In July 1940 during the early days of World War II, the future looked very bleak for the United Kingdom. In only 6 weeks, Germany had invaded and defeated France, the Brit...

Continue Reading...

For the City of Atlanta, March 22, 2018 is a day that will not be forgotten anytime soon. Early in the morning of that day, servers and data across the city network were encrypted by SamSam ransomware. One-third of the City’s applications were down due to the ransomware. The attackers asked for...

Continue Reading...

This is a collection of free offerings that information technology and cybersecurity related companies are providing due to the global pandemic and work-from-home (WFH) requirements. If you know of any other offerings or want your company added to the list, send me an email.

Anti-Virus / E...

Continue Reading...

The global spread of the coronavirus has rapidly changed where and how many workers are doing their jobs. Employees are now working from home more than ever before. Most companies didn’t plan for an almost complete work from home workforce. One of the initial questions that any organiz...

Continue Reading...

In cybersecurity when we talk about viruses and protecting against viruses, we are discussing the digital kind. Preparing for this virus is an entirely different type of discussion but there are steps cybersecurity personnel can take to prepared for a virus outbreak of a biological kin...

Continue Reading...

In 2019, ransomware attacks reached a crisis level in the United States and around the world. The scale and effect of ransomware is unprecedented in the history of the information age. It goes beyond just a cybersecurity attack but is a new type of crime that has never been seen before...

Continue Reading...

Although anti-virus software has never solved the problem that it was created to answer, it has been a part of information technology for over 30 years. Love it or hate it, every Windows device still needs an endpoint anti-virus product. Windows servers and workstations are vulnerable...

Continue Reading...

Ransomware is the most diabolical type of malware. It encrypts the files of the infected computer as well as files across the network until a ransom is paid to the bad guys for the decryption keys. It is the most urgent cybersecurity challenge that affects organizations of all sizes. I...

Continue Reading...

In 2019, most cybersecurity attacks are being launched through email. In fact, 91% of all advanced threats originate with an email. This trend will only continue as a blind spot in email security has recently been identified.

CERT researcher Will Dormann has published an attack vector that you sho...

Continue Reading...

How to Alert Using FireEye HX When a User is Added to the Local Admin Group

FireEye Endpoint Security (HX) is a next generation solution for cybersecurity threat prevention, detection and response. It is an agent-based solution with signature, behavioral and intelligence detection engines. It al...

Continue Reading...

In 1995, the second oldest bank in the world at that time, Barings, collapsed as a result of losses totaling $1.3 billion. Prior to its downfall, Barings had played a very prominent role throughout history, sometimes for and against the interests of its own home country. Despite being a British bank...

Continue Reading...

Are you wondering about the ArcSight Protect conference? Don’t worry, it’s just been renamed the Micro Focus Cybersecurity Summit and happening in Washington, D.C. on September 25-27th. As with past Protect conferences, there will be sessions for the Fortify and Voltage sol...

Continue Reading...

Habeus Data , by Cyrus Farivar, is written at a critical time in our history. The ability of organizations, both governmental and commercial, to observe and collect vast amounts of information about our behavior is growing by leaps and bounds. In my opinion we are probably at the early stages of...

Continue Reading...

The regulation known as 23 NYCRR 500 is a set of cybersecurity requirements from the New York Department of Financial Services (NYDFS) for financial and insurance institutions that conduct business within the State. The regulation began March 1, 2017 with implementation deadlines occurring at variou...

Continue Reading...

In the ArcSight SIEM, the ESM, all content should start with a Filter. When making content such as an Active Channel, Query or Rule always reference Filters in the Conditions and Filter tabs. Even a Filter should start with a Filter, when possible.

This important principal makes ArcSight content m...

Continue Reading...

Kanye West is certainly all over the news these days. With today being World Password Day, it got me thinking how he could play a role in cybersecurity. And that contribution? Passwords. Confused? Let me explain.

A problem with passwords is that we have waaay too many to remember. Secondly,...

Continue Reading...

The old biblical adage to “beware of the wolf in sheep’s clothing” in many cases applies to system administrators. Unfortunately, their mission sometimes conflicts with the security department. They must provide computing resources to users and they want to do it as quickly as possible. Business...

Continue Reading...

High value targets are resources that would be of great interest to people who should not have access to them.

These might be folders containing compensation information, the email mailbox of the CEO, or the database containing the credit card numbers of your customers. Knowing where that data is...

Continue Reading...

We call them DUPs (rhymes with pups) and we are not referring to duplicates. What we mean are Direct User Permissions.

In the Microsoft world of CIFS shares you can provision access to folders in three ways: direct user permissions, Active Directory groups, or through built-in groups such as A...

Continue Reading...

In the days of lords and ladies, knights and pages, the lord of the manor decided what was important and not important to him. If it was important it stayed in the castle. If it was disposable and easily sacrificed it stayed outside the moat. Then all the lord’s efforts were spent defending the c...

Continue Reading...