Blog

Technology expertise, advice and tips

Category Archives: Cybersecurity

  1. Ransomware Is Coming. Plan and Prepare.

    Ransomware attacks are so frequent now that even some big ones don’t make headlines.  But last week’s attack on Kaseya VSA, a tool used by IT professionals around the world to help manage networks and provide tech support, garnered plenty of headlines.  That’s because it was the biggest ransomware attack on record, affecting more than…

  2. Double Extortion Attacks More Prevalent than Ever

    Ransomware is still all over the place – attacks are up 62% globally and 158% in North America since 2019.  But ransomware-only attacks have mostly been replaced by more sophisticated – and ruthless – attacks. In a traditional ransomware attack, a cyber criminal finds a way onto business networks (often with stolen usernames and passwords)…

  3. Biggest Ransomware Attack Ever, a New CISA Director Confirmed, and a Patch Nightmare

    Early July had several cybersecurity events with big impacts on small and mid-sized businesses. Here are three you that should know about. REvil’s Kaseya Attack Hits Thousands of Businesses Worldwide, US Will Respond The biggest news story this week was a ransomware attack targeting Kaseya VSA, software used by large businesses and Managed Service Providers…

  4. On-Site Backups Wiped Remotely, Malware Call Centers, and a New Federal Data Breach Bill

    Congress continues to crawl towards new legislation to contain cybersecurity damage.  Meanwhile, traditional antivirus techniques now miss most attacks, and Western Digital customers wake up to empty backup drives. Signature-Based Anti-Malware Tools Now Miss Most Attacks Traditional anti-virus and anti-malware apps look for specific strings of code in files (or data transfers) to determine if…

  5. What Is Doxing? And What Does It Have to Do With Cybersecurity?

    It sounds bad.  It is bad.  But what is it? Doxing Doxing is shorthand for “dropping dox” (documents), a phrase invented by hackers in the 90s.  Dropping dox means to publish embarrassing or incriminating documents about a person or company online. It’s normally done to punish them for some perceived wrongdoing. People differ on what…

  6. Who Pays All of These Ransoms, Anyway?

    Taking down corporate networks for cash is quickly becoming a dangerous career. Just last week, the FBI elevated ransomware to a threat level equivalent to terrorism.  While that might make some people think twice about joining a cybercrime ring like REvil or GandCrab, they’re still not having any trouble finding recruits. Ransomware is prevalent because…

  7. A White House Request, Billions of Stolen Passwords and Another Infrastructure Attack

    The first half of 2021 has been a dangerous time for business networks, and it’s not getting any better.  In the last two weeks, 8.4 billion stolen passwords were posted online, a ransomware attack shut down 20% of US beef and pork slaughterhouses, and the White House reached out to the entire businesses community to…

  8. The Triple Extortion Threat, New Phishing Techniques, and Some (Very) Fast Moving Hackers

    Hackers have come up with some convincing new phishing attacks aimed at businesses, and they’ve moved from double to triple extortion by targeting individuals named in leak data.  And just wait until you hear how long it takes them to target a vulnerability once it’s disclosed… When You Don’t Pay, Your Customers May After years…

  9. What is a Supply Chain Malware Attack?

    If you manage a service business, you probably don’t spend much time thinking about your supply chain.  But there’s one supply chain that every business needs to manage – data. Operations, sales, finance and HR departments all use different software to generate sensitive data.  Once generated, that data must be stored, managed and backed up. …

  10. This Week’s Security Stories: Gas Pipelines, a COVID-19 Research Institute, and a Veterans Affairs contractor

    The big ransomware story this week is the big national story, too.  A ransomware attack on a gas pipeline responsible for 45% of the east coast’s fuel has led to an emergency declaration in 17 states.  The hackers claim targeting large-scale infrastructure was an accident.  “Our goal is to make money,” they said, “not creating…