Ransomware is a growing threat to every organization on the planet and cyber-criminals are innovating at a phenomenal pace because they have the funds to do so. In fact, many cyber-criminal groups have more funds than most enterprises and as the money increases attackers have more to invest in adding resources and people to enhance their threats. Hackers are becoming increasingly sophisticated […]
Hackers are using weak and stolen credentials in a significant way to compromise business-critical environments. Stealing access to your environment using a known password for a user account is a much easier way to compromise systems than relying on other vulnerabilities. Therefore, using good password security and robust password policies is an excellent way for organizations […]
Bad passwords are easy to remember, but also easy to guess and that can give an attacker access to your online accounts. That’s why the UK’s National Cyber Security Centre (NCSC) recommends that users pick three random words for a password rather than meeting complex requirements, such as an alphanumeric string, that could permit the creation of bad passwords like “pa55word.” One of […]
PunkSpider is scanning every website in the world to find and then publicly release their exploitable flaws all at the same time in the name of making the web more secure. PunkSpider automatically identifies hackable vulnerabilities in websites, and then allows anyone to search those results to find sites susceptible to everything from defacement to data […]
Whether you work from a traditional office, home office, your iPhone, or on the road, a VPN is one of the best ways to protect yourself from data breaches on the internet, especially when using public wi-fi networks. VPN is an acronym for Virtual Private Network, the purpose is to provide you with security and privacy as […]
Microsoft has continued its analysis of the LemonDuck coin-mining malware which has been crafted by some very determined, financially motivated cybercriminals. LemonDuck is known for installing crypto-miners in enterprise environments and has a well-stocked arsenal of hacking tools, tricks and exploits. Their goal is to have their malware retain exclusive access to a compromised network for as long as possible. The attackers try […]
I have been deploying this for about 4 months now and pretty impressed. Sophos XDR goes beyond the endpoint and server, pulling in firewall, email and other data sources. Gives you a holistic view of your organization’s cybersecurity posture with the ability to drill down into granular detail when needed. Gives you access to even […]