November Patch Tuesday: Election Style

November Patch Tuesday is forced to share the spotlight this month. It’s Election Day in the U.S. and likely on the minds of most people. However, Microsoft also released 14 security updates today, 6 of which are rated critical. Thankfully, there is just one active exploit on an older version of Windows this month so once you’ve cast your vote,

> Read More

The History of the Ransomware Threat

Interestingly, ransomware is not a new thing. It first appeared in 1989 with a Trojan program called, “AIDS Trojan,” which was spread by floppy disk. The AIDS Trojan used several tricks to hide files and encrypt their names using symmetric cryptography. The author extorted a $189 fee from users to provide a restoration tool. The author was identified and forced to stop the distribution,

> Read More

Emerging Endpoint Security Trends for SMB

How can SMBs protect their networks and digital assets without breaking the bank?

For all the focus on mega-enterprise security—and all the high-profile data breaches at major corporations—enterprises aren’t alone in the endpoint security battle.

Think about it for a minute. When was the last time you got through a day of e-mail without a spam e-mail with a nefarious link or attachment?

> Read More

How to Avoid a King’s Ransom

Taking an item of tremendous value – data belonging to an organization or an individual – and demanding compensation for its return is a highly effective way for criminals to get what they want. This criminal act is achieved through ransomware and, because it is effective and generally not all that complicated for a cybercriminal to carry out,

> Read More

State of Enterprise Security Still Shaky Says New Survey

Today, we’re announcing the results of a survey recently commissioned on the state of enterprise security. Conducted by Ultimate Windows Security, the report provides visibility into the uses, concerns and challenges that IT departments face in respect to endpoint security, patching, cloud applications and mobile management.

We polled nearly 700 IT professionals working at enterprise (1,000+ employees),

> Read More

Online extortionists reset Android PINs, take data on virtual drives hostage

In the last few years extortion has hit computer users, big time.

Consumers and businesses alike are finding themselves locked out of their computers, or prevented from accessing their valuable data, by ransomware attacks that demand a payment be made to online criminals.

But normally when these malicious attacks are described,

> Read More

Patch! Patch! Patch! What Security Pros Know that Your Barber Doesn’t

[Originally published in the Spiceworks IT Community.]

A Google security research paper was recently published on the best safety practices that hundreds of security experts recommend. This paper outlines the results of two surveys — one with 231 security experts, and another with 294 web-users who aren’t security experts — in which both groups were asked what they do to stay safe online.

> Read More

Five years after Stuxnet, your USB drive is still being patched

Yesterday was Patch Tuesday, and – as Optimal Security’s Russ Ernst described – Microsoft released fixes for a smorgasbord of vulnerabilities.

Obviously, it’s important that you roll out the patches as soon as possible, and ensure that your computers and networks are protected against threats which malicious hackers could use to target your systems,

> Read More

How Do You Protect Your Systems From Ransomware?

In my previous two posts How Does Ransomware Work? Part 1 and Part 2 I described the process ransomware goes through to get on your systems, encrypt your files, and collect your money. Like any malware, all of the steps in the process need to be successful in order for ransomware to work.

> Read More

R.I.P. Windows Server 2003

As you should know by now, Microsoft ended support for Windows Server 2003 on July 14, 2015. But surveys suggest that many organizations may not be ready:

  • 50% of organizations started 2015 with no migration plan – or were unaware that support was ending.
  • 1/3 of organizations hope to complete their migrations sometime after the end-of-support date – stretching out to 2016 – while another 1/3 were unsure when they will complete the migration.

> Read More

The Hacking Team Hack – Why You Should Care!

Another day, another breach. Ho Hum.

So it seemed when news first broke about the hack of the (in)famous Italian vulnerability research firm Hacking Team. Probably a case of hackers hacking back. No impact on most “regular” cybercitizens, right?

Au contraire, mon frère.

It seems that there were a few gems in the 400 GB data dump that was posted online,

> Read More