With the May 2019 Patch Tuesday release from Microsoft, it was revealed a number of older Microsoft operating systems are vulnerable to a condition known as BlueKeep (CVE-2019-0708). BlueKeep is a Remote Code Execution (RCE) flaw in Remote Desktop Services (RDS)/Remote Desktop Protocol (RDP) allowing code to run with system level access and is potentially “wormable” making it possible for an...

According to the Verizon Data Breach Investigations Report, published in November 2018, the #1 cause of a breach continues to be vulnerable systems left exposed and unpatched. Preventing the exploitation of vulnerabilities when using an effective solution is one of the few countermeasures that can pro-actively protect your infrastructure before an attack has even started as opposed to relying on...

Underestimating the consequences of downtime can be hugely detrimental to your productivity. Accurately calculating those costs won’t just prevent disasters, but also help you effectively manage your capacity planning efforts.

Fortra security expert explains the concept of exit programs and provides examples of how they can be used to customize your IBM i administration.

There are few vulnerabilities that strike fear into the hearts of security professionals more than a SQL injection attack. Why? Because unlike most vulnerabilities that can be readily detected, while a SQL injection attacker can hide within a vulnerable application until someone accesses and exploits it.What is a SQL Injection Attack?A SQL injection attack is basically an act by an attacker of...

What is Zeus Trojan?Today, there are more people online than ever before, with almost 300 million browsing the Internet in the United States alone.And while that offers numerous advantages, there are also risks – hackers and cybercriminals are always looking for ways to access people’s personal information and steal their money using malware and trojans.One of the most malicious and dangerous...

How Do We Define “Cybersecurity” in Modern TimesCybersecurity has steadily worked its way from being an Information Technology (IT) problem to being a boardroom priority. But what is ‘Cybersecurity’ at its core? The cybersecurity definition encompasses the technologies, practices, processes and procedures intended to protect networks, endpoints, programs, applications, and data from attackers...

This article was originally published on TechTarget on April 22, 2019.In an international collaboration, U.S.-based Beyond Security and Japan-based Ubiquitous AI Corporation developed and launched BeStorm X, a vulnerability verification tool designed specifically to test IoT devices. The vendors claim the tool is an amalgamation of Beyond Security's BeStorm version 7.6.8 and UAC's IoT technologies...

Do you know what devices are connected to your network? A network diagram can help you get a better sense of what's happening on your network. Check out the infographic to learn the pros and cons of network diagrams. s Not Loading? Check out the Text Version Keeping your network up and running can seem like an uphill battle. Especially without...

Compliance and Data Security:Do They Ever Meet?In my years working with technology and security data in the information security industry, I've heard numerous people confuse the word "compliance" with "security". We've all heard the stories in the news about an organization or company that was supposedly compliant with a particular ISO or NIST program imposed on them, only to find that later on...

This article was originally published on U.S. Chamber of Commerce on April 08, 2019.If you could create your own fantasy Board of Directors, who would be on it? CO— connects you with thought leaders from across the business spectrum and asks them to help solve your biggest business challenges. In this edition, a CO— reader asks how to improve a business’s cybersecurity when expert help isn’t...

Although phishing attacks can occur against individuals, we will primarily focus on attacks against organizations in this post. We will use the term organization to represent governments, educational and healthcare institutions, and commercial businesses, but we will draw distinctions in the “bounty” sought after in each industry. So, let’s get started…What is Phishing?There are lot of “nice” or ...

A vulnerability has been identified in SoftNAS Cloud(R) data storage platform discovered by our Vulnerability Research Team (VRT). The engineers at SoftNAS are to be commended for their prompt response to the identified flaw and their team’s work with VRT to provide prompt fixes for this cyber security issue.SoftNAS has provided a patch for the vulnerability identified on the application. The...