Blog

18
Dec

2017 is coming to an end.  Seems like it just started!  Anyway, another year is in the books and we’re taking an opportunity to re-cap the biggest cybersecurity stories.  When big malware attacks or breaches occur, it seems like there is a huge amount of intense attention for a short period of time and then […]

27
Nov

There is a significant new ransomware threat wreaking havoc on the internet.  A new version of the so-called Scarab ransomware (first spotted this June) started getting pushed out in a massive spam email campaign on Thanksgiving.  Within a few hours, 12.5 million emails had been sent using the Necurs botnet. The spam emails use the  […]

19
Oct

You Should Have Always Been Careful Using WiFi It’s always been risky to use public WiFi with your sensitive business data.  As one writer has noted, using public WiFi is like having unprotected sex.  WiFi networks are vulnerable to attacks. There have been different encryption standards adopted to help secure WiFi.    WEP (Wired Equivalent […]

6
Oct

According to a recent global survey of C-suite executives and IT decision makers, most executives still don’t fully comprehend the nature of the cyberthreats they face or the potential consequences of an attack. Without the proper defenses in place, you’re putting nearly every element of your organization at risk. A cyberattack can cripple your operations, ruin customer […]

22
Sep

The news reports indicate that the massive Equifax breach was the result of a failure to patch a vulnerability in Apache Struts.  The vulnerability was publicly disclosed on March 10 and was exploited at Equifax between May and late July. During that window, Equifax did not patch this know vulnerability.  Software patching is a part […]

22
Aug

FAR 52.204-21 and Federal Cybersecurity Standards  In 2016 the Department of Defense, NASA and the GSA published FAR contract clause 52.204-21 that provided minimum standards for cybersecurity for all contractors dealing with the federal government.  The regulation applies to all ‘covered contractor information systems’ that process, store or transmit ‘Federal contract information.’ This clause will […]