What is an Advanced Persistent Threat?
Advanced Persistent Threats explained. Advanced Persistent Threats (or “APTs”) are a dangerous form of cyber attack where a team of intruders use sophisticated hacking techniques to establish a long-term presence on a network. Their intention is usually to breach highly sensitive data and their methods are always evolving. These APT attacks usually come from very…
Read More
How Mistakes, Forgetfulness, and Carelessness can Undo the Best IT Security
Some things just can’t be anticipated and protected against. Human foibles are at the top of the list. Human beings aren’t perfect, and their mistakes, carelessness and just plain bad luck can wreak unintentional havoc. Sometimes the simplest error can undo the most intricate IT security plans. All it takes is one person. It could…
Read More
When CMS Software Such as Drupal is a Threat
Sometimes, insider threats are less about people maliciously attacking your network but more about the software you install. Any type of software could have vulnerabilities including what would otherwise seem like innocuous software. Even CMS (content management system) software could pose a threat. This is exactly what happened with the latest Drupal threat. Drupal CMS…
Read More
Research Shows that the Best Cyber Defense Teams are Antisocial
A new study that involved Army research to find the best cyber security defense team members showed that the best people for the job are antisocial, reconfirming what many people confirmed as the stereotypical programmer as the best person for the job. In March and April 2017, the Mid-Atlantic Collegiate Cyber Defense Competition studied a…
Read More
Corporations Lose Data in Ways They Didn’t Imagine
Insider threats make up a large portion of cyber security risk. It’s a third of the risk when you manage sensitive data on your network. Most organizations think of cyber security risk and insider threats as malicious employees, but it’s not always malicious intent that leads to data loss. Negligence, phishing, malware, and other events…
Read More
A Recent Ticketfly Data Breach Reminds Consumers to Use Incomplete Data When Possible
Data breaches obviously leak private information to nefarious people. They then sell it on the black market or use it for financial gain. But how do consumers know when a provider is secure? One way to combat your data being leaked and take some security into your own hands is to leave incomplete or even…
Read More
Attackers Still use Drupalgeddon2 Vulnerabilities for Cryptojacking
A vulnerability in Drupal’s content management system was found weeks ago. But as with many patches site owners either don’t know that they need to patch their software or they disregard it as unnecessary. Unfortunately, this is the crux of a widespread problem in recent days that indicate more attackers are using the Drupalgeddon2 exploit…
Read More
€20,000,000 or 4%? – GDPR
You knew it was coming, and while initially, you may have been in denial, you can’t ignore it anymore. The General Data Protection Regulation (GDPR) is going into effect on May 25, 2018, whether you’re ready or not. Make sure you have a GDPR compliance solution deployed to make maintaining compliance much easier. Because the…
Read More
More Malicious Sites Threaten Your Organization’s Cyber Security
Having Internet access is a must for most employees. They need it for various productivity tasks. What was once a “nice to have” is not necessary for job function. IT administrators are forced to provide Internet access even if it’s limited to certain parts of the web. The difficult part is providing open Internet access…
Read More