ransomware

To Pay Up or Not Pay Up

Investigating the repercussions of ransomware attacks The number of ransomware attacks and the frequency of institutions paying those ransomshas increased over the past years. Unfortunately, this hasn’t correlated with those institutions getting their data or systems back. So, should organizations stop paying ransoms? What is ransomware? Ransomware is a type of malware that encrypts the victim organization or individual’s data. …

password hygiene

Password Hygiene: Due for a Cleaning

Every aspect of our lives is touched by the digital world and passwords are one of the most critical issues in cybersecurity. Internet users of all ages and abilities employ passwords without necessarily understanding the process. Why are they being asked to create passwords with specifications like capital letters and only certain symbols? It’s time for us all to visit …

RockYou2021

Demystifying RockYou2021

Unless you’ve been living under a rock, you’ve probably heard of the RockYou2021 breached password list. Many articles have been published about this incident and password lists associated with it. However, some reported information is misleading or downright wrong. Let’s dive into what the RockYou2021 list means for you and organizations worldwide. What is RockYou2021? For a quick recap, RockYou2021 …

pipeline

Lessons from the Colonial Pipeline Breach

One of the largest, most economically devastating ransomware attacks occurred less than a month ago, and details of the attack are starting to become clearer. So what was the catalyst for this attack? It was as simple as a compromised password. As initially reported by Bloomberg, DarkSide was able to breach Colonial Pipeline and inject ransomware, crippling their infrastructure and …

MFA 3

Mixing It Up – Defending Against a Blended MFA Attack

Most businesses employ multi-factor authentication (MFA) security measures to protect their systems and accounts. We’ve talked about the best ways to use MFA effectively and how important it is to protect each layer to keep the bad actors out while still granting your employees and users the access they require. Unfortunately, many businesses believe MFA is all they need to …

dictionary

Blocking Basic Dictionary Words is not Enough

For many organizations, password security comes down to simply implementing blocks on basic dictionary words from being used in the creation of a user’s password. This is not an effective way to secure passwords and may in fact make the creation of a secure password more difficult. There are many ways to improve password security that go beyond blocking dictionary …

mfa

Hacking MFA the Technical Way and How to Guard Against These Attacks

Multi-factor authentication (MFA) requires several elements in order to function as real security for your data systems. Each factor in a multi-factor system must be appropriately protected because malicious actors can take advantage of a weak link to dismantle your protection. In part one of our series on the vulnerabilities of multi-factor authentication, we talked about the social engineering tactics …