ThrottleNet Inc. Blog

 

From the category archives: Security

Read about the latest security breaches, best practices and how to secure your business on the ThrottleNet blog. Check out our security archives below.

Debunking Common Cyber Security Myths Believed by CEOs

Alongside ensuring the day-to-day elements of their business are running successfully, CEOs hold a big responsibility in maintaining the security of their network.

How they handle network security and delegate responsibilities to maintain it are often based on their own beliefs about technology and how it relates to security. Unfortunately, while all CEOs have the best intentions and believe their organization is doing everything it can to counter cybersecurity concerns some of these beliefs miss the mark and leave their organization open to vulnerabilities.

In this article, we bust some of these cyber security myths and discuss the truth about each belief.

Read the rest of entry »

A Lesson in Wi-Fi Router Security: How to Secure Your Wi-Fi Environment

Earlier this month the FBI put out a call to all internet users: Reboot your router! Now, they’re asking consumers to do a little more, by updating router firmware and doing a full factory reset. 

The cries for action come after it was discovered that Russian hackers infected over half a million consumer routers with a malware known as VPNFilter, which performs a “man in the middle” attack on incoming web traffic. Experts are still trying to determine exactly what VPNFilter can do, but we know that it can modify the content delivered by websites, steal credentials and even issue a self-destruct command. 

To infiltrate the routers, hackers took advantage of known exploits or default credentials that come pre-packaged with each device, making the attack simple to carry out.

Read the rest of entry »

Know the Risks of Chrome Extension Malware and How to Protect Yourself

According to a report released earlier this month, more than 100,000 Google Chrome users were affected after downloading malware from browser extensions in the official Chrome Web Store.

The chrome extension malware attack was created by crisis actors who had hijacked legitimate browser extensions, most commonly an app called “Nigelfly” which replaces pictures with the face of cartoon character Nigel Thornberry (whom we have never heard of before this) with malicious scripts. By taking advantage of existing apps in the Chrome store, the hackers could bypass Google’s extension validation checks. Along with Nigelfly, at least 7 other apps were used during the scheme, and Google has been able to remove several of these apps from the Chrome store.

Read more about the risks of Chrome extension malware and how to protect yourself.

Read the rest of entry »

Is Your IT Security Training Effective Enough?

Educating end users on the importance of security within your organization is an up-hill battle for most small businesses. Ask an IT professional how effective their training processes are and you’re sure to get a mixed bag of responses.

Some things work for some people and don’t for others.

Mandatory, irregular IT security training seminars don’t always make a connection. Hosting half day or day long training sessions can bore people to death and cut into your bottom line by pulling employees away from their workstations for an extended period. It security training Presentations need to walk a fine line between presenting hard policies and detailing the repercussions of violation while being lighthearted and keeping the room interactive.

Are you worried your IT security training isn’t hitting the right cord with your employees? Here are a few tips.

Read the rest of entry »

Evaluating the Latest Public Cloud Security Statistics

Today, nearly every IT professional is using cloud service in their operations. Most users employ a hybrid model, mixing public and private clouds to store data within their organization.

A recent statistic released by McAfee questions public cloud security, stating that 25% of businesses who employ a public cloud service have had confidential data compromised.

The statistic was included in McAfee’s annual Cyber Security Report, released ahead of the RSA Security Conference in San Francisco.

While 97% of businesses employ some form of cloud storage, up from 93% in the same study last year, only 69% trust their data in the cloud.

Among confidential information stored in the cloud, customer information is the most common, reported in 61% of organizations. About 40% of companies store internal documentation, payment card information and personal staff data in the cloud, while 30% of users rely on the cloud for intellectual properties, healthcare records, competitive intelligence and network pass card storage.

Read the rest of entry »

Should Small Business Worry About the Facebook Scandal?

Facebook is working to restore its image with users following the Cambridge Analytica data scandal, in which information on up to 87 million users was collected through a third-party application and passed on to a political consulting firm to help influence voter opinion.

The public outcry following Cambridge Analytica has caused users and businesses to leave the platform and stock prices to drop. Tesla & Playboy are among the businesses that have dropped Facebook altogether, while countless others have pulled advertising through the platform.

Analysts estimate that anywhere between 60% and 80% of small businesses have a presence on Facebook, with over half of all small businesses posting on Facebook every day.

Just as a business vows to protect any user data that flows through their payment systems and website, they also have a responsibility to safeguard the data of their customers who value them enough to like them on Facebook. If a massive data breach were to occur on Facebook, the responsibility would fall on Facebook; not the individual brand. However, some can’t help but feel guilty by association.

Should you go running for the hills and pull your business from Facebook? We don’t think so.

Read the rest of entry »

Popular Online Scams: Protecting Yourself from the Most Common Internet Security Threats

While cyber security has evolved quite a bit over the years, and assailants are taking advantage of more conspicuous ways to sneak into your network undetected, the “same old, same old” remains a risk to your business and personal security.

In this blog, we summarzied some of the most common internet security threats that everyone should be aware of, along with tips to protect yourself.

Read the rest of entry »

8 Changes in Cyber Security You Must Be Aware Of

New technologies are changing the way companies think about cyber security and how they protect their business from everyday threats. At the same time, many cyber security issues we’re already aware of are becoming smarter, making the landscape that much more difficult to navigate.

Recently, Cisco released its 2018 Cyber Security Report, which discusses the latest advances in the security industry and how organizations can protect themselves against mounting cyber security issues. It also includes benchmarking data from 3,600 Chief Security Officers highlighting the challenges their organizations face regarding changes in cyber security.

The full report is a must-read for anyone who has a vesting interest in protecting their business, but we’ve provided some of the cliff notes in this blog entry.

Read the rest of entry »

The Olympics and Hackers: Why the Games Are a Prime Target for Cyber Crime

For one reason or another, hackers love the Olympics just as much as the casual sports fan.

The 2018 Pyeongchang games started off with a massive cyber-attack that those watching at home may not have been aware of. The attack, which was forged by an unidentified hacker (presumably either Russia or North Korea) causing internet protocol TVs to malfunction at the main press center, which was countered by organizers shutting down the games' servers to prevent additional damage.

With the Olympics servers offline, Wi-Fi at the Olympic Stadium and the website went down, preventing attendees from printing tickets to events.

The opening ceremony was to feature drones filming the ceremony, but those were unable to deploy.

The source of the cyber-attack was not revealed, but organizers and the IOC have an idea of who orchestrated the attack.  However, they won’t point the finger, instead citing poor international best-practices.

Read the rest of entry »

Five Ways to Improve Employee Security Awareness

Employee security awareness - ThrottleNet 

What good is an IT security policy if none of your employees know exactly what it means?

According to a recent study by Kaspersky Lab, 12% of employees claim to be fully aware of their organization’s IT security policies and rules. Just less than half of employees believe they share some responsibility in preventing cyberthreats within their company.

Among survey respondents, 24% did not believe their organization even had an established IT security in place, which is a completely different story.

For small business owners, these results are cause for concern, as cyber security threats like ransomware, phishing and even internal espionage grow more sophisticated by the day.

If employee security awareness wasn’t already a top concern, these results heighten the need to properly train employees on IT protocols and develop a policy if one does not exist. 

Read the rest of entry »

Pages: Previous1234567NextReturn Top