Tag: vulnerability management

endpoint protection

Next Up on the Ransomware Hit List? Cities

Usually, ransomware makes headlines when huge corporations or organizations are held captive. There’s the implicit threat of compromised data if the corresponding ransom isn’t paid or backups aren’t in place. It’s bad, but its impact on the average person can seem muted. What happens when the cybercriminals behind ransomware attacks set their sights a little higher? Recently, the city of Atlanta, Georgia found themselves victim to an infrastructure-crippling ransomware attack. Here’s what happened and why both private and public organizations should be concerned. The Attack This virus took Atlanta by surprise on March 22, leaving officials to tell city employees that they shouldn’t even turn on their computers and residents that they were unable to process electronic payments for water

Read More »
backdoor

The Hidden Flaws

Cyber attackers are known for their persistence. If they hit a pothole trying to break into your IT network, they won’t just give up and move on to their next target. Instead, they’ll redouble their efforts and probe your infrastructure, looking for new ways to grab your valuable data. Unfortunately, sometimes these vulnerabilities can be a bit beyond your reach. Rather than weak points in your security infrastructure, they’re baked into the very devices your business depends on. As some researchers recently discovered, a new vulnerability found in Intel chips could pose a potentially catastrophic risk for your business. Here’s what you need to know about this flaw and how you can protect yourself. The Backdoor The first thing you

Read More »
Cyber Attack

Anonymous FTP: Crippling Healthcare Organizations

If you’ve ever had to share a large number of files with people working remotely, odds are you’ve used a file transfer protocol (FTP) server to accomplish this. It’s an easy way that you and others can access and upload information with a username and password, without taking up your own valuable internal storage space. Unfortunately, most of these FTP servers are operated by only a few companies. I say unfortunately because it means they are large targets for hackers. A recent bulletin released by the FBI details how FTP servers used by healthcare organizations have seen a sharp jump in attacks by cyber criminals. Here’s what we know so far. Anonymous FTP These attacks, the FBI noted, are carried

Read More »
iot

Keeping Up With Multiplying Cybersecurity Threats: Vulnerability Management

The world of cybersecurity has never lacked its share of individuals and programs out there looking to take advantage of others, but there’s definitely never been this many cyber criminals trying to capitalize on new methods of attack and lacking defenses. Let’s take a look at some cybersecurity statistics from 2016 as reported on by Forbes: AT&T found that there was a 485% increase in the number of times attackers search IoT devices for vulnerabilities Cisco discovered a 221% increase of compromised WordPress websites Dell noticed malware attacks almost doubled from 2015, finishing the year with 8.19 billion attacks IBM concluded the healthcare industry was more frequently attacked than any other –with financial services and manufacturing trailing behind None of

Read More »
Computer Security

MANY BANKS AND CREDIT UNIONS FAIL THE VULNERABILITY TESTING COMPONENT OF THEIR IT SECURITY AUDIT DUE TO WEAK PATCH MANAGEMENT

Do you have a patch management plan?  If so, how effective is it?  Many companies either lack a comprehensive plan or the necessary tools to properly automate the processing of updates.  In fact, the underlying reasons many banks and credit unions fail the vulnerability testing component of their IT security audit is this lack of effective patch management. Failed Vulnerability Testing Due to Weak Patch Management Often Root Cause of Poor IT Security Audit Results As for the tools, many companies rely only on Windows Server Update Services (WSUS) to patch their Microsoft Windows operating system and other Microsoft software.  WSUS does not patch non-Microsoft application software, such as Adobe Acrobat, Adobe Flash, Adobe Shockwave, which often have severe risks that can lead

Read More »