Directive Blogs

This holiday season might leave technology and entertainment supergiant Sony with nothing but a big lump of coal in its stocking. In a high-profile hack, hackers continue to leak Sony’s employees’ sensitive information like Social Security numbers, passports, and even personal emails. This is obviously an issue for the company, but so is its lack of IT security, as shown by their passwords being stored in a folder named “Passwords.”

In the past, we’ve been known to go into detail about threats, vulnerabilities, and how to protect your business while online. Distributed denial of service (DDoS) attacks aren’t new in the technology world, but notorious hacking group Lizard Squad has somehow managed to take out Internet service for much of Sweden with a faulty DDoS attack; an unprecedented feat, especially for a ragtag group of irate gamers.

Does your office practice proper maintenance and security against the latest threats, like Sandworm and CryptoWall 2.0? You should, or else your business might get a nasty holiday gift in the form of the Schannel vulnerability in Microsoft Office. This particular threat allows a hacker to take over the entire system, making it an exceptionally dangerous vulnerability that you can’t ignore. Thankfully, a patch is available to the general public, so you want to apply it as soon as possible.

This subject isn’t very interesting outside of hospital administrators… or for hospital administrators, but there’s no denying that healthcare is one of the most important industries in our society today; and one that is having a technology overhaul at present. The influx of cheaper and more powerful technology is surely going to be a driving force for healthcare in the 21st century. Under the Health Information Technology for Economic and Clinical Health Act (HITECH), the United States government has followed the lead of other Western nations in forcing entities to upgrade their healthcare practice’s information technology for the betterment of patients, insurers, and health care providers.

Well, better late than never.
This is to be said of Microsoft after they recently patched a security flaw that’s come with every generation of its operating systems going all the way back to Windows 95.

Hackers come in all shapes and sizes, with varied levels of skills to boot. The generic garden-variety hacker will probably only try to hack your email and send spam, or steal your personal information. However, there are much worse threats out there, like APT hackers. This week, we’ll cover how you can spot these wolves in sheep’s clothing.

Grab your tissues, it’s flu season! Just like biological viruses such as the flu can cripple an entire office, digital viruses can cause a lot of trouble for businesses too. Both downtime-causing virus scenarios can be prevented if proper safety measures are followed, like sanitation and cybersecurity.

In these times, passwords are losing their effectiveness. Hackers can now input millions of passwords every second to crack your code. Even now, professionals are working on new solutions which can jumpstart online security. While using a password is still an ideal choice, there are plenty of other options that are being discussed in the two-factor authentication field.

A few weeks ago, a new vulnerability was discovered in the Internet Explorer functionality of SSL 3.0. Due to the encompassing nature of the vulnerability, all operating systems are affected. This makes it a big problem that must be resolved. Thankfully, Microsoft has released a fix to the vulnerability, called Fix It, making it far easier to prevent the vulnerability from becoming an issue.

Our minds often attribute unexplained phenomena with hauntings from ghosts. Most of the time, there's a perfectly good scientific explanation for what's going on. If you ever see your computer's cursor move on its own, your PC isn't haunted. Although, you might prefer a haunting to what's really happening; a hacker is probably stealing your data. Now that's scary!

Everyone has heard horror stories about the spirits of the dead lingering in this world. Every culture on this planet has different beliefs about the nature of these spectral beings. Not much is known about these beings, but people still believe without a doubt that they exist. In regards to technology, ghosts do exist, in the form of ghost servers.

A new threat, dubbed Sandworm by iSight Partners, has been discovered. It is a cyber espionage campaign dating back to at least 2009, and is said to be based in Russia. Sandworm uses a previously undiscovered zero-day vulnerability in Windows operating systems to steal information from government leaders and organizations.

Hackers are mysterious. Not much is known about them - until they get caught, at least. But until the divine hammer of justice is brought down upon them, they will continue to stalk the shadows and wait for us to unknowingly hand over our personal information. What they don't want you to know is that they generally act according to a few particular variables, and that it is possible to avoid their pitfalls.

We reported in August that security researcher Karsten Nohl of SR Labs revealed a flaw in USB firmware that cripples the technology beyond repair. At the Black Hat security conference, it was revealed that USB devices of all kinds can be targeted by hidden malware. Nohl refused to release the code used in the research, due to being concerned that it would be used by the wrong hands, but it has been made public anyway, putting the masses at risk.

For the past 12 years, the Harkonnen Operation has plagued Europe. The malware campaign, operating scams in Germany, Switzerland, and Austria since 2002, has finally ended, but that doesn't change the fact that it may be the most long-lived malware to have existed. What kept security firms from discovering these attacks and preventing them for so long?

Are you confident that your company's network is 100 percent secure? The best way to answer "yes" to this question is with a network audit. This is a technical procedure where IT professionals analyze every nook and cranny of your system, looking for every possible vulnerability. No matter what the situation is with your company's IT management, a network audit is worth doing.

Hackers today are trying every approach possible to steal your device's data, including the hijacking of public USB ports. This technique is known as "juice jacking," and with this new threat, you should think twice about charging your device using a public USB charging kiosk, or even the USB port on a friend's computer.

Major retailers are having a rough time of it these days concerning the security of their customer's financial information. Last December, Target was hit with malware that compromised 40 million customer credit and debit card accounts, and recently, Home Depot was hit with the same malware. What's a connoisseur of mass-produced boxed goods to do?

When diagnosing your computer's security problems, it should be noted that malware is not always located on the PC itself. A lot of the time, problems could be occurring in a number of different operating systems and browsers, making it difficult to diagnose the cause. A recent study by Ronald Kaplan and Dylan Kaplan proved that malware can be located not only on your computer and devices, but even on your wireless router.

The art of war is of vital importance to the State. It is a matter of life and death, a road either to safety or to ruin. Hence it is a subject of inquiry which can on no account be neglected.
- Sun Tzu, The Art of War

The ancient Chinese military general Sun Tzu might have been around long before the Internet was a thing, but he sure knew how to make an impression on the world. In his extremely influential book on ancient Chinese warfare, The Art of War, he says that "every battle is won before it's ever fought." This applies to protecting your IT network, too.