Anatomy of a ransomware attack

Ransomware became a multi-billion industry over the past two years.  Although there is widespread understanding of the risks that enable successful ransomware attacks but still are executed successfully despite the knowledge.  A better understanding of the anatomy of ransomware attacks could enable security professionals to better defend against future ransomware attacks. The most significant step

Information System Audit Configuration

Ensuring that meaningful security related information is gathered through the logging process can be challenging.  There must be an understanding of the information that can paint an accurate picture of what is happening on the information system.  The purpose of the information system may dictate what information should be gathered.  In a Microsoft environment, these

WPA3 and why it matters

The evolution of wireless networking is not unlike the evolution of computers throughout the last couple of decades.  Wireless networks authentication model first relied on Wired Equivalent Protection (WEP).  WEP had many shortcomings and was quickly, and easily exploited.  This forced a transition from WEP to Wireless Protected Access (WPA). WPA proved insufficient due to

Advanced IoT security risks

The incorporation of the internet of things (IoT) devices into our personal and business lives has brought about a whole new set of challenges.  Understanding the potential risks associated with this technology is vital in preventing the convenience of these devices to becoming an Achilles heel to the network.   Oracevic, Dilek, & Ozdemir (2017)

Is my BIOS/UEFI securely configured?

Up until a few months ago, the primary focus of cybersecurity was on software and vulnerabilities within the software.  Researchers had looked at the possibility of chip-level vulnerabilities and then came Spectre and Meltdown.  These two chip-level vulnerabilities exposed the reality that our cybersecurity practices should focus on hardware related issues as well. Although these