What are Cloud Misconfigurations? Use of the cloud is increasing, with usage by organizations using an external service provider’s cloud managed services estimated at 60%.1 The National Security Agency (NSA) considers cloud misconfigurations to be a leading vulnerability in cloud environments.2 With the relative ease of cloud adoption, it is critical to recognize some of […]
Category: Outsourced IT
What are Document Management Systems? Document management systems are computer systems and software used to store, manage, and track electronic documents and electronic images of paper-based documents captured through the use of a document scanner. Document management software is a type of enterprise content management software that helps organizations to manage document, emails, and other […]
Chrome Extension Threats
What are Chrome Extension Threats? Google Chrome extensions are available in the Google Chrom store, and they small pieces of software that perform functions or add features to a browser client. Malicious extensions in Google Chrome can be used by cyberattackers remotely in order to steal sensitive personal information, commit fraud, mine cryptocurrency, modify cookies, […]
Smishing
What is Smishing? Smishing, also known as SMS phishing, is a type of phishing attack that is carried out through mobile text messaging. In smishing attacks, cyberattackers use social engineering techniques over short messages services (SMS) to steal your personal data and then use that information to commit financially incentivized crimes. Smishing is completed in […]
Browser Security Threats
What are Browser Security Threats? Due to the ubiquity of web browsers, it is easy to forget that they are application platforms that can be vulnerable to bugs and hacking, just like other application platforms. We trust web browsers with some highly sensitive personal data, such as our login credentials, browsing history, cookies, and more, […]
What are Credential Management Systems? Credentials are user-generated or computer-generated evidence attesting to one’s identity. Four common types of credentials are passwords, certificates, tokens, and keys, and they provide access to networks, applications, web-based platforms, accounts, and other sensitive information that validated users have been granted permission to access. Cyberattackers have several means for gaining […]
What is an Air-Gapped Computer? An air-gapped computer is a computer that is isolated from unsecured networks, meaning that it is not connected to the internet or to any other system that is connected to the internet. A computer that is truly air-gapped will also be physically isolated, meaning that data can only be passed […]
Types of Managed IT Services
What are Types of Managed IT Services? Managed IT services are processes and tasks that a third-party vendor fulfills to assist with an organization’s daily IT operations. Since every organization has unique needs, managed service providers (MSPs) often offer many different types of managed services, and organizations can select the ones that will be most […]
What are Resilient Power Best Practices? Cyberattackers have been increasingly targeting critical infrastructure, including the U.S. energy grid which is also vulnerable to physical incidents, such as attacks from terrorists or vandals, and existential threats, such as Electronic Magnetic Pulse (EMP) which are generated from geomagnetic solar flares.1 The Cybersecurity and Infrastructure Security Agency (CISA) […]
What are Cache and Cache Poisoning Attacks? Web caching refers to the process of temporarily storing data for later use. The first time that a user visits a web page, a copy is cached, and when they visit the web page subsequent times they are served the saved cached copy of that web page, to […]