Cybersecurity breaches are becoming more and more prevalent. In fact, it’s been estimated that there were almost 5 billion records breached in 2018. Many organizations spend thousands of dollars on security breach prevention tools, but won’t take the time to create a formal process of identifying, responding to, and communicating an incident.
Topics: Cybersecurity, Data Breach, Data Security, Incident Response, security incident handling, security incident response
If you’re reading this, it’s very likely that you know how to use the internet. It’s also likely you’ve made an account on the internet somewhere. When you created your last account, what kind of requirements were you forced to use? For a number of web services, these requirements still follow the 2003 NIST SP 800-63 Appendix A standards that recommend an 8-character minimum, containing one uppercase, one lowercase, one digit, and one special character (Ex: Procircular1!).
Topics: Cybersecurity, Data Protection, Personal Privacy, hacking, NIST, Passwords
Let’s take a look at an often under-utilized aspect of network topology in the small to medium business realm: that’s right, a networking article. But before you run off, what if I told you you could increase performance and lower your production down time with equipment you (might) already have!?
Topics: Cybersecurity, Network Security, consumer security, Data Security, Data Protection, security incident handling, cybersecurity plan
During a penetration test, we’ve found that a common (and easy) way to gather credentials and gain an initial foothold on the client’s network is to perform a Man-in-the-Middle poisoning attack abusing LLMNR & NBT-NS. Depending on how active users are on the network, this attack can give an adversary valuable information almost immediately. Fortunately, with a little knowledge, this attack can be easily remediated.
What is LLMNR & NBT-NS?
Topics: Cybersecurity, Network Security, Information Security, hacking
Presidents' Day is on Monday of next week and this isn’t lost on fraudsters and wire-transfer hackers. Once a wire has mistakenly been sent to the bad guy, each minute counts - the longer the delay the greater the chance they’ve been able to transfer your funds to an account that can’t be reached by the FBI. The added holiday adds an automatic delay that works to their advantage and even the most prepared organizations can fall victim.
Topics: Cybersecurity, Incident Response, FBI, security incident response