All posts by Eric Vanderburg

Eric Vanderburg is an author, thought leader, and consultant. He serves as the Vice President of Cybersecurity at TCDI and Vice Chairman of the board at TechMin. He is best known for his insight on cybersecurity, privacy, data protection, and storage.Eric is a continual learner who has earned over 40 technology and security certifications. He has a strong desire to share technology insights with the community. Eric is the author of several books and he frequently writes articles for magazines, journals, and other publications.

Apple Inc. has a reputation for building secure devices, but don’t become too complacent because ransomware threats to Mac users are on the rise. While ransomware attacks against Microsoft Windows-based computers and servers remain far more prevalent, security researchers have detected new Mac threats in recent years and expect to see new threats in the future. Here’s a quick look at three forms of ransomware that are known to target Mac users: KeRanger disguises itself as a popular application Imagine this: You go to download a copy of Transmission, the…

Continue reading

Pavan Belagatti and Eric Vanderburg Early DevOps adopters have proven DevOps to be more than just a cultural shift or a set of tools – they have proven it to be a critical success factor and a competency well worth developing in today’s environment of rapid change, technological development, and high customer or employee expectations.  The demand for DevOps in organizations is high, but it is not something that can be bolted on to the average team.  When this happens, the existing organizational undercurrents will undermine the effectiveness of such…

Continue reading

For decades, the printer has been the intermediary between the digital and physical worlds.  Through it, our creations become tangible and yet; this intermediary has become so pervasive and such a mainstay of our technological world that it was assumed somewhat unchallengeable.  However, while the basic functions of printing, scanning, copying and faxing have stayed the same, the modern printer is a far different creature from the monoliths of the past or even the printers of last year. Today’s printers exchange data with users not only on the local network…

Continue reading

There are a variety of different ransomware variants that encrypt your data with no intention of ever decrypting it. There are also ransomware distributors who are happy to collect ransom payments but have no interest in returning anyone’s data. Innocent victims often fall prey to ransomware hoaxes or find problems with ransomware decryptors. They all end up in the same place they started, without their valuable data. Some of the groups behind the most prevalent ransomware viruses are working to build up confidence that victims will receive their data if…

Continue reading

When it comes to ransomware attacks, those who lose valuable data and have no viable backup tend to pay the ransom, while those with backups simply restore their data. However, neither group walks away unscathed because they both suffer downtime. Downtime is the period when systems are unavailable for use, and it can cost small and midsize businesses thousands of dollars or worse—it could put them out of business. An Imperva survey of RSA 2017 attendees found that downtime costs companies more than $5,000 in 56% of cases and more…

Continue reading

The repeal of the FCC Internet privacy rules has spurred on much discussion on privacy online and how companies collect and use that information.  I have fielded many questions on what this means for consumers and their privacy when going online, using search engines, and social media.  Some have wondered how Internet Service Providers (ISPs) differ from search engines and social media in how they collect consumer data. The difference between how ISPs and social networks or search providers collect and use data comes down to the how easy it…

Continue reading

I recently did an interview with Karen Marcus for Careers in Cybersecurity on education, career development, and career success.  The transcript is provided below and is divided into a section for those just starting out in cybersecurity, those mid-career and those late into their career.  Enjoy the read and please let me know your thoughts in your comments. For someone just starting out in cybersecurity: What degrees should they pursue? Any advice for landing that first job? There are a variety of degrees from associates to Ph.D. that concentrate on…

Continue reading

Spora is a relatively new ransomware, but there are signs which indicate that it could become a major player in the underground ransomware market, according to various reports. There are currently hundreds of ransomware variants being used by cybercriminals, but only a handful are backed by major criminal syndicates that have the funding to write robust malicious code and the infrastructure to support global extortion efforts. These groups are behind some of the biggest names in ransomware like Locky, CryptoLocker and TeslaCrypt. Spora is not there yet, but it’s certainly…

Continue reading

Bring your own device (BYOD) policies are commonplace in many organizations today. Employees bring in their personal cell phones, laptops, tablets and other mobile devices and use them to content to corporate networks. Additionally, employees regularly use personal computers and other devices not owned by the organization to work at home or on the road. Unfortunately, BYOD can be risky for organizations that do not implement adequate security controls.  Personal devices that aren’t properly managed by the company often have inconsistent security controls implemented on them. For example, one device…

Continue reading

Ransomware is infecting the computers of unsuspecting victims at an astronomical rate. The various methods that cybercriminals use to take over a machine and encrypt its digital files are called the attack vectors, and there are quite a few. In this article, we’ll explore the top 10 ransomware attack vectors. The first five exploit human weaknesses through social engineering attacks. In other words, they use carefully crafted messages to entice victims into clicking a link, downloading software, opening a file or entering credentials. The second five spread ransomware computer to…

Continue reading