User Authentication Redefined: Why give away the cow if all they need is milk?
It’s time to talk about user authentication security. It’s time to talk about who can access what and why. It’s time that you knew who was at the gate before letting them in the door. Today’s cyber-attacks and tomorrow’s emerging cyber security threats demand we redefine our approach to authentication and access. At Shield we […]
Understanding the Equifax Breach & Filling The Gaps On Future Email Security
Equifax breach. Major holes in network were not updated and closed. Are you aware of the holes in your network? Recently we saw a flurry of “anniversary” stories regarding the Equifax breach. The breach compromised crucial personal data of more than 147 million people – the Social Security numbers of nearly all of them, […]
Avoid Email Attacks & Protect Customers From Getting Threat Emails [Case Study]
The following is a threat email which is a common form of email attack that is now doing its rounds on the Internet. It is based on hackers infiltrating corporate Networks and getting hold of real banking information belonging to the recipients. […]
Homeland Security warns MSPs about APT actors
Wednesday October 3rd 12:30pm PST – U.S. Department of Homeland Security (DHS) is advising MSPs (managed services providers) and CSPs (cloud services providers) about advanced persistent threat (APT) actors “actively exploiting trust relationships in information technology (IT) service provider networks around the world.” The annoucement to the Department of Homeland Security warning is here. Further […]
Most Companies still don’t get it! If you don’t properly protect your data, you will be breached.
Small businesses are well known for the nimble and lean operations as well as solid risk management. Making quick decisions about what requires immediate attention as no risk can be prevented with 100% certainty. But researchers have found one risk that puts 60% of businesses, who encounter it out, of business. Furthermore, it is a […]
Open .git directories could expose sensitive data
Criminals never stop, Cyber criminals too, and so (Cyber) crime fighting can’t take a break either. But like we say at Shield every IT hero needs a good team behind them. Today we learned of a potential data breach threat lurching in git repositories. One of the good guys, Vladimír Smitka, reported that nearly 400,000 […]
Shield-SDE helps you move beyond Fax(ploit)
Checkpoint researchers recently compromised a HP Multi-Function Device by sending it a fax. The device was connected to a telephone line yet they were able to take control of a computer on the same network as the HP device. It’s actually a pretty cool exploit… they call it Faxploit. Thankfully the good guys did it […]
HIPAA Compliant AD HOC E-Mail
Healthcare organizations sit on top of enormous amounts of sensitive data covering patients’ medical records, doctor and faculty details as well as processes and information that is highly confidential. Currently used tools provide great sharing and access capabilities, yet also make such medical institutions’ data easily accessible to outside sources, and thus the data is […]
One Way or Another Ransomware Will Get You
Zero-day vulnerability in Adobe Flash Player is being distributed in a couple of exploit kits. Attackers are using the previously un-patched flaw in Flash Player to infect victims with Locky or Cerber ransomware. Using exploit kits to move ransomware isn’t new, but does escalate the distribution of Locky, which is well known for large breaches […]
Pen Test Automation “GOOD”
One of the important changes in the field of hacking prevention has been the release of tools for uncovering network vulnerabilities. Scanners that can detect exploitation points within your networks, leaving you vulnerable to attack and ultimately breach. These pen testing tools have a distinct advantage because the process of manual exploitation can produce incorrect […]