Reducing the Time to Discovery: How to Determine if You Have Been Hacked
For most small businesses, the chances of falling prey to a long-term covert surveillance operation by well-resourced, likely state-backed actors are slim. To recap, that is what the evidence suggests happened in the SolarWinds compromise discovered last December. Many believe the company’s Orion update was used to conduct cyber espionage…Read More
Fools Rush in: 5 Things MSPs Should Know Before Adopting EDR
Buzzwords and acronyms abound in the MSP industry, an unfortunate byproduct of marketing years in the making. Cybersecurity is a hot watercooler topic at any business. Well, now probably more likely a virtual happy hour than a watercooler, but nevertheless cybersecurity remains top-of-mind. To sleep at night, MSPs feel they…Read More
The NSA Wants Businesses to Use DoH. Here’s What You Need to Know.
Most people would categorically agree that increased privacy online is a good thing. But in practice, questions of privacy online are a bit more complex. In recent months, you’ve likely heard about DNS over HTTPS, also known as DNS 2.0 and DoH, which is a method that uses the HTTPS…Read More
Hacker Personas Explained: Know Your Enemy and Protect Your Business
In today’s rapidly evolving cybersecurity landscape, the battle for privacy and security is relentless. Cybercriminals are masters at using technology and psychology to exploit basic human trust and compromise businesses of all sizes. What’s more, they often hide in plain sight, using both covert and overt tactics to cause disruption,…Read More
How IT Will Prevail in the 2021 Cyber-Demic
While we can all rejoice that 2020 is over, cybersecurity experts agree we haven’t seen the last of the pandemic-related rise in cyberattacks. Throughout the last year, we’ve seen huge spikes in phishing, malicious domains, malware and more, and we don’t expect that to slow down. As employees around the…Read More
Essential Threat Intelligence: Importance of Fundamentals in Identifying IOCs
The supply chain attack that Trojanized a SolarWinds update to infect and spy on the IT management platform’s customer base continues to be analyzed. Early reports have called the methods highly sophisticated and the actors highly trained. We do know that IP addresses, a command and control server and a…Read More
Four Roadblocks to Increasing Employee Security Through User Training
We’ve been doing our homework, and two things seem to be true about cybersecurity awareness training simultaneously: It can be very effective at protecting businesses from one of the most common security threats they face (the majority, according to the Ponemon Institute). Namely, phishing. MSPs, often the single most reliable…Read More
How to Stop Shadow IT, Manage Access and Ensure Security with Cloud Applications
Today, the average enterprise uses over 2000 cloud applications and services, and we expect this number will continue to grow as more businesses realize the efficiency, flexibility and collaboration benefits these services bring. But the use of cloud-based applications also comes with a few caveats; for example, the apps themselves…Read More
How to Build Successful Security Awareness Training Programs in 2021 and Beyond
Security awareness training is one of the most straightforward ways to improve a business’ overall resilience against cyberattacks. That is, when you get it just right. Thanks to the disruptions to “normal” work routines that COVID-19 has brought, launching a company-wide training program to teach end users how to avoid…Read More
Remote Work is Here to Stay, and Other Cybersecurity Predictions for 2021
The cybersecurity industry and end-of-year predictions go together like Fall and football or champagne and the New Year. But on the heels of an unprecedented year, where a viral outbreak changed the landscape of the global workforce practically overnight, portending what’s in store for the year ahead is even trickier…Read More
Staying a Step Ahead of the Hack
Hackers, never at a loss for creative deception, have engineered new tactics for exploiting the weakest links in the cybersecurity chain: ourselves! Social engineering and business email compromise (BEC) are two related cyberattack vectors that rely on human error to bypass the technology defenses businesses deploy to deter malware. Social…Read More
Why Workers Aren’t Confident in their Companies’ Security (and What to Do About it)
According to data from a recent report, only 60% of office workers worldwide believe their company is resilient against cyberattacks. Nearly one in four (23%) admit to not knowing, while nearly one in five (18%) flat-out think it isn’t. In the anonymous, write-in responses to the survey, many workers agreed…Read More
Small Businesses are Counting on Their MSPs this Small Business Saturday
This November 28 may be the most important Small Business Saturday since the occasion was founded by American Express in 2010. As early as July, nearly half (43 percent) of small businesses had closed at least temporarily, according to a study published in the Proceedings of the National Academy of…Read More
Getting to Know Cloudjacking and Cloud Mining Could Save Your Business
Reading Time: ~ 4 min. A few years back, cryptojacking and cryptomining emerged as relatively low-effort ways to profit by hijacking another’s computing resources. Today, cloudjacking and cloud mining capitalize on similar principles, only by targeting the near infinite resources of the cloud to generate revenue for attackers. Knowing this…Read More
The Nastiest Malware of 2020
Reading Time: ~ 4 min. For the third year running, we’ve examined the year’s biggest cyber threats and ranked them to determine which ones are the absolute worst. Somewhat unsurprisingly, phishing and RDP-related breaches remain the top methods we’ve seen cybercriminals using to launch their attacks. Additionally, while new examples…Read More
What DoH Can Really Do
Reading Time: ~ 3 min. Fine-tuning privacy for any preference A DNS filtering service that accommodates DNS over HTTPS (DoH) can strengthen an organization’s ability to control network traffic and turn away threats. DoH can offer businesses far greater control and flexibility over their privacy than the old system. The…Read More
It’s Time to Talk Seriously About Deepfakes and Misinformation
Reading Time: ~ 4 min. Like many of the technologies we discuss on this blog—think phishing scams or chatbots—deepfakes aren’t necessarily new. They’re just getting a whole lot better. And that has scary implications for both private citizens and businesses alike. The term “deepfakes,” coined by a Reddit user in…Read More
False Confidence is the Opposite of Cyber Resilience
Reading Time: ~ 4 min. Have you ever met a person who thinks they know it all? Or maybe you’ve occasionally been that person in your own life? No shame and no shade intended – it’s great (and important) to be confident about your skills. And in cases where you…Read More
Cyber Resilience for Business Continuity
Reading Time: ~ 2 min. “Ten years ago, you didn’t see state actors attacking [small businesses]. But it’s happening now,” warns George Anderson, product marketing director at Carbonite + Webroot, OpenText companies. Sadly, many of today’s managed service providers who serve small and medium-sized businesses now have to concern themselves…Read More
MSP Insight: Netstar Shares Cyber Resilience Strategies for Remote Work
Reading Time: ~ 5 min. Guest blog by Mit Patel, Managing Director of London based IT Support company, Netstar. In this article, Webroot sits down with Mit Patel, Managing Director of London-based MSP partner, Netstar, to discuss the topic of remote work during a pandemic and tips to stay cyber…Read More