Categories
Cyber news Cyber Security

Where to Start to Strengthen Cyber Defenses

By David Cagical

In the face of escalating and intricate cybersecurity threats, it’s crucial to reevaluate our approach to defense. The question isn’t just where to begin, but rather, why embark on this journey? As technology grows exponentially — think Moore’s Law, which posits microchip capacity will double every two years — it brings both advancements and vulnerabilities, making our outdated cybersecurity defenses inadequate.

The starting point lies with us — the users operating computers connected to networks. While often considered the first line of defense, we are also the primary vulnerability. As employees and consumers, safeguarding our credentials is paramount, as compromised credentials jeopardize both personal and corporate assets. Our reliance on technology spans public and private sectors, evident in incidents like the SolarWinds and MOVEit attacks, revealing vulnerabilities along the supply chain.

Categories
Cyber news Cyber Security

Where Are the Cybersecurity Professionals?

By David Cagical

The demand for cybersecurity professionals is increasing rapidly, both in the public and private sectors worldwide. The rise of cyber threats and attacks necessitates strong defenses, managed by skilled cyber professionals who have significant responsibilities throughout the day.

Society is increasingly embracing technologies like the Internet of Things (IoT) in various aspects of life, leading to convenience but also raising concerns about privacy violations and financial asset theft. To address the shortage of cyber resources, a long-term commitment is required to build a robust pipeline of professionals from K-12 schools to graduate programs.

Categories
Cyber news Cyber Security

Safety tip of the day

How safe are you with your passwords with your internet browser?

Do you practice good password security?

Do you use your web browser to save passwords from websites?

To answers these questions, I’ll share with an experience I had. I won’t share the brand name of this web browser just to stay out of trouble. A friend of mine bought a new computer and asked me to help him with the initial setup. We went through all of the normal configuration of a new laptop and transferred his information from the old laptop to the new one.  After the setup he went through the new laptop to see if anything was missing from the old laptop. Turns out that he didn’t document some login and password information from some websites he uses. I did a little digging and found out that the web browser he was using would ask to save this information from websites. I found this in the settings of the web browser and plain as day, an unsecure folder with an entire list of websites he visited with the user I.D. and password associated with it. I’m no Cyber security expert, If I can locate this, then the criminals won’t have any problem at all. In this folder I found 41 unique websites with all the credentials needed to log in to that website including the ones he was missing.

The fix.

Don’t save any login information in your web browser. I would recommend using a password manager as there are a number of good ones out there and a lot of them will offer a basic account for free. Adding a password manager is adding an extra layer of protection from getting your information stolen, putting your login information behind password protection.

Categories
Cyber news Cyber Security Training

Wisconsin Veterans Forward

Leading the Charge Against Cyber Threats (Part 1)

See how the Wisconsin Cyber Threat Response Alliance leverages veteran talent to lead the charge against cyber threats.

Leading the Charge Against Cyber Threats (Part 2)

Categories
Cyber news Cyber Security Technology

Use a privacy oriented search engine

Search engines are one of the primary resources used to spy on you. I personally know that search engines have been spying on people since the beginning.
There is a clear privacy leader for search engines: DuckDuckGo (https://duckduckgo.com)
This is a great search engine and they are privacy focused. This protects you online and greatly improves your privacy/cybersecurity posture.
You should switch all of your web browsers to use DuckDuckGo as your search engine. Including:

  • Your desktop
  • Your mobile devices

Switching is easy and it is never too late. You will start benefiting immediately.

Categories
Cyber news Cyber Security Technology

Improving the privacy and security of your web browser

We recommend the following extensions/plugins for you web browser.
uBlock – remove ads and trackers automatically be sure to use the one by Raymond Hill

uBlock Matrix – control exactly what is allowed to see your web activity via explicit authorization per web site. Be sure to use the one by Raymond HillDuck

Duck Go Privacy Essentials – protect your search history online, some ad/tracker blocking

Privacy Badger – block invisible trackers

Decentraleyes – alternative Content Delivery Network to prevent common code libraries from tracking where you go online.


Using these will greatly help protect you online. Nothing is a perfect answer to all the dangers in the Internet world, but this will get you very far down the road.

Categories
Cyber attack Cyber news Cyber Security

Suspected Russian hack is much worse than first feared: Here’s what you need to know

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated. 

The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat “poses a grave risk to the federal government.”

It added that “state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations” are also at risk.

CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.

“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” CISA said. “Removing the threat actor from compromised environments will be highly complex and challenging.”

Categories
Cyber attack Cyber news Cyber Security

Hackers’ broad attack sets cyber experts worldwide scrambling to defend networks

(Reuters) -Suspected Russian hackers who broke into U.S. government agencies also spied on less high-profile organizations, including groups in Britain, a U.S. internet provider and a county government in Arizona, according to web records and a security source.

More details were revealed on Friday of the cyber espionage campaign that has computer network security teams worldwide scrambling to limit the damage as a senior official in the outgoing administration of U.S. President Donald Trump explicitly acknowledged Russia’s role in the hack for the first time.

Categories
Cyber attack Cyber news Cyber Security

Microsoft to quarantine SolarWinds apps linked to recent hack

After only showing detection alerts, Microsoft moves to block trojanized SolarWinds apps from running, opening the door for some IT issues for some of its customers.

On Sunday, several news outlets reported that hackers linked to the Russian government breached SolarWinds and inserted malware inside updates for Orion, a network monitoring and inventory platform.

Following the company’s official statement, Microsoft was one of the first cybersecurity vendors to confirm the SolarWinds incident. On the same day, the company added detection rules for the Solorigate malware contained within the SolarWinds Orion app.

Categories
Cyber news Cyber Security Events

2020 PDS Conference

Asif is the CEO & President of PDS. They have a conference every year and this year it was virtual on October 11, 2020. He delivered a great keynote. His message is spot on regarding our current challenges and OPPORTUNITIES. His message is a message for hope and that we should continue to leverage our leadership and IT wisdom, skills and experiences.