k_Street Consulting, LLC Blog
Wireless Internet connections, often referred to by the moniker Wi-Fi, have become a popular offering from public businesses. Even organizations that have no real need for an Internet connection to conduct business, like restaurants and coffee shops, now offer Wi-Fi for their customers. However, public Wi-Fi can be dangerous, especially for the business professional.
If you panic in the event of a hacking attack, imagine how the National Security Agency (NSA) feels knowing that some of its exploits are for sale on the black market. While there isn’t any proof that the NSA has been breached, there’s evidence to suspect that their exploits are available for purchase on the black market. This means that a willing hacker could get their hands on government-grade hacking tools--a dangerous concept.
Payment via mobile devices is still a relatively new concept. With newer smartphones, it’s now easier than ever to pay your bills or send money on a whim. However, this also brings up an important topic; what’s the best way to handle mobile payments, and how can those who accept and process these payments ensure maximum security?
Ransomware is a particularly nasty strain of malware that continues to pop up in unexpected forms. In the case of a new variant of called Cerber, it targets users of Microsoft Outlook using a zero-day vulnerability via phishing messages. To make matters worse, Cerber can also utilize DDoS attacks, which is a major cause for concern.
It’s clear that security professionals have waged war with hackers since the Internet’s inception, but NATO has reaffirmed that cybersecurity is not just a localized problem; it’s a nation-state-wide issue, and one that needs to be addressed. Just like land, air, and sea, cyberspace is now an operational domain, a place that can be considered a battlefield.
Microsoft recently issued security patches to fix 27 vulnerabilities, many of which are critical in nature. The vulnerabilities are significant and popular titles are affected like Windows, Microsoft Office, Internet Explorer, and the new Edge browser. Microsoft users that ignore these security patches are putting their system at unnecessary risk.
There’s a new augmented reality game on the market these days. Perhaps you’ve heard of it - a title called Pokemon Go, which lets you capture virtual monsters that “appear” on your smartphone’s camera. However, hackers have seized this opportunity to infect players’ mobile devices with a backdoor called DroidJack, which uses the mobile app’s immense popularity to its advantage.
One of the main ways to keep an account’s credentials secure is by changing them consistently. However, we ran across an article recently that plays “devil’s advocate” on the password security issue, and they made some fair points about how changing passwords too frequently can lead to decreased security as a whole.
The ransomware Petya (previously thought to have been eradicated) has unfortunately resurfaced, and it’s brought a friend to the party. Petya was delivered via an email containing an invitation to apply for a job, including the virus in an executable file that was disguised as a PDF job resume. When a hepless user clicked the file, Petya would get to work.
A vulnerability has been discovered that affects all versions of Microsoft’s Windows operating system, including the long-unsupported Windows XP, going all the way back to Windows 95. The vulnerability, called BadTunnel, allows attackers to directly bypass system defenses and initiate a man-in-the-middle attack. The vulnerability isn’t limited to just Windows, either; it also affects Internet Explorer, Edge, and other Microsoft software.
When it comes to cybersecurity, maintenance is key. Whether you choose human-based security or an automated security solution, running into shortcomings is still possible. Human security tends to rely on the word of experts, and anything that doesn’t fit into the guidelines is missed and may therefore get through and wreak havoc. Network security can be a touch overzealous, in a way “crying wolf,” with an excess of false positives that ultimately require human analysis, leading to human frustration.
If you’re like every other small business out there, you know that the more employees you hire, the more technology that you have to procure. However, when you have more end-users, you provide more avenues for threats to slip into your network infrastructure unnoticed. When all it takes is one simple mistake from a single end-user, how can you minimize the chances of falling victim to an untimely hacking attack?
The purpose of your company’s information technology is to create, access, and share the data that your business needs to get the job done. One challenge that stems from exchanging such valuable information is the chance of it getting intercepted by the prying eyes on the Internet. Taking advantage of a Virtual Private Network (VPN) is the best way to safeguard your organization from this risk.
To get the most life out of your smartphone, you’re going to want to properly take care of it. Of course, this is easier said than done for a small device that’s prone to being dropped and subject to the many dangers of being transported. Here are five smartphone practices to avoid if you want your device to last.
Do you know which database management system is used by your company’s servers? Obviously your end users aren’t expected to know the answer to this question, but this is something that you, as a business owner, need to be aware of. If you don’t keep track of which database software you’re using, you might accidentally wait too long and wind up running an unsupported piece of software. For example, you need to move away from SQL Server 2005 (which is now unsupported) as soon as possible.
Malware has traditionally targeted industries that are exceptionally profitable. For example, hackers like to target retailers for their wealth of financial credentials. One of the most profitable industries, entertainment, is also subject to similar torment, including Steam, the PC gamer’s most valuable tool for gaming binges.
Hackers have proven to be a crafty and suspicious lot, and can take advantage of even the most benign technology to infiltrate networks. However, we don’t often associate them with objects in the physical world. Now, even something as simple as a decade-old communications device can be used to open the right garage doors.
Consumer technology continues to grow more versatile and connected, allowing users to perform functions previously unheard of. One such piece of consumer tech is the latest in rolling security bots, the LG Rolling Bot. Basically, what you see is what you get; it’s a rolling security robot that can be controlled remotely through a smartphone.
With approximately 5.5 million new devices being connected to the Internet everyday, the Internet of Things presents the biggest security challenge to date for IT professionals. Essentially, an IoT device that’s not secured can easily fall prey to hackers, and with so many different devices being connected, it’s easy to overlook a device or two, like your security cameras.
Modern ransomware is exceptionally dangerous, even by malware standards. Ransomware is capable of locking down important files on a victim’s computer, displaying a massive threat to both business professionals and their networks, as well as the average PC user. While other types of ransomware like CryptoLocker and CryptoWall are somewhat manageable, a new variant called CryptoJoker makes it borderline impossible to recover your files.
2015 saw a significant increase in high-profile hacking attacks in organizations of all disciplines: healthcare, government, and even large entertainment companies all fell victim to data breaches. In light of these attacks, valuable lessons can be learned through analyzing the types of records that were stolen. In 2015, over half of all records exposed to hackers were passwords and email addresses.
It’s clear that your IT department should have administrator privileges with your business’s technology, but the average employee is another story altogether. Administrator privileges provide users with the ability to do many things, such as install programs and access admin settings. Administrator privileges are exactly what you want to keep users away from, and it turns out that the majority of flaws in the Windows operating system depend on these privileges.
The fact that so many businesses are rushing to take advantage of two-factor authentication displays how the password has lost its edge as a security credential. Passwords simply aren’t good enough anymore, and hackers are always finding ways to crack even the most complex passwords. This is why many businesses are looking to improve security through alternative means.
The average small and medium-sized business has trouble with the implementation of comprehensive IT solutions, mainly due to these organizations having fewer resources to allocate towards these solutions. This often leads to end-users implementing their own solutions, which can be dangerous under the wrong circumstances. By allowing this “shadow IT” to run rampant in your office, you’re putting business continuity, data storage compliance, and security on the line.
Direct denial of service attacks are a major problem for businesses. On one hand, they’re difficult to prevent entirely, incredibly annoying, and costly. Hackers are realizing just how annoying DDoS attacks can be, and are capitalizing on them in order to both make a quick buck, and to take jabs at organizations that aren’t necessarily doing anything wrong.
Cloud computing started out as a trend, but it’s become a staple in the modern business environment. A recent poll of IT and business executives by Harvard Business Review and Verizon shows that 84 percent of respondents have increased their use of cloud services in the past year, 39 percent of which “increased significantly.” The issue that comes from such an increase is the idea of employees accessing information that they aren’t supposed to.
Your network’s firewall plays a vital role in protecting your business’s mission-critical assets from external threats. As one of the most basic PC security layers, it would be silly to function without one. Granted, having a firewall and knowing what it protects you from are two different things entirely. To maximize your business’s data security infrastructure, you should pay close attention to how each individual part of your security solution works, including your firewall.
Password security is quite the conundrum. We want our passwords to be easy to remember, but the problem is that passwords that are easy to remember are often simple and insecure. Therefore, it becomes a best practice to use complicated passwords with both upper and lower-case letters, numbers, and symbols to compensate. The “passpoem” might resolve this issue in the most obvious way.
When it comes to connecting to your business’s network, remote workers have a lot more problems to deal with. There’s significant concern over the security of data that’s accessed across an insecure Internet connection, which could unnecessarily put your business’s data at risk. Therefore, it’s critical that your business has a solution to this predicament, like a Virtual Private Network (VPN).
It’s a well-known fact that cybersecurity is a major pain point for all businesses, but some organizations spend vastly more money on it than others. Considering how the Internet is full of threats that are waiting to attack at any given moment, it’s not surprising that some organizations invest heavily in their security. Large businesses with over 1,000 employees spend around $15 million annually on security, so you need to make sure that your business is also spending the appropriate sum on network security.
If you allow your team to bring their mobile devices to work and use them for work purposes, you’re aware of the challenging nature of integrating devices like smartphones and tablets into the work environment. They allow employees to keep up with their email and stay productive while away from their desk, but they also present a security challenge that’s not so easily fixed. How can your business address the potential issues regarding these devices?
With new threats emerging all of the time, it’s no wonder that cybersecurity is such a major part of any technological endeavor. Your should be using the most powerful security solutions on the market in order to avoid intensive hacks. Despite the emphasis that our society places on security, it takes a high-notoriety hack to truly shake the public into action; for example, what if the Central Intelligence Agency were hacked by a teenager?
Attention people of the Internet, October is Cyber Security Month! Make sure that you share this information with everyone on the Internet that you know. In a situation like this, sharing content with everyone to raise awareness of a worthy cause is perfectly fine. Although, what’s not alright is the sharing of your personal information online.
We don’t need to explain how dangerous the Internet is. Behind a veil of deception is a horde of malicious entities that are practically begging you to make a mistake and allow them access to your infrastructure. If there’s one thing you should be sure of, it’s that a single mistake is all it takes to allow dangerous entities into your organization, like ransomware, viruses, malware, or even spyware.
The Internet is chuck full of malicious activity, but sometimes the difference between legitimate and illegitimate websites is so fine that it’s nigh impossible to discern the two. Well, we might be in luck; as it turns out, around 95 percent of the dangerous websites on the Internet can be identified by the top-level domains they use.
With social media playing such an important role in everyone’s day-to-day lives, one has to wonder to what degree this affects the security of online accounts and profiles. Social media might have revolutionized the way we communicate with others, but it’s also revolutionized the way that hackers stalk their victims. How vulnerable are you and the people you love when it comes to your Facebook settings?
Can you believe it’s already been two years since Cryptolocker, a particularly nasty strain of ransomware, was released into the online environment? By encrypting files on a victim’s computer, and forcing them to pay a fee for their safe return, Cryptolocker has been a significant threat to both business and personal environments. Now, however, a particular strain of Cryptolocker is making gamers look like cybersecurity rookies.
The Internet can be a dangerous place. Sometimes you want to keep your identity a secret on the web. Now, your reasons for doing so aren’t any of our business, but you should know that there are several ways to access this secretive function in Google Chrome. Here are three ways you can take advantage of Google Chrome's Incognito mode to browse the web in an anonymous fashion.
With the United States’ Presidential election ramping up, it’s hard to go anywhere without seeing Hillary Clinton’s face. The former U.S. secretary of state and first lady, Clinton is making her second attempt at the Presidency. She has gained some negative attention recently in regards to emails she had sent from a personal email address when she was the United States’ top diplomat and it’s opened up some questions about data security at the highest reaches of government.
As a business owner, you understand that there are always criminals on the lookout waiting to take advantage of the slightest crack in your defenses. They want to steal from you and see you fail. Cyber security is one of the most important avenues of defense your business should take advantage of, especially considering the fact that most threats to your organization aren’t apparent until it’s too late.
Spam emails often contain viruses leading to any number of potentially threatening situations for your company’s network. Therefore, it’s essential that your network has a security solution in place that acts as a sort of virtual sheriff, blocking malicious messages from accessing your network, while granting passage to the good guys.
For those of you who don’t yet have Windows 10, don’t panic. It’s not going anywhere, and you’ll get it soon enough. In the meantime, it’s important that you don’t get impatient and hastily open suspicious emails containing what appears to be a launcher for your Windows 10 download. Hackers are using ransomware to extort money from unsuspecting users who just want their new operating system already.
Any user of technology knows that it’s important to optimize security on all fronts of your business. The only problem with this is that passwords aren’t as secure as they used to be. Many businesses have moved in the direction of two-factor authentication, which requires a secondary credential in order to access an account. Did you know there’s a security method that uses your mouse’s behavior to authorize your login?
People often blame technology for not doing its job in the face of hacking attacks. While this is certainly true, only half of the fault lies with the technology. The other half, whether we like to admit or not, comes from the people using technology. This brings up an interesting ultimatum; only humans can prevent hacking attacks from happening altogether. If people don’t protect their data, it’s only natural that it will eventually get attacked.
As an employer, you understand that employees come and go. The same group of professionals who helped you build your business will probably be drastically different ten years, or even five years from now. While employee turnover is a natural occurrence, it also presents a certain risk. Believe it or not, a surprising percentage of employees will leave your business one day, and they’ll take some corporate information with them.
With all the hacking attacks we’ve seen in the news, it’s painfully obvious that using passwords just isn't enough to protect our information. We now have more security measures available than ever before. One of the more unique and effective solutions to have surfaced is Facelock, a clever solution that grants access based on how well you can identify images of your friends and family.
As a business professional, you have a responsibility to ensure that your company’s network and data is protected from hacking attacks. It can be difficult to remember to take all of the necessary precautions, but with our help, you can easily outline all of the measures that should be taken to maximize security for corporate data.
What comes to mind when you think about the Internet of Things? Tech enthusiasts around the world see hordes of connected devices taking advantage of mobile technologies to augment everyday life; but the realist sees a horde of devices that pose a considerable threat to network security. How can your business ensure maximum security in the face of such a phenomenon?
You might recall how the Silk Road, an illegal online drug market, was recently shut down. Similar to the Silk Road, there’s another distributor of sensitive information out there; this one dealing with zero-day vulnerabilities. These types of cyber threats sell for top-dollar, and hackers are willing to pay in order to access your network.
The nature of hacking is to take advantage of weak points and exploit them for some kind of profit. This is usually seen in flaws or vulnerabilities found within the code of a program or operating system, but these flaws can be psychological, too. Hackers are increasingly taking advantage of a concept known as “social engineering” to fool users into handing over sensitive information that can be used against them.
As technology grows ever more complex, the average garden-variety threats grow exponentially. As such, security measures grow more comprehensive to battle the myriad of new threats that appear every day. If you’re not protecting yourself by maximizing your network security, you could be weak and vulnerable.
Hackers make life difficult for even the most innocent Internet user, and it’s all thanks to a nasty little trick called reverse-engineering. This is when a hacker picks apart the code that makes up a program, then scans it for vulnerabilities or exploitations. A new type of security measure is being developed to protect against the reverse-engineering of software.
It seems like you can’t go a week without hearing about some new security vulnerability or massive data breach. Naturally, this leads the average computer user to feel nervous, especially when dealing with sensitive information. With only a password standing between you and your account, hackers can easily access it if you’re careless. Two-factor authentication is the key to maximizing your online security.
There are a lot of different threats out there: Viruses, malware, spyware, adware, the list goes on. While all of these threats are certainly problematic, some are more dangerous than others. In particular, advanced malware can be exceptionally devastating if they manage to inflict damage on your technology.
Wearable technology is still emerging, but a much different type of smart tech is coming soon. At the Kaspersky Labs Security Analyst Summit, the question of whether or not embedding technology in the human body is a viable concept was discussed in detail. This is supposedly the future of smart technology.
When it comes to your data infrastructure, accessibility and mobility are two of the top necessities. Many businesses take advantage of a Virtual Private Network (VPN) to meet this requirement. A VPN has the ability to extend your company’s network virtually over the Internet, allowing remote users to access your infrastructure. However, considering the popularity of the cloud, it might be time to reevaluate your VPN solution and make sure it’s still relevant.
A common occurrence in the business world is the employee who wants to use their sweet new smartphone for the purposes of work. The average business owner might be ecstatic that the employee wants to get more done in the day, especially when the device isn’t on the company’s dime. However, some professionals forget that these smartphones aren’t immune to being misplaced or stolen.
As seen by the recent Superfish app debacle, software that comes preinstalled on a new PC shouldn’t always be trusted. Most of the time, the innate software on a device can be trusted; but the Superfish application is an exception. This app, which came preinstalled on new Lenovo PCs between the months of September and December of 2014, can potentially compromise the security of your machine.
One of the most publicized hacks we have seen is last December’s breach of Sony Pictures Entertainment by the Guardians of Peace. In addition to the hackers exposing Sony’s budget, plans for layoffs, and 3,800 SSNs, they leaked personal emails from company executives. This incident should make every business owner a little nervous.
For business professionals needing to access sensitive information, a public PC is never the first choice. We’ve all suspected it, and now there’s government-issued proof that hackers are targeting public computers. However, don’t be deterred from using public terminals; there are ways to get around hackers and their traps.
Technology plays a crucial role in the healthcare industry, and thanks to the Health Information Technology for Economic and Clinical Health Act (HITECH), healthcare providers and insurance companies in the United States have to abide by a specific set of regulations when it comes to handling patient data.
Everybody loves a good holiday, and this season is the perfect time to buy a tech lover a great new gift. However, it’s important to always practice proper security precautions. All it takes is one slip-up to hand over personal information or even your identity to a hacker. It’s imperative that you follow proper security protocol when dealing with online shopping, especially if it’s for your business.
We’re so busy worrying about hackers that we rarely think about how they acquire the tools they need to steal you out of house and home. One reason that the surge of hacking activity has skyrocketed over the past few years is because hacking tools have become more readily available, through an illegal black market known as the Darknet.
After a long 19 years, a critical vulnerability found in the Windows series of operating systems has been patched. IBM informed Microsoft of the flaw back in May 2014. The flaw, which allows for remote code execution via a packet to a Windows server, is found in every Windows operating system since Windows 95.
Passwords are slowly becoming obsolete in the face of more powerful security solutions. This is especially true considering how a hacker can input millions of characters every second in an attempt to break into your account and unleash who knows what into your business’s network. While using a password is still a good idea, professionals are working tirelessly to bring the new face of two-factor authentication to light.
As a business owner, you might find yourself on the road a lot, and you likely feel the need to check your email for important updates from the home base. This becomes more difficult as you move from civilization into the vast unknown, with the only available WiFi connections found in public places. Unfortunately, public WiFi spots are notorious for being unsecured and unprotected, and it’s important to practice proper security when dealing with them.
It seems most logical to store every byte of your data, and with the advent of cloud computing, it's more affordable than ever. While most companies tend to store a huge amount of data, some forget that they should always be willing to delete old files if need be. This is especially true if you deal with sensitive data which can leave your business liable to a possible lawsuit.
Naturally, if you saw your lamp levitate, you would believe it to be the work of a ghoul and you would cry out in terror. What then would you believe if you saw your PC’s cursor begin to move on its own? In a spooky scenario like this, your computer isn’t haunted. It’s hacked. In the real world, the latter is the scarier of the two.
Sometimes it seems like the Internet is plotting against you, and nothing is safe, ever. Even if you don't have any thugs waiting to steal your data, there are hackers - thieves - who will steal it anyway, waiting to take it when you least expect it. One of the most secure ways to protect your company's digital assets is to enact a "zero trust" policy for your network.
A cyber espionage campaign called "Sandworm" has been discovered recently. The hacking attack, said to be based in Russia, has been targeting government leaders and organizations since as early as 2009. The researchers responsible for the discovery, iSight Partners, came to this conclusion after examining the code used in the campaign.
Businesses are turning their attention toward the cloud more and more every day, but many of them find the cloud to be a lot of information to process. What businesses want is the ability to see how cloud services can benefit their personal and professional goals. Cloud solutions can give your company an edge on your competition, but you don't always know what the best solution for your business is.
Whoever came up with the idea of BYOD sure was onto something. Employees love bringing in their own personal devices for work, but is it putting businesses at risk? BYOD was well-received by the business world, but now some companies are questioning whether mobile devices at work are putting their information at risk.
In a survey by Cyber-Ark, close to half of employees interviewed admitted that if they were fired tomorrow, they would take with them their former company's proprietary data. This is a shocking revelation considering how much you trust your current staff, maybe even to the point of referring to them as "family." What can you do to protect your business from a former employee with ill intentions?
Most people think that crime doesn't pay, but that's not what the numbers say. When hackers steal from others, they are leeching countless dollars from the world just to satisfy their own goals. This has worldwide effects on the economy and the tech industry, not to mention what it can do to your business.
We've got yet another major data breach to report that affects millions of users, this one of a very personal nature. This week, it was revealed that Chinese hackers compromised 4.5 million medical records from Community Health Systems, a hospital network with 206 facilities in the United States. Ask your doctor today if identity theft prevention is right for you.
Yes, you read that title right. If your WiFi isn't protected, you can be hacked by the furry little creature that wanders around your backyard when you're not home. Coco, a Siamese cat from Washington, D.C., was able to discover dozens of weak or unprotected WiFi networks in his neighborhood with his high-tech collar.
Your office is likely full-to-bursting with devices utilizing USB technology. It's been a popular way to connect external devices to PCs since the 1.1 version was released in 1998. However, it may be the technology's popularity that will cause its downfall as hackers develop ways to use the device to their advantage.
All of the recent vulnerabilities and bugs over the past few months, such as Heartbleed, GameOver Zeus, and the zero-day Internet Explorer vulnerability have many people thinking - just how strong is antivirus in the face of such threats? Symantec told The Wall Street Journal their opinion on the subject: Antivirus is "dead."
Smell that? That's the stench of your computer burning because you ignored the hackers and viruses constantly trying to gain access to your network. It takes more than just vigilance to keep your precious data from being accessed by criminals. You need something that can take the heat in the event of an attack. You need protective software, like a firewall. The term was coined because, just like a firewall confines a fire in a building, it can also keep threats out of your system. Sometimes, all it takes is a little protection to prevent catastrophe.
Smartphone users routinely cycle out their old device for a new one every two years or so. When it's time to upgrade, many users see an opportunity to sell their old phone for extra cash. However, a device that's improperly wiped of its data could lead to identity theft if the data is recovered by the new owner.
On Saturday, July 21st 2014, the Hackers on Planet Earth (HOPE) conference took place in New York City. It's a place where hackers discuss ways to improve the society in which we live. One of the more controversial panelists, Edward Snowden, has suggested hackers pool their efforts into creating anti-surveillance technology to decrease government espionage.
Whether you like it or not, the Internet of Things is fast-approaching. Some experts have raised concerns about the phenomenon, and they feel that the world isn't ready for it. According to the Pew Research Center, the Internet of Things might bring about the violation of our most basic human rights, and who knows what else.
When it comes to hackers, they are shrouded in darkness and treachery. They lurk in the shadows, waiting for us to make a mistake and to steal our life savings, or other equally nefarious things. But there are a few assumptions that they make concerning their prey, and they wish to hide these from us at all costs.
Two weeks ago, the National Communications Administration managed to weaken a set of malware designed to steal banking and personal credentials from unsuspecting users. They warned the world that GameOver Zeus and Cryptolocker ransomware would be back with a vengeance, and that immediate action could prevent a whole lot of pain later.