RESEARCH
Pumpkin Spice, Passwords, and the One Month a Year We Remember Hackers Exist
It’s the season of strong passwords, phishing reminders, and PowerPoint fatigue. Too bad hackers don’t care what month it is. It’s that time of year again. The leaves are changing, pumpkin spice is back, and your inbox is about to ...
Cyber Trends
The Windows 11 Time Bomb Your MSP Forgot to Mention
Let me tell you a story. It starts like most horror stories do—with a false sense of security. I sat down recently with the CEO of a well-run, 250-person company. Smart guy. Good business. Solid MSP. We talked shop: headcount, ...
Microsoft Just Extorted You. Here’s What to Do About It.
You don’t have to upgrade to Windows 11. That’s the good news. The bad news? If you don’t, your business is about to enter a slow, painful spiral into cyber vulnerability and operational chaos. Right now, people are calling Microsoft’s ...
Well, That Didn’t Last Long: Why Your Cyber Strategy Can’t Be Based on Headlines
Not even a full week. That’s how long we had between a glimmer of good news and a fresh slap of reality. Just a few days ago, security analysts were celebrating. Ransomware payments, they said, were down. A win! Maybe ...
Business Resilience
Part 2: Coffee or a Crisis: The CEO’s Choice in Cybersecurity
Last time we looked at why tabletop exercises matter and how they can reveal the cracks business leaders don’t notice until ...
The Silent IT Risk That Can Wreck Your Company Value: Tribal Knowledge
When CEOs and CFOs think about cybersecurity risk, they think about hackers, ransomware, and data breaches. What they do not think about is the way their own IT teams operate—and how that internal process can make or break the company ...
Could Your Business Survive a Cyberattack? (Most Can’t—and Won’t)
The US bombed Iranian nuclear facilities last week. The result? A “spectacular military success,” sure—followed immediately by the Department of Homeland Security warning that Iran’s state-backed hackers (and a gaggle of bored ...
Security Best Practices
The Cybersecurity Test You Think You're Passing (You're Not)
We were just running a security assessment for a 150-person company last week. Nice organization. Professional. Fancy logos on their trucks. Well-funded. And in about 11 minutes, we were inside their network. Here’s how it started: We sent an email. ...
Why Every CEO Needs a Cyber Incident Response Playbook
Why This Problem Lands on Your Desk When a cyber incident hits your company, the first call usually goes to IT. But very quickly, the responsibility shifts to you and your leadership team. Regulators, insurers, customers, and even the media ...
The Cybersecurity Gap That’s Costing You Everything—and No One's Telling You About It
You’ve made the investments. Your team has security tools in place. You’ve got someone managing IT. You’ve had the compliance audit. On paper, everything looks fine. But there’s a problem. A big one. No one on your team can clearly ...
More Articles
Default Windows Font May Change With Windows 10 Update
Microsoft has a history of being notoriously slow to change. Just to cite one example, the company's venerable "Paint" application has been in the mix since the earliest days of Windows. Although ...
Many Mobile Devices Contain A Chip With A Security Risk
A new, high severity vulnerability has been found in Qualcomm's MSM (Mobile Station Modem) chips, including the company's latest 5G-capable versions. The security issue could allow hackers to access a user's call ...
Global Scale Phishing Attack Brings New Malware
There's an ongoing, global scale phishing attack you should be aware of, even if your firm isn't currently being targeted by it. The attack is being tracked by Mandiant, who recently published ...
Chrome Zero Day Exploit Gets Fixed With Latest Update
On April 20, 2021, Google released Chrome 90.0.4430.85, designed to address a zero-day exploit hackers are currently taking advantage of, tracked as CVE-2021-21224. The patch also patches four other high severity security ...
The New MSP
I’ve been where many of you have been. I vividly remember the Valley of Death—the gap between $2 million and $5 million in revenue. ...
Newly Discovered Linux Malware Has Been Around For Years
Recently, researchers at Qihoo 360 Network Security discovered a particularly stealthy piece of malware designed to create backdoors in the Linux ecosystem. It was so good at its job, and so stealthy ...
End For Skype For Business Is Just Around The Corner
If you're still using Skype for Business at your firm, be advised that Microsoft recently sent another friendly reminder out to all users of the service. The reminder says that it's going ...
Popular NAS Device Vendor Fixes Vulnerability Recommends Update
QNAP recently addressed a critical security vulnerability you need to be aware of. Previous to the fix, the company had included hard-coded credentials to serve as a backdoor to the device. Unfortunately, ...
Large Insurance Company Geico Suffers Data Breach
Geico, the second largest insurance carrier in the US, recently became the latest high-profile company to suffer a data breach in the United States. The company is the second largest auto insurance ...
Microsoft Edge Will Redirect Users To HTTPS Secure Sites
If you're a Microsoft Edge user, be aware. Beginning in July, with the release of Edge 92, the browser will automatically redirect users to a secure HTTPS connection any time they visit ...
Here Is How The New iOS Update Improves Privacy
Targeted advertising has become a mainstay of life on the web these days. You do a search on Amazon for say, exercise bikes, and then, just about every other website you visit ...
Building And Selling A Cyber Stack That Actually Protects
When I was running my MSP and needed clients to upgrade their security stack (as in, buying our latest cyber stack), I had a couple of clients who would do whatever I ...
