Perils From The Edge – Insecure Routers

juniper-networksAt the end of December last year Juniper Networks discovered that some malicious actors had added code to the firmware and software that run their routers, creating a back door that would allow attackers to access the router remotely, assume administrator privileges, and view and decrypt VPN traffic running through the routers.  As the story unfolded, it turns out that Juniper was using a random number generator from NIST, and that the Continue Reading →


CIT Cybersecurity Featured in New Business Minnesota

We were recently featured in the January edition of New Business Minnesota.  This is a monthly business magazine published by Pat Boulay.  You can download a copy of our featured article, Cyber-criminals Put Every Business At Risk, here.  There are some additional helpful links below the picture.


Pat also runs a great business networking meeting once a month as well, on ...

Continue Reading →

Twin Cities 2016 CISSP Study Group

I got this announcement yesterday and thought I’d post it here for interested cybersecurity professionals.


The 2016 CISSP Study Group for (ISC)2 “Common Body of Knowledge Examination” is forming with the first session starting Feb 23, 2016.  The study group is scheduled to last until June 28.

The board of directors of both the Minnesota Chapter of ISSA and the Twin Cities Minnesota (ISC)2 Chapter agreed to sponsor a CISSP Study Group.  “Our ...

Continue Reading →

Interview With Carolyn Heinze – Part Two

Continuing with my interview with Carolyn Heinze:

CH-       What are the key ingredients of a sound security preparedness strategy?

  • BW- They are:
    • Patch
    • Backup
    • Keep anti-malware software updated
    • Watch for and report suspected email exploits
    • Good password policy coupled with two-factor authentication when possible
    • Create an environment of cybersecurity awareness through training and fun employee events.

CH-       When we think of cyber security, the tendency is to consider breaches that come from the outside. What can organizations do to protect themselves from breaches that can potentially come from the ...

Continue Reading →

Malwarebytes Tackles Cryptoware

th-paypage-quick-480This is hot off the press.  Yesterday Malwarebytes announced a beta of a new anti-crypto software product designed to stop CryptoWall4, CryptoLocker, Tesla, and CTB-Locker.  You can download the beta here.

According to Malwarebytes:

“Malwarebytes Anti-Ransomware monitors all activity in the computer and identifies actions which are typical of ransomware activity. It keeps track of all activity and, once it has enough ...

Continue Reading →

Interview with Carolyn Heinze

I recently had my second interview with freelancer Carolyn Heinze, and the questions were so interesting I decided to replicate the interview in a couple of posts this week.

From: Carolyn Heinze
Subject: Interview Request – tED Magazine

Dear Bob,

I interviewed you a while back for an article on ransomware that appeared in ChannelPro.  I’m working on another article for which I thought you’d make a great source. Here’s the scoop:

I am writing an article on cyber security, and more specifically, ...

Continue Reading →

Do You Need A Virtual Private Network?

encryptionA virtual private network, or VPN, is a type of network computer connection that creates a private encrypted communications channel, commonly called a “tunnel,” when using insecure networks, such as in hotels and coffee shops, or when communicating over the Internet.  Many businesses provide a VPN connection for their mobile and traveling employees.  This means that when out of the office, a worker can open the VPN and be connected to the ...

Continue Reading →

What Can I Do With Your Email Account?

Email_thumb2There are many online accounts that would be bad to lose control of, such as your Amazon, eBay, PayPal, or bank account.  But by the far the worst account to lose is your email account.  If I can trick you into giving me your email user ID and password, by using a phishing email, or phone pretext call, I will be in.  I can start off by simply observing, as I read your emails, ...

Continue Reading →
Page 59 of 71 «...3040505758596061...»