Dharma Ransomware-as-a-Service Places SMBs at Significant Risk

In the cat-and-mouse world of ransomware and cybersecurity, with businesses and governments needing to place two steps between them and cybercriminals, comes a new obstacle – Ransomware-as-a-Service. Dharma, a cybercriminal firm, provides, “one of the most popular offerings around, saying [...]

Dharma Ransomware-as-a-Service Places SMBs at Significant Risk2020-10-04T23:47:38-07:00

Ransomware Attacks Can Target Your System Backups

An evolving threat Ransomware now has a frightening new threat: preventing your ability to recover from backups. At Alvaka Networks, we are currently involved in some of the largest ransomware recovery projects, both insured and uninsured. The most sinister trend [...]

Ransomware Attacks Can Target Your System Backups2020-09-01T20:51:38-07:00

What are your unexpected risks from the Yahoo billion account breach?

The big cyber-security news today is the billion account breach at Yahoo!  Some experts are recommending the immediate closing of your Yahoo! account. I am not fully on board with that recommendation. If you have highly sensitive information in your Yahoo! account then I agree. If the account is used for some club activities or e-mail in Yahoogroups.com, etc. then at minimum you need to change your password.

At minimum, all Yahoo! users need to change their passwords today. If you have helper/challenge questions for your passwords those questions and answers need to be changed, too. If your Yahoo! login name, password and challenge questions & answers have been used on other websites you need to change those, too, immediately.

Here is the advice Alvaka has for you:

·         Beware that Yahoo! is a partner of AT&T so you may have exposure there, too. At minimum change the password or close the account and move your information elsewhere.

·         If you have employees who check their Yahoo account at work you need block Yahoo! at your firewall and filtering defenses you have.

Here are some good tips I saw posted by the CEO of KnowBe4 and I agree with them. He says:

What are your unexpected risks from the Yahoo billion account breach?2017-06-27T15:53:40-07:00

An experienced cyber insurance broker’s reply to my blog

This reply to my blog, Should I buy cyber insurance? is written by David McNeil, principal, of EPIC Insurance Brokers & Agents. He brings 20+ years of professional industry experience to the topic on cyber insurance. Some of Alvaka Networks' clients have been utilizing Dave's services for many years.

---------------------------------------------------------------------------------------------

Hi Oli,

Always enjoy your insights and thoughts on Tech-related subjects.   Lately, the plethora of headlines regarding cyber-related issues has meant the interest in cyber-insurance has reached a new level. This is a huge topic and this comment can only scratch the surface.

That said, a bit of an insider-view may be helpful…

Currently, cyber-insurance coverage forms are NOT standard (ISO) forms.  As a result, insurance carriers forms differ greatly.  Many parts, definitions, limits and coverage triggers are negotiable.

Definition negotiations are critical.  It is important to know what to look for and how to modify a particular carriers form to best suit the needs of a specific client/insured.

EXAMPLE:  Trigger for Notification of a Breach - (A hypothetical…. Sort of)....

An experienced cyber insurance broker’s reply to my blog2018-08-09T11:15:46-07:00

LinkedIn data breach, if you are a user take two minutes to read this

If you use LinkedIn take two minutes to read their posting Notice of Data Breach You may have heard reports recently about a security issue involving LinkedIn. We would like to make sure you have the facts about what happened, [...]

LinkedIn data breach, if you are a user take two minutes to read this2017-06-27T15:55:10-07:00

CryptXXX is ransomware that also steals your passwords and your Bitcoins

Most of my recent blogs are about ransomware. That is because ransomware is the most prevalent cyber threat today facing individuals, small and large businesses, governments and not-for-profits. No one is safe from this scourge.

Today I must tell you about a new one. Like Jigsaw, this new one called CryptXXX, is a game changer. Jigsaw was different from prior strains in that it immediately starts to delete your files just to show you that it means business. CryptXXX is different in that it introduces two new problems other than encrypting all your files and then demanding payment. Up until now ransomware has not actually breached your system and exfiltrated data. Sure you had a security incident, but it was not identified as a breach in the classic sense. Now with CryptXXX not only is your data held hostage, but now the culprits steal two new things from you. CryptXXX steals login names and passwords which puts all your systems, local and in the cloud, and any websites you frequent at risk. CryptXXX also steals your Bitcoins if you have any. The stealing of the Bitcoins is a particular insult because....

CryptXXX is ransomware that also steals your passwords and your Bitcoins2016-05-18T21:08:54-07:00

Could Your Computer Breach Have Lasted Three Years?

Irvine, CA - Juniper had a flaw in their networking equipment that may have allowed breaches in government networks for as long as three years.  I would presume the same risk applies to Juniper users in private enterprises as well.The [...]

Could Your Computer Breach Have Lasted Three Years?2015-12-19T03:24:37-08:00

BlueCross BlueShield Announces August 5th Data Breach Discovery

Tustin, CA - The most interesting part of this BlueCross BlueShield announcement is not that they found the breach on August 5th.  What is interesting when you read further into the announcement is that they say “Our investigation further revealed [...]

BlueCross BlueShield Announces August 5th Data Breach Discovery2017-09-18T00:38:04-07:00

Do You Accept Credit Cards? If Yes, Read This….

VISA just released this Security Alert.  It affects everyone who uses a Point-of-Sale (POS) terminal to accept credit card payments.  If you use that small device by your register to slide cards in order to accept payment you may be at risk.

VISA has identified malicious code that can allow hackers to gain access to the credit card information you are receiving through these POS terminals.  Some of the service providers who maintain these devices are not following good security practices and

Do You Accept Credit Cards? If Yes, Read This….2019-07-16T21:17:59-07:00
Load More Posts