What’s lurking the digital shadows?

April 16, 2019 by Brian Halbach | No Comments

What’s lurking the digital shadows?

Organizations are often aware of their digital or internet footprint. That is, the footprint they leave behind online via their websites, social media accounts, external emails sent out, and more. It is very common for companies to employ a digital director to help manage all these new grounds and keep them in check. But how many companies aware that there is other information left behind on the internet outside of these normal channels? Information that cyber-criminals could leverage to start an attack on an organization.

Watch Who Emails You: Stay Safe From Business Email Compromise

November 21, 2018 by Brian Halbach | No Comments

Watch out for Business Email Compromise

In 2013 the FBI noticed a new attack that they called business email compromise (BEC) sometimes called CEO fraud (although it doesn’t always involve the CEO). This is a simple attack that criminals use to steal money and financial information from all sorts of companies. Targets have included large and small corporations, non-profits, churches, and schools. As of 2018 BEC has cost over $12.5 Billion dollars and is on the rise.

Bitlocker and Solid State Drives (SSD)

November 12, 2018 by Brian Halbach | No Comments

Bitlocker and Solid State Drives

To keep devices secure, many companies rely on a product from Microsoft called Bitlocker. Bitlocker is an encryption platform that helps keep your computer safe from offline attacks. In the event a laptop or desktop is lost or stolen, the hard drive on the device is encrypted and is unreadable unless you have the password required to decrypt the device.

Recently a serious security risk has been discovered when Bitlocker is used with solid state drives (SSD). This security flaw allows drives that are not properly encrypted to be hacked and user data retrieved. This problem was discovered by Carlo Meijer and Bernard van Gastel of Radbound University.

Security Risks – Business to Business VPNs

October 26, 2018 by Brian Halbach | No Comments

What are B2B VPN

Many companies need direct connectivity with other trusted organizations to do business. A cost-effective way to setup these connections is to create a business to business virtual private network also known as a B2B VPN. VPN is a technology that allows for two geographically separate networks to connect and share data across insecure networks like the Internet. B2B VPN tunnels often use the IPsec suite of protocols to establish, secure and maintain these connections.

Staying Secure When Facing Advanced Persistent Threats

October 3, 2018 by Brian Halbach | No Comments

The United States Computer Emergency Readiness Team (US-CERT) and the National Cybersecurity and Communications Integration Center (NCCIC) recently posted a technical alert for Managed Service Providers (MSPs) warning of a campaign conducted by Advanced Persistent Threats that targets MSPs and attempts to break into their computer networks. Both cloud and on premise technologies are targeted in this attack. You can read the full alert here, https://www.us-cert.gov/ncas/alerts/TA18-276B.

In this blog post we will look at who and what Advanced Persistent Threats are, what they are doing, how they are doing it, and why they are targeting MSPs. We will also briefly going into how 3KeyLogic is staying protected and what you can do to make sure to not fall victim to an APT.

[Webinar] Cyber Security Strategy: Driving Value From Security Assessments

September 17, 2018 by Ed Simson | No Comments

In case you missed our webinar last week, Brian and I talked about security assessments and how they fit into your cyber security strategy. We include some tips about driving the most value from security assessments regardless of how mature your organizational security is.

Ransomware Trends

September 13, 2018 by Brian Halbach | No Comments

Ransomware is a type of malware that infects a computer and locks their files by encrypting them so they cannot be used until the owner of the device pays a ransom (usually in bitcoin or other online crypto-currency) to get their device unlocked. Attackers often use ransomware because it has several advantages over traditional malware and viruses.

Next-Generation Firewalls: What are they and why do I need one?

September 10, 2018 by Brian Halbach | No Comments

When discussing network security, firewalls are the number one item that comes up. That is because they often are a company’s first line of defense and the most visible. Firewalls are devices that sit at the border of the network, preventing unwanted traffic from entering a company as well as stopping malicious traffic from leaving. As companies grow and their security needs increase, firewalls need to do more than just block traffic.

Your monthly “security assessment” may not be as secure as you think

August 15, 2018 by Ed Simson | No Comments

When asked about security practices many organizations are quick to respond; “We do a security assessment every month [or quarter].” But what do you mean by security assessment? Often, this security assessment is a network or vulnerability scan performed by an automated appliance or service. This is not a security assessment.

Spear Phishing and Whaling and Waterholes, OH MY!

August 1, 2018 by Brian Halbach | No Comments

Attackers who are trying to break into a system know that the weakest line of defense is often the people. To get to these people attackers use schemes such as phishing, spear phishing, whaling, and watering hole attacks. We will look at each of those attacks and tell you ways to protect yourself.