Less than 3 minutes, and there were 60 attempts blocked by the firewall. This goes on 24/7. Here’s the edited report and explanation.

One of my clients wanted me to block IP addresses from all but five countries.

The firewall is passive. In other words, it logs the event, but it returns no response to the IP address in the other country. A response would trigger additional activity.

#callmeifyouneedme #fifonetworks

#cybersecurity #firewall #soc #securityanalyst

If you make occasional online purchases from a retailer (as opposed to scheduled monthly recurring payments), don't check the box to allow them to save your credit card information. It's less convenient, but more secure, to enter your CC information for every single purchase.

#cybersecurity #pci #finance #online​

Note to large companies: after you do the credit check, there's almost never a reason to keep the customer's Social Security number.

Delete them. Delete them all. Do it now.

#callmeifyouneedme #fifonetworks

#cybersecurity #policy #fintech #socialsecurity

Your password, no matter how complex, is never safe from a brute force attack.

Assume a password chart that says a password with your complexity criteria will take 30 days to crack. That means half of all passwords with your complexity criteria will be cracked in the first 15 days.
3.33% will be cracked on Day One.
And some passwords with your complexity criteria will be cracked in under 10 seconds.

SOLUTION
Use 2FA as well as a complex password.

#CyberSecurity #LastPass
#CallMeIfYouNeedMe

The #Cybercriminal's #Thanksgiving List:

Unpatched #servers​

Older operating systems

Companies with no commitment to #Cybersecurity Awareness Training

Companies that haven't implemented #2FA​

Users that don't activate 2FA

Users that over share personal details on social media

Weak #password policies

Single Sign-On for lateral movement

#Centralized data storage

Saved #RDP credentials

#CEOs who say no to the #CISO's budget requests

Understaffed security departments

It's important that you understand the difference between a VPN and an IP address obfuscator ("anonymizer").

They are not the same thing. Unfortunately, the people who offer free or inexpensive VPNs to consumers won't explain it to you.

In fact, they profit from the confusion.

#vpn #privacy #cybersecurity

I’m getting more spam email from domains ending in .co.uk that from gmail.com. There are several compromised domains, it’s not just one.

Defense: I created a rule in Outlook that sends all email with .co.uk in the header to a separate folder. I can look through that folder rapidly for any legitimate email, and then delete everything else. Sorry, UK friends!

#cybersecurity #email #spam

I am now getting replies and retweets about #ItalianNetworkDesign on the bird site.

Most recent post: "At the highest implementation of the #ItalianNetworkDesign model, workers have no access to the data, only data results. Example: call center employee can’t look at your SSN, but they can enter your SSN and the system will confirm, 'Yes, that’s correct.'”

#cybersecurity

I'm having the pleasure of teaching new skills to some of the I&C team at the Southern Power Training Center this week.
The rain stopped long enough for me to get my picture taken. It is RAINING here!
#scada #networks #ics #cybersecurity #training

My Stash Card arrived yesterday. This is an offline, encrypted credential storage card that connects to my smartphone via NFC. I'm looking forward to trying it out to access my accounts.
#cybersecurity #banking
#password #login #Amazon #iTunes

So, what happens if you create the MD5 hash of a common password, and then use the hash as a Google search term?
#cybersecurity #pentesting #encryption #deepweb #darkweb #hacking

A Laptop With 6 Of The Most Destructive Malware Threats Ever Is Up For Auction
#cybersecurity #malware #art

https://www.forbes.com/sites/curtissilver/2019/05/15/malware-laptop-auction-chaos/

Netgear router log message:
"Self2WAN ICMP type b Detected!"
Does anyone know what it means? I can find all kinds of forums where people are guessing, but I can't find any definitive documentation.
#cybersecurity

FIFO Networks is pleased to announce that we don't use the ConnectWise remote connection software. Our clients were never at risk.
#Ransomware #ransomwareprotection #Malware #cybersecurity
https://www.zdnet.com/article/gandcrab-ransomware-gang-infects-customers-of-remote-it-support-firms/

It was very nice of @Google to send me this security alert - on November 16, 2018. Notice the date in the message.
#FAIL #cybersecurity #Sarcasm

The number one attack vector is social engineering.

The number one vulnerability is authentication.

#cybersecurity

"Any change in a digital business process will introduce one or more new security vulnerabilities."
--Young's Axiom of Cybersecurity

This means that the process of creating business change must include a process for identifying new risks.

#businessstrategy #cybersecurity #changemanagement https://counter.social/media/Kx_FUQMlLmHGArkHtrc

The most important attributes of a Cybersecurity worker? Never stop learning. Insatiable curiosity. Interest in a variety of business topics: finance, law, medicine, HR, automated systems, psychology. What would you add?
#business #finance #automation #cybersecurity