Posts

Are your IoT devices in-scope during regular penetration testing engagements? They should be! Security cameras, A/C systems, control systems, and IP-enabled thermometers are absolutely part of the attack surface hackers are using to gain footholds within your network. Read more here.

Be aware of online scams when you mistype a common URL such as www.msn.com. This is a screenshot of a webpage one of our security engineers received after typing a web address incorrectly by a single letter. If you look closely, you can see used car salesman themes such as “urgent response needed” or “respond…

This is some pretty scary stuff. Panera Bread leaks millions of customer records… Worse – it’s been going on since August of 2017. Read more here.

ANOTHER. GIANT. FALLS. Boeing’s massive east coast operations center in Charleston, SC was just hammered with the same ransomware that caused global bedlam last spring. It’s shocking that we’re still hearing about WannaCry ransomware a full year after the critical vulnerability was discovered in Microsoft’s network file sharing protocol SMBv1 was discovered. Now is the…

How weak are your user’s passwords? Run this free weak password testing tool to find out. It tests against 10 types of weak password-related threats! Why, you ask? Because according to Verizon’s latest security report, 81% of hacking-related breaches used either stolen and/or weak passwords. That’s why. Free Password Testing Tool!

Today’s threat landscape is radically different from 5 years ago… According to Symantec’s 2018 Internet Security Threat Report: – Cryptojacking attacks explode by 8,500 percent. – Shifting trends in ransomware. – Implanted malware grows by 200 percent, compromising software supply chain. – Mobile malware variants increase by 54 percent. This is why we ongoing risk…

You moved to AWS so now you’re perfectly secure. Nope. In the latest facepalm-invoking security snafu, a misconfigured AWS bucket managed by a Walmart partner exposed 1.3 million customers’ private data to the Internet. Moral of the story: The cloud is good, but you still have to implement secure concepts such as least privilege, risk…

Store personal data on citizens in Europe? Better be ready to comply with GDPR cyber regs that go into effect May 25th. Cyberstone’s channel partners can help. For answers to FAQs, click here!

The difference between compliance and security is like a little boy doing what you said because you’re dad vs. the little boy doing what you said because it’s right. Compliance is something you do because you’re told. Security is something you do because it’s the right thing. While it’s good to know and do what…

New money-laundering cyber scam: 1. Steal someone’s identity including SSN. Their identity & SSN are needed so you can shove the record of income to them and off of you. 2. ‎Go on the Dark Web and buy stolen credit card info. 3. ‎Self-publish a book on Amazon and set the price super high. 4.…