Compass IT Compliance Blog / Ransomware

Here's Why Your Car Dealership Needs Cybersecurity

Car Dealership Cybersecurity

In previous blogs, we’ve explored TISAX and the cybersecurity challenges facing the automotive supply chain. However, there’s another critical area in the automotive sector increasingly targeted by cybercriminals: auto dealerships. As the backbone of vehicle sales and services, dealer …

Read Story

Insider Threats – Your Employee May Be Your Greatest Risk

Office Employees

In February of 2018, Ashley Liles was working as an IT Security Analyst at an Oxford based company that suffered a ransomware attack. Ashley jumped at the opportunity, not to help the company, but to enrich himself by piggybacking on the initial ransomware attack and attempting to tri …

Read Story

MSP Breaches Opening the Door to Further Attacks on Clients

A hand stops a row of dominoes from falling

Is your Managed Service Provider (MSP) protecting yours and your client’s data? Are you regularly assessing your MSP and the rest of your vendors? It is no secret that hackers have gained access to more and larger companies over the past few years, but a new malicious tactic is coming …

Read Story

Access Control to Combat Domestic and Global Threats

A map shows a connected Earth as spokes connect one point to another

By now, most cybersecurity professionals have heard of the term access control. Access control is a method of guaranteeing that users are who they say they are and that they have the appropriate access to company data. Access control is comprised of two main components: authentication …

Read Story

Karakurt Data Extortion Group – A New Approach to Ransomware

Karakurt Data Extortion Group – A New Approach to Ransomware

You may be growing tired of hearing the word “ransomware” by now, but this critical threat is unfortunately only continuing to grow at an exponential speed. The Verizon Business 2022 Data Breach Investigations Report (2022 DBIR) notes that ransomware breaches increased by thirteen per …

Read Story

Revisiting the Apache Log4j Vulnerability

Apache Log4j Vulnerability

By now, most are aware of the Apache Log4j vulnerability that was announced in December of 2021. The exposure is widespread in Java applications, and I have been discovering that many companies are affected by it. Remediation is imperative to ensure that attackers do not exploit affec …

Read Story

Subscribe by email