X

As a consultant, one the security biggest problems I see is perception: The threats companies think they face are often vastly different than the threats that pose the greatest risk. For example, they hire me to deploy state-of-the-art public key infrastructure (PKI) or an enterprise-wide intrusion detection system when really what they need is better patching.

The fact is most companies face the same threats -- and should be doing their utmost to counteract those risks. Here are the five most common successful cyber attacks.

Cyber attack No. 1: Socially engineered malware

Socially engineered malware, lately often led by data-encrypting ransomware, provides the No. 1 method of attack (not a buffer overflow, misconfiguration or advanced exploit). An end-user is somehow tricked into running a Trojan horse program, often from a website they trust and visit often. The otherwise innocent website is temporarily compromised to deliver malware instead of the normal website coding.

To read this article in full or to leave a comment, please click here

'Jump boxes' and SAWs improve security, if you set them up right

A jump box is a secure computer that all admins first connect to before launching any administrative task or use as an origination point to connect to other servers or untrusted environments. Over the last few years, with malicious hackers and malware infesting nearly every enterprise network at will, security admins have been looking for a way to decrease the ability of hackers or their malware creations to steal admin credentials and take over an environment and the concept of a traditional “jump box” has morphed into an even more comprehensive and locked-down “secure admin workstation” (or SAW).

A SAW is a computer the admin must originate from before performing any administrative task or connecting to any other administered server or network. Although related, they are used at different points (the SAW is always the first computer). Both can be used to make your environment significantly more secure. You should be using one or both, and if you’re not, you need to get busy.

To read this article in full or to leave a comment, please click here

All you need to know about the move from SHA-1 to SHA-2

For the past two years, I’ve been busy helping Public Key Infrastructure (PKI) customers prepare for and move to SHA-2, the set of cryptographic hash functions that have succeeded SHA-1. Last year, moving to SHA-2 ahead of the global deadline was a nice-to-do preparatory step. This year, now that the migration deadline has passed, it’s required.

Many digital-certificate-consuming devices and applications already display warnings/errors or operationally fail if a digital certificate containing the SHA-1 (or earlier) hash is presented, and pretty soon all of them will. Why the forced change? Because the SHA-1 hash has been shown to suffer such severe cryptographic weaknesses that its days of useful protection are over.

To read this article in full or to leave a comment, please click here

6 security measures you’ve put off too long

At last count, more than 200,000 victims in 150 countries have been hit with the weaponized WannaCry ransomware worm. In the United Kingdom, the National Health Service was hit hard by the worm, potentially threatening patients’ lives.

Haven’t we had enough? It’s time to stop pretending that lukewarm, poorly executed security measures are really doing something about the problem. Good computer security solutions exist that will absolutely diminish cybercrime. We just have to recognize and apply them.

We should already have been doing this for decades, but the criticality of the internet and the coming IoT era make the need for stronger solutions more urgent than ever. As Bruce Schneier says in my recently released book, “Hacking the Hacker,, IoT represents a tectonic shift in security:

To read this article in full or to leave a comment, please click here

6 security measures you’ve put off too long

At last count, more than 200,000 victims in 150 countries have been hit with the weaponized WannaCry ransomware worm. In the United Kingdom, the National Health Service was hit hard by the worm, potentially threatening patients’ lives.

Haven’t we had enough? It’s time to stop pretending that lukewarm, poorly executed security measures are really doing something about the problem. Good computer security solutions exist that will absolutely diminish cybercrime. We just have to recognize and apply them.

We should already have been doing this for decades, but the criticality of the internet and the coming IoT era make the need for stronger solutions more urgent than ever. As Bruce Schneier says in my recently released book, “Hacking the Hacker,, IoT represents a tectonic shift in security:

To read this article in full or to leave a comment, please click here

RSS
About Us

Accurate Computer Solutons LLC. Is a veteran owned and family run business located in Boerne, Texas. We provide computer support and services for Boerne, Bandera, Comfort, Bulverde, Fair Oaks, Spring Branch, San Antonio, and the greater Hill Country area.

Contact

If you have any questions, please contact us without hesitation. We will reply to you as quickly as we can.

Address : 129 South Main Street, Boerne, Texas 78006--Inside Pixie

Phone : 830-500-2465

Email : solutions@csboerne.com

Website : www.boernecomputerrepair.com