SMS

The Rise of Smishing

SMS-based Phishing Scams are Gaining Traction  Over the past few years, SMS (or text messaging) phishing scams, known as ‘smishing’ have also proved to be an effective strategy for hackers. Using texts as an attack vector may seem rudimentary but, according to the FCC, it’s proving to be disconcertingly effective among the general population.  What’s happened?  Since early 2020, fueled …

password lockouts

The Cost of Password Lockouts

One of the most common tasks IT service and help desks carry out are resetting user passwords.  Unfortunately, despite it being an easy task, it’s both tedious for IT staff and incredibly costly to a company. Passwords remain the core authentication method for many businesses, so this issue is a top priority.  Why are account lockouts and password resets so …

cybersecurity

Where Should You Go For Cybersecurity Guidelines?

It’s Cybersecurity Awareness Month – Here’s What Each Industry Should Know.  Who is responsible for protecting clients, employees, and customers on the internet?  Well, it depends.  Educational institutions, healthcare organizations, governmental divisions, and businesses across all industries are all targets for cyberattacks. More and more organizations, of different sizes and different industries, are being caught in a crossfire of cyber …

cybersecurity month

Cybersecurity Awareness Month: 3 Tips for Better Password Hygiene

October is Cybersecurity Awareness Month.  It’s an annual event run by CISA focused on education and information, and this years’ theme is “See Yourself In Cyber.”  One way that we can all see ourselves in the cyber landscape is through our use of passwords. We use them every day—to log into our accounts at work, to access our banking applications, …

Blacklist Azure AD

The Risks Azure AD Password Protection Ignores: Compromised and Blacklisted

2022 is shaping up to be an extremely successful year for cybercriminals. Data breaches are accumulating in unprecedented numbers, putting more and more information in the hands of bad actors. Cyberattacks this year have hit big players like Cash App and the Red Cross, as well as smaller companies around the world. Even small data breaches have a part to …

Password Protection

How to Solve the Password Problem

An Overhaul in Password Security Passwords aren’t going anywhere. Despite the buzz that biometrics and MFA are holistic solutions, passwords are a ubiquitous, crucial layer for authentication—and they’re low-cost and simple, too.  That’s not to say that passwords are without issues. In fact, due to ineffective password policies, and poor user habits, they are hotly desired targets. Also, when a password …

SANS Compromised Credentials

SANS Analyst Program, “Fighting Back Against Compromised Credentials”

Analyst Paper Summary “In our evaluation of Enzoic, we found that it supports all of the must-haves that typical security teams would want.” – Jake Williams, SANS  A recent first look paper written by Jake Williams for the SANS cyber security institute outlines the main issues surrounding compromised credentials and preventative measures companies can take.  In the paper and an accompanying webcast, Williams …

privileged accounts

The Exploitation of Privileged Accounts 

The flow of news about data breaches and ransomware attacks is relentless. Businesses of all sizes—large companies included—continue to suffer. Not only do cyber attacks lead to financial damage, but they have knock-on effects like reputational impact and loss of client trust.  What’s less publicized is just how often these breaches are caused by vulnerabilities in privileged accounts.  Privileged accounts …