Why Optimizing Your Existing Cybersecurity Investment is Important

The average organization’s threat surface is expanding, and cyber threats keep evolving. A strong foundation built on proven technology is crucial in helping humans to protect their organizations from cybercrime. However, IT leaders must be judicious in selecting and implementing technology, taking care not to purchase every type of software that comes along. In fact, […]

Using Deception Against Pass-the-Hash Attacks

Pass the Hash Attack

Pass-the-Hash Attacks: Logins Without Passwords Using deception in cyber defense is an established concept. Here, we will discuss how deception can be used to subtly guide even experienced attackers to honey pots and honey nets.  The pass-the-hash attack is based on what seems like a great idea for remote access to machines: Don’t send or store […]

Deception in Cyber Defense in Layman’s Terms

Deception in Cyber Defense Using deception in cyber defense is an established concept. Honey pots, computers with false data containing inherent vulnerabilities that will attract attackers and keep them occupied, etc., have been around since before the turn of the century. Honey nets, networks of honeypots intended to mimic a legitimate network, closely followed. By […]

Dealing with a Discovered Vulnerability

Dealing with a Discovered Vulnerability

It’s a new year, full of opportunities! This is true for hackers as well.  Common predictions for cybersecurity in 2020 include more targeted ransomware, new ways to attack the cloud, and issues with deepfake technology. Already in 2020 the Department of Homeland Security (DHS) has issued a warning concerning the potential for cyber attacks stemming from Iran. This […]

Cybersecurity Begins in the C-Suite

Cybersecurity Begins in the C-Suite

If you are a C-suite member of your organization, perhaps the new year is an opportunity to make your company’s cybersecurity program a priority at the highest level of the business. After all, January 2020 does provide an extra incentive to make positive change that could have lasting impact throughout the year and the new […]

Ransomware Zeppelin Targets North American Healthcare, Managed Service Providers

Ransomware Targets Healthcare, Managed Service Providers

by Andrew Ange, Avertium Healthcare Consultant A new ransomware named “Zeppelin” is making its way across Europe and the United States. First reported on November 6, 2019,  ransomware Zeppelin continues to target healthcare companies, managed service providers and other technology companies.  Background on Zeppelin According to a report by the Cylance Threat Research Team, the […]

Employing MSSP Using Agnostic vs. Proprietary Technology

MSSP Using Agnostic vs Proprietary Technology

If your organization has decided to pursue managed security services, the next important decision quickly rises to the surface: Should you go with a service that uses off-the-shelf technology or a proprietary solution? Since the specialized technology a managed security services provider (MSSP) uses is core to protecting your data, the answer is customer-specific and […]

Recovering from a Negative Pen Test

Recovering from Negative Pen Test

When hiring a team to perform a penetration test, every organization is hoping that nothing negative is found and that they receive a clean bill of health. In reality, pen test results vary from company to company depending on the maturity of the organization’s security. While the majority of the pen test team’s job is […]

E-commerce Companies Holiday Security: How to Ensure your Supply Chain is Secure

E-commerce Companies Holiday Security

The holiday season is a busy one for shoppers, retailers, and customers alike. Unfortunately, the upswing in holiday shopping presents cybercriminals with many opportunities to disrupt e-commerce operations. While an organization’s own network may be well-secured, this doesn’t mean the organization is safe from attack. Supply chain attacks have become increasingly common as hackers target […]

7 Tips for Configuring a Robust SIEM

Deploy Robust SIEM

Security information and event management (SIEM) software fulfills an organization’s most crucial role: It protects an organization’s most sensitive data and establishes proof the business is doing so to meet compliance requirements. This complex set of technologies provides an overall view of the effectiveness of your security stack, acting as a force multiplier for the […]