BUSINESS CONTINUITY MANAGEMENT

What is Business Continuity Management?

What Is BCM and How Does it Relate to Cyber Security? Business continuity management is the advanced planning and preparation of a company to continue functioning or quickly resume operations after a disaster has occurred on the premises. It is usually done through continuity management software that is efficient and simplifies the work processes. Such a product also defines potential risks to cybersecurity and physical threats like fire or flood. Managers tend to plan and identify a potential crisis within their company before it happens. They create procedures and plans and test them to validate the functionality. Periodically, these structures … Read more

Coronavirus

Cybercrime rates surge during the COVID-19 pandemic

Cybercrime rates surge during the COVID-19 pandemic. Coronavirus has influenced almost every area of our lives. It’s mostly visible in business as restrictions make it harder every day for people to do things as they have always have done.  To avoid losing money, they change the ways they operate. Unfortunately, this also means that they face new threats, some of which they aren’t prepared for. During the pandemic, many of us are forced to stay at home. Thus, companies need to allow their employees to work remotely to survive. For many, this is the first time working away from their … Read more

Cryptocurrency

Avoiding Cyber Threats When Dealing With Cryptocurrency

Cryptocurrencies have caught on in a pretty big way over the course of the last several years. However, there are still plenty of people who haven’t bought in, and some of the common reasons for this concern trust and security. From individuals to financial institutions, to governments, there’s a feeling that the supposed inherent security of cryptocurrencies just isn’t reliable. And even where new and emerging cryptos are concerned, there’s little faith that the kinks have been ironed out. Case in point, Facebook’s long-awaited crypto offering already has a trust problem. All of these concerns are understandable. There are established cybersecurityRead more

How to secure your computer from any virus threats?

Cybersecurity is critical both for individuals and businesses of all sizes. An increase of the World Wide Web introduced a range of possibilities for the industries, but it also brought new downsides of connectivity. We use internet-connected devices in all aspects of life. People receive tons of spam every day, so they need to infiltrate accounts, and computer viruses wreak havoc on business networks. Viruses and malware could harm our files and steal personal data such as banking details and social security information. We prepare you for security solutions to rely on and protect a computer from viruses (e.g., Norton). … Read more

A Step by Step Guide on how a Cybersecurity Risk Assessment is Performed

A Step by Step Guide on how a Cybersecurity Risk Assessment is Performed

Risk assessment needs to be done frequently for any organization. These risk assessments protect against cybersecurity threats that are happening every day. It is an essential activity that needs to be executed carefully. The following steps can act as a guide to risk assessment. Almost every organization relies on information technology and information systems to complete transactions and conduct daily business. Many risks are introduced during these transactions. These risks need to be examined to ensure that they are mitigated effectively. The cyber risk assessment is used to identify, estimate, and prioritize the risk to an institution’s operations. By providing … Read more

What to do if your Wordpress Site Gets Hacked

What to do if your WordPress Site Gets Hacked

Some estimates state that 40% of websites use the Content Management System (CMS) known as WordPress. WordPress is one of the easiest ways to get a professional website up and running quickly. But if you don’t keep your site updated, then there is a good chance that you will wake up one day to find that you have malware on your website. Most people find out that their site was hacked when they find out that their browser starts flashing a warning when they try to access the site. For example, if you use Chrome, then the notification will look … Read more

AWS Cloud Architect Tops the Latest Salary Survey

AWS Cloud Architect Tops the Latest Salary Survey

Amazon Web Services (AWS) is the most significant player in the cloud, holding an astonishing 45% of the industry market share. Given this, there is a huge demand for experts in AWS cloud experts. The latest Salary Survey from CertMag.com proves that AWS professionals can make substantial salaries. The AWS Certified Solutions Architect certification is the most lucrative certification today. The average salary for holders of this certification is $146,960. People in the IT industry are rushing to prepare for the AWS Solutions Architect test. I know a few people in my circle that are studying for this test right … Read more

IAM vs IAT Certifications

IAM vs IAT Certifications

There is often some confusion about the difference between IAM and IAT certifications. Many times these terms are confused and interchanged. Both IAM and IAT were established by the Dept. of Defense in 2004. These are qualification standards meant to ensure that the Dept. of Defense IT systems are staffed with technical and management personnel who meet a certain standard of technical expertise. IAT stands for Information Assurance Technical. The IAT certification levels are achieved by passing specific exams and having certain work experiences that meet particular requirements. These requirements are focused on technical knowledge and are geared toward technical … Read more

AI and Facial Recognition will improve society

AI and Facial Recognition will improve society

There has been a lot of speculation on how the combination of artificial intelligence and facial recognition will affect the future.  This speculation focuses on how this technology will be intrusive of our privacy rights. It sounds scary It sounds a bit scary when you first think about it.  Anytime you are at an event, a mall, or even within a city, the cameras are watching.  When you combine these cameras with facial recognition, the whole context changes.  Government and even businesses will know who you are and where you are. Think about walking into a store.  The computers will … Read more

Data Limitation Laws?

Data Limitation Laws?

It is usually not a good idea for lawmakers to get involved in cybersecurity beyond a certain point.  The reason for this is that lawmakers do not have an understanding of the technology that they are legislating. Case in point:  Australia is quickly enacting legislation that will require companies like Apple and Facebook to provide a way for law enforcement to read encrypted data.  This sounds nice on the surface because law enforcement can go after the bad guys easier.  But this law will be a boon for hackers because the encryption will be less secure.  There will be a … Read more

Are Dark Web Scans Effective?

Are Dark Web Scans Effective?

The Dark Web is Anonymous The dark web is a scary place.  It is a network of websites teeming with illegal activity.  It is a secret place where visitors protect their identity by using techniques to keep identifying information (Like their IP address) hidden. There are several methods that people use to keep themselves anonymous when accessing the dark web.  You need to use the TOR browser to access the dark web. What can be Found on the Dark Web? As far as illegal stuff – you name it, and it can be found on the dark web.  Related to … Read more

Murder By Hacking

Murder by Hacking

When Hackers Kill Hackers have already – perhaps many times- have contributed to death by hacking into secure systems and releasing information.  This information has lead to the loss of life in many different ways, including suicide and murder. But hacking has now evolved to the point that cybercriminals can use computers to negatively affect and damage the physical world, including the murder of individuals and groups. Hackers have the power of mass-murder in their hands right now. Using malware to affect the physical environment is nothing new.  One of the most famous cases is the Stuxnet virus that was … Read more

What is Zerodium?

What is Zerodium?

Zerodium is a reputable place where you can sell zero-day exploits. Hackers and security researchers know that Zerodium is a way to cash in on vulnerabilities that they discover in operation systems, software and hardware, and devices. There are several ways that you can make money from discovering vulnerabilities.  You can disclose the vulnerability to the software or hardware vendor.  Many companies offer a “Bug Bounty” program where they pay for such discoveries.  It is the “White Hat” thing to do.  You can sell the exploit on the black market.  If you do this, your exploit will undoubtedly be used … Read more

What is Persian Stalker?

What is Persian Stalker?

Persian Stalker is targeting Iranian social media accounts. The “group” has been around since 2017, and they have been observed targeting social media accounts.  Specifically, this group focuses on gaining access and control of Instagram and Telegram accounts. Telegram is a popular service with about 40 million users.  Telegram is a communication app that has been used to organize protesters in Iran.  Of course, the Iranian government is not a fan of this service.  The Iranian government has actively requested that certain services and channels be shut down.  As far as we know, the Iranian government has not engaged in … Read more

Phishing attacks up by 300% in 2018

Phishing attacks up by 300% in 2018

According to “The Retail and eCommerce Threat Landscape Report” from October 2018, there is a 297% increase in the number of phishing websites that target online retail businesses and customers of these businesses.  There is an average of 23 phishing sites for each retail company included in the study.  In 2017 the data showed that there were only 5.9 phishing websites per company. A report illustrates how cybercriminals are increasingly targeting retailers and their customers through digital and social channels as retailers leverage new channels  for increased revenue opportunities “The Retail and eCommerce Threat Landscape Report” (October 2018), notes a … Read more

More data shows that Americans are lackadaisical about security.

More data shows that Americans are lackadaisical about security.

A new research report Published by cybersecurity specialists, BestVPN.com, shows the state of online privacy in the United States. BestVPN surveyed 1,000 U.S. consumers to comprehend the state of online privacy in 2018. The report reveals a significant knowledge gap and suggests that, despite their fears, US citizens are not protecting themselves against the ever-growing amount of cyber-threats. In light of the 2018 information breaches and revelations, consumers were asked to detail their cyber hygiene habits. There is a significant distrust of social media platforms; 45% of consumers report feeling uncomfortable about using platforms that track and sell their information. … Read more

North Korean Cryptocurrency Scam Efforts - Marine Chain

North Korean Cryptocurrency Scam Efforts – Marine Chain

Experts think that the infamous North Korean hacker group Lazarus accounts for targeted strikes against five cryptocurrency exchanges. North Korea’s burgeoning cyber military seems to have especially honed its assault abilities to attack cryptocurrency-related organizations. In the face of mounting and crippling international sanctions, Pyongyang’s many hacker groups have adopted cryptocurrency-focused malicious attempts as an effective way of generating income to the reclusive country. Security specialists at Group-IB consider that the infamous North Korean Hacker group Lazarus accounts for targeting strikes against five cryptocurrency exchanges. According To security researchers in Recorded Future, even as Pyongyang’s ruling elite have gotten better … Read more

The freeRTOS  Vulnerability Disaster

The freeRTOS Vulnerability Disaster

FreeRTOS, the open-source operating system that powers most of the small microprocessors and microcontrollers in many IoT hardware products has newly identified vulnerabilities. The vulnerabilities are in the TCP/IP stack and affect the FreeRTOS. The versions affected The versions affected are FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), AWS FreeRTOS up to V1.3.1, OpenRTOS and SafeRTOS (With WHIS Connect middleware TCP/IP components). Why this is a disaster FreeRTOS is used in many IoT devices.  These devices are often inexpensive and not easily patched.  In fact, many of these devices have firmware that has not been updated for many years. Examples of … Read more

City of Westhaven Connecticut Pays $2K in Ransomware Extortion

City of Westhaven Connecticut Pays $2K in Ransomware Extortion

Another successful ransomware attack…. The City of West Haven, Connecticut made the tough decision to pay hackers $2,000 in ransom money after a ransomware attack halted all their operations. The city contacted the Department of Homeland Security who discovered the attack originated outside of the U.S. West Haven mayor Nancy Rossi said the attack disabled around 23 servers last week which led their local officials deciding to pay the $2000 in Bitcoin to unlock their servers.

Hackers are Unstoppable?

Hackers are Unstoppable?

According to research by Kaspersky Lab, 86% of Cybersecurity professionals think that hackers are not stoppable and will eventually succeed at compromising the systems that the cyber pros are hired to protect. In my opinion, this awareness of the seriousness of the threat is admirable.  Such an attitude should keep us all on high alert. On the other hand, the view may also become a self-fulfilling prophecy. The most significant risks come from two groups:  criminal gangs and insider threats. Criminal gangs of hackers are generally motivated by financial gain. These types of breaches happen every day. Most of these … Read more

Types of Malware

The Most Frequent Kinds of Malware

Malware is short for “Malicious Software” and has been around for a very long time.  Way back in the 1980s, trojans and other types of malware were distributed on floppy disk to unsuspecting users. Malware can be used to destroy data, destroy hardware, steal information, create zombies (computers that hackers can control remotely), and other things that you do not want to happen! There are many types of malware, but I have listed and defined each of the most common types of malware that you will see in the wild. Which are the most Frequent Kinds of malware? Adware is … Read more

What is Coinhive Malware?

What is Coinhive Malware?

A cryptocurrency mining code called Coinhive is creeping onto unsuspecting websites around the net. Coinhive uses javascript to harness computer users CPU capacity when they visit a website. So, when you visit a website with Coinhive code your computer is working to mine cryptocurrency for someone. Coinhive itself is not Malware. Coinhive is not malware by itself.  Coihive code is a technique to generate income from websites as an alternative to running ads on the site.  When the user is notified up front and is given the choice to leave the site or continue then we have no moral objection. … Read more

The Bloomberg article about Supermicro Supply Chain Hardware Hack

The Bloomberg article about Supermicro Supply Chain Hardware Hack

Everyone is talking about the Bloomberg Businessweek’s volatile report alleging that Chinese spies had implanted surveillance chips in the motherboards of computer servers. The report is not standing up to the smell test.  As president Trump would say – This is fake news. Apple, Amazon, and the other involved parties delivered strong denials.  If these companies saw any potential truth in the article they would have not issued such strong denials.  For one thing – if there was any truth in the article then each of these companies would have a high liability for misleading the public with the denials. … Read more