Directive Blogs

The Internet is up to its ears with threats and hackers, but some of the most annoying malicious entities are bots. These are systems which can gather information from all kinds of sources. While some aren’t malicious in nature (think SEO bots which gather data from websites), there are those that aren’t so innocent. These tend to fall into the hands of hackers and attempt to steal information or send spam.

This holiday season might leave technology and entertainment supergiant Sony with nothing but a big lump of coal in its stocking. In a high-profile hack, hackers continue to leak Sony’s employees’ sensitive information like Social Security numbers, passports, and even personal emails. This is obviously an issue for the company, but so is its lack of IT security, as shown by their passwords being stored in a folder named “Passwords.”

In the past, we’ve been known to go into detail about threats, vulnerabilities, and how to protect your business while online. Distributed denial of service (DDoS) attacks aren’t new in the technology world, but notorious hacking group Lizard Squad has somehow managed to take out Internet service for much of Sweden with a faulty DDoS attack; an unprecedented feat, especially for a ragtag group of irate gamers.

Does your office practice proper maintenance and security against the latest threats, like Sandworm and CryptoWall 2.0? You should, or else your business might get a nasty holiday gift in the form of the Schannel vulnerability in Microsoft Office. This particular threat allows a hacker to take over the entire system, making it an exceptionally dangerous vulnerability that you can’t ignore. Thankfully, a patch is available to the general public, so you want to apply it as soon as possible.

This subject isn’t very interesting outside of hospital administrators… or for hospital administrators, but there’s no denying that healthcare is one of the most important industries in our society today; and one that is having a technology overhaul at present. The influx of cheaper and more powerful technology is surely going to be a driving force for healthcare in the 21st century. Under the Health Information Technology for Economic and Clinical Health Act (HITECH), the United States government has followed the lead of other Western nations in forcing entities to upgrade their healthcare practice’s information technology for the betterment of patients, insurers, and health care providers.

Well, better late than never.
This is to be said of Microsoft after they recently patched a security flaw that’s come with every generation of its operating systems going all the way back to Windows 95.

Hackers come in all shapes and sizes, with varied levels of skills to boot. The generic garden-variety hacker will probably only try to hack your email and send spam, or steal your personal information. However, there are much worse threats out there, like APT hackers. This week, we’ll cover how you can spot these wolves in sheep’s clothing.

Grab your tissues, it’s flu season! Just like biological viruses such as the flu can cripple an entire office, digital viruses can cause a lot of trouble for businesses too. Both downtime-causing virus scenarios can be prevented if proper safety measures are followed, like sanitation and cybersecurity.

In these times, passwords are losing their effectiveness. Hackers can now input millions of passwords every second to crack your code. Even now, professionals are working on new solutions which can jumpstart online security. While using a password is still an ideal choice, there are plenty of other options that are being discussed in the two-factor authentication field.

A few weeks ago, a new vulnerability was discovered in the Internet Explorer functionality of SSL 3.0. Due to the encompassing nature of the vulnerability, all operating systems are affected. This makes it a big problem that must be resolved. Thankfully, Microsoft has released a fix to the vulnerability, called Fix It, making it far easier to prevent the vulnerability from becoming an issue.

Our minds often attribute unexplained phenomena with hauntings from ghosts. Most of the time, there's a perfectly good scientific explanation for what's going on. If you ever see your computer's cursor move on its own, your PC isn't haunted. Although, you might prefer a haunting to what's really happening; a hacker is probably stealing your data. Now that's scary!

Everyone has heard horror stories about the spirits of the dead lingering in this world. Every culture on this planet has different beliefs about the nature of these spectral beings. Not much is known about these beings, but people still believe without a doubt that they exist. In regards to technology, ghosts do exist, in the form of ghost servers.

A new threat, dubbed Sandworm by iSight Partners, has been discovered. It is a cyber espionage campaign dating back to at least 2009, and is said to be based in Russia. Sandworm uses a previously undiscovered zero-day vulnerability in Windows operating systems to steal information from government leaders and organizations.

Hackers are mysterious. Not much is known about them - until they get caught, at least. But until the divine hammer of justice is brought down upon them, they will continue to stalk the shadows and wait for us to unknowingly hand over our personal information. What they don't want you to know is that they generally act according to a few particular variables, and that it is possible to avoid their pitfalls.

We reported in August that security researcher Karsten Nohl of SR Labs revealed a flaw in USB firmware that cripples the technology beyond repair. At the Black Hat security conference, it was revealed that USB devices of all kinds can be targeted by hidden malware. Nohl refused to release the code used in the research, due to being concerned that it would be used by the wrong hands, but it has been made public anyway, putting the masses at risk.

For the past 12 years, the Harkonnen Operation has plagued Europe. The malware campaign, operating scams in Germany, Switzerland, and Austria since 2002, has finally ended, but that doesn't change the fact that it may be the most long-lived malware to have existed. What kept security firms from discovering these attacks and preventing them for so long?

Are you confident that your company's network is 100 percent secure? The best way to answer "yes" to this question is with a network audit. This is a technical procedure where IT professionals analyze every nook and cranny of your system, looking for every possible vulnerability. No matter what the situation is with your company's IT management, a network audit is worth doing.

Hackers today are trying every approach possible to steal your device's data, including the hijacking of public USB ports. This technique is known as "juice jacking," and with this new threat, you should think twice about charging your device using a public USB charging kiosk, or even the USB port on a friend's computer.

Major retailers are having a rough time of it these days concerning the security of their customer's financial information. Last December, Target was hit with malware that compromised 40 million customer credit and debit card accounts, and recently, Home Depot was hit with the same malware. What's a connoisseur of mass-produced boxed goods to do?

When diagnosing your computer's security problems, it should be noted that malware is not always located on the PC itself. A lot of the time, problems could be occurring in a number of different operating systems and browsers, making it difficult to diagnose the cause. A recent study by Ronald Kaplan and Dylan Kaplan proved that malware can be located not only on your computer and devices, but even on your wireless router.

The art of war is of vital importance to the State. It is a matter of life and death, a road either to safety or to ruin. Hence it is a subject of inquiry which can on no account be neglected.
- Sun Tzu, The Art of War

The ancient Chinese military general Sun Tzu might have been around long before the Internet was a thing, but he sure knew how to make an impression on the world. In his extremely influential book on ancient Chinese warfare, The Art of War, he says that "every battle is won before it's ever fought." This applies to protecting your IT network, too.

Today, almost everybody has an Internet-connected camera in their pocket. A crazy amount of photos are posted online. In fact, Facebook alone claims to have over 250 billion photos, with 350 million user images posted every day. All of these pictures are fun, but how do you ensure that only the people you want to see your photos are seeing them?

If 2014 hasn't been a legendary year for data breaches yet, it certainly is now. Community Health Systems, a hospital network for over 206 facilities across the United States, has been the target of a data breach resulting in 4.5 million records being compromised by Chinese hackers, including Social Security numbers, birthdays, names, addresses, and telephone numbers.

For Washington D.C. residents, there's a dubious threat looming in their backyards putting their personal data at risk. It's Coco, a Siamese cat wearing a high-tech collar designed for hacking WiFi networks. Have you taken the proper security measures to protect your sensitive information from feline foes like Coco?

In an attempt to push users toward the most recent installment of Internet Explorer (IE 11), Microsoft has announced that, as of January 2016, all older versions of Internet Explorer will reach their end-of-support date. This means discontinued patching and security update support, putting all who refuse the upgrade at risk.

All of the security breaches and vulnerabilities of 2014 sure have made for an interesting year; first Heartbleed, then the Internet Explorer vulnerability, GameOver Zeus, and the Russian password-stealing gang. In light of these events, you really have to ask the question, "how can we fight these threats?" Symantec has told The Wall Street Journal that they feel antivirus technology is "dead."

A few months ago, we mentioned that a ransomware called CryptoLocker was spreading at a dangerous rate due to the GameOver Zeus malware. The ransomware would lock down files on victims' computers until a fee was paid, but not anymore. Now, with the help of FireEye and Fox-IT, a solution has been created called DecryptCryptoLocker.

USB devices have long been a staple of the technology world, but are notoriously vulnerable to exploitation from hackers and malware. As malware grows more and more sophisticated, you can no longer trust simple antivirus scans to protect your business.

If your business purchases hardware or other supplies from a retailer, or if you are your own point-of-sale, your company might be targeted by a new type of Point-of-Sale malware known as Backoff. The malware is capable of stealing credit card information from unsuspecting victims, and should be a cause for concern for those unprepared to fight against it.

When it comes time to upgrade, many smartphone users will sell off their old device in hopes of making extra cash. However, if the phone's memory is improperly wiped, an experienced hacker can use advanced tools to recover sensitive data off the used phone. Let's talk about how this happens and what can possibly be recovered by a hacker.

Thanks to Edward Snowden's revelations concerning the National Security Agency's (NSA) questionable online practices, we now know that there are ways that we can be watched by others and not even know about it. But what's really scary is that malware exists that can accomplish this same goal.

Apple's iOS operating system might be well known for its impressive security features, but that doesn't mean that it's invulnerable to all threats. In fact, backdoors may have been located in the operating system, which allow Apple and law enforcement agencies like the NSA to access the devices.

The Hackers on Planet Earth (HOPE) conference which took place on Saturday, July 21st 2014, had an important panelist, that being Edward Snowden. Whether he's a whistleblower or a traitor is a hot topic on the web, but one thing is certain - he has called for assistance in creating and promoting anti-surveillance technology to mitigate government spying.

One of the greatest things about today's technology is that it has grown more mobile, and some employees like to bring their own devices from home to use for their workplace. This is called BYOD, and while it is useful sometimes, it might be putting your business at risk.

With all of the zero-day exploits popping up lately, such as the GameOver Zeus malware and Heartbleed bug a few months ago, it only makes sense to step up research on how and why it occurs. Google is doing just that with its new research program, rightfully dubbed Project Zero.

Don't trust Google and Yahoo just yet - they might be fake! On July 10th, 2014, Microsoft issued a warning concerning the nature of identical SSL certificates and domains of some popular sites that might allow malicious copycat sites to emerge. As of now, the cause is unknown, but we know that this could be dangerous if you're not prepared to deal with it.