Ukraine Invasion Cyberattack Preparation

Russia has engaged in an invasion in Ukraine and has issued a warning to all outside parties that all interference would be retaliated against. Cyber attacks against targets in Ukraine are nothing new, though there has been an increase lately. Although it is important to avoid prematurely attributing attacks to Russia, there is a history of Russia attacking foreign companies and nation-states. It is strongly advisable for us to prepare...

Read More

More Orgs Suffered Successful Phishing Attacks in 2021 Than in 2020

Enterprise organizations appear to be falling even further behind in their battle against phishing threats despite heightened awareness of the problem and efforts to curb it. A new study shows that in 2021 more organizations experienced at least one successful email-based phishing attack than the year before. There were also more opportunistic and targeted phishing attacks last year compared with 2020, as well as phishing attacks involving ransomware and business email compromise...

Read More

SecurePATCHING Managed Service by Secure Sense

Unpatched systems are the most common technological factor in breaches and loss of productivity. Unfortunately, solutions to patch related risks are often themselves costly in terms of identifying and purchasing quality products, staffing and expertise. Almost two-thirds of breach victims report being breached due to unpatched, known vulnerabilities and many of these victims were unaware that their organizations were vulnerable in the first place. Over half of the impacted organizations rely...

Read More

Asset Discovery and Inventory: 10 Ways Tanium Makes it Fast, Complete and Accurate

By Tanium Staff Asset discovery and inventory — or the process of maintaining a complete, accurate and up-to-date inventory of your IT assets — is more challenging than ever before. Even with proper asset discovery tools, you are managing an environment with an enormous volume of globally distributed assets with complex dependencies — each of which can either fail and lead to performance loss, or be compromised and result in an enterprise-wide security...

Read More

Predictions for 2022: Tomorrow’s Threats Will Target the Expanding Attack Surface

By Derek Manky at Fortinet According to FortiGuard Labs, 2022 is shaping up to be a banner year for cybercriminals, with ransomware on the rise and an unprecedented number of attackers lining up to find a victim. Attacks will continue to span the entire attack surface, leaving IT teams scrambling to cover every possible avenue of attack. This will be incredibly challenging because the attack surface will simultaneously be expanding as organizations transition to...

Read More

Log4j: What is it and how can you identify it?

written by: Matthew Watkinson, CIO, Secure Sense Log4j CVE-2021-44228 Public Disclosure On Thursday December 9th, 2021, a Remote Code Execution (RCE) vulnerability was disclosed [CVE-2021-44228] affecting the Log4j library in versions between 2.0 and 2.14.1.  Log4j is a heavily utilized logging class used in the Java programming language. Because of the widespread use of the log4j library in various java applications, this vulnerability has had a significant impact in modern infrastructure and...

Read More

Shopping Safely Online over the Holidays

The holiday season is upon us, which means wallets are burning holes in pockets around the world faster than a Yule log. While you’re compiling wish lists and shopping lists, this is also the time of year many cybercriminals roll out their best-dressed scams, dampening the holiday spirit for people around the world. Here are some key tips for protecting yourself not only during the holidays, but throughout the whole year: Fake...

Read More

Security Technology: SD-WAN

Welcome to the last week of Cyber Security Awareness month! So far, we’ve really focused on being cyber aware in regards to current types of threats (phishing and ransomware for example) and the importance of training staff and being prepared for anything. Being “technology aware” is vitally important for today’s organizations as the threat landscape (and threat surfaces) evolve rapidly. Most organizations recognize a daunting number of best practices and security requirements,...

Read More

Ransomware Awareness & Response

Welcome back to Cyber Security Awareness Month with Secure Sense! Last week we discussed human error in cyber security and the importance of training your employees to avoid being a victim of a phishing scheme or social engineering attack. This week, we are reviewing ransomware – an attack that is often times a result of credentials stolen via phishing campaigns, or from malicious email links themselves. Ransomware attacks have hit...

Read More

Security Awareness Training

Welcome back to cyber security awareness month with Secure Sense! Due to the current climate, many organizations have transformed their business to run mainly online, and may even have moved their employees to work completely remote. It’s extremely important to regularly keep up on cyber security training for staff as the risk of cyber attacks continue to rise. Cyber Security Awareness month makes for a great time to review your cyber...

Read More