Based on our research it sounds like infection often comes in via email attachment. The whole SMB exploit aspect is the unique sexiness of this crypto in that it spreads to multiple machines that way so multiple nodes are encrypting basically. I think any Desktop that gets infected would encrypt server mapped drives. So patching servers prevents 'server-uber-doomsday-infection' of server itself being infected. But any node on network getting it will basically cause server to get encrypted anyway, Read more [...]
Best Practices for Securing and Passing Privileged Account Audits
Privileged accounts can be divided into categories; such as built-in, user made, linked to a consultant/contractor and anonymous. To better secure and pass privileged accounts audits, you must monitor the activities of these accounts and maintain proper management and control them.
A new network, where the latest guidelines are adopted as the system is rolled out, can be easy to track and monitor. In such an environment, passing Read more [...]
I recent reviewed an article about US Customs requiring a NASA employee to unlock their phone and taking a data dump of the device.
This was of great concern to a law firm client of mine. I drafted the following guidance:
I reviewed the article, that is concerning that they force individuals to unlock the phone, as that's always been the best defense in the past and is the means in which the device is encrypted.
The only way around this I see is to delete your mail accounts (under settings) Read more [...]
Much focus is placed on the IT security of business. However, this guide focuses on your personal IT security which can impact all areas of life including your businesses. This guide is by no means exhaustive, however it does focus on key areas I feel are most important to cover in the initial securing of your digital life.
Services to secure with Two Factor Authentication:
Banking and investments
Financial Sites (incl Paypal, Venmo, etc)
Yahoo Account / Yahoo Mail (if you Read more [...]
OpenDNS is an extremely easy to deploy and affective security measure. By specifying OpenDNS DNS IP addresses your internet DNS queries are less likely to return the addresses of malicious websites and software. Below are easy instructions for specifying OpenDNS IP addresses on your mac.
Apple > system preferences > Network > select Wifi or Ethernet > Advanced > DNS > click plus sign under DNS Servers, add one of the below OpenDNS Server addresses. Click Plus sign again Read more [...]