Cybersecurity

452

Solutions

798

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

2
Become a Leader in Data Analytics
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

Be on the lookout for exciting changes coming to our course offering! With an additional 1500+ courses ranging in topics from cybersecurity and IT management to business practices and HR, there will be something for everyone. What courses would you like to see?
6
 
LVL 14

Expert Comment

by:Andrew Leniart
I think some Basic to Intermediate MAC OS courses for those who are migrating from a Microsoft Windows environment over to a MAC would be highly useful. For instance, showing how things are done on a Windows machine can be done on a MAC OS. I find lots of people struggle with coming to terms with a MAC OS if they've been using a Windows environment for a long time.

For an example, take a look at this question.
3
 
LVL 5

Author Comment

by:Randal Redberg
Hi Andrew,

I fully agree. We look forward to working with you and other long term memebers of the site to help us fill in the voids and provide valuable resources to the member base.

Thank you for your input.

Randy
0
Learn how to mitigate the new intel bugs Meltdown & Spectre,

Join this free #webinar titled "How to mitigate #Meltdown and #Spectre bugs" on Jan 10, 11:00 am EDT to get hands on experience, clarify your doubts , fix the exploit and get back to your routines.

https://www.manageengine.com/products/desktop-central/meltdown-and-spectre-webinar.html?ee

melt-webinar-social-banner.jpg
0

TeamViewer hacked: Here’s how to protect your systems


Hi there,

TeamViewer can be exploited using a vulnerability allowing users to switch between viewer and presenter side, or remotely control the server. If you are using TeamViewer in your enterprise, do act now.

Read more: https://goo.gl/2E65yX
1
5 tips for seamless endpoint security

Hey there,

Are you worried about your endpoints being hacked or breached?

Here is a simple tips to build the best endpoint security in your enterprise.

Building an effective endpoint security has become all time priority for enterprises. With the amount of cyber attacks evolving day by day, enterprises have to practice certain simple best practices tosimple tips to build the best endpoint security keep them vigilant against any unforeseen vulnerability breaches.

Read more: https://goo.gl/taAmSB
0
Uber paid hackers $100,000 to keep data breach quiet  

The BBC reported earlier today that Uber did not tell anyone about the breach that affected 57 million customers and drivers.

David Kennerly, director of threat research at security company Webroot, criticized Uber for paying a ransom to the hackers.

"Given the current climate around data security and breaches, it is astonishing that Uber paid off the hackers and kept this breach under wraps for a year. The fact is there is absolutely no guarantee the hackers didn't create multiple copies of the stolen data for future extortion or to sell on further down the line."

What's worse than being hacked? Covering up a hack.
4
Webroot Doubles Down on MSPs

"Some of the new offerings involved acquisitions. Others are homegrown. But they’re all coming together. Indeed, Webroot is coordinating its R&D, sales and marketing efforts to make it easier MSPs to try, buy and deploy the security solutions, Potts says."

Read the rest of the article here.
1
By combining a range of threat technologies, deployed over numerous stages, cybercriminals maximize the likelihood of infection success.

Here are 5 tips to help MSPs achieve a multi-layered cybersecurity strategy.

What's your multi-layered approach?
0
2-Post-Native-Image-360-x-200.jpgThe Private Question Feature is back on-site! Learn how we are protecting your tech question security.
2
Top 10 Nastiest Ransomware Attacks of 2017

Nastiest-Ransomware.png
We’re revealing the top 10 nastiest ransomware attacks from the past year. NotPetya came in on our list as the most destructive ransomware attack of 2017, followed closely by WannaCry and Locky in the number two and three spots, respectively. NotPetya took number one because of its intent to damage a country’s infrastructure. Unlike most ransomware attacks, NotPetya’s code wasn’t designed to extort money from its victims, but to destroy everything in its path.

Check out the entire list here.

0
Identify and Prevent Potential Cyber-threats
Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

2-Post-Native-Image-360-x-200.jpgBack by popular demand, the Private Question feature allows Premium Members, Team Accounts, and Qualified Experts to ask questions that can only be seen by Experts Exchange Members, while still linking to their profile for building rapport and connections on site. The return of Private Question adds to the question security options available to these member groups, including Anonymous Question.
2
Webroot Protects You Against Bad Rabbit

Webroot customers are protected from the Bad Rabbit malware that is affecting computers across Russia, Ukraine, Bulgaria, a few surrounding Eastern-European countries, as well as Japan.

What we know about Bad Rabbit thus far:

Bad Rabbit is a well-made piece of malware that uses a lot of clever tricks to spread, similar to NotPetya, which affected customers across the globe this summer.

Bad Rabbit has been successful as it has worm-like behavior, using embedded usernames and passwords to move laterally through the network.

Attackers used compromised websites, most of which are news sources local to the APAC/Eastern European region, as watering-hole infection vectors which helps explain the geographic location.

More about Bad Rabbit, what you can do to protect yourself even further, and what one of our Senior Advanced Threat Research Analyst had to say about it here.
0
Don't Get Hooked!

September-Consumer-Blog_Phishing_800.png
Another day, another phishing attack. From businesses to consumers, phishing attacks are becoming a more widespread and dangerous online threat every year. One wrong click could quickly turn into a nightmare if you aren’t aware of the current techniques cyber scammers are using to get access to your valuable personal information.

Stay safe with these tips.

1
Cyber News Rundown: Edition 9/29/17

CyberNewsRundown.jpg
Showtime Site Found Using Cryptocurrency Miner

Following the discovery last week that ThePirateBay has been using a Monero miner to experiment with revenue alternatives for the site, researchers have found that both Showtime.com and ShowtimeAnytime.com have embedded code for similar cryptocurrency mining. The code itself runs only while the user is on the site, and ceases once they navigate away. The main concern, however, was the high CPU usage users experienced. The script in question was removed after several days of testing, but Showtime has yet to comment on their implementation of the crypto-miner or its intended outcome.

Massive Stash of Credit Card Info Linked to Sonic Breach

In the past few days, researchers have found a trove of credit card data that could be tied to a recent breach at Sonic, the popular drive-in restaurant. The data is organized by the location of each card, and currently contains nearly 5 million unique card numbers and related info. While Sonic has not yet determined the cause of the breach, they have been working with their credit processing company to identify the compromised store locations and implement credit monitoring for affected customers.

More cybersecurity news you might have missed from the week on our blog.
2
 
LVL 7

Expert Comment

by:Nicholas
I was thinking can they really make that much money from it, as I remembered it it was like pennies if even that
Then I read https://www.lifewire.com/cryptocoin-mining-for-beginners-2483064 and it seems there could be big money to be made where popular sites like this are using it. Why invest money when you can get your customers to make you money

But on the flip side if I am giving away a few CPU cycles that meant no ads then is it really a bad thing...
0
Thoughts from Webroot’s new President and CEO, Mike Potts

800x600_Blog_Feature_Image.2-nezvn84.jpg
Mike Potts, Webroot's new President and CEO, shares his thoughts on why he joined Webroot and where he sees the cybersecurity industry going.

I’m delighted to join the Webroot team officially today as CEO. We helped define the cybersecurity field in our first 20 years, but I believe our best days are ahead. With this introductory post, I thought I’d let you know where I intend to focus in my first months at Webroot, with the goal of taking our customers, partners, and company to the next level of success.

More from Mike on our blog about his plans for the future of Webroot.
2
Another day, another cyber-attack! Back in March, Deloitte discovered that hackers gained access to an administrator account that didn't utilize two step verification. Compromised information includes emails and their attachments, usernames, passwords, IP addresses,  architectural diagrams for businesses and health information.

https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails
1
 
LVL 7

Expert Comment

by:Brian Matis
Starting to feel like we need a "sadface" option in addition to the endorse icon... I'm glad you posted the info, but I'm not endorsing that it happened!
1
 
LVL 18

Expert Comment

by:Kyle Santos
inb4 the CEO, CIO resign.
0
Ransomware Spares No One: How to Avoid the Next Big Attack

Ransomware-Blog_Image-800x650-1-ner8.png
With global ransomware attacks, such as WannaCry and not-Petya, making big headlines this year, it seems the unwelcomed scourge of ransomware isn’t going away any time soon. While large-scale attacks like these are most known for their ability to devastate companies and even whole countries, the often under-reported victim is the average home user.

We sat down with Tyler Moffit, senior threat research analyst at Webroot, to talk ransomware in plain terms to help you better understand how to stop modern cybercriminals from hijacking your most valuable data.
0
Protect DNS: A Conversation With Dave Dufour of Webroot

DNS is one of the basic services on which the web is based and it has proven to be robust and scalable to an astounding degree. Unfortunately, it's also vulnerable to hacking and can be a serious attack vector if left unprotected. Dave Dufour, director of cybersecurity and engineering at Webroot, is an expert on DNS and its implications in network security. Security Now talked with Dufour about the issues with DNS and what organizations should be doing to protect their networks, employees and customers from DNS-based threats.

Read more of the interview on Security Now.
2
3
Evaluating UTMs? Here's what you need to know!
LVL 1
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

4
 
LVL 7

Expert Comment

by:Nicholas
Accountability - what's that all about it.

Makes you wonder what they know that they get off with a nice retirement package...
0
 
LVL 18

Author Comment

by:Kyle Santos
Seriously.  They're like 'peace out y'all!'  *vacations in Maui*
0
CyberNewsRundown.jpg
Cyber News Rundown: Edition 9/15/17

German Voting Software Raises Concerns

With German elections only a couple weeks away, researchers have been working to determine how secure the voting systems really are. Per a recent study, the software being used contains multiple vulnerabilities that could lead to devastating results if the election is compromised. Meanwhile, the software creator maintains there is nothing wrong with the system and any tampering would only lead to confusion, rather than truly affecting the vote’s outcome.

Upgraded Android OS Slows Tide of Overlay Attacks

While overlay attacks are nothing new to Android™ users, the Toast window is a surprisingly fresh take on this technique. Google has already patched the issue being exploited, but many users unintentionally fell victim and gave permissions to a malicious app using the Toast window overlay on a legitimate page to spoof the users input. This type of attack can range from simply installing an annoying piece of malware on the device, all the way up to locking the device down and demanding a ransom.
2
1
2
Useful guide in recovery from Ransomware attack.
Nice work on the "C" part of the document: Data Integrity: Recovering from Ransomware and Other Destructive Events, Volume C.

This NIST Cybersecurity Practice Guide demonstrates how organizations can develop and implement appropriate actions following a detected cybersecurity event. The solutions outlined in this guide encourage monitoring and detecting data corruption in commodity components—as well as custom applications and data composed of open-source and commercially available components.

https://nccoe.nist.gov/publication/1800-11/index.html
2
Capture.JPG
Cyber News Rundown: Edition 9/8/17

The Cyber News Rundown brings you the latest happenings in cyber news weekly.
If you have any other questions, just ask!





Consumer Credit Reporting Agency Equifax Suffers Cyberattack Affecting 143 Million Customers

Equifax announced hackers gained access to sensitive company data that potentially compromised information for 143 million American consumers, including Social Security numbers, driver’s license information, and credit card details. This is the third major cybersecurity incident for the agency since 2015. Most concerning, Equifax knew of the breach on June 29 but waited until September 7 to disclose the information.

Instagram Hack Exposes Millions of Accounts
A group of hackers recently gained access to a large number of Instagram accounts for high-profile celebrities and other victims. The attackers were able to use an exploit in the Insta app to retrieve the email addresses and phone numbers for millions of account holders. They then used this information to take control of more valuable accounts and posted the credentials for sale on the dark web. While Instagram was quick to fix the bug, it is still unclear just how many accounts were compromised.

Customer Databases Belonging to Time Warner Cable Publicly Exposed
1

Cybersecurity

452

Solutions

798

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Vendor Experts

Gil FeldmanMonday Learn more about Monday