10 Critical Steps to Survive a Ransomware Attack, Step 2: Patch, Patch, Patch.

Posted Posted in Ransomware, Security, Uncategorized

What are software patches? Patches are fixes for “bugs,” or flaws in programs. While some people still like to say “computers don’t make mistakes,” one must remember that computers are designed, built, and programmed by humans… and humans certainly make mistakes. Software patches are created when a problem is found, and the author of the […]

10 Critical Steps to Survive a Ransomware Attack

Posted Posted in Best Practice, Business, Business Continuity, Internet, Phishing, Ransomware, Scams, Security

We’re seeing a rash of ransomware sweeping across IT systems, ranging from large enterprises to microbusinesses with only a few PCs. As I am writing this, we are in the middle of responding to an incident where a business has been entirely shut down due to being infected with the Locky ransomware. The entire business has […]

A good discussion on ransomware

Posted Posted in Breaches, Ransomware, Security

Last week, WBUR’s On Point with Tom Ashbrook dedicated an episode to the topic of ransomware. The guests included ransomware victims, as well as a security professional who discussed the problem. Unfortunately, the expert occasionally used jargon that may be foreign without some context, but Tom did a decent job of getting definitions from him. […]

Does your site offer an open redirect?

Posted Posted in Browsers, Business, Internet, Scams, Security

Last week, Brian Krebs reported on a disturbing trend in federal (.gov) websites having “open redirects” enabled, allowing scammers to delivery content from seemingly legitimate (government) websites. So why do these open redirects even exist in the first place? Simply put, they are a convenience for website developers. Many websites will offer links to other […]

Antivirus and Firewalls Will NOT Protect You From This

Posted Posted in Security, Social Engineering

Fact: traditional antivirus software will NOT protect your business  from many threats on the Internet today. A firewall won’t, either. Not even a full-time security staff will shield you from the most insidious (and probably oldest) threat to your business today: social engineering. Social engineering is difficult to combat with technical controls. Things like spam […]