.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Bypassing Multi-Factor Authentication via Prompt Bombing
by Kelly O’Brien on April 27, 2022 at 1:00 PM
It is the middle of the night, and you have finally fallen asleep, only to be awakened by the constant beeping of your phone. Bleary-eyed, you look at your phone to see it is prompting you to agree to log in on one of your accounts. You half wonder if you are dreaming and may instinct …
A True Story and Yet Another Cyberattack Victim
by John Conroy on April 22, 2022 at 1:45 PM
Cybercriminals can act alone, but increasingly we are witnessing cyber gangs (who operate like a small business and are also often referred to as ransomware gangs), with leaders, developers, system administrators, intrusion experts, data exfiltration experts, and monetary experts work …
Weighing Your Multi-Factor Authentication Options
by Jeffrey Torrance on April 14, 2022 at 2:30 AM
At this point most of us have heard that securing our accounts with only passwords, no matter how complex, is not enough. Do not get me wrong, requiring strong passwords (14 or more characters, composed of uppercase and lowercase letters, and including symbols and numbers) is essentia …
Receiving a Scam Text… From My Own Phone Number
by Nicholas Foisy on March 30, 2022 at 5:00 PM
Throughout my years working in the IT security and compliance field I have had the opportunity to learn about dozens of different social engineering attack strategies that malicious actors will utilize to achieve their goals. This past weekend, I had the unique opportunity to witness …
It (Should) Be an MFA World, We Are Just Living in It
by Derek Boczenowski on March 24, 2022 at 3:15 PM
Last week I was working in front of my laptop (happily, for any Compass staff reading) when I got an incoming text message. It was from Verizon. They had received my service request and were working on it. It was quickly followed by another text saying I could check the status of my r …
Cyber & Physical Security: Why You Need Both
by Kelly O’Brien on January 27, 2022 at 2:30 PM
Cybersecurity attracts an enormous amount of attention due to cyberattacks that are publicized daily. As more devices are connected to the Internet, they become attractive targets for criminals; therefore, the attack surface increases exponentially.