Tag Archives: infosec

Ransomware is infecting the computers of unsuspecting victims at an astronomical rate. The various methods that cybercriminals use to take over a machine and encrypt its digital files are called the attack vectors, and there are quite a few. In this article, we’ll explore the top 10 ransomware attack vectors. The first five exploit human weaknesses through social engineering attacks. In other words, they use carefully crafted messages to entice victims into clicking a link, downloading software, opening a file or entering credentials. The second five spread ransomware computer to…

Continue reading

Ransomware computer viruses are becoming more sophisticated—and so are the attacks that make use of ransomware. In some cases, ransomware is used to disable access to a machine so criminals can perform further actions without being tracked. Criminals have also used ransomware to cause chaos and avoid detection after hacking into a network and stealing data. Ransomware attacks are sometimes used to create a diversion while cybercriminals steal or exfiltrate data. While users and IT teams are busy trying to take machines offline and contain the infection, criminals are busy downloading files…

Continue reading

People are the core of any incident response effort.  You must have the right people to provide the right response.  Incident response teams should include a diverse set of individuals across the organization including executives, information technology, security, public relations, legal and relevant 3rd parties.  Here is what makes a winning incident response team. Winning teams have top level support Top level support is essential in an incident response team, and executives can provide it.  Executives are the ones who will be able to allocate the resources necessary to take…

Continue reading

The average company today is a hybrid collection of traditional on-premise and cloud-based IT solutions.  On-premise solutions may include identity and authorization servers, custom applications, packaged applications, and local data repositories. Cloud services fulfill a wide variety of business tasks such as document sharing, group collaboration, customer relationship management, payment processing, marketing, and communication.  This combination of on-premise and cloud services is called Hybrid IT. On-premise applications require equipment purchases, software deployment, and user training but cloud services can be purchased with a credit card and used almost immediately.  As…

Continue reading