Previously thought to be designed to deliver a DDoS attack, VPNFilter can alter data in transit and change what you see on your screen. An article review. Initially, researchers thought that a new piece of router-based malware called VPNFilter was a relatively simple tool for directing and implementing a distributed denial of service (DDoS) attack. […]

US Cyber Command joins with the FS-ISAC to share threat intelligence… An article review. Threat intelligence sharing is a concept we’re all probably familiar with, at least in passing–it’s hard to imagine where we’d be without the efforts of organizations that work to identify and communicate new and developing threats! However, until relatively recently those […]

Newly disclosed vulnerabilities highlight a concerning security trend… An Article Review. Over the winter, the Meltdown and Spectre vulnerabilities called the security risk posed by hardware bugs to the attention of the public…as well as hackers and security researchers. In the months since, as a new article from TechCrunch details, four new major hardware vulnerabilities […]

A new study has identified the most profitable malware, showing just how much unprepared businesses have paid. An article review. Despite pleas from various experts and authorities, it looks like a significant number of organizations ultimately decide to pay the criminal organizations who have held their data hostage. That’s something that many people have probably […]

Some small organizations continue to use customer data to generate initial passwords, despite the risks. An article review. When rolling out a new online banking platform organizations are often faced with the task of issuing new usernames and passwords to existing users, but how they choose to do that can have a big impact on […]

If you’re in charge of reviewing insurance from an IT perspective, here are three helpful hints… A Jolley | Hadaway Short. Tell your critical vendors you want to have an “endorsement” on  their cyber insurance policies.  Note:  this does not put you ahead of anybody in the “lawsuit line,”  That is a myth.  But what […]

R-7 – The Top Seven Risks – 2018: Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been […]

As lines of code continue to replace humans and physical devices, quality control is essential…and often overlooked. An article review. Looking back over the last decade or two it is easy to see how computers have changed physically as they shrank in size, spreading to our pockets and beyond, but another change was going on […]

While Many Devices Have Already Been Patched, Many More May Never Be… An article review. When does exploit news cross the line into being a trend? How about when it impacts essentially every single wi-fi enabled device? That’s the takeaway from the recently announced vulnerability in the WPA2 wireless security standard, detailed in this TechCrunch […]

Infotex is finally ready to say something about the Equifax Breach, the Ultimate Educational Moment. This Jolley | Hadaway article will explain why we’ve been silent, ’til now!