March 31 is World Backup Day

Tuesday, March 31 is World Backup Day.  Wednesday April 1st is “I don’t backup day.”  It is also April Fool’s Day.  Is there a connection?

In the era of crypto-ransomware attacks, backup is considered one of the cornerstones of a good cybersecurity program.  Having a automatic backup system, and full set of recent and tested backups is critical for businesses of any size.  Current ransomware exploits often will encrypt network attached backup solutions too.  Would your current ...

Continue Reading →
30
MAR
0

backup, ransomware

Sunday Funnies – Ghost Code

I run into this situation all the time when pen-testing.

Me: “I found this system that is running Windows XP, you need to decommission this one.”

Client: “We can’t, that system is running a custom Access application that was written by a former employee.  He left the company 10 years ago and nobody knows to to update his code.”

Later we discover the system has been hijacked for years and is hosting stolen identity documents, and spamming the customers of a French ISP.

Continue Reading →

29
MAR
0

Sunday Funnies

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Will working and schooling from home break the Internet?

I have been getting this question a lot lately.  Quick answer, it is unlikely, so no it won’t break the Internet.  But is is changing usage from downtown areas to suburbs.  See the map.  From Tech Republic.

Remote working ...

Continue Reading →
28
MAR
0

certification, critical infrastructure, education, ransomware, training, Weekend Update, Windows 10

, ,

Reducing Risk When Deploying IoT Devices in Business

The Internet of Things (IoT) has given us a plethora of exciting and helpful computer driven devices.  But the state of IoT security remains a dumpster fire.  As these devices appear in the workplace, businesses are often failing to consider the impact these poorly secured devices have on their carefully crafted cybersecurity programs.  Every one of these devices represents a new ...

Continue Reading →
27
MAR
0

cybersecurity, Internet of Things, Security

,

Fake SpyHunter Phish Example

I got this email, which is most certainly a phishing email, touting the legitimate anti-malware product SpyHunter.  The image of the email is below.

Part of safely working from home is to be aware of these types of approaches, and alerting your IT staff to these before you click to open them.  Do not belief emails appearing to come from recognized authorities, like the CDC, or event your own company or IT ...

Continue Reading →
23
MAR
0

Phishing, social engineering

Sunday Funnies – Algorithm and TP

What is an algorithm exactly?  They are used in cryptography to encrypt a message.  We hear the word used all the time, but what is it?

noun
noun: algorithm; plural noun: algorithms
  1. a process or set of rules to be followed in calculations or other problem-solving operations, especially by a computer.

And ...

Continue Reading →
22
MAR
0

Sunday Funnies

Guest Post – Why Should Data Security Be Your Top Priority

Have you or your business been a victim of data theft?  Would you even know if you were?  In this world where almost everything is accessible online, data security has become a global issue. Many criminal minds have surfaced throughout the years, using their skills in technology to illegally make money at the expense of other people’s information online. In fact, ...

Continue Reading →
20
MAR
0

cybersecurity, Identity Theft

Page 1 of 179 12345...»