SolarWinds is a major software company based in Tulsa, Okla. Among the company’s products is an IT performance monitoring system called Orion. As an IT monitoring system, SolarWinds Orion has privileged access to IT systems to obtain log and system performance data. It is that privileged position and its wide deployment that made SolarWinds a lucrative and attractive target. What is the SolarWinds hack? SolarWinds…
In traditional security assessment, security professionals try to conduct penetration test, ethical hacking and so on. The security professionals think that if they can find vulnerabilities via conducting bug bounty or penetration testing, those vulnerabilities can be fixed and they are secure from cyber-attacks. But the real hacking is often quite different from penetration testing attacks, ethical hacking or this kind of staffs. In reality,…
E-Mail Phishing Attack Overview A social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about a company (your financial institution) or its computer systems. The attacker can look like anyone, and could fool you by saying they’re a repairman, or a new intern or employee, and they could actually have identification that says they work for your institution. They’ll…
The spread of the novel Coronavirus (COVID-19) is forcing many organizations to require their employees to work remotely. While it might mean that we can work comfortably from our home, this also puts our cyber security at high risk as the world is now seeing a huge spike in Corona themed scams, text messages, malware attacks, phishing activities and more. New hacking campaigns are lunched…
We have become all familiar with the type of hacker who leverages their technical expertise to penetrate protected IT and digital systems and compromise sensitive data. We hear about this type of hacker in the news regularly, and we are motivated to counter their exploits by investing in new technologies that will bolster our network defenses. However, there is another type of hacker who can use…