Six common cybersecurity mistakes you can fix now

Introduction Cybercriminals are clever and on the lookout for vulnerable businesses. They exploit common mistakes and flaws to breach systems, then steal, disrupt, or hold businesses for ransom. But here’s the good news: you don’t have to be an easy mark. You can make changes right now to reduce the likelihood of a successful attack.

Read more 

Protecting Against Phishing Attempts

Phishing is the cause of most cyber breaches. Most successful attacks against companies start with a phishing email. Adhering to the statements in this policy will help your company be more resilient to phishing attacks. Phishing Definition: Phishing is an email-borne attack that attempts to get you and your email software to do something malicious. Many

Read more 

Editing DNS Host Files

This article provides instructions for locating and editing the hosts file on the following operating systems: Microsoft® Windows® 10, Windows 8, Windows 7, and Windows Vista™ Microsoft Windows NT™, Windows 2000, and Windows XP Linux® When you add a permanent entry to the local DNS cache on your PC, it will always override the information

Read more 

Kali Linux Not Updating

I have run into this issue a few times, so I will share my solution on fixing Kali Linux not updating. Open a terminal and run the below commands to quickly fix the issue: Type sudo -i Type in your password. Type touch /etc/apt/sources.list Type chmod 644 /etc/apt/sources.list Type echo “deb http://http.kali.org/kali kali-rolling main contrib non-free”

Read more 

Protecting Against Social Engineering and Phishing Attacks

What is a social engineering attack? In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that

Read more 

Microsoft Privilege Escalation Vulnerability

Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges. As many of you have seen there is a zero-day, privilege escalation, exploit for nearly all current versions of windows. https://www.kb.cert.org/vuls/id/906424 We haven’t seen any reasonable mitigating

Read more 

Understanding NERC

What is the North American Electric Reliability Corporation (NERC)? The North American Electric Reliability Corporation (NERC; www.nerc.com) is a not-for-profit organization with a mission to “ensure the reliability of the North American bulk power system.” It encompasses the interconnected SCADA power grids of the United States, Canada, and a portion of Baja California, Mexico. Following

Read more 

Understanding FISMA

What is the Federal Information Security Management Act (FISMA)? The Federal Information Security Management Act of 2002 (FISMA) assigns certain responsibilities to U.S. government agencies to ensure the confidentiality, integrity, and availability of federal government data. The act requires program officials to conduct annual reviews of information security programs. However, as of September 2012, the

Read more