Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AT&T Cybersecurity

Running an Eco-friendly IT business

As someone in the technology field I follow the steady stream of new and exciting products and gadgets that come out at least twice a year. I am constantly upgrading my tech and my IT work tools in keeping with what is new. I need to have personal experience with the devices and equipment that clients hire me to manage, upgrade and repair for them in my IT Consulting practice. I often think about the effect that my constant upgrading has on the environment.

How to identify phishing emails and what to do

Phishing scams remain one of the most widespread cybercrimes. A phishing scam can be as simple as getting someone to click on a link, attachment, or a picture of cute kittens. I recently received a spam email with the message: “Old friends post embarrassing pictures of Jason Nelson online; click here to see.” Seeing my name in the body or subject line of an email is alarming. That is why scammers word these emails this way.

AT&T Alien Labs analysis of an active cryptomining worm

This blog post provides an overview of the AT&T Alien Labs™ technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence, and WebLogic servers. Upon exploitation, malicious implants are deployed on the compromised machine. While most of the attacks described below are historical, we at Alien Labs are continuing to see new attacks, which can be further researched on the Alien Labs Open Threat Exchange™ (OTX).

Security and digital payments - growth finally meeting demand

Digital payments are the future of commerce, but security concerns have created a major barrier to their popularity. A study of businesses conducted by the influential PCI Security Standards Council found that 67% of respondents cited a lack of visible security options as a reason for not adopting a digital payments service.

Healthcare cybersecurity for 2020 and beyond

These days, effective cybersecurity in healthcare is as critical as ever. Last year, more than 32 million patients had their personal and medical information stolen in data breaches across the United States. While moves are being made, the fact remains that healthcare providers still have many holes to plug when it comes to the illegal or accidental outpouring of patient data.

Don't give away your secret answers

I was watching an interview with an American Congressional member the other night, and I could not help but notice the person’s lack of cybersecurity awareness. As a disclaimer, please note that this is not a piece promoting or denouncing any political party, or view. I do not discuss politics unless it relates to a cybersecurity matter. In two previous posts, I have been misunderstood and thought to be promoting a position, but that isn't my intended purpose - cybersecurity awareness is.

Top Cybersecurity trends & predictions for 2020

It is that time of year again where we look forward to what cyber goodies the New Year brings. 2019 brought new records in data breaches, a rash of ransomware attacks, and a rise in state-sponsored cyber-attacks. Below is a quick list of what me may expect in the 2020. 2020 also will be the dawn of a new decade that will bring technological transformation that will permeate all aspects of our lives, including cybersecurity.

Should cities pay a ransomware demand?

UPDATE: In a “ripped from the headlines” moment, we have real world confirmation of the growing risk discussed in this article. Breaking news over the weekend revealed that both the city of New Orleans and New Jersey's largest hospital network are in the midst of dealing with serious ransomware attacks. When you hear about data breaches and cyberattacks in the news, it's usually in connection with a large company and has affected users across the globe.

Which security certification is for you (if any)

It is hard to look at an information security job posting without seeing some certifications desired. Some make sense and others not so much. I have looked at junior helpdesk positions asking for CISSP, and some of the roles at some of the most respected companies do not ask for any certifications. There are some certifications that in having them demands instant respect: OSCP, OSCE, GXPN, and GREM, to name a few.