Posts

At midnight on July 13th, one of the largest clinical labs in the Unites States, LabCorp, fell victim to a Samsam ransomware attack conducted via brute force RDP attack. Thanks to LabCorp’s Security Operations Center (SOC), a data breach was prevented, and the ransomware was contained within 50 minutes. LabCorp’s SOC immediately intervened, alerting Incident…

“Compared with what we ought to be, we are only half awake. We are making use of only a small part of our possible mental and physical resources.” The author of this quote is the founding father of modern psychology, William James. Cyberstone employees found the quote in Dale Carnegie’s transcendental book How to Win…

Over last two decades, companies have protected data in transit with VPNs, HTTPS, and TLS. Those same companies have also protected data at rest with various file-level and whole-disk encryption technologies. For data in transit, your browser or VPN software contacts a web or VPN server, they negotiate a common set of capabilities such as…

Once in a while, a new technology built by the people, for the people emerges under the shadows of the tech giants. The technology we’re talking about today is a relatively new web browser called Brave. It’s creator is none other than the inventor of JavaScript, Brendan Eich. Brendan is an Internet Hall of Famer,…

Everybody knows about cryptocurrencies. It’s not news that hackers are trading stolen private information for Bitcoin. But what are we to make of the underlying technology that enables these transactions? Blockchain technology is at the heart of cryptocurrency but its application doesn’t stop there. Before we launch into how else blockchain can be used, here’s…

On Monday, the Department of Justice issued a notice that 74 individuals have been arrested in connection with phishing schemes primarily aimed at intercepting and hijacking wire transfers. Of the 74 arrests, 42 were U.S. citizens, 29 from Nigeria, and 3 in Canada, Mauritius and Poland. The arrests also included the seizure of about $2.4…

In a word, anonymity. A slew of privacy technique are allowing cyber criminals to buy and sell stolen private information relatively unscathed in most cases. HTTPS encryption has been around for about a couple decades now . The problem for criminals, though, is when they try to access a web-based resource, before encryption is negotiated…

Every company runs into a disgruntled ex-employee at some time or another. If you’re doing security well, you have a well-documented set of policies and procedures for locking accounts and freezing access after an employee is terminated. That’s if you’re doing security well, and most companies struggle even in this seemingly basic area. So before…

It seems like every single day we hear about another data breach. These events don’t seem to be isolated to small business, large business, healthcare, retail, or any other category. Everybody is a target these days. The reason for this is because data = money. Yes… Data = money. Some data is worth more to…

Are you a business in NYS who doesn’t “have to” do security because you’re not regulated? Well, that could soon change. NYS Senate Bill 6933A, aka the SHIELD Act, was introduced to the senate on November 1st, 2017. When passed, the Shield Act will close a regulatory loophole and will require ALL businesses that store…