Industrial organizations face a growing list of digital threats these days. Back in April 2019, for instance, FireEye revealed that it had observed an additional intrusion by the threat group behind the destructive TRITON malware at another critical infrastructure.
The calculus for disaster recovery and risk management is changing. Most small businesses within the past decade would often keep many of their critical technology assets locally, perhaps in a server closet, or a centralized data center for multiple offices. They built their own “vault” of applications, databases, email, files, etc., often on a few physical servers they would be wholly responsible for maintaining and eventually upgrading or replacing.
You can’t go a week without seeing a story about a data breach or ransomware hitting organizations. These breaches can be very costly, but they still continue to show up. Are the good guys not winning the cybersecurity war? Organizations invest millions of dollars in security products and services, but they keep getting breached.
October is national cybersecurity awareness month, and with the recent hacks at Door Dash, the discovery of a large-scale iOS hacking campaign, and a database containing 419 million phone numbers associated with Facebook accounts, we’re all likely feeling a little dirty. So, I decided to share my perspectives on cyber hygiene.
As a system administrator during the early days of the “cloud revolution” I found the “cloud” metaphor an interesting choice to frame the technology stack. Clouds, in my mind, were “woolly” and hard to pin down as opposed to the omnipresent, always-available things that IT marketers were suggesting cloud services would be.
Diligent taxpayers are being increasingly targeted by con artists who are well-versed in manipulating the revenue system. The crooks usually impersonate IRS (U.S. Internal Revenue Service) officials, sending fake emails or messages on social media in an attempt to defraud the targeted individuals of their money. Unfortunately, lots of people fall for these scams, and the malefactors are raking in significant profits. Below is a list of the prevalent tax swindles doing the rounds nowadays.
The time at ML:0 can be eye-opening form many organizations. There are generally a lot of assets discovered that are new or had been forgotten about. Almost every organization discovers their own Methuselah; this is the system that has been around forever and performs some important tasks but has not been updated in years. The system admins are scared to touch it for fear of breaking something.
Normally it works like this. Someone gets infected by ransomware, and then they pay the ransom. The victim then licks their wounds and hopefully learns something from the experience. And that’s what happened to Tobias Frömel, a German developer and web designer who found himself paying a Bitcoin ransom of 670 Euros (US $735) after his QNAP NAS drive was hit by the Muhstik ransomware.
In the digital age, more often than not, you can be sure that some enterprise has hold of your personal information. This information could be your name, email, phone number, IP address, country and other details. This can come from submitting a form, subscribing to a newsletter, accepting cookies, accepting the privacy policy or terms and conditions when creating an account or downloading software.
