Category: Insights
-
Why Outsourcing Cybersecurity is Essential for SMBs
According to a study at the University of Maryland (Security Magazine) in 2022, a cyber attack occurs every 39 seconds. With the exponential growth of the threat landscape, cybersecurity cannot be a part-time job. It is certainly not a side hustle. Whether you are a global corporate giant or a local SMB, cybersecurity is not…
-
AI Assistant, Friend, Foe, or Demigod?
When the telephone was first marketed, many predicted it to be a failure as it was assumed that people wouldn’t want to give others a way to bypass their front door and invade the privacy of their home. Despite the plethora of time-saving appliances and gadgets introduced and acquired over the years; people still complain…
-
Blog – Cybertech TLV 2023 – AI & Cloud & Regulations, Oh My!
Despite the stormy weather, Cybertech TLV 2023 drew in cybersecurity experts and leaders from around the world, gathering in Tel Aviv to share ideas, present solutions, discuss current and future trends, and provide valuable insights into the challenges and opportunities facing the industry. What came as no surprise was the main issue of combating the…
-
The Risks of Poor Patch Management
We all neglect things we know we shouldn’t, like a yearly physical with a healthcare provider. When the time rolls around, you tell yourself you’ll make an appointment when you’re less busy, that you feel fine so there’s no need, or concoct another story that lets you put off what you know you shouldn’t. While…
-
How Attackers are Exploiting Cloud Misunderstandings
The cloud has become a hot destination in recent years. It’s what helped launch the paradigm of digital transformation that has changed how business is conducted. It has changed the role of IT, pushing IT teams to evolve and develop new skill sets and strategies. The cloud has allowed companies to achieve greater scalability, agility,…
-
$100K vs. $150M – From Ransom to Clean Up
For a CEO, CISO, or a security professional, nothing instigates a wave of panic like receiving a dreaded message such as “Your files have been encrypted” with a link that reveals a ransom demand. However, sometimes what is most feared – the ransom demand – is not the financial punch that hurts the most. Often,…
-
Defending Your Email Infrastructure
Email is an incredible tool for businesses, but it’s also an equally incredible tool for threat actors, consistently remaining the most popular attack vector for hackers looking to gain access into an organization. And it’s not hard to see why. When planning an attack, the decisive question for a hacker is, “Will it be easier…
-
Why Outsourcing Cybersecurity is Essential for SMBs
According to a study at the University of Maryland (Security Magazine) in 2022, a cyber attack occurs every 39 seconds. With the exponential growth of the threat landscape, cybersecurity cannot be a part-time job. It is certainly not a side hustle. Whether you are a global corporate giant or a local SMB, cybersecurity is not…
-
AI Assistant, Friend, Foe, or Demigod?
When the telephone was first marketed, many predicted it to be a failure as it was assumed that people wouldn’t want to give others a way to bypass their front door and invade the privacy of their home. Despite the plethora of time-saving appliances and gadgets introduced and acquired over the years; people still complain…
-
The Risks of Poor Patch Management
We all neglect things we know we shouldn’t, like a yearly physical with a healthcare provider. When the time rolls around, you tell yourself you’ll make an appointment when you’re less busy, that you feel fine so there’s no need, or concoct another story that lets you put off what you know you shouldn’t. While…
-
How Attackers are Exploiting Cloud Misunderstandings
The cloud has become a hot destination in recent years. It’s what helped launch the paradigm of digital transformation that has changed how business is conducted. It has changed the role of IT, pushing IT teams to evolve and develop new skill sets and strategies. The cloud has allowed companies to achieve greater scalability, agility,…
-
$100K vs. $150M – From Ransom to Clean Up
For a CEO, CISO, or a security professional, nothing instigates a wave of panic like receiving a dreaded message such as “Your files have been encrypted” with a link that reveals a ransom demand. However, sometimes what is most feared – the ransom demand – is not the financial punch that hurts the most. Often,…
-
Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms
Federal and state legislation say surprisingly little about how ordinary American businesses should manage their cybersecurity. However, financial services and insurance firms are not ordinary businesses. Because of their tendency to deal with sensitive personal data such as social security numbers, bank accounts and tax records, financial services and insurance firms are subject to a…
-
Cybersecurity and Data Protection Laws: US Healthcare Businesses
Ordinary American businesses are legally obligated to tell consumers when there has been a data breach but are not obligated to have cybersecurity protection in place. However, healthcare organizations are not ordinary businesses. Because they deal with protected health information (PHI), healthcare organizations are subject to special cybersecurity and data privacy rules pertaining only to…
-
Six months later: Key takeaways from the SolarWinds supply chain attack
Last year’s SolarWinds supply chain attack shook the security world. Hundreds of private businesses, many of them Fortune 500 companies, and several US agencies, including the Pentagon, Homeland Security, the Treasury, and the State Department, were all victims as they all use SolarWinds’ Orion system. The scope of this attack and the fact that hackers…
-
Colonial Pipeline Ransomware Attack: Lessons For SOC Operators
Background Earlier this month, Colonial Pipeline — the largest pipeline system for refined oil production in the U.S. — suffered a ransomware attack that resulted in the closure of one of the largest U.S. pipelines. As a result of the attack, the pipeline operator was forced to temporarily halt all pipeline operations resulting in massive…
-
Two Emerging Vector Trends
Life is never dull for cybersecurity teams, but we’ve seen an increase in two types of threat vectors during the first half of 2021. Reports of the recent Codecov Bash Uploaded security breach is an example of a supply chain attack, while common vulnerabilities and exposures (CVE) have shown up in increased frequency at Apple,…
-
Zerologon and How to Detect It Like A Pro
You’ve probably already heard about the Zerologon vulnerability (aka CVE-2020-1472) but in case you haven’t, here is what it is in a nutshell; and more importantly here are our insights on how to detect it. Zerologon is a critical vulnerability scored CVSS10.0 by Microsoft, essentially allowing an adversary to exploit the Netlogon Remote Protocol (MS-NRPC) aimed at…
-
Common Entry Points #3 – Unpatched & Obsolete Operating Systems
Military strategy is about knowing where an opponent’s weak points are and how to take advantage of them. It is the same concept for cyberattacks. External threat actors don’t bide their time chipping away at strong defenses. Instead, they exploit known vulnerabilities such as unpatched operating systems. A single unpatched OS can be the entry…
-
Common Entry Points #2 – VPN
In our last Common Entry Points post, we discussed how ITaaS can be a major weak link, providing bad actors entry into an infrastructure. Another common but often overlooked entry point for attackers is a business’s virtual private network (VPN). Work from home and bring your own device (BYOD) policies have led to expanded attack…
-
Common Entry Points #1 – ITaaS (IT as a Service) Part 2
Assessing the weak links in your company network is an important part of cybersecurity. The people that sit behind the computer keyboards make up some of the weakest links, as there are always a small minority of users that will click on just about anything embedded or attached in an email despite being warned about…
-
Common Entry Points #1 – ITaaS (IT as a service) Part 1
According to SonicWall’s 2022 Cyber Threat Report, nearly every category of cyberattack has increased in volume last year. The numbers point to an undeniable conclusion. SMB networks are under siege. In fact, let’s call it what it is. It’s a war out there. And while cyberattacks may not consist of traditional armies on the field…
-
Disaster Recovery vs. Cyber Recovery – Different Plans Preparing for Different Struggles
As Bob Dylan so eloquently said in his classic song from the 1960s, “Times they are a-changin,” sixty years later they still are. Modern society has grown accustomed to change. It’s the pace of it that can cause you to catch your breath at times. Just as the bulk of rock and country music is…
-
How to achieve effective cybercrime investigations
Different organizations and companies will define the stages within the lifecycle of a cyber security event a little differently. The National Institute of Standards and Technology (NIST) follows a four-step process of preparation, detection & analysis, containment, eradication & recovery, and post-incident activity. The International Organization for Standardization (ISO) quantifies the process with five stages: prepare, identify, assess, respond…