A password policy designed for federal agencies must be secure, right? Surprisingly, that hasn’t been the case, according to the National Institute of Standards and Technology (NIST). The NIST created many of the password best practices you probably loathe — the combination of letters, numbers, and special characters — but it now says those guidelines Learn More “Think your password is secure? Think again”
Newspaper headlines and Hollywood movies have shaped our understanding of computer hackers, but in the real world it’s not so simple. Some hackers are making massive contributions to the field of cybersecurity, it just depends on which hat they’re wearing that day. Take a few minutes to learn about white, black, and gray hat hackers. Learn More “Not all hackers are cybercriminals”
If you’re thinking of transitioning your business to the cloud, consider the security of the platform. While providers would like us to believe that the friendly, fluffy cloud image used to market the service means it is automatically secure, the reality is far different. Just ask one of the nearly seven million Dropbox users who Learn More “The lowdown on cloud security”
Do you spend hours obsessing about the inner workings of DNS-layer security, intrusion prevention systems, and data encryption? If you’re not a managed IT services provider (MSP), you probably don’t. Instead, you’re probably looking for a business partner to manage those nitty-gritty details for you. However, there’s one thing you really ought to know: What Learn More “Is your IT security proactive?”
If you’re a Mac user, data privacy and security should be your #1 priority. Without the right security measures, you’re inviting cybercriminals to steal your critical data. Are you willing to take the risk? Secure your computer and fortify your defenses with these six tips. The basics First, let’s start with the basics and head Learn More “Secure your Mac computer in 6 easy ways”
When it comes to cyberattacks, most business owners get hung up on the technical and logistical details, forgetting another important aspect: motive. Why are hackers attacking people and organizations? And whom are they targeting? By answering these questions, you’ll have a better understanding of which of your business’s resources need the most protection. Script Kiddies Learn More “4 types of hackers that may target SMBs”
The volume of malicious cyber attacks is increasing every year. Although many companies use the latest network security systems, they aren’t immune to the hackers’ favorite strategy — social engineering. Unlike malware, social engineering tricks people into volunteering sensitive data. Here’s what you should know to protect your business. Phishing This is the most frequently Learn More “Don’t let hackers fool you with these tricks”
Avoiding malware and online scams takes a lot of work. You have to treat every email with suspicion, manage a long list of convoluted passwords, and avoid public WiFi networks. Ideally, you follow several other cybersecurity best practices, but many users don’t believe they’re worth the time. If you’re one of those people, here are Learn More “5 Cybersecurity measures anyone can master”
Taking work home, or practically anywhere, has never been easier. The bring your own device (BYOD) strategy has become a popular approach for many businesses to conduct work more efficiently and flexibly. But this strategy is not without risks. BYOD, if not implemented correctly, can make your system susceptible to a number of attacks. Here Learn More “4 Security risks of the BYOD strategy”
When one cyberattack is stopped, another more powerful variant almost always takes its place. It happens all the time with ransomware, computer viruses, and Trojan horses. Recently, this has become the case with Spectre attacks, which exploit a fundamental flaw in modern computer chips. Here’s everything you need to know.
Spectre 101
For those who don’t know, Spectre is a vulnerability in modern computer chips like Intel and AMD that allows hackers to steal confidential information stored in an application’s memory, including passwords, instant messages, and emails. Malicious code running on a computer or web browser could be used to exploit this vulnerability, but ever since Spectre was discovered, Microsoft, AMD, Intel, and other tech companies released a series of updates to fix it.
What is NetSpectre?
To perform Spectre attacks, malware would have to run on a targeted machine to extract sensitive data. But in late July, Austrian security researchers found a way to launch Spectre-style attacks remotely without locally installed malware. The new attack is called NetSpectre and it can be conducted over a local area network or via the cloud.
So far, it’s impractical for average hackers to use this method to steal data. In tests, researchers were able to steal data at a rate of between 15 to 60 bits per hour, which means it would take days to gather corporate secrets and passwords. As such, NetSpectre will probably be used by hackers who want to target specific individuals but don’t want to resort to obvious methods like phishing scams or spyware.
Experts also warn that while NetSpectre may be impractical now, hackers may develop faster and more powerful variants in the future.
How should you protect your business?
NetSpectre attacks exploit the same vulnerabilities as the original Spectre so it’s important to install the latest firmware and security updates. You should also secure your networks with advanced firewalls and intrusion prevention systems to detect potential NetSpectre attacks.
Last but not least, working with a reputable managed services provider that offers proactive network monitoring and security consulting services can go a long way in protecting your business from a slew of cyberthreats.
If you’re looking for a leading managed security services provider, why not talk to us? We provide cutting-edge security software and comprehensive, 24/7 support. Call us today for more information.