Covid-19 has produced a cyber security pandemic. Thousands of sites claim Covid-19 information but are really scams to download malware or steal credentials. The desire for information about Covid-19 has made many forget their cyber security precautions and click on links they would not click under other circumstances. The result is a pandemic of stolen credentials and private information. 

https://apscdn.nyc3.digitaloceanspaces.com/resources/pdf/insights/The%20Other%20Covid-19%20Pandemic.pdf

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Small and medium businesses have turned to MSPs, Managed Service Providers, as one stop shops from their IT needs. And in many cases the MSPs have provided good service and simplified the lives of SMEs by knowing what is needed and offering it in packages. But the fact that the MSPs have the information from multiple companies has not escaped the eyes of cyber criminals who are targeting the MSPs as a single door to information from multiple companies. 

https://www.darkreading.com/vulnerabilities---threats/managed-it-providers-the-cyber-threat-actors-gateway-to-smbs/a/d-id/1338804

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Perimeter security is widely implemented but this article explains why it is insufficient to protect business critical applications. The move to ERP, SCM, and CRM applications combined with the move to the cloud put the most critical company information at risk. And the typical ways data has been protected are not sufficient to protect them. 

https://www.darkreading.com/cloud/8-reasons-perimeter-security-alone-wont-protect-your-crown-jewels/a/d-id/1338878?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

A severity 10, the most severe, compromise was patched by Microsoft last month with little fanfare. The compromise was so serious it was reported to Microsoft but not publicized. The compromise allowed takeover of Windows Servers functioning as domain controllers. 

Be sure to update all your serviers with the August patches. 

https://www.zdnet.com/article/zerologon-attack-lets-hackers-take-over-enterprise-networks/?ftag=TRE49e8aa0&bhid=29017885593246285133005340243949&mid=13052006&cid=2201587059

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

The Internet of Things is proliferating. Yet many of these devices have little to no security. Some don’t even have passwords. To make matters worse, people are connecting their own IoT devices to company networks because they like the device and it may help them. And they rarely get permission from IT before connecting jeopardizing corporate assets. 

 https://www.zdnet.com/article/coffee-machines-cuddly-toys-and-cars-the-internet-of-things-devices-which-could-put-you-at-risk-from-hackers/?ftag=TRE49e8aa0&bhid=29017885593246285133005340243949&mid=13052006&cid=2201587059

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

There has been a debate over which are more secure, long passwords or complex passwords. This original Insight examines both and provides an explanation of the difference and which one is stronger. 

https://apscdn.nyc3.digitaloceanspaces.com/resources/pdf/insights/Long%20Passwords%20Or%20Complex%20Passwords.pdf

 If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Warner Music Group just released information that they experienced a breach between April 25 and August 5 of this year. The breach compromised payment information used to make purchases including card numbers, card security codes, name, address, telephone number and physical address. 

https://www.darkreading.com/attacks-breaches/warner-music-group-admits-breach/d/d-id/1338851  

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

A survey of company executives revealed that 64% worldwide and 74% in the USA believe that being compliant with regulations is a sufficient level of cyber security. Given the slow pace of regulatory change and the rapid pace or cyber-attack change this conclusion is of great worry. 

https://www.darkreading.com/application-security/the-hidden-security-risks-of-business-applications/a/d-id/1338795?fbclid=IwAR3Pk-hc_a_NW1Zq_V4L1mihoUTaq8WH36gnMCHYj35JtCGeSxAxKP8U3Pg

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

The pandemic has shifted many workers to working from home. And all indications are that this trend will continue post-pandemic. But working from home presents security challenges that will have to be addressed to keep the company environment and information safe. 

https://www.darkreading.com/vulnerabilities---threats/top-5-identity-centric-security-imperatives-for-newly-minted-remote-workers/a/d-id/1338805?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Equifax experienced one of the most severe breaches about three years ago. The new CISO discusses what has been done since then to make Equifax more secure both technically and culturally.

https://www.bankinfosecurity.com/equifax-whats-changed-since-2017-mega-breach-a-14950?rf=2020-09-08_ENEWS_SUB_BIS__Slot1_ART14950&mkt_tok=eyJpIjoiWW1ZMU1UVTRNREZpTWpFMCIsInQiOiJveElxVUtDUVBHUjk4ZEV5dmh0V01YZXM0R0dIUkNlaVhiR1g4SjZUNkhIWkRWaTB5VFwvdGk3KzN1YUtQTkdSV0pjSVJ1UThYUXZXTktkd2Q4Yk5pOWFSZUkzd1EydUpuV20zQThFQzE1TXRYWHlcL2pnUDQ3RXJJK1B6SkJOVGJJIn0%3D

If clicking the link does not take you to the proper page, copy and paste the link into your browser.