Contact Us

Newsletter Sign-Up

3 min read

More Sneaky Covid-19 Attacks...

By Carl Keyser on Sep 18, 2020 12:50:25 PM

The Covid-19 Pandemic has raised some interesting challenges.  People around the world have had to make do when it comes to rapid change. That doesn't just stand for the honest, but cyberattackers too are adapting to our new reality.

4 min read

Review: The Life and Times of Cybersecurity Professionals 2020

By Carl Keyser on Sep 15, 2020 8:00:00 AM

2020...what year...and it's not even over yet! There's still plenty of time for awful stuff to happen to us all! I, for one, am rooting for a giant asteroid to hit us right around election time, but to be honest, I'll take what I can get...

Topics: Review ESG
1 min read

Let's talk Cybersecurity!

By Carl Keyser on Sep 8, 2020 7:47:13 AM

Interested in better understanding the threat landscape? Want to know how you can better protect yourself? If you do, you're in luck!

2 min read

Vishing Attacks on the Rise

By Carl Keyser on Sep 3, 2020 8:00:00 AM

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a statement regarding an uptick in Vishing Attacks since the Covid-19 pandemic began.

8 min read

The 7 Steps of a Successful Risk Assessment

By Carl Keyser on Aug 27, 2020 10:05:00 AM

There’s been a lot of talk about standards and compliance (ISO 27001 and GDPR to name a few). We’ve been talking about these standards quite a bit lately (here and here). What we haven’t done a lot of is talk about what people need to do to prepare for these standards while assuring you’re compliant with the obligations you already have.

9 min read

ISO 27001: The Compliance Chameleon

By Carl Keyser on Aug 24, 2020 8:00:00 AM

Executive Summary: ISO 27001 is the only internationally-accepted and recognized information security standard in existence. It can be implemented in any organization (regardless of size), and any vertical. 

5 min read

How can ISO 27001 Help Your Business?

By Carl Keyser on Aug 20, 2020 8:00:00 AM

Drafted by the International Organization for Standardization, ISO 27001 is designed specifically to help build an information security management system (ISMS).

3 min read

Patch Tuesday Special Edition: SIGRed

By Carl Keyser on Jul 21, 2020 8:00:00 AM

(This article's a bit late as I was on vacation last week, so if you've already patched your Windows Server with the bug fixes released on July 14th to protect it against CVE-2020-1350, great. If not, get crackin'!)

4 min read

Ragnar Locker: What to Look Out For

By Carl Keyser on Jul 1, 2020 2:03:25 PM

It would seem the people who create and name malware/ransomware/etc. have the same affinity for pop culture references that I do. I predict that one day I'll wake up to the news that a particularly dangerous piece of software called "The Parrot Sketch" is tearing up enterprises left and right the world over.

6 min read

What is Phishing?

By Carl Keyser on Jun 30, 2020 8:00:00 AM

 

You’re being attacked. I know. Shocking. You might not believe it but it’s true. I’m getting attacked. You’re getting attacked. We’re all getting attacked.

11 min read

Meet Valak: The Marquis of Malware

By Carl Keyser on Jun 23, 2020 8:00:00 AM

 
I'm not sure if you're a horror fan, or if you like spooky stuff. Hey, maybe you are, if you're reading this you work in cybersecurity and there's plenty of stuff in this industry that can scare the pants off you on a daily basis.

7 min read

RIP: My Cousin Alan Has Died - How to Spot a Social Engineering Attack

By Carl Keyser on Jun 1, 2020 12:00:00 PM

My cousin, Alan, has died.

He has ceased to be, bereft of life, he rests in peace, he has kicked the bucket, hopped the twig, bit the dust, snuffed it, breathed his last, and gone to meet the High Mucky-Muck in the sky. And you know what I have to say about that? Good riddance to him, the freeloading bastard! I hope he fries!

1 min read

$500 to the Charity of Your Choice...

By Carl Keyser on May 18, 2020 4:34:23 PM

We've got a webinar coming up. I know, you've probably been inundated with requests to join webinars since this whole COVID-19 Pandemic started.

4 min read

The State of Cybersecurity: Pandemic Edition

By Carl Keyser on May 11, 2020 2:33:10 PM

About a week ago I got a call from a phone number I didn't recognize. It was a Massachusetts number from out around Springfield. I've got family out that way, I figured "Carl, you better answer that."

5 min read

Covid-19: An Update on Public Schools

By Carl Keyser on Apr 30, 2020 12:06:20 PM

 
If you've been following along with the blog, you're probably aware of the work we've been doing with HB 1612/RSA 189:66. It's a bit of privacy legislation developed to help schools (public and private) protect their students' Personal Identifiable Information (PII) data.
6 min read

An Ode to VPNs: Why Traditional Solutions Stink & Three Replacements

By Carl Keyser on Apr 15, 2020 8:30:00 AM

If you've ever had to connect remotely over Virtual Private Network (VPN) for work, you're missing out. Dante's Inferno would have included VPNs, had they been around in the 14th Century.

3 min read

Why Multi-Factor Authentication is Way Better Than Passwords

By Carl Keyser on Apr 13, 2020 10:00:00 AM

Multi-Factor Authentication

Time hasn’t been kind to the password. It’s continuously put down as one of the least secure methods of protecting systems. It’s not due to any fault of the password, though. People just have a hard time remembering long and complex passwords. And considering what's going on in the world with Covid-19 and how scrambled everyone is (for instance, I often forget what day it is now), a complex password might be the least of your concerns.

To help with that, we recommend Multi-Factor Authentication.

2 min read

Hey Zoom Users! Here are 7 Ways to Avoid a Zoombombing!

By Carl Keyser on Apr 6, 2020 4:53:08 PM

 A new, and disgusting trend has reared its ugly head: Zoombombing. Zoombombing is when an online troll enters a Zoom video conferencing meeting with the intent to disrupt, disgust, and damage the occupants and derail the meeting's purpose or mission.

235 min read

The State of K-12 Cybersecurity: 2019 Year in Review...

By Carl Keyser on Apr 2, 2020 8:00:00 AM

The world's upside down right now, and people are really at their wits end. It's hard to find any normalcy in our day to day lives. Especially if you're working from home AND you have your kids there with you.

1 min read

Scammers Leveraging Covid-19 Confusion to Take Advantage of People

By Carl Keyser on Mar 26, 2020 1:08:22 PM

Scammers are legitimately trying to take advantage of people online during the Covid-19 crisis.

7 min read

7 Ways to Work from Home Productively

By Carl Keyser on Mar 25, 2020 9:45:49 AM

I assume many of you reading this are like me. You're working from home in the shadow of an international pandemic. 43 million Americans, coast to coast, are in the same boat as us. They're having just as hard a time dealing with the crisis as you or I.

2 min read

Covid-19: Security7 Networks Update

By Carl Keyser on Mar 16, 2020 2:30:00 PM

Security7/Covid-19 Related News:

We wanted to take a minute and let you know how Security7 Networks plans to operate in regards to the Covid-19 pandemic:

9 min read

Covid-19: How to Stay Healthy

By Carl Keyser on Mar 16, 2020 10:30:42 AM

This isn't the type of article I ever thought I'd be posting here on the Security7 Networks blog. We talk about computer viruses, the digital kind, not actual real-world pathogens. So, writing about Covid-19 and its impact on everyone is relatively novel to me.

2 min read

CVE-2020-0688: Patch Your Exchange Server(s)

By Carl Keyser on Mar 5, 2020 1:53:22 PM

Just when you thought Coronavirus was all you had to worry about, there's a new Microsoft Exchange Server exploit!

2 min read

Facial Recognition Company Clearview AI was Hacked

By Carl Keyser on Feb 27, 2020 2:08:02 PM

Facial recognition technology is pretty groovy stuff. It allows the software to scan a face (via things like a picture or video) and compare that face to a collection of faces in a database. It can be used in a variety of applications (think goofy Snapchat filters) but notably biometric security (think unlocking your phone).

2 min read

Oo De Lally! RobinHood Ransomware Returns...

By Carl Keyser on Feb 11, 2020 10:31:20 AM

This version of RobinHood doesn't steal from the rich and give to the poor. He just ruins your day. If you don't believe me just ask the City of Baltimore who was legitimately ROCKED last year by it infected their systems and cost the Crab Cake Capital of the World (honestly they call themselves that) $18.2 million.

1 min read

1 in 10 Macs infected by Shlayer Trojan...

By Carl Keyser on Jan 24, 2020 2:13:27 PM

While I would never personally recommend a Kaspersky product to save my life, you know, because they're believed to spy on people for the Kremlin (which you can read about here: The Kremlin and Putin are using Kaspersky Labs to spy on you!), there's a new report from them that might have some merit:

6 min read

URGENT: Microsoft Announces Critical Vulnerabilities in Windows Operating System

By Carl Keyser on Jan 14, 2020 3:43:27 PM

The Department of Homeland Security and Microsoft have made an announcement regarding some very serious CVEs that severely compromise the Windows Operating System.

5 min read

Should You Be Worried About Iran?

By Carl Keyser on Jan 14, 2020 12:41:03 PM

As tensions rise in the Middle East, it's increasingly likely some American businesses/agencies will be faced with cybersecurity attacks from the Islamic Republic of Iran.

6 min read

What is a Managed Cybersecurity Services Provider?

By Carl Keyser on Jan 9, 2020 12:46:36 PM

We talk a lot about being a Managed Cybersecurity Services Provider and I thought it'd be a good idea to dive into exactly what a Managed Cybersecurity Services Provider is.

6 min read

What is a Social Engineering Attack?

By Carl Keyser on Jan 7, 2020 4:06:10 PM

I wanted to take a moment to dive into something called “Social Engineering."

Parts of what I bring up is going to sound a bit familiar. There’s going to be a bit of overlap regarding things I've featured in this blog previously.

6 min read

Don't Let People Clown Around on Your Systems

By Carl Keyser on Nov 19, 2019 2:00:00 PM

4 min read

Beware the Dark Web: 7 Ways to Avoid Leaked Credentials...

By Carl Keyser on Nov 14, 2019 3:03:21 PM

My email address was leaked on the dark web. I know, I know. I'm not thrilled about it. See, we run scans looking for leaked credentials on the dark web every day and yesterday, well, my email turned up.

1 min read

Upcoming Webinar: November 21st, 12 p.m. - Idaptive

By Carl Keyser on Nov 11, 2019 10:23:38 AM

Security7 Networks will be joined by Brian Krause from Idaptive on November 21st to at 12 p.m. to give you a top down look at the world of Identity and Access Management and how it could benefit your business.

Topics: Webinar
4 min read

UPDATED: Why SMBs and SMEs Should Consider Hiring an MSSP

By Carl Keyser on Nov 8, 2019 11:02:34 AM

This article was originally published on September 18th, 2018. It has been updated and expanded on.

For years a company's cybersecurity needs were left up to their IT Department. IT was responsible for every decision, every purchase. The C-Suite and its occupants had bigger fish to fry and what little attention InfoSec received, typically dried up before anyone dug in deep at that executive level.

1 min read

Watch out for E-Skimming Schemes this Holiday Season

By Carl Keyser on Oct 24, 2019 1:19:46 PM

1 min read

It's National Cybersecurity Awarenes Month: Week 4

By Carl Keyser on Oct 23, 2019 12:00:00 PM

Looking for links? Follow us on LinkedIn and Twitter!

1 min read

It's National Cybersecurity Awareness Month: Week 3

By Carl Keyser on Oct 22, 2019 10:57:45 AM

Looking for links? Follow us on LinkedIn and Twitter!

1 min read

Is the Standard Cybersecurity Model Fundamentally Broken?

By Carl Keyser on Oct 17, 2019 11:39:43 AM

Tony Bradley over at Forbes.com seems to think so... and if I'm being perfectly honest, he might be right.

Topics: Cybersecurity
1 min read

Majority of American's Can't Tell the Difference Between HTTPS and 2FA

By Carl Keyser on Oct 10, 2019 12:25:21 PM

3 min read

Don't Hide. Talk Successfully to Your Employees About Cybersecurity Issues

By Carl Keyser on Oct 9, 2019 2:59:33 PM

The biggest threat (at least in my opinion) to an enterprise's cybersecurity health is the people that work there. That's not a knock on anybody, it's just an unfortunate truth. People often have a lot to worry about and unfortunately, cybersecurity often falls to the wayside.

2 min read

It's National Cybersecurity Awareness Month: Week 2

By Carl Keyser on Oct 9, 2019 8:00:00 AM

3 min read

7 Sneaky Cybersecurity Threats

By Carl Keyser on Oct 8, 2019 3:26:35 PM

Not every cyber-attack is a large scale data breach or ransomware attack. Even the average computer user is liable to encounter some sort of cyber-kerfluffle during their lifetime.

Topics: Cyberattack
5 min read

FDA Reminds Hospitals to Update Equipment

By Carl Keyser on Oct 7, 2019 10:14:48 AM

Topics: HIPAA Medical
2 min read

It's National Cybersecurity Awareness Month: Week 1

By Carl Keyser on Oct 2, 2019 1:12:57 PM

Looking for links? Follow us on LinkedIn and Twitter!

4 min read

Ransomware Statistics in 2019 So Far...

By Carl Keyser on Sep 25, 2019 3:30:12 PM

I've written about Ransomware attacks extremely often this year. I feel like a fear-monger or one of those sidewalk preachers who loudly claim the end is near as you stroll past them.

2 min read

IBM's Local Government Ransomware Study: Key Takeaways

By Carl Keyser on Sep 19, 2019 4:12:21 PM

3 min read

Introducing Lord EK & Why Exploit Kits are Bad News

By Carl Keyser on Sep 17, 2019 3:55:27 PM

There's a new kid on the block. Its name is Lord EK and it could potentially (along with all the other Exploit Kits out there) cause people grief if left unchecked.

3 min read

The DealerLeads Breach: What You Need to Know...

By Carl Keyser on Sep 16, 2019 2:44:18 PM

198 million people who were looking for a new car just had their PII data stolen by hackers. The breached database belonged to DealerLeads, an online company that focuses on helping people find their next car.

2 min read

BlueKeep Exploit Publicly Released by Rapid7. Better Start Patching...

By Carl Keyser on Sep 9, 2019 10:10:44 AM

 

2 min read

Facebook Security Lapse Exposes Millions of Phone Numbers...

By Carl Keyser on Sep 5, 2019 7:16:45 PM

We've said it before and we'll say it again: you really shouldn't be using Facebook. You can read what we've had to say in the past here (as well as what other people have had to say about it: Facebook Security Breach Exposes 50 Million Accounts,How Cambridge Analytica Leveraged Facebook and Exploited 87 Million Users' Data,Feds Launch Investigation Regarding Facebook's Data Deals)

2 min read

Hackers Have Been Spying on iPhones for Years

By Carl Keyser on Sep 4, 2019 2:12:11 PM

 

1 min read

Ransomware Rocks Dentist Offices Around the Country

By Carl Keyser on Aug 30, 2019 12:13:08 PM

Topics: Ransomware
1 min read

Imperva Breached: What You Need to Know

By Carl Keyser on Aug 29, 2019 1:42:42 PM

One of the world's leading providers of Internet firewall services, has been breached. Imperva announced yesterday that a 2017 database, made up of customers who use their Incapsula WAF product, was compromised.

2 min read

Edge Computing: Why Computing on the Edge Makes Sense for the Healthcare Industry

By Carl Keyser on Aug 26, 2019 2:13:15 PM

If you're new to our series regarding Edge Computing I suggest you check out this article first - Edge Computing: Why Rising Above the Cloud Might be a Better Option for Your Business

1 min read

It's Groundhog Day, Again: 22 Texas Towns Hit With Ransomware

By Carl Keyser on Aug 21, 2019 3:44:54 PM

Towns across the country are getting whammied by Malware on a regular basis. It's honestly like the movie Groundhog Day. The same story, over and over again.

1 min read

Hiding in Plain Site: 20 Year Old Windows Exploit Patched...

By Carl Keyser on Aug 20, 2019 9:32:33 AM

In the words of the immortal Charlie Brown; good grief.

Topics: Microsoft
1 min read

Watch out for Password Spraying Attacks...

By Carl Keyser on Aug 13, 2019 2:52:45 PM

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to Network Administrators regarding an increase in Password Spraying attacks.

6 min read

7 Steps a Municipality Can Take to Avoid Cyber Attacks

By Carl Keyser on Aug 13, 2019 10:17:50 AM

You've heard the story before; a small town, held hostage by a strange, foreign, invading force. It's only hope lies in a rag tag band of...information security workers? If you thought I was going to say Patrick Swayze, Charlie Sheen, Jennifer Gray and C. Thomas Howell you are sadly mistaken.

1 min read

Cloudflare Bounces 8Chan in Wake of Mass Shootings

By Carl Keyser on Aug 5, 2019 10:26:18 AM

Cloudflare is a favorite of ours. We like their style. Cloudflare is very transparent with their decision making processes and we appreciate that too. That kind of transparency also means Cloudflare doesn't shy away from controversial subjects and the decisions they make regarding those subjects.

Topics: Cloudflare 8Chan
3 min read

Samuel L. Jackson Says 'Hold on to Your Butts': Hacker Compromises 100 Million Capital One Customer Records

By Carl Keyser on Jul 31, 2019 1:27:48 PM

Samuel L. Jackson has worn many hats. He's been the IT Director at a Dinosaur Theme Park, a Jedi Knight, a P.I. (the baddest P.I. since Richard Roundtree), a mob hitman, a fighter-of-snakes-on-planes, a one-eyed international super-spy, and most recently a credit card pitch man for Capital One Bank.

2 min read

Working BlueKeep Exploit Announced - Are You Patched?

By Carl Keyser on Jul 29, 2019 10:01:33 AM

Immunity, a cybersecurity contracting company based out of Miami, Florida has announced a working exploit for the dreaded BlueKeep vulnerability. But you don't have to panic.

5 min read

Is FaceApp Really a Security Threat?

By Carl Keyser on Jul 25, 2019 7:00:00 AM

FaceApp! It's the newest thing! It's all the rage! You can make your parents young! You can make your children old! It doesn't work on dogs yet but hey, there's a possibility one day it will!

1 min read

NSO Group's Pegasus Software Snoops on iOS Without Being Noticed

By Carl Keyser on Jul 23, 2019 5:10:35 PM

This is some spooky stuff.

The Financial Times is reporting that Israeli firm NSO Group has developed software that can not only collect data from an iPhone user's physical device abut also collect all communication between it and the cloud. There's even a version that works on Android devices.

4 min read

The NEW Cylance Vulnerability: What You Need to Know

By Carl Keyser on Jul 23, 2019 10:02:43 AM

Skylight Cyber recently announced they'd found a pretty major vulnerability in CylancePROTECT that allows for Malware to trick the program's software ranking system. This vulnerability effectively allows the malware to work around any level of protection Cylance might provide, all because of a few added lines of code.

K12 Inc. Breached - Were Your Students Affected?

By Carl Keyser on Jul 22, 2019 8:16:10 AM

If your school uses the A+nyWhere Learning System from K12 Inc, there's a good chance your student's PII data was exposed between June 23 and July 1.

2 min read

BeiTaAd - New Malicious Adware Discovered on Android

By Carl Keyser on Jul 18, 2019 3:04:15 PM

The Android ecosystem is a scary, scary place. Where Apple's iOS App Store is a walled, curated and highly regulated walled garden, Google's Play Store is almost the exact opposite. It's a wild, overgrown place where and there's little to no oversight when it comes to what gets uploaded and distributed.

1 min read

British Airways Fined £183 Million in GDPR Breach...

By Carl Keyser on Jul 9, 2019 4:04:02 PM

Last year British Airlines got hacked. 380,000 customers had their data exposed. The criminal group Magecart claimed responsibility. That's old news (but you can read about it here).

4 min read

Edge Computing: The Brains Retail Needs to Survive in the IoT Era...

By Carl Keyser on Jul 9, 2019 11:19:30 AM

The world of physical retail has changed a lot. The entire shopping experience has changed, top to bottom. The only way retailers have managed to survive is by changing with the times. One of the things retailers have NOT been changing is the way they compute at their physical location.

4 min read

If You're Going to Use Public Wi-Fi Please Make Smart Choices...

By Carl Keyser on Jun 27, 2019 2:44:43 PM

We live in an very, very connected world. We're about two shakes away from getting signals beamed directly into our brains. But, since that terrible fate hasn't caught up to us yet, we've got to make do with what we have.

4 min read

Edge Computing: Why Rising Above the Cloud Might be a Better Option for Your Business

By Carl Keyser on Jun 18, 2019 1:24:10 PM

We've long held the opinion that many companies are moving solely to the cloud because it's en-vogue, not because it's necessarily cost-effective or adequately meets their needs.

1 min read

Webinar: FortiNAC with Scott Dunbar

By Carl Keyser on Jun 6, 2019 2:44:48 PM

1 min read

Upcoming Webinar: FortiNAC with Scott Dunbar

By Carl Keyser on Jun 4, 2019 9:40:40 AM

We just wanted to let everybody know about a webinar we're hosting with our sister site e-Armor.net. We'll be talking with Scott Dunbar from  Fortinet about FortiNAC. It's scheduled for June 6th at 11 a.m.

Topics: FortiNAC
1 min read

Webinar: Ruckus General Awareness Overview with Rob Montgomery

By Carl Keyser on May 31, 2019 2:27:49 PM

1 min read

Finally! Sweet, Sweet Justice: Equifax is Getting Kicked Right in the Money Bags

By Carl Keyser on May 23, 2019 4:24:41 PM

At last, sweet, sweet justice.

Cybersecurity Trends & Defending Your Business

By Carl Keyser on May 22, 2019 4:11:09 PM

 

4 min read

Zero-Trust Architecture: What is it and why should you care?

By Carl Keyser on May 20, 2019 2:16:28 PM

(Not an actual emotional support hamster...)
 
If you're like most people, the thought of your sensitive business data being stolen by some creep (that probably spends their entire day in pajama pants covered in Cheeto crumbs) is both infuriating and panic-inducing.
 
6 min read

Kentucky School District Recovers $3.7 Million Stolen During Phishing Scam*

By Carl Keyser on May 7, 2019 11:19:35 AM

Some good news for a change. A Kentucky School who lost $3.7 million in a Phishing attack was able to get it back.

1 min read

City of Tallahassee Payroll Hacked - Thieves Steal $498,000

By Carl Keyser on Apr 29, 2019 3:20:24 PM

It's a tale as old as time. A municipality falls victim to a Hacker and loses a huge chunk of change. This time it's the City of Tallahassee, Florida. The city wasn't hacked directly but their third-party pay roll service was.

3 min read

Credential Stuffing Scheme Hits Chipolte Web Users Right Where it Hurts...

By Carl Keyser on Apr 25, 2019 11:41:51 AM

Right in their wallets! What'd you think I was going to say? Sheesh.

1 min read

Careful What You Say Alexa...Amazon May be Listening...

By Carl Keyser on Apr 12, 2019 11:32:08 AM

Yep...you heard that right.

4 min read

Backstory from Chronicle: What You Need to Know

By Carl Keyser on Apr 9, 2019 3:58:38 PM

Back on March 6th, I wrote a blog article introducing our readers to Backstory, a new security offering from Chronicle.

I promised when more information was available we'd update you accordingly. And that time, dear reader, is now.

First off, I recommend you watch Backstory's introductory webinar. I've embedded it below. It's about an hour long, and it's very informative. They do a better job explaining their product than I'll ever be able to:

On Demand Backstory Launch Webinar
1 min read

April Fools! City of Albany NY Attacked by Ransomware

By Carl Keyser on Apr 5, 2019 12:17:48 PM

Talk about an April Fools Day joke for the City of Albany, NY!

3 min read

Norsk Hydro LockerGoga Update

By Carl Keyser on Mar 29, 2019 8:00:00 AM

I wrote a bit last week about Norsk Hydro's encounter with LockerGoga, a newish form of Ransomware.

DarkReading.com has posted an insightful look at LockerGoga that I found to be rather interesting. The article makes six key revelations regarding the strain of ransomware. I thought I'd offer my own take on them here.

2 min read

Facebook Stored User Account Passwords in Plain Text File FOR YEARS

By Carl Keyser on Mar 28, 2019 11:58:51 AM

I'm going to be blunt: if you're still using Facebook you should probably have your head examined. They're absolutely reckless when it comes to their end user's security.

4 min read

Hackers: Black Hats, Gray Hats, White Hats, Oh My!

By Carl Keyser on Mar 22, 2019 4:10:02 PM

(This image has almost NOTHING to do with the blog post)

It's funny sometimes how we categorize things. As a species that is. It's a quirk of ours. We're the only animals on the planet that does it.

1 min read

Norsk Hyrdo Hit by LockerGoga Ransomware

By Carl Keyser on Mar 20, 2019 4:53:11 PM

Norsk Hydro, one of the world's largest aluminum producers in the world and an electricity utility in Norway, has been hit by ransomware.

2 min read

Jackson County, GA Pays Cybercriminals $400,000 to Unlock Computers After Ransomware Attack.

By Carl Keyser on Mar 13, 2019 2:56:11 PM

Another municipality in the State of Georgia has become the victim of a crippling cyber attack.

Scammers are Using Cheap Domains to Commit Nefarious Deeds...

By Carl Keyser on Mar 12, 2019 3:11:24 PM

Our partners at Zscaler have posted a blog regarding Scammers and a strategy they've been leveraging lately that involves domain squatting and bulk domain registrations to launch their nefarious schemes.

Topics: Zscaler
1 min read

FYI: The Astaroth Trojan Part II

By Carl Keyser on Mar 11, 2019 10:36:09 AM

Cybereason has released an update regarding the recent re-emergence of the Astaroth Trojan. You can read it here

1 min read

MITRE Evaluates Cybereason Defense Platform

By Carl Keyser on Mar 8, 2019 2:39:26 PM

Our friends over at Cybereason have posted a great overview of the recent MITRE evaluation of their defense platform.

1 min read

Alphabet-Owned Chronicle Security Launches Backstory Cloud SIEM

By Carl Keyser on Mar 6, 2019 8:00:00 AM

Chronicle Security, a cybersecurity outfit, owned by Google's parent company Alphabet, has launched Backstory, a cloud based SIEM (or, as they call it in their marketing one-sheet, a  global security telemetry platform) that's specifically designed for investigation and threat hunting within an enterprise network.

1 min read

MacOS Exploit Targets Saved Keychain Passwords

By Carl Keyser on Mar 5, 2019 10:00:00 AM

A recently discovered MacOS exploit allows someone to steal usernames and passwords directly from the Keychain app with out requiring an Administrator account.

1 min read

Test Drive Cloud Passage Halo

By Admin on Mar 4, 2019 9:42:53 AM



CloudPassage is now allowing users to test drive Halo, their security automation platform via their website: https://blog.cloudpassage.com/2019/02/12/test-drive-cloudpassage-halo/.

1 min read

FYI: The Astaroth Trojan

By Carl Keyser on Feb 22, 2019 8:00:00 AM

You might of heard recently that the Astaroth Trojan is making a comeback. We break down what it is, why it's making a comeback and more...

3 min read

Why Small to Medium Sized Businesses & Enterprises Need to Consider Hiring an MSSP

By Carl Keyser on Feb 21, 2019 1:05:00 PM

For years a company's cybersecurity needs were left up to their IT Department. IT was responsible for every decision, every purchase. The C-Suite and its occupants had bigger fish to fry and what little attention InfoSec received, typically dried up before anyone dug in deep at that executive level.

2 min read

What is Host Identity Protocol (HIP)?

By Carl Keyser on Feb 8, 2019 10:38:17 AM

The other day a few of my colleagues and I went to a local Sysadmins and Networking meetup hosted by SEA-TUG.

The topic of the night was Host Identity Protocol (HIP), and Michael Falkenrath of Tempered Networks presented it. While we don’t currently offer any of Tempered’s solutions in our MSSP offerings, the topic of HIP caught my attention, and I figured it might be a good idea to get more familiar with it in general.

3 min read

Introducing Security Advisory Services.

By Carl Keyser on Jan 15, 2019 3:08:18 PM

What are Security Advisory Services?

Security7 Network's Security Advisory Services (SAS) provides small to medium-sized businesses and enterprises with access to in-demand information security services and capabilities which may not be organic to your organization due to cost or lack of available talent.

3 min read

Introducing Darrin Maggy, our NEW Practice Manager

By Carl Keyser on Jan 7, 2019 8:00:00 AM

The security threat landscape keeps changing and Security7 Networks changes right along with it. Every day brings unique challenges and threats to our door, and we rise to meet both with the best solutions and strategies available.

4 min read

New Hampshire: It's Time to Talk about HB 1612

By Carl Keyser on Jan 4, 2019 12:11:17 PM

If people working in the education space thought they were immune to the risk of cyberattack, think again: Educators across the country were welcomed back to school this fall by an FBI warning to tread carefully into the risky waters of education technology.

1 min read

New USB-C Authentication Program Seems Promising

By Carl Keyser on Jan 3, 2019 8:00:00 AM

If you're a Mac user, like most of us at the Security7 office are, you're already using USB-C in some form. It was a tough switch. There were...dongles. Lots and lots of dongles.

2 min read

Sometimes Life Can be a Real Beach: Hackers Steal $800,000 from Cape Cod Community College

By Carl Keyser on Dec 10, 2018 8:52:19 AM

I guess it's not all fun in the sun down on the Cape. Hackers just stole $800,000 from Cape Cod Community College via a phishing attack and some nasty malware.

Watch our SD-WAN Webinar!

By Carl Keyser on Dec 6, 2018 2:44:07 PM

Today we hosted (via e-Armor.net) a webinar with Fortinet! It was about their secure SD-WAN offering and it turned out really, really well. We thought we'd share it with you.

Cybercrime Trends for the Financial Industry

By Admin on Nov 30, 2018 8:00:00 AM

Great article from Global Banking and Finance Review detailing the latest cybercrime trends for the Financial industry.

Topics: Fortinet
2 min read

Was Amazon.com breached? Yes, but not by hackers...

By Carl Keyser on Nov 29, 2018 8:00:00 AM

There's a rumor going around that some Amazon customers have been getting emails from the retail giant saying some of their information (the email account they created their account with) had been leaked due to a "technical error."

1 min read

Russian Hackers at it Again: Post Election Edition

By Admin on Nov 26, 2018 3:42:17 PM

Looks like the Russians are up to something...again. This time it looks like they've launched a phishing campaign against the U.S. State Department.

5 Ransomware Trends Every Business Should Know

By Admin on Nov 19, 2018 10:01:17 AM

Head over to MSSPAlert.com and check out their latest article regarding ransomware and the five trends you should watch out for when trying to protect yourself from the nasty stuff.

Blackberry is Buying Cylance

By Admin on Nov 16, 2018 11:44:21 AM

We heard rumblings about it last week and today it's official: BlackBerry is buying Cylance for $1.4 Billion.

Cylance Pro Tip: How to Avoid a SAM SAM Ransomware Attack

By Admin on Nov 12, 2018 10:38:51 AM

Cylance has a great article regarding how you can avoid a SAM SAM Ransomware attack. It's definitely worth a read. Check it out over at their blog: https://threatvector.cylance.com/en_us/home/pro-tips-on-how-to-avoid-a-samsam-ransomware-infection.html

Cybereason: How to Mature as a CISO

By Admin on Nov 8, 2018 1:00:09 PM

 

We've been on a kick lately where we've been stressing how important it is to discuss cybersecurity in the C-suite. Our friends at Cybereason have offered up a blog that's somewhat related to the theme.

2 min read

ARRIS (Ruckus) to be Acquired by CommScope

By Carl Keyser on Nov 8, 2018 10:55:15 AM

We're really fond of the great people over at Ruckus. We do a lot of business with them and we think they really offer a great product.

3 min read

How a Cybersecurity Risk Scorecard Can Help your Business Stay Safe

By Carl Keyser on Oct 25, 2018 8:00:00 AM

There's a litany of things a business owner has to be concerned with. There's so much to deal with on a daily basis that certain things can get overlooked.

What is Betabot? Cybereason explains...

By Admin on Oct 24, 2018 2:48:37 PM

The great researchers over at Cybereason have compiled a great repository of information regarding Betabot, a relatively new malware designed to steal information from its targets.

Topics: Cybereason

Quick Tips: How to Avoid Being Taken Advantage of Online

By Admin on Oct 23, 2018 2:33:48 PM

Our friends at Fortinet have posted a great article on CSO Online that details a few quick steps you can take to avoid being taken advantage of online. Definitely worth a read:

1 min read

Protego Launches FREE SaaS Solution

By Carl Keyser on Oct 12, 2018 11:03:51 AM

 

Our pals at Protego Labs have launched a FREE version of their Serverless SaaS solution and we highly recommend you check it out. We've talked a bit before about Serverless Security and why we think it's important. 

1 min read

How Artificial Intelligence can be Leveraged for Good and Bad

By Carl Keyser on Oct 10, 2018 2:15:24 PM

A great article from ThreatPost.com that talks about how Artificial Intelligence can be leveraged for both good and bad in regards to cybersecurity.

1 min read

Centrify to Spin Off IDaaS Business - Creates Idaptive

By Carl Keyser on Oct 9, 2018 11:06:50 AM

Big news in the Identity-as-a-Service (IDaaS) world. Centrify has decided to spin off their IDaaS service as a brand new company called Idaptive. Idaptive will be lead by Danny Kibel, Centrify's current VP of Engineering and Operations.

Topics: Centrify
1 min read

Cyber Hygiene Best Practices

By Carl Keyser on Oct 9, 2018 10:20:56 AM

A great article from the fine folk over at Fortinet (via CSOonline.com) regarding cyber hygiene best practices.

Election Hacking is About More than Just Voting Booths

By Carl Keyser on Oct 8, 2018 1:14:56 PM

Our great friends over at Cybereason have written an excellent article on the multiple ways an election for public office can be hacked. The article focuses on a recent exercise Cybereason organized in partnership with multiple police departments in Massachusetts.

Topics: Cybereason
3 min read

Why the Cybersecurity Discussion Needs to Happen in the Boardroom

By Carl Keyser on Oct 4, 2018 1:01:39 PM

 

It is becoming more and more critical for a business to have a good, strong cybersecurity strategy. With the number of cyber attacks and security breaches on the rise, it has become evident that no one is immune to the danger posed by digital attacks.

2 min read

Cloudflare is About to Become a Domain Registrar

By Carl Keyser on Sep 28, 2018 2:00:00 PM

 

And that's really great for everybody trying to do business on the internet.

I won't lie. We're big Cloudflare fans here at the Security7 offices. We like how they operate. They understand how website security should work. It's why we're so excited Cloudflare has recently announced they'll be offering domain registration services.

How To Video: Restore or Replace FortiGate Firmware via Mac

By Admin on Aug 30, 2018 8:00:00 AM

4 min read

It's Time to Meet SOAPA

By Carl Keyser on Aug 20, 2018 2:11:16 PM

Everyone in InfoSec/IT has heard of the SIEM. Most of you reading this have had varying levels of success or satisfaction working with them.

Topics: SOAPA

Serverless 101: What It Is & Why You Should Care

By Carl Keyser on Aug 9, 2018 4:15:06 PM

 

Today we recorded our first webinar ever! It was with Protego Labs. We talked about serverless computing, serverless security, and why both are so important to the future of business and Information Security! Check it out via this link!

4 min read

Is Ransomware Really Dead? If So, What's Next?

By Carl Keyser on Jul 23, 2018 4:38:05 PM

 
A lot of experts are saying that Ransomware attacks are now on the decline. IBM, F-Secure, and ISACA all claim it's time to hoist our drinks in the air and celebrate Ransomware's demise.
6 min read

What is Serverless Computing? Is it Secure? We Asked the Experts!

By Carl Keyser on Jul 19, 2018 8:00:00 AM

It's hard to keep up with today's computing tech. Product cycles are growing shorter by the day, and the next big thing is perpetually lurking just over the horizon, ready to make a splash in the market when the time is right.

1 min read

How to Calculate What a Ransomware Attack ACTUALLY Costs

By Carl Keyser on Jul 10, 2018 3:53:07 PM

Our great friends over at Cybereason published a blog article recently that really drew my attention. The article in question covers how exactly you should calculate the cost of a ransomware attack and what people typically get wrong when attempting to do so.

4 min read

Positive Security Controls vs. Negative Security Controls*

By Carl Keyser on Jun 8, 2018 1:46:29 PM

*And why you should use both

We talk a lot about the different technologies and strategies we use to protect our customers every day as a Managed Security Services Provider (MSSP). We've even published a quite informative white-paper that spells out our overall viewpoint (download our free Intelligence in Depth guide here).

6 min read

CylancePROTECT Review

By Admin on May 25, 2018 11:03:04 AM

We've written about Cylance before (bunches - look here & here). One of the things we haven't done yet is look at the software objectively. At least not...entirely objectively. So, do we think that CylancePROTECT is better than Malwarebytes? Do we think CylancePROTECT is better than Kaspersky? Find out below in our honest review of CylancePROTECT.

Topics: Cylance
4 min read

Our Takeaways from Cylance's 2017 Threat Report

By Carl Keyser on May 9, 2018 12:02:24 PM

We talk about Cylance a lot and with good reason. We're super keen on what they're doing in the anti-virus space. They just recently released their first ever Threat Report and it's a fantastic white-paper.

I thought maybe it'd be worthwhile to offer a summary of that report to you, oh exalted reader. However, it's not a summary of the complete report. To get your hands on that you'll need to download the document itself. To do that, all you need to do is register for our Cylance Webinar that's coming up in July. I've included a link at the bottom of the page that'll help walk you through that process. Once registered we'll email the 2017 Threat Report right over to you.

Topics: Cylance

Centrify: 5 Facts About Weak Credentials

By Admin on May 7, 2018 12:08:18 PM

Centrify knows a thing or two about passwords. Check out their latest blog article: 5 Facts About Weak Credentials. Their stance on Zero Trust Security is pretty interesting.

Topics: Centrify
6 min read

How to Stop a Tech Support Phone Scam

By Carl Keyser on May 3, 2018 11:31:51 AM

Here's the situation: You're sitting at your desk one day, alternating between spreadsheets and a gossip blog where you've been reading up on all the latest Kanye West dirt.

Your phone rings. A panicked voice on the other end tells you they just got off the phone with Microsoft Tech Support and now their endpoint's compromised.

"I was only following their instructions," the voice bemoans. "I need your help."

1 min read

Cloudflare announces "Spectrum"

By Carl Keyser on Apr 14, 2018 9:00:00 AM

 

We personally think that Cloudflare's particularly groovy when it comes to the services they offer. Their recent Spectrum announcement makes them even more so.

1 min read

Threat Hunting Tools: Cybereason

By Carl Keyser on Apr 10, 2018 9:30:37 AM

Go on the Offense Against Attackers

Get the unfair advantage with Cybereason Total Endpoint Protection: behavior- based, offense-first Endpoint Detection and more.

2 min read

Want to Delete Facebook? Here's How...

By Carl Keyser on Mar 26, 2018 10:53:13 AM

Facebook's been all over the news the last couple days. A UK data firm named Cambridge Analytica to harvest over 50 million Facebook accounts and help sway our last presidential election.*

3 min read

Don't Trust Trustico: Get Your SSL Certificates from Someone Else...

By Carl Keyser on Mar 22, 2018 1:56:52 PM

DISCLAIMER: Security7 Networks is a DigiCert partner. The views expressed in this article focuses more on Trustico's poor security practices rather than any personal relationship we might have with DigiCert

4 min read

7 Questions You Should Ask Before Hiring an MSSP

By Carl Keyser on Mar 12, 2018 10:50:42 AM

Looking to hire a Managed Security Services Provider for your business? Here are the questions you should ask yourself before you make such an important decision!

Learn How to Install Cylance with Ray Scholl, CISO

By Carl Keyser on Feb 28, 2018 2:00:00 PM

6 min read

What is GDPR and How Does it Affect American Businesses?

By Carl Keyser on Feb 14, 2018 3:58:01 PM

John Donne said in Meditation XVII that "no man is an island." Each of us is part of the larger whole. Because we are so interwoven or connected, the actions of one can or does, affect the rest.

6 min read

A New Flash Exploit Has Been Seen in the Wild. Protect Yourselves.

By Carl Keyser on Feb 8, 2018 7:00:00 AM

 

Flash_Gordon

(Flash! Aaaaaaaah-aaaaaah! He'll save every one of us! - Queen)

Okay, okay. This article isn't about Flash Gordon. I just couldn't resist using the picture. It's about Adobe Flash Vers. 28.0.0.137, a Zero-Day exploit, and a Phishing campaign recently discovered by the South Korean Computer Emergency Response Team (KR-CERT).

2 min read

What's the Deal with Meltdown and Spectre?

By Carl Keyser on Jan 5, 2018 9:00:00 AM

It's not even a full week into the new year, and we've got two brand spanking new security threats knocking on our door. They're named Meltdown and Spectre, and they're here to ruin not just your day but everybody who's bought a device with a microprocessor in it.

5 min read

7 Simple Security Tips for 2018

By Carl Keyser on Jan 4, 2018 8:00:00 AM

 

3 min read

Fireside Chat with Security7: How this MSSP is Enhancing Security Through the Cloud While Reducing Customer Costs

By Guest Author on Dec 22, 2017 10:16:38 AM

As organizations embrace the cloud, whether public, private, or a hybrid, multi-cloud environment, their IT team is not only required to architect new networking platforms or infrastructures, but also figure out how to secure this new environment. Unfortunately, many of the tools these organizations currently have in place don’t always scale into a cloud or virtualized environment. And even if they do, they actually result in increased complexity because they often function as separate and isolated security devices, which can severely hamper such things as unified visibility and control.

6 min read

Fileless Malware 101: Understanding Non-Malware Attacks

By Guest Author on Dec 19, 2017 8:00:00 AM

POST BY: FRED O'CONNOR

What is fileless malware?

Unlike attacks carried out using traditional malware, fileless malware attacks don’t entail attackers installing software on a victim’s machine. Instead, tools that are built-in to Windows are hijacked by adversaries and used to carry out attacks. Essentially, Windows is turned against itself.

4 min read

How to fix the macOS 10.13 Security Flaw and Some Thoughts on Apple's Decline...

By Carl Keyser on Nov 30, 2017 1:31:58 PM

 

DISCLAIMER: We here at Security7 are avid Mac users both professionally and personally. We, as a business, were not affected by this exploit in any way. My personal machine was vulnerable but has since been patched. No PII data was exposed.

On Tuesday, November 28th a brand spanking new macOS security exploit was discovered. If you’re a macOS user you’re familiar with the system prompts you get when you’re trying to make a change to the system. They’re Apple’s way of asking “do you really want to do that or should you think about it first.”

4 min read

LIST: Top 7 Things to do When Securing a Firewall

By Carl Keyser on Nov 20, 2017 11:23:22 AM

Everybody loves a good list, and we're no different! Here's a list of the TOP 7 things we like to do first when we secure a Firewall. 

So, without further ado...

2 min read

What the DUHK is going on?

By Carl Keyser on Nov 14, 2017 10:39:00 AM

Talk about a wild goose chase...

According to a few recently published/released security blogs and podcasts there’s a “new” vulnerability out there and it’s a DUHKing whopper.

3 min read

Traditional VPNs Stink. Try Zscaler Private Access Instead

By Carl Keyser on Nov 6, 2017 2:52:17 PM

Okay…honest question. Who likes using a VPN? Raise your hands and I’ll take a quick count…oh. Nobody? Really? Huh. You know what? I’m not all that surprised.

4 min read

Just Say NO to Krack! What You Need to Know About the Latest WPA2 Exploit

By Carl Keyser on Oct 19, 2017 9:50:10 AM

5 min read

Fileless Malware - What You Need to Know

By Carl Keyser on Sep 20, 2017 9:00:00 AM

Malware is getting ridiculous. All these new variants...its like a horror movie anthology that airs regularly on your local public access TV channel. Every week there's something new to be afraid of. So...just when you thought it was safe to go in the water....bum bum buuuuuuuuuuum...Fileless malware!

3 min read

Equifax Hack Part II: The Hack Was Avoidable

By Carl Keyser on Sep 15, 2017 11:02:30 AM

Earlier this week we talked a bit about the Equifax hack and what you could do to immediately protect yourself if your Social Security Number was compromised.

Now it's time to talk a little bit about what services are available that can immediately protect your sensitive systems from a similar type of attack.

5 min read

What's the Deal With the Equifax Hack?

By Carl Keyser on Sep 11, 2017 11:51:38 AM

Equifax was hacked. 143 million Social Security Numbers were compromised. That’s a just under half the population of the United States. It’s pretty scary.

4 min read

3 Reasons Why You Should Use a Managed Security Services Provider

By Carl Keyser on Sep 7, 2017 9:03:28 AM

4 min read

The Kremlin and Putin are using Kaspersky Labs to spy on you!

By Carl Keyser on Aug 25, 2017 1:06:49 PM

UPDATE - 9/19/2017: The United States Senate voted on Monday, September 18 to ban Kaspersky Lab software from federal computer systems and networks. We've posted a link to the Reuters.com story at the bottom of this page. We encourage you reading that after this article.*

Well...maybe...

About a week or two ago we shared an article regarding Kaspersky Labs, the Moscow based security firm and their recent endeavor to release their anti-virus software free of charge. 

5 min read

The Right to be Forgotten

By Carl Keyser on Aug 10, 2017 12:00:00 PM

If you had the opportunity to partially or totally remove yourself from the Internet, would you take it? That’s a good question. A lot of people are attracted to the idea. Honestly, can you blame them?

4 min read

QR Codes are Making a Comeback...and That may be Dangerous

By Carl Keyser on Aug 4, 2017 10:00:00 AM

Quick Response Codes (QR Codes for short) have been around for a while. They're an insanely popular marketing device in China, Japan and other Asian markets. They've never been really popular in the States but that might change fairly soon...

5 min read

Net Neutrality is a Good Thing

By Carl Keyser on Jul 21, 2017 9:01:27 AM

Oof. What a topic.

3 min read

Soup Up Your Threat Hunting with our Cyber Security Recommendations

By Admin on Jun 29, 2017 10:50:57 AM

You’re aware of cyber-threats and you’ve started looking for them. You’ve found a few tools along the way that’ve helped you learn a thing or two as well. Every day you feel like you’re getting better and better at what you’re trying to accomplish.

But something’s missing isn’t it? You might know how to handle yourself in a threat hunting fist fight but it’s time to get more serious. You need better equipment and Security7 Networks can help point you in the right direction.

3 min read

Open Source Cyber Threat Hunting Tools for Your InfoSec Utility Belt*

By Admin on Jun 26, 2017 10:00:00 AM

Last week we talked to you about Threat Hunting and why you should be actively looking for trouble. We’ve assembled a few links to tools and repositories you can use to fill up your threat hunting utility belt.

5 min read

What is Threat Hunting & why you SHOULD go looking for trouble.*

By Admin on Jun 15, 2017 2:00:50 PM

Lately we’ve talked a lot about how the digital security landscape is changing and the different kind of threats you might be facing (WannaCry, Phishing, etc). There’s a lot of bad hombres out there that could potentially affect your digital well being.

3 min read

New NIST Rules Make Password Security Simple

By Admin on Jun 2, 2017 3:30:28 AM

Password Image

Passwords are a pain in the butt. I don’t know anybody that likes setting one, let alone remembering what it is. A password’s ultimate goal is to protect something you hold valuable. The more hoops you’ve got to jump through to keep that something safe, the more obnoxious it is.

6 min read

First SaaS now WCaaS - How to Survive in the Weaponized Code as a Service age

By Admin on May 30, 2017 1:33:00 AM

The other day we talked to you about the WannaCry ransomware virus and the things you could do IMMEDIATELY to protect yourself; disable SMBv1 and install MS17-010 (read our last article here). WannaCry is nasty, it’s easily spread and it will absolutely ruin your day if you don’t protect yourself.

3 min read

WannaCry About Ransomware? So do we... (Part 1)

By Admin on May 29, 2017 1:27:00 AM

Recently we started compiling a list of steps people could take to stay safe online and away from malware and all its children. It was simple, straight forward, easy to understand and quite honestly, filler for a slow news week.

3 min read

Cylance - The Ups and Downs That Come with Being Good at What You Do

By Admin on May 20, 2017 1:35:00 AM

On March 30th the SANS Community named CylancePROTECT the Best Endpoint Protection Product of 2016. It’s no surprise really, the company, led by Stuart McClure and Ryan Permeh, has been shaking up their respective industry since they took the field in 2012.

3 min read

Credibility’s New Currency: Transparency

By Admin on May 14, 2017 1:22:00 AM

Recently Cloudflare and LastPass were faced with an inconvenient truth. Flaws had been identified in their systems and personal data that’s supposed to be private was open to the world.

2 min read

Alert: Fake Email Invoices Contain Ransomware

By Admin on May 9, 2017 1:24:00 AM

Ransomware is still on the rise, and the Federal Bureau of Investigation has labeled it as one of the biggest dangers to businesses of all kinds. Compared to other methods of spreading malware, ransomware has a unique return on investment that keeps hackers wanting more. One new variant of ransomware uses a phishing attack that’s tailored to your real-world address, which is exceptionally concerning for victims.

Featured