Are One in Three Breaches Really Caused by Unpatched Vulnerabilities?

Oli Thordarson, CEO of Alvaka Networks, begs to differ... This is an interesting article I read in ZDnet, Cybersecurity: One in three breaches are caused by unpatched vulnerabilities, about software vulnerability patching. I found it interesting because I took some [...]

Are One in Three Breaches Really Caused by Unpatched Vulnerabilities?2019-11-03T21:10:45-08:00

New Virulent, Wide-Spread and Expensive Ransomware Outbreak Coming to You Soon

Orange County, CA - We have seen a surge in ransomware attacks in the past week.  While only two Alvaka clients have gotten hit, they are a tale of different system administration acumen. 

1.  A multi-state firm got hit with the latest breed of ransomware on Friday.  Where an otherwise non-event for the most part went wrong was that a key user insisted on having elevated administrative rights for their IT infrastructure.  Instead of using a regular user account, with very limited user rights for day-to-day activities, this more powerful account, when struck by the ransomware, infected all the important file shares of the firm, including the branch location file stores.  Fortunately they had good backups, but because of poor folder naming conventions and structures it took the guys in our Alvaka Networks’ Network Operations Center about 28 hours straight to get all the user permissions back in order for client to get back to work.  The lack of least-permissions as used by this client goes in direct opposition to what we recommend at Alvaka.  Least-permissions is the practice of using accounts that grant the user to only the locations on the network for which they have a business need to access.

2.  In another example, that struck today, a $200m manufacturer/distributor got hit by the same ransomware.  This time it was a Jr executive.  He saw some problems with his system, but did not report the problem not knowing what it was and went home.  The problem was detected after he left, but the outcome was very different than the prior scenario.  Why?  Because this user only...

New Virulent, Wide-Spread and Expensive Ransomware Outbreak Coming to You Soon2016-02-16T02:24:49-08:00

Beware of CryptoLocker v4.0

It appears this new ransomware, rather than exploiting through e-mail attachments, is exploiting users by redirecting them to infected websites.It then delivers its payload through an installer.  This makes the case we are always trumpeting at Alvaka, your users should [...]

Beware of CryptoLocker v4.02015-12-03T21:15:17-08:00

Did You Think the OPM Breach Could Be This Bad? I Didn’t

These are some serious allegations.  Read the whole story for the chilling insight and alleged incompetency.  Here are some choice quotes:

"From my perspective, OPM compromised this information more than three years ago," he added. "And my take on the current breach is 'so what's new?'"

In fact, the breach was unprecedented in its breadth and scope: "Security-wise, this may be the worst breach of personally identifying information ever,"

Did You Think the OPM Breach Could Be This Bad? I Didn’t2015-06-18T18:29:11-08:00