Karakurt Data Extortion Group – A New Approach to Ransomware
by William DePalma on July 7, 2022 at 2:45 PM
You may be growing tired of hearing the word “ransomware” by now, but this critical threat is unfortunately only continuing to grow at an exponential speed. The Verizon Business 2022 Data Breach Investigations Report (2022 DBIR) notes that ransomware breaches increased by thirteen per …
Ignorance Is Not Bliss When It Comes to Security Assessments
by Kelly O’Brien on May 6, 2022 at 4:00 PM
It is no surprise that bad actors constantly seek to take advantage of current events and changing circumstances to exploit vulnerabilities and gaps in the security of organizations across a myriad of industry verticals and sizes.
Bypassing Multi-Factor Authentication via Prompt Bombing
by Kelly O’Brien on April 27, 2022 at 1:00 PM
It is the middle of the night, and you have finally fallen asleep, only to be awakened by the constant beeping of your phone. Bleary-eyed, you look at your phone to see it is prompting you to agree to log in on one of your accounts. You half wonder if you are dreaming and may instinct …
A True Story and Yet Another Cyberattack Victim
by John Conroy on April 22, 2022 at 1:45 PM
Cybercriminals can act alone, but increasingly we are witnessing cyber gangs (who operate like a small business and are also often referred to as ransomware gangs), with leaders, developers, system administrators, intrusion experts, data exfiltration experts, and monetary experts work …
Weighing Your Multi-Factor Authentication Options
by Jeffrey Torrance on April 14, 2022 at 2:30 AM
At this point most of us have heard that securing our accounts with only passwords, no matter how complex, is not enough. Do not get me wrong, requiring strong passwords (14 or more characters, composed of uppercase and lowercase letters, and including symbols and numbers) is essentia …
PCI DSS v4.0 Released – What Changes Were Made?
by Kyle Daun on April 4, 2022 at 2:15 PM
On January 1st, 2019, the Payment Card Industry Data Security Standard (PCI DSS) v3.2.1 came into effect replacing v3.2 which had been in place since October 31st, 2016. Many changes have occurred since January of 2019, one of which being the worldwide shut down in the first half of 2 …