Author: Lauren Papagalos Page 19 of 26

11 Cybersecurity Suggestions for the Traveling Executive

security suggestionsGoing on vacation or traveling for business? One thing you can’t forget to take with you is vigilance. Hacking is a global enterprise and there are all kinds of traps and tricks just lying in wait for busy travelers.

Here are some simple tips that could improve your cybersecurity while traveling and help you avoid putting your foot in one of those traps.

Read More

What Is A Botnet?

Malware can be confusing. Not just because there are millions of different types of malware, because they’re constantly evolving. And it doesn’t help much that researchers have a tendency to give them some crazy names.

The botnet, on the other hand, is relatively easy to understand. Instead of just stopping at infecting thousands or even millions of computers, botnets will continue to control all those computers remotely to perform the bidding of the bot controller or herder. That’s why it’s one of most sinister types of malware that all business owners need to be aware of.

Read More

Could Hackers Really Clone Your Business?

business cloneIt’s bad enough to get a bunch of calls from irate suppliers wondering why you haven’t paid bills that are months overdue. But it’s even worse if you have no idea what they’re talking about. That’s how one small business owner found out what it was like to have his entire business hacked and cloned by people he never met and never caught.

Read More

How To Prevent Business Identity Theft

business identity theftIdentity theft is the fastest growing crime in the history of America, and businesses are not immune. There were more than 16 million victims of identity theft in the U.S. just last year, which works out to more than one new victim every three seconds. To put that in perspective, that means there were more victims of identity theft last year than there were reported murders, attempted murders, burglaries, attempted burglaries, arsons, vehicle thefts, purse snatchings, pick pocketings, shoplifting, and check fraud combined. With so many crimes and criminals in circulation, don’t make the mistake of assuming that it will never come creeping into your business.

Read More

10 Easy Ways To Prevent A Data Breach

prevent data breach
Did you know that there was an average of one data breach every single day in the U.S. last year? That more than 800 million records were exposed in data breaches last year? Or that the average cost of a data breach is now a staggering $3.5 million?

These are not statistics you want to be part of or costs you want to incur. So remember the following tips as part of your breach prevention program:

Read More

Malware

10 Important Security Considerations For Your New Website

So you’re thinking about finally launching your first website. Or you’ve had a website up and running for years but it’s time for an upgrade, an overhaul, and brand new chapter in your online presence.

You’ll have plenty of things to think about and to get right, so just make sure you don’t leave security as an afterthought.

Read More

Prevent Cyberattacks

10 Simple Steps to Prevent Cyberattacks

10 tips
“There are two types of companies: those that know they’ve been breached, and those that haven’t figured it out yet.” Those were the words of a highly successful venture capitalist behind some of the most successful cybersecurity companies. And while the chances of being a victim of a security breach are very high, it’s not a forgone conclusion. There are steps every business should take in order to avoid falling victim, or at the very least limit the damage.

Read More

Why the eBay Data Breach Didn’t Get The Same Attention As Target

eBay data breachIt seems a no-brainer that the recent massive eBay data breach should be a much bigger story than the Target breach. After all, the Target breach “only” affected 110 million customers where the eBay breach impacted closer to 150 million customers.

Read More

Blackshades RAT a Threat to Every Business

blackshades RATIn what we can only hope is a sign of things to come, law enforcement around the world showed unprecedented cooperation in shutting the shades on a gang responsible for creating and sharing a nasty piece of malware that was spreading rapidly around the world.

The malware is known as Blackshades, and was allegedly created by a 24-year-old Swedish man who ran his malware operation like a legitimate business. The entrepreneur was very committed to making his malware as popular as possible, hiring a marketing director, customer service representatives, and a customer service manager.

Read More

Anatomy Of A Security Breach: Target

Target security breach 2013It’s not often we get a chance to attend a security breach postmortem — a step-by-step, hack-by-hack, mistake-by-mistake account of what went so horribly wrong. The U.S. Commerce Department recently presented their report into all the mistakes Target made, and which could have avoided, in its recent massive data breach.

The report provides what’s referred to as an “intrusion kill chain” that highlights all the places Target had a chance to spot the breach and stop it. But missed. For example:

  • The hackers were able to identify a potential Target vendor or supplier to exploit because Target made such a list publicly available. That was the starting point for the hackers.
  • The vendor targeted had very little security in place. The only malware defense they appeared to have used to protect their business was free software meant for personal and not business use.
  • The vendor’s employees had received little if any security awareness training, and especially on how to spot a phishing email. So the hackers used a phishing email to trick at least one of those employees into letting them in the back door.
  • Once in the vendor’s systems, the hackers were able to use stolen passwords without the need for authentication because Target did not require two-factor authentication for low-level vendors.
  • The hackers are suspected of gaining further access from the vendor by using a default password in the billing software the vendor used. If the default password had been changed, the attack might have stopped right there.
  • There were few controls in place to limit access the vendor had on the Target network. Once the vendor had been compromised, Target’s entire networks were exposed.
  • When the hackers installed their Point of Sale malware on Target’s networks and began testing the malware, that activity was detected by Target’s security systems but the alarms were simply ignored.
  • When the hackers created an escape route and began moving the stolen data off Target’s networks, that activity triggered alarms too but once again, the alarms were ignored.
  • Some of the data was moved to a server in Russia, an obvious red flag for Target security which once again was missed.
  • The login credentials of the vendor were used throughout the attack, yet Target’s security system wasn’t able to detect that those credentials were being used to perform tasks they weren’t approved for.

We keep saying that every business large and small has important lessons to learn from Target. Don’t waste the opportunity. Double-check your own security and see if there are any obvious gaps you haven’t spotted but need to be sealed. Need help? Give SiteLock a call any time, 24/7/365, at 855.378.6200.

Google Author: Neal O’Farrell

Page 19 of 26

Powered by WordPress & Theme by Anders Norén