Choose to ignore it and you’ll pay later (just ask the city of Atlanta) In March of this year, the City of Atlanta found out the hard way what failing to do a security check-up can mean. They were hit with the SamSam ransomware, which created an encrypted wall that
By Richard Arneson An 18-month-old study by the Ponemon Institute, an independent research and education organization that works to advance privacy management practices for businesses and government agencies, discovered that, even though malicious insiders compose the largest, most costly source of security breaches, over seventy-five percent (75%) of businesses largely
If you’re not familiar with how ransomware works, call the city of Atlanta’s IT department. On March 22nd, they were hit with the SamSam ransomware, which created, in effect, an encrypted wall that prevented employees from accessing needed data. It effectively ground city services to a halt. The city couldn’t
by Moe Janmohammad, GDT Cybersecurity Analyst On May 25th, the new General Data Protection Regulation (GDPR) from the European Union (EU) will go into effect. The regulations are designed to protect the data of EU citizens, and penalties for non-compliance are steep (up to the greater of 20 million Euros
by Moe Janmohammad, GDT Cybersecurity Analyst 2017 was one of the worst years on record for data breaches, computer vulnerabilities and malware attacks. Based on the first four days of 2018, those numbers might be eclipsed after security researchers uncovered a few vulnerabilities in virtually all processors made since 1995.
GDT Consulting Engineer Nate Atkinson delivers, as part of the GDT DevOps team’s weekly Lunch & Learn series, a great, basic overview on web security, including some fundamentals, such as privacy, authentication, and integrity. He discusses the importance of data security, both at rest and in flight, and common strategies for managing
By Nic Hollins, GDT Network Security Engineer A draft for a new standard has been created by the Internet Engineering Task Force (IETF). It effectually allows people to avoid the scrutiny of surveillance equipment on their networks to perpetuate secure connections. Three Cisco employees have provided a working draft for
by Moe Janmohammad via ScienceMoez.com Almost exactly a year after the Mirai Botnet took down half of the internet, a new IoT botnet is building itself to launch an even more disruptive attack. On October 19th, CheckPoint announced they’ve started tracking a new botnet, named “Reaper”, which had already found
by Moe Janmohammad via ScienceMoez A massive security flaw in the WPA2 encryption protocol has caused panic within the InfoSec community this week. How bad is it? If you own a device that uses WiFi, you’re affected. KRACK, a stylized way to write Key Reinstallation Attack, could allow an attacker
