Using the Kipling Method, system administrators have a defined set of rules to help with logging and forensics after a cybersecurity incident. Together with network segmentation firewalls, an organization can build a zero-trust network. These networks have better cybersecurity defenses and limit the amount of data an attacker can steal after a data breach. | Read More →

A zero-trust authentication model limits access to network resources and assumes that every user could be an attacker. By assuming every user and application could be an attacker, an organization's IT department can better protect itself from critical data breaches. Together with the least privilege authorization model, zero-trust environments better defend against attackers and exploits such as ransomware, phishing, credential theft, social engineering, and command and control (C2) malware, and improve cybersecurity posture. | Read More →

Attackers who take advantage of poor network security aren't always thousands of miles away. Some attackers are right next door and use wardriving as a way to obtain sensitive data. Wardrivers use specially crafted applications that detect open, insecure Wi-Fi access points. When insecure wireless networks are found, the attacker can then connect and exfiltrate data directly from your home network devices. Home network users that have Wi-Fi hotspots set up should implement security procedures that protect from wardialing. | Read More →

As anti-malware systems continue to evolve, attackers also innovate and create ways to avoid detection. The latest trend is fileless attacks, where users download a "harmless" file, and the attack uses native tools to download additional payloads. LOLBins such as Nodersok use Node.exe (part of the Node.js framework) and PowerShell to turn local machines into proxies to perform click fraud. It starts with phishing and ends with user machines that contribute to fraud rings. | Read More →

Disaster recovery plans are critical to successful mitigation, containment and recovery of data after a successful ransomware attack. Cybersecurity defenses are never 100 percent impenetrable, so it's important that organizations have backups and the right plan in place after an incident. These plans, along with proper backups, reduce the cost of data recovery and loss, productivity downtime and mitigation. | Read More →

Some of the most critical cybersecurity incidents have stemmed from successful ransomware attacks. Ransomware encrypts critical files and holds them hostage for a fee. In recent years, several public and private organizations have been unable to service customers and retrieve data after ransomware encrypted files. In some cases, companies were forced to go back to pen-and-paper documentation. Using the right configurations and user training, corporations can greatly reduce risks of falling victim to ransomware attacks. | Read More →