazon defaults these S3 buckets to be closed instead of open, but over the course of several …

As we did in 2016, we’re rounding up the biggest data breaches of 2017. What have we learned as a result, and what can companies do better next year? Equifax: The loss of 145 million records may not be the highest in history, but the value of information very well might be. Thanks to an unpatched flaw in an Apache Struts server, names, dates, social security numbers, and more were compromised. Most of the records were American, but about a …

Two factor authentication is widely recommended as a security practice to give an extra layer of protection to your network and personal accounts, but according to security researchers, if you use SMS texts as your second form of authentication, they could be subject to interception and exploitation. Security researchers demonstrated how easily they were able to manipulate the two-factor set up on a Bitcoin wallet account, simply by intercepting the text message sent over the cellular network. Once they reset …

With all the deals that can be found on Black Friday and Cyber Monday, it’s time to start scoring great deals online. But only half of consumers say they can determine whether the site they’re visiting is safe and legitimate, according to a survey by the Global Cyber Alliance. Here’s 6 ways on how to stay safe during the holiday shopping season. Check the URL of the site you’re visiting. Sophisticated phishing attacks can do a great job of making …

Cybersecurity journalist Brian Krebs noted on his website the security and simplicity of adding a vocal password to your authentication process when you call a company such as a bank or investment firm to obtain access about your account. Voice passwords are a great idea. They can be a very effective security measure if a hacker calls your bank to open a fraudulent account in your name or requests a large transfer out of your account. Most banks require only your …

A security researcher named Mathy Vanhoef of KU Leuven in Belgium has disclosed a vulnerability in the current WPA2 network. All routers that use a WPA2 (which is almost every single WiFi enabled device today) is vulnerable to a Key Reinstallation Attack (KRACK). Information that was once assumed to be safely encrypted, such as messages, passwords, photos, or credit card numbers, can now be read, and in some cases, manipulated. The problem is unfortunately not with a specific product, but rather …

Get started now. Exceptional service awaits.

Live Chat