Security News

Security News2018-05-30T15:32:31+00:00
803, 2018

Mimikatz – How it is Used to Exploit your Network

By |March 8th, 2018|Categories: Information Security News|

Bad Kitty How Mimikatz is used to exploit your network and what you can do about it. For this blog post I wanted to highlight a common attack vector that we often use in our penetration testing. My goal is to run through the process at a high level, and then cover some of the steps you can take to mitigate your risk. Specifically, this post will cover a [...]

2202, 2018

Saying Goodbye to NetBIOS

By |February 22nd, 2018|Categories: Information Security News|

NetBIOS (Network Basic Input/Output System) was created in the early 1980's, but is surprisingly still alive and well on many networks today. Microsoft Windows still uses it for its name resolution function (often by default), when DNS is not available. Network resiliency and access to resources is a good thing, but keeping NetBIOS enabled for that reason, is not. There are many security concerns with NetBIOS; and disabling its [...]

2812, 2017

5 Top Laptop Security Tips

By |December 28th, 2017|Categories: Information Security News|

Today's mobile workforce has generated the awareness and subsequent need for mobile security like never before. As data growth increases, the requirements set forth in new laws and regulations also demand that organizations demonstrate due-care in protecting sensitive customer data. Meanwhile, the ever-increasing amount of sensitive data continues to find its way onto laptops and adds additional threats to these devices. Because of these threats, organizations should follow a [...]

1210, 2016

Penetration Test and the Vulnerability Assessment

By |October 12th, 2016|Categories: Information Security News|

Penetration Test vs the Vulnerability Assessment Some say Potato, some say Patato. The term "Penetration Test" has been thrown around a lot in the Information Security industry. Some vendors and institutions use the term Penetration Test interchangeably with "Vulnerability Scan" (or Assessment), when in fact, the two define very different scopes, methodologies, and deliverables. The recently updated FFIEC Information Security Booklet discusses these types of tests and offers definitions [...]

1210, 2016

Cyber Security Baselines and Anomaly Detection

By |October 12th, 2016|Categories: Information Security News|

Baselining and anomaly detection are security concepts that have been around for quite a while, however, recently both have received renewed interest. This new attention stems from increased regulatory focus on incident response and that in today's cybersecurity world it's no longer a question of "if" but "when." Cyber-attacks have evolved to the point where they can pass through technical defenses, blend into an environment and remain undetected as [...]

709, 2016

Incident Response Plan

By |September 7th, 2016|Categories: Information Security News|

Responding to Robberies Your Incident Response Plan for Cyber Robberies Ask anyone outside of the banking industry "What do banks have in place for responding to robberies?" and you will likely get a response referring to silent alarms, surveillance video, guards, tracking systems and/or exploding dye packets. It's assumed, and obvious, that banks have robbery prevention and response plans. Now consider this: in 2010 the average bank robbery netted [...]

Load More Posts

“Very service oriented and professional.”

— RG $55M FI in Midwest

Keep your institution off the evening news. Contact us today!