A new study shows most Americans fail to understand basic cybersecurity concepts… An article review. Considering that many of us live in a world where cybersecurity related subjects are commonplace, continuing awareness programs may sometimes seem excessive…after all, we’re all familiar with the basics by now, right? Well, a new study recently published by the […]

Several New Targets For Ransomware Have Been Identified… An article review. Over the last couple of years we’ve discussed the threat posed by ransomware several times, and for good reason: it’s now the most common type of cyber threat for both businesses and individuals. Being common doesn’t negate the threat posed, however, and it seems […]

Incident response testing is the stone that kills many birds… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Good morning.  It’s 5:00am on a weekend, and I’m preparing my talk for the Cybersecurity Conference this week. While the talk is only supposed to be […]

“Deep Fake” Technology is Behind The New Trend of AI-Assisted Fraud… An article review. It’s a scenario that probably happens far more often than we’d like to admit: an employee gets a phone call from a superior requesting they perform some task that is out of the ordinary. There are policies in place requiring more […]

A new generation of interns may open organizations up to new risks… An article review. If you’ve been paying attention to the world of breaches and other security lapses over the years, the idea of the “insider threat” is probably nothing new—your own employees can sometimes be as likely to cause an incident as a […]

As user awareness grows, criminals are changing their tactics… An article review. First, some good news: Users are becoming more aware of phishing attacks, especially high-ranking users such as executives. Unfortunately, the bad news is that criminals are aware of this and are adapting their strategies to target new groups. The new targets, according to […]

The malware was distributed through Asus’ own tool, and was signed with a valid certificate… An article review. When it comes to avoiding malware and other internet attacks, most users know you should avoid downloading files from unknown sources—but a recent attack targeting Asus customers is a reminder that sometimes even that may not be […]

A simple $30 part and publicly available code allowed access to keys… An article review. Researchers recently announced a new successful attack against Bitlocker, a full-disk encryption tool that has built into Windows since Vista, and the attack is surprisingly simple in its execution. The attack, detailed in an article submitted to us by our […]

Known to be vulnerable since 2005, the algorithm will be phased out over the next several months… An article review. Things can move slowly in the world of cryptography, and for evidence of that one needs to look no further than SHA-1–the hash algorithm introduced in 1995, found to be vulnerable to attack in 2005 […]

Hackers are getting unusually creative in their attacks… An article review. One drawback of limiting the scope of our annual review articles (the M-7, T-7 and R-7) to seven items is that we don’t always get to include every subject we’d like to. Luckily we had our friend Wes Pollard to point out a great […]