‘Twas the Night Before Christmas – an EventTracker Story

December 21, 2016
‘Twas the night before Christmas and all through HQ Not a creature was stirring, except greedy Lou – An insider thief who had planned with great care A breach to occur while no one was there. Lou began his attack without trepidation, For all his co-workers were on their vacations.

Compliance is not a proxy for due care

December 21, 2016
Regulatory compliance is a necessary step for IT leaders, but it’s not sufficient enough to reduce residual IT security risk to tolerable levels. This is not news. But why is this the case? Here are three reasons:

May Your Holidays be Merry, Bright, and Hack Free: Simple Security Tips for the Biggest Shopping Season of the Year

December 21, 2016
Though there are many companies out there responsible for securing merchant locations from the risks of data breaches, people’s own risky behavior often leads to their ID theft problems, no matter how well merchants protect them. And with more and more merchants accepting chip cards this year, hackers are likely to go back to tried and true methods for preying on individual cardholders.

Serving up Security: What Restaurants Need to Know about Breach Risks and Prevention

December 14, 2016
Sure, the headlines have been wrought with healthcare ransomware stories, election-centric email breaches, and massive retail hacks—but restaurants are becoming more vulnerable to data breaches as well and cannot remain complacent.

Work Smarter – Not Harder: Use Internal Honeynets to Detect Bad Guys Instead of Just Chasing False Positives

November 30, 2016
Log collection, SIEM and security monitoring are the journey not the destination.  Unfortunately, the destination is often a false positive.  This is because we’ve gotten very good at collecting logs and other information from production systems, then filtering that data and presenting it on a dashboard.

How To Make Cybersecurity Great Again: Guidance For President-Elect Donald Trump

November 23, 2016
Are you feverishly working to patch your systems today with the latest available patches? Or are you spending your time unfriending people who voted for someone you don’t approve of?

Top three reasons SIEM solutions fail

November 16, 2016
We have been implementing Security Information and Event Management (SIEM) solutions for more than 10 years. We serve hundreds of active SIEM users and implementations. We have had many awesome, celebratory, cork-popping successes. Unfortunately, we’ve also had our share of sad, tearful, profanity-filled failures.

A Day in the Life of a Consumer

October 21, 2016
Years ago, in a data security nightmare not so far away…I found out how quickly a brand could change from being a favorite of mine to becoming an entity I would never trust again.

Tracking Physical Presence with the Windows Security Log

September 29, 2016
How do you figure out when someone was actually logged onto their PC? The data is there in the security log, but it’s so much harder than you’d think.

Key takeaways from the presidential debate on cybersecurity.

September 28, 2016
​The presidential debate, as entertaining as it was for many, was a great place to hear about the focus needed on cybersecurity issues in this country. Both candidates were asked the following question on the topic of cybersecurity in the U.S...

IT Service Providers: Mind the Security Gap

September 19, 2016
Persistent threats affecting businesses of all sizes and in all verticals are becoming more consistent and hitting more frequently. The 2016 Verizon Data Breach report analyzed 100,000 incidents, of which 3,141 were confirmed data breaches.

Are there any weaknesses in your Point-of-Sale System?

September 06, 2016
News about a company being breached seems to be a regular occurrence nowadays. And it’s no wonder, with hackers getting more sophisticated and hungry for more.

Demystifying PCI Compliance

August 30, 2016
PCI compliance: that daunting phrase you always hear in the world of payments…but never truly understand. Well we’re here to sum it up for you—what it is, why it’s important and what you need to meet this standard.
 

What is privilege escalation and why should you care?

August 24, 2016
A common hacking method is to steal information by first gaining lower-level access to your network. This can happen in a variety of ways: through a print server, via a phished email, or taking advantage of a remote control program with poor security.

Monitoring DNS Traffic for Security Threats

August 17, 2016
Cyber criminals are constantly developing increasingly sophisticated and dangerous malware programs. Statistics for the first quarter of 2016 compared to 2015 shows that malware attacks have quadrupled.

RetailNOW Recap 2016: Security Top of Mind for Attendees

August 10, 2016
The event, aimed at connecting the point-of-sale (POS) technology ecosystem, was extremely successful because it gave us the perfect platform to further connect with our existing partners—and to meet and interact with industry leaders.

How to control and detect users logging onto unauthorized computers

July 26, 2016
Windows gives you several ways to control which computers can be logged onto with a given account.  Leveraging these features is a critical way to defend against persistent attackers.

POS VARs -- Don’t be a Target!

July 26, 2016
When business owners start looking at Point-of-Sale (POS) systems, they may feel overwhelmed at the infinite amount of options they can find online. How does a business owner make a decision? How do they know it’s the right decision?

Is your brand truly secured?

July 18, 2016
So you have a big brand name that millions of consumers trust. You have hundreds to thousands of locations across the U.S…. and perhaps even globally. A big name means big money, so that huge chunk of change dedicated to security is definitely paying off in spades, right? All too often, the answer is a resounding “WRONG.”

7 ways you can prevent credit card fraud when shopping!

July 11, 2016
We know how tempting those summer sales are! But are you being careful on where you are swiping your card?

Idea to retire: Do more with less

July 08, 2016
Ideas to Retire is a TechTank series of blog posts that identify outdated practices in public sector IT management and suggest new ideas for improved outcomes. Dr. John Leslie King is W.W. Bishop Professor in the School of Information at the University of Michigan.

Detect Persistent Threats on a Budget

July 07, 2016
There’s a wealth of intelligence available in your DNS logs that can help you detect persistent threats. So how can you use them to see if your network has been hacked, or check for unauthorized access to sensitive intellectual property after business hours?

Do you know where your data is?

July 05, 2016
In this fifth article of the series, we continue to explore the basic ways businesses can keep their networks safer. These include tools you can implement on your own and understand why taking action is vital to the safety of your business.

Dirty truths your SIEM vendor won’t tell you

June 30, 2016
Analytics is an essential component of a modern SIEM solution. The ability to crunch large volumes of log and security data in order to extract meaningful insight can lead to improvements in security posture. Vendors love to tell you all about features and how their particular product is so much better than the competition.

Are you guilty of any of these PCI myths?

June 27, 2016
We have gathered what have been common comments that we hear from business owners. And today, we would like to bust these myths!

Should I be doing EDR? Why isn’t anti-virus enough anymore?

June 22, 2016
Detecting virus signatures is so last year. Creating a virus with a unique signature or hash is quite literally child’s play, and most anti-virus products catch just a few percent of the malware that is active these days. You need better tools, called endpoint detection and response (EDR).

What you should know about programs, ports and services

June 17, 2016
In this fourth article in the series, we continue to explore some of the basic ways that business of all sizes can keep their computer systems safer. We will discuss the topic of programs, ports and services.

Uncover C&C traffic to nip malware

June 13, 2016
In a recent webinar, we demonstrated techniques by which EventTracker monitors DNS logs to uncover attempts by malware to communicate with Command and Control (C&C) servers. Modern malware uses DNS to resolve algorithm generated domain names to find and communicate with C&C servers.

7 things you need to know about Anti-Virus protection.

June 09, 2016
In this entry we discuss the topic of anti-virus protection. There are many questions that come up when we talk about this topic. So here are a few answers to your questions.

The Perils of Using Remote Access Software

June 02, 2016
While software that can be installed on your PC and used to remotely connect when you are away from your home office can be very handy, it also comes with risks that may not be apparent at first.

Maximize your SIEM ROI

June 01, 2016
Far too many SIEM implementations are considered to be catastrophes. Having implemented hundreds of such projects, here are the three parts of a SIEM implementation which if followed will in fact minimize the drama but maximize the ROI.

Why is patching important to the security of your business?

May 31, 2016
If you are not keeping up with regular patching of your computer and the programs that run on it – then you are simply asking for trouble. Many of the breaches that make the news are caused by holes in software for which a patch existed by the vendor.

Detecting Ransomware: The Same as Detecting Any Kind of Malware?

May 25, 2016
Ransomware burst onto the scene with high profile attacks against hospitals, law firms and other organizations.  What is it and how can you detect it? 

Protecting your business from hacker’s attacks.

May 20, 2016
2016 Verizon Breach Investigations Report (Part 3 of 3)
We've covered the 4 patterns of attack used by hackers, expanded on how dangerous these attacks are and how hackers are hurting your business. But did you know, many of these attacks can be prevented with a little help and knowledge? 

What tools are hackers using to access businesses’ networks?

May 13, 2016
2016 Verizon Breach Investigations Report (Part 2 of 3)
In our previous post we showed you that regardless of the business’ size, location or industry, many are targets to hackers. So how are hackers getting into these businesses’ networks and stealing data?

Research points to SIEM-as-a-Service

May 11, 2016
SC Magazine released the results of a research survey focused on the rising acceptance of SIEM-as-a-Service for the small and medium sized enterprise. The survey found that SMEs and companies with $1 billion or more in revenue or 5,000-plus employees faced similar challenges.

Is your business at risk of a data breach?

May 06, 2016
2016 Verizon Breach Investigations Report (Part 1 of 3)
The 80 page report is packed with valuable data breach insights. We know time is valuable so we decided to save you some by sharing the 3 main topics you should understand from this report.

No Business is Too Small for Hackers!

May 02, 2016
It's National Small Business Week! Let's celebrate the hard work you do and make sure your business continues to grow. Have you ever thought about what would happen if your business is affected by a data breach? 

What you should know about PCI DSS 3.2

April 26, 2016
PCI DSS 3.2 is scheduled for release at the end of April. Have you thought about how this update can affect your business? Will you still be PCI compliant?

Welcome to the New Security World of SMB Partners

April 20, 2016
Yet another recent report confirms the obvious, that SMBs in general do not take security seriously enough. The truth is a bit more nuanced than that, of course—SMB execs generally take security very seriously, but they don’t have the dollars to do enough about it—although it amounts to the same thing.

Your Best Defense Against Ransomware Might Be Your Employees

April 20, 2016
While your business’ data security program should consist of many components, perhaps the most effective defense to ransomware is building a culture of data security amongst your employees.

Top 3 traits of a successful Security Operations Center

April 14, 2016
Traditional areas of risk — financial risk, operational risk, geopolitical risk, risk of natural disasters — have been part of organizations’ risk management for a long time. Recently, information security has bubbled to the top, and now companies are starting to put weight behind IT security and Security Operations Centers (SOC).

Just how dangerous is ransomware?

April 06, 2016
Ransomware is a business’ worst nightmare. This malware infects computers and restricts the users from accessing any of their data until paying the ransom. What would you do to get that data back?

Is the IT Organizational Matrix an IT Security Problem?

March 30, 2016
Do you embrace the matrix? The fact is, once networks get to a certain size, IT organizations begin to specialize and small kingdoms emerge.

Cloud Security Starts at Home

March 23, 2016
Cloud security is getting attention and that’s as it should be.  But before you get hung up on techie security details, like whether SAML is more secure than OpenID Connect and the like, it’s good to take a step back.  One of the tenets of information security is to follow the risk.

Last Year's Cyber Attack Trends — This Year's Implications

March 04, 2016
The range of threats included trojans, worms, trojan downloaders and droppers, exploits and bots (backdoor trojans), among others. When untargeted (more common), the goal was profit via theft. When targeted, they were often driven by ideology.

Hungry…Hungry…HIPAA

February 26, 2016
I have fond memories of playing a board game called Hungry Hungry Hippos in my younger days. Today’s medical practices mirror the chaos of the game. Each day seems more hectic than the previous...

Mobile Tech in Healthcare Can Put Your Practice at Risk

February 19, 2016
While you focus on providing the best health service for your patients, it is easy to under-estimate the risks that you may be putting your practice should you implement mobile technology without basic security measures.

Certificates and Digitally Signed Applications: A Double Edged Sword

February 17, 2016
Windows supports the digitally signing of EXEs and other application files so that you can verify the provenance of software before it executes on your system.  This is an important element in the defense against malware.  When a software publisher like Adobe signs their application they use the private key associated with a certificate they’ve obtained from one of the major certification authorities like Verisign.

The Cost of False IT Security Alarms

February 04, 2016
Think about the burglar alarm systems that are common in residential neighborhoods. In the eye of the passive observer, an alarm system makes a lot of sense. They watch your home while you’re asleep or away, and call the police or fire department if anything happens. So for a small monthly fee you feel secure. Unfortunately, there are a few things that the alarm companies don’t tell you.

SIEM: Sprint or Marathon?

January 28, 2016
Winning a marathon requires dedication and preparation. Over long periods of time. A sprint requires intense energy but for a short period of time. While some tasks in IT Security are closer to a sprint (e.g., configuring a firewall), many, like deploying and using a Security Information and Event Management (SIEM) solution, are closer to a marathon.

Pain-Free Data Security for Medical Offices

January 26, 2016
It’s understandable that the primary goal of any healthcare practice is to keep their patients healthy and safe. But what about keeping their patients’ data safe too?

The Assume Breach Paradigm

January 20, 2016
Given today’s threat landscape, let’s acknowledge that a breach has either already occurred within our network or that it’s only a matter of time until it will. Security prevention strategies and technologies cannot guarantee safety from every attack. It is more likely that an organization has already been compromised, but just hasn’t discovered it yet. Operating with this assumption reshapes detection and response strategies in a way that pushes the limits of any organization’s infrastructure, people, processes and technologies.

2015: “The Year of the Healthcare Hack"

January 14, 2016

2015 was a tough year for the healthcare industry. Some are even calling 2015 “the year of the healthcare hack”. Last year, over 65% of the data breaches occurred in the healthcare industry...