How do you intend to block lateral movement if an attacker has made it into your network? In looking at recent ransomware attacks there are some consistent attack vectors used for lateral movement that are almost always exploited.
Tech Tidbit – Risky protocols that attackers will use against you
Can You Afford NOT to Protect Your Network?
When it comes to improving network security, the question asked is usually “Can we afford it?” But with Cyber Crime evolving every day, the question should now be “Can we afford not to?” NBC News recently told the story of hackers breaking into Minnesota Public Schools, stealing highly sensitive data on teachers and school children, and […]
Tech Tidbit – Your printers could be putting your network at risk
Your assignment this week is to evaluate the printers on your network. The reality is that network-enabled printers are a serious security threat to your district’s network.
Critical VMware Vulnerability – Patch Immediately
VMware has published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates released by VMware. The vulnerability shared in this Cybersecurity Threat Advisory has received a critical severity rating by VMware.
Do You Know Four of the Most Common Cyber-Attacks?
The rate of cyber-attacks has significantly increased over the past few years. Districts of all sizes are at risk of becoming victims of them, which is why it’s crucial that district leaders are aware of the most common cyber threats impacting the educational community today.
Tech Tidbit – Making Passwords Simpler and Harder
Last week I discussed the need to have all passwords minimally 12-18 characters to remain safe. While that is an absolute security requirement, we all know that our users are going to be pretty upset with this policy change.
Are Your Educators unknowingly opening your district to attack?
Everyone has heard about the cyber attack on casino giants MGM and Caesars Entertainment in September 2023. It is alleged that the attack on MGM was done via a phone scam that a hacker pulled on a help desk employee.
CISA Step 3 – Perform and Test Backups
Today we continue with our series discussing the highest priority cybersecurity steps as identified in the January 2023 CISA published report “Partnering to SafeGuard K-12 Organizations from Cybersecurity Threats.
Tech Tidbit – The FBI has issued a warning about malware hiding in fake search engine ads
The FBI has just issued a warning that cyber criminals are using search engine fake ads to launch cyber-attacks. Their suggestions are excellent. You can help battle malicious sites by implementing some form of DNS filtering.
CISA Step 2 – Mitigating Known Exploited Vulnerabilities (patching)
Today we continue with our series discussing the highest priority cybersecurity steps as identified in the January 2023 CISA published report “Partnering to SafeGuard K-12 Organizations from Cybersecurity Threats.