Let’s say you run a vulnerability scan and it finds 100 issues across your environment. Ten are labeled critical Fifteen are high Twenty are medium The rest are low or informational The report helpfully tells you to fix everything immediately. This is where reality kicks in. Most organizations cannot patch every vulnerability the moment it…
Category: Tips & Best Practices
Global Security News, Tips & Best Practices
Don’t Let Legacy Systems Write Your Headline
You likely know about the jewels stolen from the Louvre where thieves used a truck-mounted lift to reach a balcony, cut through a window into the Apollo Gallery, grabbed roughly $100 million worth of crown jewels, and escaped on motor scooters. The entire heist took less than eight minutes. It played out like a Hollywood…
Exploits, Global Security News, Tips & Best Practices
The 10-Minute Security Checkup Everyone Should Do This Weekend
The 10-Minute Security Checkup Everyone Should Do This Weekend It’s Sunday morning. You’re in your pajamas, scrolling through your phone, probably ignoring that software update notification that’s been pestering you for weeks. Here’s the thing: those 10 minutes you’d spend updating your phone could save you from becoming the star of next month’s data breach…
Cybersecurity News, Global Security News, Tips & Best Practices
The Spy Who Applied to Code
🎭 The Spy Who Applied to Code What if your next remote hire wasn’t a developer, but a North Korean spy? No, it’s not a Netflix plot. It happened. And the story is wild. 👨💻 “Steven Smith,” Software Engineer (and Spy) In October 2023, the hiring team at Kraken, a U.S.-based crypto exchange, received an…
Global Security News, Tips & Best Practices
World Password Day
World Password Day 2025: Let’s Be Honest, Passwords Are Tired Happy World Password Day! 🎉 Or… maybe “happy” is a stretch. Because the truth is, passwords are still the #1 reason most people get hacked, and most of us still kinda stink at them. We reuse them. We forget them. We store them in Notes…
Global Security News, Tips & Best Practices
10 Ways to Secure Your Laptop
10 Ways to Secure Your Laptop Laptops are our mobile command centers. They carry our work, our memories, and sometimes even our deepest secrets (looking at you, 10-year-old folder named “Taxes”). If you lose one, or worse, if someone gets into it, it’s more than inconvenient. It’s a digital disaster. Here are 10 simple ways…
Global Security News, Tips & Best Practices
Quishing: Phishing Got a Glow-Up
Quishing: Phishing Got a Glow-Up I was at a taco place recently, the kind with metal chairs, a chalkboard menu, and indie music playing just a little too loud. Instead of physical menus, they had a paper sign taped to the table with a QR code that said, “Scan me for magic.” And because I’m…
Global Security News, Tips & Best Practices
Locking Down My Smart Thermostats Was a Nightmare (and What It Taught Me About IoT Security)
In today’s connected world, even something as simple as a thermostat relies on the Internet—and that dependence introduces real security risks. I decided to find out the hard way. The Experiment: Restrict Everything, Then Allow What’s Needed I have two popular smart thermostats in my home. A few years ago, as part of a personal…
Global Security News, Tips & Best Practices
Ransomware: Because Who Doesn’t Want to Be Held Hostage by Their Own Files?
Ransomware: Because Who Doesn’t Want to Be Held Hostage by Their Own Files? You know that feeling when your laptop freezes and you whisper a silent prayer to the tech gods? Now imagine it wakes back up with a note that says: “Nice files you got there. Shame if something happened to them.” That, my…
Global Security News, Tips & Best Practices
Passkeys: The Beginning of the End for Passwords
Passkeys: The Beginning of the End for Passwords A few days ago, I posted about Troy Hunt getting phished, a cautionary tale if there ever was one. If a cybersecurity expert like Troy, who created Have I Been Pwned, can fall for a phishing attack, then what chance do the rest of us have? This…
Global Security News, Tips & Best Practices
Passkeys: The Beginning of the End for Passwords
Passkeys: The Beginning of the End for Passwords A few days ago, I posted about Troy Hunt getting phished, a cautionary tale if there ever was one. If a cybersecurity expert like Troy, who created Have I Been Pwned, can fall for a phishing attack, then what chance do the rest of us have? This…
Global Security News, Tips & Best Practices
Passkeys: The Beginning of the End for Passwords
Passkeys: The Beginning of the End for Passwords A few days ago, I posted about Troy Hunt getting phished, a cautionary tale if there ever was one. If a cybersecurity expert like Troy, who created Have I Been Pwned, can fall for a phishing attack, then what chance do the rest of us have? This…
Global Security News, Tips & Best Practices
Passkeys: The Beginning of the End for Passwords
Passkeys: The Beginning of the End for Passwords A few days ago, I posted about Troy Hunt getting phished, a cautionary tale if there ever was one. If a cybersecurity expert like Troy, who created Have I Been Pwned, can fall for a phishing attack, then what chance do the rest of us have? This…
Global Security News, Tips & Best Practices
Unlimited Access: Every Device on Your Network Can Talk to the Internet
Unlimited Access: Every Device on Your Network Can Talk to the Internet Back in 2018, I wrote a post called Home Network Segmentation: A Must in the IoT Era. It walked through how to isolate your smart devices, like TVs, thermostats, and cameras, from your laptops and phones. The goal? Keep the questionable stuff away…
Global Security News, Tips & Best Practices
Unlimited Access: Every Device on Your Network Can Talk to the Internet
Unlimited Access: Every Device on Your Network Can Talk to the Internet Back in 2018, I wrote a post called Home Network Segmentation: A Must in the IoT Era. It walked through how to isolate your smart devices, like TVs, thermostats, and cameras, from your laptops and phones. The goal? Keep the questionable stuff away…
Global Security News, Tips & Best Practices
Unlimited Access: Every Device on Your Network Can Talk to the Internet
Unlimited Access: Every Device on Your Network Can Talk to the Internet Back in 2018, I wrote a post called Home Network Segmentation: A Must in the IoT Era. It walked through how to isolate your smart devices, like TVs, thermostats, and cameras, from your laptops and phones. The goal? Keep the questionable stuff away…
Global Security News, Tips & Best Practices
Unlimited Access: Every Device on Your Network Can Talk to the Internet
Unlimited Access: Every Device on Your Network Can Talk to the Internet Back in 2018, I wrote a post called Home Network Segmentation: A Must in the IoT Era. It walked through how to isolate your smart devices, like TVs, thermostats, and cameras, from your laptops and phones. The goal? Keep the questionable stuff away…
Cybersecurity News, Global Security News, Tips & Best Practices
If Troy Hunt Can Fall for Phishing, So Can You
Title: If Troy Hunt Can Fall for Phishing, So Can You Let’s clear this up right away: falling for a phishing email doesn’t mean you’re clueless, lazy, or bad at your job. Even Troy Hunt, yes, the guy behind Have I Been Pwned, recently clicked on a phishing link. And not just clicked… he entered…
Cybersecurity News, Global Security News, Tips & Best Practices
If Troy Hunt Can Fall for Phishing, So Can You
Title: If Troy Hunt Can Fall for Phishing, So Can You Let’s clear this up right away: falling for a phishing email doesn’t mean you’re clueless, lazy, or bad at your job. Even Troy Hunt, yes, the guy behind Have I Been Pwned, recently clicked on a phishing link. And not just clicked… he entered…
Cybersecurity News, Global Security News, Tips & Best Practices
If Troy Hunt Can Fall for Phishing, So Can You
Title: If Troy Hunt Can Fall for Phishing, So Can You Let’s clear this up right away: falling for a phishing email doesn’t mean you’re clueless, lazy, or bad at your job. Even Troy Hunt, yes, the guy behind Have I Been Pwned, recently clicked on a phishing link. And not just clicked… he entered…
Cybersecurity News, Global Security News, Tips & Best Practices
If Troy Hunt Can Fall for Phishing, So Can You
Title: If Troy Hunt Can Fall for Phishing, So Can You Let’s clear this up right away: falling for a phishing email doesn’t mean you’re clueless, lazy, or bad at your job. Even Troy Hunt, yes, the guy behind Have I Been Pwned, recently clicked on a phishing link. And not just clicked… he entered…
Cybersecurity News, Exploits, Global Security News, Tips & Best Practices
log4shell
Last Update: December 28, 2021 If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability, and subsequent vulnerabilities in the popular Log4j software library that is developed and maintained by the Apache Software Foundation. Apache has patched these vulnerabilities in version 2.17.1, however vendors who use…
Cybersecurity News, Exploits, Global Security News, Tips & Best Practices
log4shell
Last Update: December 28, 2021 If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability, and subsequent vulnerabilities in the popular Log4j software library that is developed and maintained by the Apache Software Foundation. Apache has patched these vulnerabilities in version 2.17.1, however vendors who use…
Cybersecurity News, Exploits, Global Security News, Tips & Best Practices
log4shell
Last Update: December 28, 2021 If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability, and subsequent vulnerabilities in the popular Log4j software library that is developed and maintained by the Apache Software Foundation. Apache has patched these vulnerabilities in version 2.17.1, however vendors who use…
Cybersecurity News, Exploits, Global Security News, Tips & Best Practices
log4shell
Last Update: December 28, 2021 If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability, and subsequent vulnerabilities in the popular Log4j software library that is developed and maintained by the Apache Software Foundation. Apache has patched these vulnerabilities in version 2.17.1, however vendors who use…
Cybersecurity News, Global Security News, North America, Tips & Best Practices
Cybersecurity Awareness Month 2021
October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer. Breast Cancer Awareness Month On September 30th, President Biden proclaimed October 2021 as National Breast Cancer Awareness Month. Biden’s proclamation…
Cybersecurity News, Global Security News, North America, Tips & Best Practices
Cybersecurity Awareness Month 2021
October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer. Breast Cancer Awareness Month On September 30th, President Biden proclaimed October 2021 as National Breast Cancer Awareness Month. Biden’s proclamation…
Cybersecurity News, Global Security News, North America, Tips & Best Practices
Cybersecurity Awareness Month 2021
October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer. Breast Cancer Awareness Month On September 30th, President Biden proclaimed October 2021 as National Breast Cancer Awareness Month. Biden’s proclamation…
Cybersecurity News, Global Security News, North America, Tips & Best Practices
Cybersecurity Awareness Month 2021
October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer. Breast Cancer Awareness Month On September 30th, President Biden proclaimed October 2021 as National Breast Cancer Awareness Month. Biden’s proclamation…
Cybersecurity News, Global Security News, North America, Tips & Best Practices
Colonial Pipeline: Lessons Learned
The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U.S.. While pipeline systems were not directly infected with ransomware, the pipeline was shut down as a precaution during the investigation…
Cybersecurity News, Global Security News, North America, Tips & Best Practices
Colonial Pipeline: Lessons Learned
The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U.S.. While pipeline systems were not directly infected with ransomware, the pipeline was shut down as a precaution during the investigation…
Cybersecurity News, Global Security News, North America, Tips & Best Practices
Colonial Pipeline: Lessons Learned
The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U.S.. While pipeline systems were not directly infected with ransomware, the pipeline was shut down as a precaution during the investigation…
Cybersecurity News, Global Security News, North America, Tips & Best Practices
Colonial Pipeline: Lessons Learned
The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U.S.. While pipeline systems were not directly infected with ransomware, the pipeline was shut down as a precaution during the investigation…
Cybersecurity News, Global Security News, Tips & Best Practices
World Password Day – May 6, 2021
It’s World Password Day! Are your passwords strong enough? Do you have a long, unique password for every account? Do you use multi-factor authentication where available? If you answered, “no” to any of these questions or if you’re not sure, please read on. If you answered yes, then congratulations! Although you can read on too…
Cybersecurity News, Global Security News, Tips & Best Practices
World Password Day – May 6, 2021
It’s World Password Day! Are your passwords strong enough? Do you have a long, unique password for every account? Do you use multi-factor authentication where available? If you answered, “no” to any of these questions or if you’re not sure, please read on. If you answered yes, then congratulations! Although you can read on too…
Cybersecurity News, Global Security News, Tips & Best Practices
World Password Day – May 6, 2021
It’s World Password Day! Are your passwords strong enough? Do you have a long, unique password for every account? Do you use multi-factor authentication where available? If you answered, “no” to any of these questions or if you’re not sure, please read on. If you answered yes, then congratulations! Although you can read on too…
Cybersecurity News, Global Security News, Tips & Best Practices
World Password Day – May 6, 2021
It’s World Password Day! Are your passwords strong enough? Do you have a long, unique password for every account? Do you use multi-factor authentication where available? If you answered, “no” to any of these questions or if you’re not sure, please read on. If you answered yes, then congratulations! Although you can read on too…
Cybersecurity News, Global Security News, Tips & Best Practices
Facebook Leak Leads To Smishing
I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone. A few days ago, the smishing seemed to become even more…
Cybersecurity News, Global Security News, Tips & Best Practices
Facebook Leak Leads To Smishing
I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone. A few days ago, the smishing seemed to become even more…
Cybersecurity News, Global Security News, Tips & Best Practices
Facebook Leak Leads To Smishing
I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone. A few days ago, the smishing seemed to become even more…
Cybersecurity News, Global Security News, Tips & Best Practices
Facebook Leak Leads To Smishing
I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone. A few days ago, the smishing seemed to become even more…
Cybersecurity News, Global Security News, Reviews, Tips & Best Practices
2021 Cybersecurity Report Roundup
Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a list of 2021 cybersecurity reports. We will add more categories and reports as we come across them. If you find anything that should be on this list, please let…
Cybersecurity News, Global Security News, Reviews, Tips & Best Practices
2021 Cybersecurity Report Roundup
Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a list of 2021 cybersecurity reports. We will add more categories and reports as we come across them. If you find anything that should be on this list, please let…
Cybersecurity News, Global Security News, Reviews, Tips & Best Practices
2021 Cybersecurity Report Roundup
Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a list of 2021 cybersecurity reports. We will add more categories and reports as we come across them. If you find anything that should be on this list, please let…
Cybersecurity News, Global Security News, Reviews, Tips & Best Practices
2021 Cybersecurity Report Roundup
Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a list of 2021 cybersecurity reports. We will add more categories and reports as we come across them. If you find anything that should be on this list, please let…
Cybersecurity News, Global Security News, Tips & Best Practices
Safer Internet Day 2021
Safer Internet Day Three tips from Between The Hacks, for a safer Internet. Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day. This year’s theme is, “Together for a better Internet.” Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide.…
Cybersecurity News, Global Security News, Tips & Best Practices
Safer Internet Day 2021
Safer Internet Day Three tips from Between The Hacks, for a safer Internet. Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day. This year’s theme is, “Together for a better Internet.” Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide.…
Cybersecurity News, Global Security News, Tips & Best Practices
Safer Internet Day 2021
Safer Internet Day Three tips from Between The Hacks, for a safer Internet. Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day. This year’s theme is, “Together for a better Internet.” Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide.…
Cybersecurity News, Global Security News, Tips & Best Practices
Safer Internet Day 2021
Safer Internet Day Three tips from Between The Hacks, for a safer Internet. Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day. This year’s theme is, “Together for a better Internet.” Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide.…