Leaving your remote desktop protocol (port 3389) servers open to the internet has been known to be a cybersecurity “bad idea” for years, but the Bluekeep vulnerability, as well as the more recent Seven Monkeys batch of disclosed vulnerabilities, have made this vital to your business’s survival.
What sounds better? Proactively fighting potential threats or scrambling to pick up the pieces after an attacker has successfully made their way onto your system?
As threats continue to become more complex and targeted, it’s more important than ever to focus your efforts to minimize the risk before it’s too late. Vulnerability management is one way to do that.
Ignore security at your own and your customers’ peril.
Recently there was a post on r/sysadmin from a network administrator who had a client system hacked because he left their iLO card facing the internet…
Vulnerability scans are a great way to dive deeper into a network and search for problems that may go otherwise undetected. Many times, however, security professionals are performing scans that are only scratching the surface of what could potentially be uncovered.
There is still quite a bit of confusion out there on the differences between a Vulnerability Scan and a Penetration Test. The truth is both services can be successful in keeping you ahead of the hackers, but the trick is knowing which one is right for you and when.
The paranoia surrounding cyber crime attacks is rising, almost as quickly as cybercrime itself. According to research from the Ponemon Institute, nearly half of all small businesses suffered a data breach in 2015.
In fact, The Business Journals’ latest SMB Insight study showed that over 550,000 small businesses are projected to fail in 2017 due to a cyber attack.
Although cyber attacks against large companies make the biggest headlines, small and medium-sized organizations are not immune to the threats. Smaller organizations are just as vulnerable as large enterprises, and in many cases, more so; because they have fewer resources to devote to cybersecurity.
It seems that our news feeds are constantly flooded with the headlines of the latest cyber attack. Wishing it away, or hoping that our news filters are malfunctioning, is just not possible. Sadly, it is due to the fact that these crimes are happening more frequently than ever before.
Privileged accounts represent one of the largest vulnerabilities an organization faces today in network security. It doesn’t matter if the accounts are compromised by an external attacker or a malicious insider. If privileged accounts are in the hands of an adversary it is a very real and scary threat.
Log analysis. It’s a thing. First reactions are probably going to be “Yuck,” “Make the new guy do it,” “Insert expletive here,” or the more common “Why? What broke now?”