Posts

In a word, anonymity. A slew of privacy technique are allowing cyber criminals to buy and sell stolen private information relatively unscathed in most cases. HTTPS encryption has been around for about a couple decades now . The problem for criminals, though, is when they try to access a web-based resource, before encryption is negotiated…

Every company runs into a disgruntled ex-employee at some time or another. If you’re doing security well, you have a well-documented set of policies and procedures for locking accounts and freezing access after an employee is terminated. That’s if you’re doing security well, and most companies struggle even in this seemingly basic area. So before…

It seems like every single day we hear about another data breach. These events don’t seem to be isolated to small business, large business, healthcare, retail, or any other category. Everybody is a target these days. The reason for this is because data = money. Yes… Data = money. Some data is worth more to…

Are you a business in NYS who doesn’t “have to” do security because you’re not regulated? Well, that could soon change. NYS Senate Bill 6933A, aka the SHIELD Act, was introduced to the senate on November 1st, 2017. When passed, the Shield Act will close a regulatory loophole and will require ALL businesses that store…

Jeff Miller of Cyberstone and Tim Gekas of Synergy IT Solutions were recognized at Ingram Micro’s Awards Dinner last night in Colorado Springs. They received the Chapter Officers of the Year award for excellence in leading the Nor’easter Trust-X chapter of Ingram Micro together. Jeff and Tim work tirelessly to drive Trust-X core values into…

Imagine this scenario. Someone from another state sends you a bid request via email for about $50k worth of ink toner and promises that the winning bidder will get more business to come. In excitement, you put together a quote and email it back. A few days later, you get the email you hoped for;…

According to Google engineer Grzegorz Milka, less than 10 percent of active Google accounts use MFA. Why? People know they need to do it, but nobody has held their hand through the process of selecting an appropriate solution. There’s RSA. There’s Duo. There’s Yubikey. There are dozens of other options. But which one is most…

Are your IoT devices in-scope during regular penetration testing engagements? They should be! Security cameras, A/C systems, control systems, and IP-enabled thermometers are absolutely part of the attack surface hackers are using to gain footholds within your network. Read more here.

Be aware of online scams when you mistype a common URL such as www.msn.com. This is a screenshot of a webpage one of our security engineers received after typing a web address incorrectly by a single letter. If you look closely, you can see used car salesman themes such as “urgent response needed” or “respond…

This is some pretty scary stuff. Panera Bread leaks millions of customer records… Worse – it’s been going on since August of 2017. Read more here.