You can play a powerful role in helping your local community be safer and more secure online. Learn more about how to get involved with Cybersecurity Awareness Month: https://hubs.ly/H0x2R8N0
Don't miss tomorrow's half-day virtual event! Experts from Lockton Companies, Identity Guard, and FRSecure will teach you how to create a healthy cyber wellness program at your organization. We still have space available - register now:
https://hubs.ly/H0wg1rt0
AURA.ZOOM.US
Welcome! You are invited to join a webinar: Secure Workplace Basics in 2020: How to Create a Healthy Cyber Wellness Program. After registering, you will receive a confirmation email about joining the webinar.
Netflix's documentary, The Social Dilemma, is sweeping the nation. With internet privacy, social media, and information security all going hand-in-hand, Brad and Evan provide some reactions to the contents of the popular film on this week's Unsecurity episode. Don't miss this one. https://hubs.ly/H0xbqqW0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Programming update: this week's Unsecurity Podcast episode will be delayed until tomorrow. Promise it'll be worth the wait!
Continuing to underscore the importance of physical security, it's important to ensure your sensitive records and documents (passports, birth certificates, titles, deeds, important medical records, etc.) are all under lock and key, preferably in a fireproof box. #TuesdayTip
The unfortunate truth is that ransomware can happen to anyone, prepared or not. The difference is in the way you respond. Check out our resources page on our site for help getting started with an IR plan and ransomware readiness assessment, and read more about the latest healthcare ransomware news here: https://hubs.ly/H0x43kt0
ZDNET.COM
UHS hospital network hit by ransomware attack | ZDNet
Once posted, always posted: Protect your reputation on #socialnetworks. What you post online stays online. Consider this before sharing a post or photo of yourself or others. Do your part. #BeCyberSmart
Any day now... #frsmemes
What is cybersecurity? We asked 14 experts, and they each gave us their own definition. Read what Chris Roberts, Pay Joyce, Dan Desko, David Shay, Luis Simonet, and other infosec experts have to say, and let us know what you think.
https://hubs.ly/H0xw66T0
FRSECURE.COM
What is Cybersecurity? - 14 Security Experts Weigh In | FRSecure
Didn't get enough of last week's Unsecurity Podcast discussion on The Social Dilemma? Brad and Evan didn't either. Check out part two on our 100th (!) episode! https://hubs.ly/H0xyj9D0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Any device that connects to the internet is vulnerable to risks. The best defense is to keep device security software, web browser and operating systems up to date. #BeCyberSmart by turning on auto-updates.
Are you or is someone you know looking for an exciting new opportunity in information security? Now's a perfect time to join our team - apply for one of our open Penetration Tester or Information Security Analyst positions on our site: https://hubs.ly/H0xwmBX0
We always say it's easier to get through your receptionist than your firewall. Training is key. #frsmemes
Phishing is one of the most prevalent and effective forms of social engineering. One of the best ways you can prevent becoming a victim of phishing is to learn about exactly what it is and how it is executed, and then to take some simple steps to help protect yourself. Learn more: https://hubs.ly/H0y1jqw0
FRSECURE.COM
Phishing Attack Examples and How to Protect Against Them | FRSecure
They say never talk about politics in a work setting, but Evan and Brad have never been ones for rules. Unsecurity episode 101 is all about election security. Check it out! https://hubs.ly/H0x-fT20
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Do all of your apps need to track your location? Hint: no. Take a moment now to configure the privacy and security settings of your apps and, while you're at it, help someone in your community configure theirs. Do your part. #BeCyberSmart
We are excited to participate in a virtual event next week with our friends at Ostra Cyber Security! Register now: https://hubs.ly/H0xWkvz0
EVENTBRITE.COM
Club E Digital Maple Grove With Brad Nigh, Charles Killmer and Mike Kennedy
The longer a cybercriminal has between the crime and when you find out about it, the less likely you are to recover what's been stolen from you. Check your financial and other accounts at least once a month, if not more often, to make sure nothing is amiss. #TuesdayTip
#BeCyberSmart Tips for Spotting a Phish: 1) They offer financial reward, threaten you or claim to need help. 2) They ask for your personal info. 3) They want you to download a file or click on a link. https://hubs.ly/H0x30Zg0
Evan is joined by Neal O’Farrell, founder of the PsyberReslience Project, on this week's Unsecurity Podcast episode. Given the turbulent year for many, the two discuss mental health as it relates to the cyber industry. https://hubs.ly/H0ydSkf0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
When people ask you about your family and life, they may be fishing for information they can use to steal your identity. Secret answers are often family members or pet names, your birthday, the city you were born in, etc. Be suspicious when you don't really know the person asking these questions or why they're asking. #TuesdayTip
Join us tomorrow for an informational event with Ostra Cyber Security intended to help entrepreneurs and SMBs navigate the infosec landscape changes that have happened this year. There's still time to register! https://hubs.ly/H0xZQlZ0
EVENTBRITE.COM
Club E Digital Maple Grove With Brad Nigh, Charles Killmer and Mike Kennedy
What is cybersecurity? “Cybersecurity is forward thinking and continuous measures implemented to protect a company’s resources from intrusion and theft.“ - Paul Katzoff https://hubs.ly/H0xFCZz0
FRSECURE.COM
What is Cybersecurity? - 14 Security Experts Weigh In | FRSecure
No matter how long and strong your passphrase is, a breach is always possible. Make it harder for cybercriminals to access your account by enabling multi-factor authentication. #BeCyberSmart (Also, use a password manager! Check out our handy guide: https://hubs.ly/H0x30Y-0)
FRSecure is excited to have been named one of the Minneapolis-St Paul Business Journal's Fast 50 again in 2020 - this year, we came in at number 23! Read more: https://hubs.ly/H0yRB6_0
#BeCyberSmart Tip: Public Wi-Fi networks are not secure – limit what you do on public WiFi, and avoid logging in to key accounts like email and financial services.
Neal O'Farrell is back for an impromptu part two of last week's Unsecurity episode. Check out episode 103 as he continues the conversation with Evan and Brad about mental health in our industry. https://hubs.ly/H0yMzLQ0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Getting a notification on your phone each time your cards are charged may seem like a lot, but all it takes is one charge that you didn't make to make the effort worth it. You know instantly that your card was misused and can shut it down before any more charges are made. #TuesdayTip
Despite the importance of formalized policies to the success of security programs, many organizations fail to adopt a full set of policies. But we’ve seen instances of companies making drastic improvements to their programs with this adoption. Check out this example of an organization that successfully implemented a full policy set and the impact it has had. https://hubs.ly/H0yBFTk0
FRSECURE.COM
Full Data Security Policy Set Adoption | FRSecure | Security Standards
What is cybersecurity? “To me cybersecurity is the set of rules, tools, actions, activities and continuous learning that it takes to protect digital life.“ - Ryan Cloutier https://hubs.ly/H0xFDGw0
FRSECURE.COM
What is Cybersecurity? - 14 Security Experts Weigh In | FRSecure
To-do list today:
1️⃣ Vote
2️⃣ Listen to episode 104 of the Unsecurity Podcast
https://hubs.ly/H0z9ZY30
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Installing smoke detectors is a great first step, but how do you know they work? Test them consistently (set a recurring calendar appointment!) to identify problems before an emergency. #TuesdayTip
Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency are urging local government agencies to patch the Windows Netlogon vulnerability known as Zerologon ahead of tomorrow's presidential election to improve security. Read more: https://hubs.ly/H0z6ZQC0
BANKINFOSECURITY.COM
Agencies Urged to Patch Netlogon Flaw Before Election
We are proud to be a #CybersecurityAwarenessMonth Champion! It's not too late to #BeCyberSmart and join the growing global effort to promote the awareness of online safety and privacy. https://hubs.ly/H0x2TZR0
We hope your holiday is no tricks and all treats!
Luck eventually runs out, just saying. It's far better to be genuinely prepared. #frsmemes
As part of our mission to fix the broken industry, we have started a blog series intended to empower "normal" people to take control of their personal security, specifically as it pertains to ways in which technology may be used against you by someone close to you. The first part of this series is about digital abuse. Read more: https://hubs.ly/H0zKZX00
FRSECURE.COM
Understanding Digital Abuse: Empowering Personal Security, Part 1 | FRSecure
You could be telling people with malicious intent details about your life, your kids' lives, when you'll be away from home, and what they may find there. If you wouldn't willingly give that information to a complete stranger, don't put it on your car. #frsmemes
Do you have an incident response plan? Do you know where to even begin? Let us help - use our free incident response plan template: https://hubs.ly/H0zKjng0
FRSECURE.COM
Incident Response Plan Template | FRSecure
We've said it before, but we'll say it again (and again, and again...): implement an IR plan, and back up your data. Ransomware isn't going anywhere, and the only way to be prepared is to plan for it. "TrickBot and Emotet topped the list of most prolific malware strains in October, helping in the process to drive a surge in ransomware infections, according to new analysis from Check Point Software." Read more: https://hubs.ly/H0zKjnm0
INFOSECURITY-MAGAZINE.COM
Emotet and TrickBot Top the Malware Charts Yet Again
We appreciate all who protect and have protected our freedom. We honor you today and thank you for your service!
Many information security professionals are feeling the negative mental health effects of this prolonged pandemic. We want to help. We've put together more information about what you may be feeling and how you can manage stress and anxiety and hopefully feel a bit better. Read more: https://hubs.ly/H0zDdMr0
FRSECURE.COM
How to Manage Stress and Anxiety in Information Security During the Pandemic | FRSecure
If your Thanksgiving plans moved virtual this year, don't worry - you can still bond with your family like you would in person! Check out our guide for hosting virtual games: https://hubs.ly/H0Bgb6n0
FRSECURE.COM
Making the Most of Technology at Home | FRSecure
We are excited to partner with Arctic Wolf Networks for an upcoming virtual discussion called 6 Ways Comprehensive Security Coverage Drives Savings, which will be based on their economic impact survey findings. Join us on Dec. 9 - register now! https://hubs.ly/H0B8jPT0
FRSECURE.ZOOM.US
Welcome! You are invited to join a webinar: 6 Ways Comprehensive Security Coverage Drives Savings. After registering, you will receive a confirmation email about joining the webinar.
CCI Systems Inc
November 17 at 12:10 PM ·
Join CCI Systems and partners FRSecure on December, 17th to learn how you can help prevent a security breach from happening to your network. We will dive into the most common ways the healthcare industry is being attacked by hackers and what you can do to help stop attacks before they mitigate.
When: December 17th, 1-2 PM CT
Register Here: https://hubs.li/H0B3QCq0
Protecting data doesn't start or stop at the office—we need to protect ourselves at home as well. Episode 106 of the Unsecurity Podcast features tips and tricks from Evan and Brad about at-home security. https://hubs.ly/H0B3R2y0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
If you receive a call from someone claiming to be your credit card company, internet service provider, or another business with whom you have an account, do not give them any personal information. Instead, end the call and find the correct number for that company to call back; this simple step is much easier than recovering from identity theft. #TuesdayTip
Google is asking Chrome desktop users to prepare to update their browsers once again as two more zero-day vulnerabilities have been identified in the software. Both allow an unauthenticated, remote attacker to compromise an affected system via the web. And both are being actively exploited in the wild, according to Google. https://hubs.ly/H0zTGSx0
THREATPOST.COM
2 More Google Chrome Zero-Days Under Active Exploitation
Phishing remains a consistent and widespread threat to information security. "Microsoft's Security Intelligence team is warning users of the Office 365 suite about an ongoing phishing campaign that appears to be harvesting victims' credentials." Read more: https://hubs.ly/H0BjJKn0
BANKINFOSECURITY.COM
Microsoft Warns of Office 365 Phishing Attacks
Have you ever wondered how the pros do file system forensic analysis timelining? Our experts at Team Ambush are excited to tell you. Read the latest in our FRSecure Labs series: https://hubs.ly/H0Bn_hN0
FRSECURE.COM
File System Forensic Analysis: Creating an Initial Timeline | FRSecure
With holiday shopping already in full force, knowing how to protect you and your family from scams is critically important. Evan breaks down some holiday shopping safety tips on this week's episode of the Unsecurity Podcast. Check it out! https://hubs.ly/H0BtZly0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
The best way to ensure your data is irretrievable is to destroy the drive it was on. #TuesdayTip
When was the last time you patched your servers? If it has been a while, Team Ambush is kindly but firmly requesting you do it now. Learn why: https://hubs.ly/H0BjgmX0
FRSECURE.COM
From Zero to Hero: A ZeroLogon (CVE-2020-1472) Love Story | FRSecure
Humans are predictable. We're talking, "It takes less than a second to crack your password," predictable. If you have any accounts that have passwords on this list, change them immediately to unique, complex passwords or passphrases. https://hubs.ly/H0BjJTN0
NORDPASS.COM
Most common passwords of 2020
This goes for any connected device with a microphone: your smartphone, smart speaker, video game console, baby monitor, etc. If an attacker gains access to your network, it's possible they can listen in. Be sure you are securing your devices on a separate WiFi network, and turn the mics off when they're not in use. #TuesdayTip
Have you ever looked at RDP event logs? Do you know what they mean? Let one of our incident case managers, Tim Boyer, explain how to make sense of them in the latest FRSecure Labs post: https://hubs.ly/H0Bw1rW0
FRSECURE.COM
Making Sense of RDP Connection Event Logs | FRSecure
FYI this is not actually a good thing. #frsmemes
Wishing you and your family a safe and happy Thanksgiving holiday!
We’ve seen an increasing number of pervasive threats to security programs and organizations across the board this year. Each month, we’ll take a look under the hood of the relevant and breaking threats FRSecure’s technical team has been working to combat and the advice they have for you. Sign up for this free webinar series: https://hubs.ly/H0C3Dfz0
FRSECURE.COM
Under the Hood: Monthly Cyber Threat Intel | FRSecure
It's only annoying if you don't use a password manager. #frsmemes
P.S. You can check out our handy guide to password managers here: https://hubs.ly/H0yRhJq0
Holiday shopping this year will be at its highest ever, and we’re expecting a record number of scams and compromise. The best thing you can do for yourself is to understand what scams exist and how to protect yourself from falling victim to them. Our Online Holiday Shopping Safety Checklist will help you do so: https://hubs.ly/H0BVHFh0
FRSECURE.COM
Online Holiday Shopping Safety Checklist | FRSecure
Please be aware and let your teams know about a phishing campaign that has been gaining popularity lately, wherein scammers spoof internal HR requesting status updates on returning to the office. Read more: https://hubs.ly/H0BNvkz0
BANKINFOSECURITY.COM
'Return to Office' Phishing Emails Aim to Steal Credentials
Today, Clutch released their list of the highest-ranking IT services companies for 2020 - we are so proud and honored to have made their list again this year! Read more: https://hubs.ly/H0BVHlB0
With Brad back and in good spirits, he and Evan pick up where episode 106 of the Unsecurity Podcast left off—talking about in-home security tips. Give episode 108 a listen! https://hubs.ly/H0BWfFV0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
By now, you have likely heard about the SolarWinds compromise and supply chain attack. We want to get a notice out to you as quickly as possible so you can be up-to-date, understand how this could affect you, and know what you should do now. Read more: https://hubs.ly/H0Czrr-0
FRSECURE.COM
SolarWinds Compromise Update and Recommendations | FRSecure
“We’re providing a smart tool as part of our cybersecurity initiative to ensure we can help mitigate 21st-century security threats. We can empower people, improve lives, and inspire success by delivering citizen-focused solutions to keep North Dakotans secure.” Huge news for both North Dakota and SecurityStudio! Read more: https://hubs.ly/H0Cyjns0
ND.GOV
NDIT makes online security assessment available for ND citizens | North Dakota ITD
By 2026, all new DOD contracts will contain the CMMC requirements. Are you ready? #frsmemes
As an infosec professional, what grinds your gears? We are starting a new series to tackle just that question. In this series, we’ll cover some of the issues that we encounter in the industry, discuss why they need to be addressed, and provide some input as to how you can combat them at your organization. Check out the first post, Marketing Cybersecurity Services: https://hubs.ly/H0Cm_Lv0
FRSECURE.COM
What Grinds Our Gears: Marketing Cyber Security Services | FRSecure
Episode 109 of the Unsecurity Podcast is up! Normally we'd point you to the places you can listen, but you'll want to watch this one as Evan and Brad demo some router/firewall tips. So, check it out on YouTube!
https://hubs.ly/H0CjTtq0
YOUTUBE.COM
UNSECURITY Episode 109: Information Security at Home, Router and Firewall Demo
Let’s talk about Mimikatz and golden ticket attacks! And we don’t mean the Wonka bars, but something far more malicious. This type of attack could cause an unsuspecting network administrator a world of trouble. Learn more about how to detect and prevent a golden ticket attack: https://hubs.ly/H0C8X780
FRSECURE.COM
Detecting and Preventing a Golden Ticket Attack | FRSecure
There are only two people in the world who enjoy writing security policies, and they both work at FRSecure. #frsmemes
We continue to keep our #SolarWinds post updated with information as it becomes available. You can view the latest here: https://hubs.ly/H0CJq950
FRSECURE.COM
SolarWinds Compromise Update and Recommendations | FRSecure
If you suspect your information has been leaked in a similar breach, consider putting a freeze on your credit to avoid further damage. As always, it’s best practice to routinely monitor your credit reports and financial accounts. "A Florida-based company that provides support services to hundreds of dental practices in 20 states says it's been hacked, exposing information - including payment card numbers - on more than 1 million patients." https://hubs.ly/H0CFqkS0
HEALTHCAREINFOSECURITY.COM
Vendor to Dental Practices Hacked; 1 Million Affected
Had to be #SolarWinds, right? Brad and Evan are joined by Oscar Minks to break down the compromise that shook the industry yesterday. Give Unsecurity episode 110 a listen or watch anywhere you consume podcasts. https://hubs.ly/H0CFqjB0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
It's important to be aware of changes in your credit report. Setting up push notifications to notify you of changes can help you catch identity theft quickly and hopefully before significant damage is done. #TuesdayTip
By now, you have likely heard about the SolarWinds compromise and supply chain attack. We want to get a notice out to you as quickly as possible so you can be up-to-date, understand how this could affect you, and know what you should do now. Read more: https://hubs.ly/H0Czrr-0
FRSECURE.COM
SolarWinds Compromise Update and Recommendations | FRSecure
We wish you and your family a very merry Christmas!
We are still festive, even from a distance! 🎅
The second in our Empowering Personal Security series, we've put together a guide for mobile device security for people who are concerned their partners may be using their phones against them. Read more: https://hubs.ly/H0CQ1340
FRSECURE.COM
How to Tell if Your Phone is Hacked: Empowering Personal Security, Part 2 | FRSecure
A call from mom sparks further conversation about personal and at-home security on episode 111 of the Unsecurity podcast. Check it out! https://hubs.ly/H0CZLT-0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Especially if you have sensitive searches, DuckDuckGo is a much more private bet than other search engines. According to DuckDuckGo, "Our privacy policy is simple: we don’t collect or share any of your personal information." #TuesdayTip
Nothing has been "normal" this year, so neither is our Christmas card. While we usually like to send a physical card with a photo of our FRSecure family, we decided to go digital this year. What better way to do that than with a poem? We hope you enjoy this new take on an old classic!
The New Year is always a time to reflect, so Brad and Evan take a look back at the security side of 2020 on this week's episode of the Unsecurity Podcast. Check it out! https://hubs.ly/H0D5WtJ0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
You can never be sure the public network you're connected to is secure or who may be able to access what you're sending over it. Don't ever access anything you wouldn't share publicly on a public network. #TuesdayTip
Despite the importance of formalized policies to the success of security programs, many organizations fail to adopt a full set of policies. But we’ve seen instances of companies making drastic improvements to their programs with this adoption.
So, here are some roadblocks companies typically run into when creating and implementing policies, advice for handling those roadblocks, and an example of an organization that successfully implemented a full policy set—and the impact it has had. https://hubs.ly/H0CXvkY0
FRSECURE.COM
Full Data Security Policy Set Adoption | FRSecure |
We wish you and your family a very merry Christmas!
We are still festive, even from a distance! 🎅
The second in our Empowering Personal Security series, we've put together a guide for mobile device security for people who are concerned their partners may be using their phones against them. Read more: https://hubs.ly/H0CQ1340
FRSECURE.COM
How to Tell if Your Phone is Hacked: Empowering Personal Security, Part 2 | FRSecure
We are proud to announce that we are officially a CMMC Registered Provider Organization (RPO)! You can see our profile on the official site here: https://hubs.ly/H0Dg-D30
PORTAL.CMMCAB.ORG
FRSecure-RPO - 12-08-2020 directory contact: Evan Spaeder directories for CMMC-AB
Evan comes to us live from Cancun again for this week's Unsecurity episode, and you know what that means—Evan is writing another book. Here's what you can expect from the new project Evan and Brad are co-writing! https://hubs.ly/H0DhS-L0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Is knowing what Hogwarts house you would be sorted into or who your inner Disney Princess is really worth sacrificing your private data? We don't think so, but that's exactly what can happen when you take surveys on social media. If you don't take the survey, the third parties don't get your data - simple as that. #TuesdayTip
One of the ways the industry is broken is that there are many people participating in the money grab, trying to sell you blinky lights: high-tech products or services that falsely claim they’ll fix everything for you automatically. Blinky lights are problematic for many reasons, and in this post, we cover some of the biggest ones.https://hubs.ly/H0CTc0r0
FRSECURE.COM
What Grinds Our Gears: Cyber Security Technology | FRSecure
From the bottom of our hearts, we wish you and your loved ones a happy and healthy new year. Cheers to 2021!
The New Year is always a time to reflect, so Brad and Evan take a look back at the security side of 2020 on this week's episode of the Unsecurity Podcast. Check it out! https://hubs.ly/H0D5WtJ0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
CMMC has been a focus for FRSecure since the regulations were announced. Having officially become an RPO last week, the timing felt right to discuss what we know about the requirements. Give episode 114 of the Unsecurity Podcast a listen to get the scoop. https://hubs.ly/H0DHQcj0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Home security systems can help you with not just responding after an incident, but also with monitoring and alerting you of potential issues as they are happening. #TuesdayTip
Make 2021 the year you stop doing this. #frsmemes
The January InfraGard General Membership meeting will take place Jan. 19th and feature Evan Francen talking about fixing the broken information security industry. This virtual event is open to both members and non-members. Register now: https://hubs.ly/H0DjvNR0
INFRAGARDMN.ORG
InfraGardMN January 2021 Member Meeting
We are proud to announce that we are officially a CMMC Registered Provider Organization (RPO)! You can see our profile on the official site here: https://hubs.ly/H0Dg-D30
PORTAL.CMMCAB.ORG
FRSecure-RPO - 12-08-2020 directory contact: Evan Spaeder directories for CMMC-AB
Evan comes to us live from Cancun again for this week's Unsecurity episode, and you know what that means—Evan is writing another book. Here's what you can expect from the new project Evan and Brad are co-writing! https://hubs.ly/H0DhS-L0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Team MFA all the way. #frsmemes
The much-anticipated CISSP Mentor Program is back for another year, and registration is officially open. See you in April! https://hubs.ly/H0DQthY0
EVENTBRITE.COM
2021 FRSecure CISSP Mentor Program
CMMC has been a focus for FRSecure since the regulations were announced. Having officially become an RPO last week, the timing felt right to discuss what we know about the requirements. Give episode 114 of the Unsecurity Podcast a listen to get the scoop. https://hubs.ly/H0DHQcj0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Home security systems can help you with not just responding after an incident, but also with monitoring and alerting you of potential issues as they are happening. #TuesdayTip
Make 2021 the year you stop doing this. #frsmemes
The January InfraGard General Membership meeting will take place Jan. 19th and feature Evan Francen talking about fixing the broken information security industry. This virtual event is open to both members and non-members. Register now: https://hubs.ly/H0DjvNR0
INFRAGARDMN.ORG
InfraGardMN January 2021 Member Meeting
We need your help spreading the word about our upcoming CISSP Mentor Program! Not only will you be helping fix the broken industry, but you'll also be entered to win an awesome prize. Follow this link to share the CISSP mentor program with your friends and colleagues, and you'll be entered to win a SteelSeries Arctis 9 wireless headset! The more ways you share, the more chances you have to win. Enter now: https://hubs.ly/H0F3Y3v0
It's just gross. #frsmemes
Symantec Threat Intelligence says it has uncovered another malware variant used in the SolarWinds supply chain hack - a loader nicknamed "Raindrop" that apparently was used to deliver Cobalt Strike, a legitimate penetration testing tool, to a handful of targets. Read more: https://hubs.ly/H0F6w-F0
BANKINFOSECURITY.COM
'Raindrop' Is Latest Malware Tied to SolarWinds Hack
CISA is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors used a variety of tactics and techniques, including phishing and brute force logins, to attempt to exploit weaknesses in cloud security practices. CISA encourages users and administrators to review AR21-013A and apply the recommendations to strengthen cloud environment configurations. Read more: https://hubs.ly/H0D_s3l0
US-CERT.CISA.GOV
Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments | CISA
Amy McLaughlin rejoins the Unsecurity Podcast this week to talk about her new book, "Learning Continuity Planning: A Handbook for Schools, Colleges & Universities." Check episode 115 out anywhere you consume podcasts! https://hubs.ly/H0F3pfq0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
You can't secure what you don't know you have. Maintain a list (inventory) of all systems and devices with their associated information, including manufacturer, model number, serial number, and support information. Hint: most password managers include a place for this with login information. #TuesdayTip
#logic #frsmemes
Episode 116 of the Unsecurity Podcast is up! This week Brad and Evan chat about the CIS Controls Update, the CISSP Mentor Program, and the fantastic responses to a question Evan posed on LinkedIn. Tune in for another great episode! https://hubs.ly/H0Fz58m0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
We're partnering with Huntress Labs on a free webinar to discuss a real-world IR case study and help you understand what went wrong and what you can do better. Join us Feb. 17th for Incident Response Case Study: What Happens When Everything Goes Wrong. Register now: https://hubs.ly/H0FwZB-0
It's easier to protect yourself and your loved ones against the latest attacks if you know what they are and how they work. Stay abreast of threat trends and talk about them with the people you care about. #TuesdayTip
Unfortunately, attackers took full advantage of the pandemic in 2020, with healthcare organizations reporting a 25% increase in breaches. It is imperative for these organizations to focus on bolstering their information security to help protect their clients' data. Read more: https://hubs.ly/H0Fnn170
HIPAAJOURNAL.COM
2020 Healthcare Data Breach Report: 25% Increase in Breaches in 2020
We need your help spreading the word about our upcoming CISSP Mentor Program! Not only will you be helping fix the broken industry, but you'll also be entered to win an awesome prize. Follow this link to share the CISSP mentor program with your friends and colleagues, and you'll be entered to win a SteelSeries Arctis 9 wireless headset! The more ways you share, the more chances you have to win. Enter now: https://hubs.ly/H0F3Y3v0
Attackers took full advantage of companies' and individuals' new vulnerabilities and significantly ramped up their activity in 2020, a trend that shows no signs of stopping or even slowing. As the old adage goes, an ounce of prevention is worth a pound of cure; get started on your own incident response plan with our free template: https://hubs.ly/H0FVFh10
FRSECURE.COM
Incident Response Plan Template | FRSecure
"A company that fell victim to a ransomware attack and paid cyber criminals millions for the decryption key to restore their network fell victim to the exact same ransomware gang under two weeks later after failing to examine why the attack was able to happen in the first place." This story stresses the importance of investing in smart, effective information security measures before an incident, as well as thoroughly investigating incidents after the fact. https://hubs.ly/H0FTYwq0
ZDNET.COM
Ransomware: A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again | ZDNet
Brad and Evan are back for episode 117 of the Unsecurity podcast, talking this week about a pretty convincing vishing attempt, whether privacy is truly a right, and industry burnout. Listen in and catch up with the guys! https://hubs.ly/H0FTRbD0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
The best way to stop spam callers from targeting your number is simply not to answer for numbers you don't recognize. If you answer, they will likely mark your number as active and ramp up call efforts. #TuesdayTip
#logic #frsmemes
Episode 116 of the Unsecurity Podcast is up! This week Brad and Evan chat about the CIS Controls Update, the CISSP Mentor Program, and the fantastic responses to a question Evan posed on LinkedIn. Tune in for another great episode! https://hubs.ly/H0Fz58m0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
We're excited to share some good news: fewer victims of ransomware have been paying a ransom, and when they do, they're averaging a lower payment than before. We are glad to see this trend and hope it continues! Read more from BankInfoSecurity.com: https://hubs.ly/H0GdWsk0
BANKINFOSECURITY.COM
Ransomware: Average Ransom Payment Declines to $154,108
Compliant =/= secure, but the CMMC requirements are some of the best we've seen. Evan and Brad break down the relationship between compliance and security on this week's Unsecurity episode. https://hubs.ly/H0Gjwsp0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Regularly checking credit reporting sites and breach reporting sites like https://hubs.ly/H0FHx7P0, you can better protect yourself against unauthorized use of your identity and accounts. #TuesdayTip
As an information security professional, you're likely no stranger to thinking in worst-case scenario terms. Considering what the worst case would be can help you prepare for it. Of course, learning from the experience of others can help as well. Join us and Huntress Labs for this informational webinar next week - register now! https://hubs.ly/H0FVC3k0
Social engineers be like
#frsmemes
Attackers took full advantage of companies' and individuals' new vulnerabilities and significantly ramped up their activity in 2020, a trend that shows no signs of stopping or even slowing. As the old adage goes, an ounce of prevention is worth a pound of cure; get started on your own incident response plan with our free template: https://hubs.ly/H0FVFh10
FRSECURE.COM
Incident Response Plan Template | FRSecure
Spreadsheets ≠ effective vendor risk management
#frsmemes
The best thing to do when high-profile compromises happen is learn from the mistakes the victims made. Join us and Arctic Wolf Networks on March 2nd for a webinar to discuss best practices for effective threat hunting and detection in the context of these high-profile cases: https://hubs.ly/H0Gf7W90
CYBERSECURITY.ARCTICWOLF.COM
Arctic Wolf Webinar Registration
We're excited to share some good news: fewer victims of ransomware have been paying a ransom, and when they do, they're averaging a lower payment than before. We are glad to see this trend and hope it continues! Read more from BankInfoSecurity.com: https://hubs.ly/H0GdWsk0
BANKINFOSECURITY.COM
Ransomware: Average Ransom Payment Declines to $154,108
Compliant =/= secure, but the CMMC requirements are some of the best we've seen. Evan and Brad break down the relationship between compliance and security on this week's Unsecurity episode. https://hubs.ly/H0Gjwsp0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Regularly checking credit reporting sites and breach reporting sites like https://hubs.ly/H0FHx7P0, you can better protect yourself against unauthorized use of your identity and accounts. #TuesdayTip
As an information security professional, you're likely no stranger to thinking in worst-case scenario terms. Considering what the worst case would be can help you prepare for it. Of course, learning from the experience of others can help as well. Join us and Huntress Labs for this informational webinar next week - register now! https://hubs.ly/H0FVC3k0
Have you joined us for The Hackle Box yet? Each month, members of our IR team chat about what lures and nets attackers are casting out there and what we can do as industry professionals to avoid putting our organizations on the hook. Learn more and register: https://hubs.ly/H0GTtyy0
FRSECURE.COM
The Hackle Box: Monthly Cyber Threat Intel | FRSecure
When people start to learn about information security and enter the paranoia bell curve
#frsmemes
In the latest news regarding the SolarWinds attack, "Deputy National Security Adviser Anne Neuberger said the Biden administration is preparing 'executive action' to address security shortcomings that have come to light." Read more: https://hubs.ly/H0GTsHm0
BANKINFOSECURITY.COM
White House Preparing 'Executive Action' After SolarWinds Attack
It feels like the last few weeks have been especially heavy with #infosec news. With all that's been going on, Evan and Brad take some time to discuss the current events on this week's episode of the Unsecurity Podcast. Give episode 119 a watch on Youtube or a listen anywhere you find podcasts: https://hubs.ly/H0GP1ZP0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Spreadsheets ≠ effective vendor risk management
#frsmemes
The best thing to do when high-profile compromises happen is learn from the mistakes the victims made. Join us and Arctic Wolf Networks on March 2nd for a webinar to discuss best practices for effective threat hunting and detection in the context of these high-profile cases: https://hubs.ly/H0Gf7W90
CYBERSECURITY.ARCTICWOLF.COM
Arctic Wolf Webinar Registration
Just about everyone has had their data exposed in at least a few breaches. All the more reason to use unique, complex passwords! #frsmemes
"The Senate Intelligence Committee's hearing Tuesday about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues." Read more: https://hubs.ly/H0HdhJx0
BANKINFOSECURITY.COM
Senate SolarWinds Hearing: 4 Key Issues Raised
ICYMI, our free CISSP Mentor Program registration is open! Sessions begin in April and run through early June. Learn more about this program and register here: https://hubs.ly/H0GTz2p0 #CISSP #infosec #cybersecurity #cissptraining #careertraining #jobtraining
FRSECURE.COM
Free CISSP Training Program | FRSecure
Evan and Brad are joined by Tony Alsleben, head of security at CentraCare, on this week's episode of the UNSECURITY Podcast to talk all things healthcare infosec. Check episode 120 out! https://hubs.ly/H0H4Xyg0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
If you receive a text or email with a prompt to download an app you didn't expect or didn't sign up for, ignore it and do not download the app. Anything you download on your phone can contain malware or other malicious files, just like on your computer. #TuesdayTip
Have you joined us for The Hackle Box yet? Each month, members of our IR team chat about what lures and nets attackers are casting out there and what we can do as industry professionals to avoid putting our organizations on the hook. Learn more and register: https://hubs.ly/H0GTtyy0
FRSECURE.COM
The Hackle Box: Monthly Cyber Threat Intel | FRSecure
In 2020, attackers took full advantage of vulnerabilities in cyber defenses, including those of healthcare organizations. Healthcare data breaches rose by 25% in 2020 and are projected to triple in 2021. We spoke to a few experts about what they’ve seen in healthcare, what they expect will happen next, and how best to protect yourselves moving forward. Take a look at what they had to say. https://hubs.ly/H0HBsYq0
FRSECURE.COM
Healthcare Data Breaches and Ransomware - 5 Security Experts Weigh In | FRSecure
Any time there is a US Senate hearing on hacks by foreign adversaries, we're going to have a lot to discuss. Don't miss episode 121 of the Unsecurity Podcast—now online anywhere you listen. https://hubs.ly/H0Hw4PB0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
One way attackers gain control of your information is by posing as customer service representatives, offering a few pieces of information they already know (your name, account number, etc.), and telling you they need you to give them remote access to your computer. If you did not initiate the call and verify who the person on the other end of the line is, do not give remote access! #TuesdayTip
Join us and Arctic Wolf Networks tomorrow for this conversational webinar about threat hunting and detection - register now! https://hubs.ly/H0HjDJv0
CYBERSECURITY.ARCTICWOLF.COM
Arctic Wolf Webinar Registration
Evan is joined by Ryan Cloutier for episode 122 of the Unsecurity Podcast this week, talking about mental health in the information security industry and the MHFA certification. Check it out! https://hubs.ly/H0J5p-C0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Social engineering is a common term in information security, but do you really know what it is? And, do you know how it works and why it's effective? Go in-depth with Oscar Minks in our intro to our new Phishing with Minks series: https://hubs.ly/H0J1tMh0
FRSECURE.COM
What is Social Engineering: Phishing with Minks Intro | FRSecure
NSA Issues Guidance on 'Zero Trust' Implementation: "Adopting zero trust will enable systems administrators to control how users, processes and devices engage with data. These principles can prevent the abuse of compromised user credentials, remote exploitation or insider threats and even mitigate effects of supply chain malicious activity." https://hubs.ly/H0HW4td0
GOVINFOSECURITY.COM
NSA Issues Guidance on 'Zero Trust' Implementation
Kids don't have the same level of awareness that many adults do, and they may inadvertently give attackers access to your data. To avoid this, ensure there is no sensitive information on the devices you allow them to use. #TuesdayTip
We get a lot of questions about CMMC certification, and rightfully so. This standard is new and can be confusing, so we put together a guide to explain the 5 CMMC levels and how you can prepare for certification: https://hubs.ly/H0HPzJr0
FRSECURE.COM
The 5 CMMC Levels and Preparing for Certification | FRSecure
Be sure you get the service that benefits you the most. #frsmemes
Did you know we are hosting our 11th annual free CISSP training? It starts in less than a month! Register now - we can't wait to see you there. https://hubs.ly/H0J1Gsy0
FRSECURE.COM
Free CISSP Training Program | FRSecure
Setting a password or PIN to authenticate purchases made on your devices helps prevent unauthorized access to your card. #TuesdayTip
The best offense is a good defense. Make sure your information security program is up to snuff to avoid more incidents and mitigate their effects when they occur. "Cyber-attacks have become increasingly sophisticated in the past year, with the SolarWinds incident unlikely to be an isolated event going forward, according to VMware Security Business Unit’s 2021 Global Cybersecurity Outlook report." https://hubs.ly/H0J1vJR0
INFOSECURITY-MAGAZINE.COM
SolarWinds Unlikely to Be an Isolated Event as Attackers Become More Sophisticated
#frsmemes
Evan is joined by Ryan Cloutier for episode 122 of the Unsecurity Podcast this week, talking about mental health in the information security industry and the MHFA certification. Check it out! https://hubs.ly/H0J5p-C0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Social engineering is a common term in information security, but do you really know what it is? And, do you know how it works and why it's effective? Go in-depth with Oscar Minks in our intro to our new Phishing with Minks series: https://hubs.ly/H0J1tMh0
FRSECURE.COM
What is Social Engineering: Phishing with Minks Intro | FRSecure
The 11th annual free CISSP Mentor Program starts in 3 short weeks! If you're not yet registered, be sure to sign up. We can't wait to see you there! https://hubs.ly/H0JG9q60
FRSECURE.COM
Free CISSP Training Program | FRSecure
Ensure you update all plugins to the latest versions as soon as they become available. SQL-injection vulnerabilities were discovered in a popular learning-management system for teacher-student communication. Read more: https://hubs.ly/H0JzyzV0
THREATPOST.COM
Tutor LMS for WordPress Open to Info-Stealing Security Holes
Yeah, you have to actually test it. #frsmemes
Ryan is back for a second week in a row on the Unsecurity Podcast. This week, he and Evan discuss our ability to reason in #informationsecurity and touch on password hygiene. Give episode 123 a listen or watch anywhere you get your podcasts. https://hubs.ly/H0JvXXh0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
While there's still much unknown about the recent Exchange server exploit leak, this is an updated summary of what we have learned so far. https://hubs.ly/H0Jqf-r0
BANKINFOSECURITY.COM
How Did the Exchange Server Exploit Leak?
Did you know we are hosting our 11th annual free CISSP training? It starts in less than a month! Register now - we can't wait to see you there. https://hubs.ly/H0J1Gsy0
FRSECURE.COM
Free CISSP Training Program | FRSecure
As we continue to evolve our cyber defense efforts, attackers also evolve their attack methods. It's imperative to stay in the know about their activity to help protect your assets.
"The REvil ransomware gang has added a new malware capability that enables the attackers to reboot an infected device after encryption, security researchers at MalwareHunterTeam report."
https://hubs.ly/H0JXyK_0
BANKINFOSECURITY.COM
REvil Ransomware Can Now Reboot Infected Devices
Reusing your passwords puts you and your organization at risk. #frsmemes
The pandemic has been hard for everyone in many different ways. Unfortunately, cyber attackers have taken full advantage of the new challenges businesses have faced. "Nearly two-thirds of medium and large-sized businesses suffered a cyber-attack or breach last year, with security efforts suffering during the pandemic, according to the latest government figures." https://hubs.ly/H0JXyHv0
INFOSECURITY-MAGAZINE.COM
Two-Thirds of Large Firms Attacked as COVID-19 Hampers Security
How many frequently asked questions about #passwords can Evan and Brad rattle off answers to in just one hour? Episode 124 of the Unsecurity Podcast aims to find out. Get all your password questions answered this week: https://hubs.ly/H0JMd7r0
EVANFRANCEN.COM
The Unsecurity Podcast with me and Brad - Evan Francen
Your phone has a ton of valuable information on it, and you keep it locked for a reason. Handing it over to a stranger, especially unlocked, is risky. #TuesdayTip
The 11th annual free CISSP Mentor Program starts in 3 short weeks! If you're not yet registered, be sure to sign up. We can't wait to see you there! https://hubs.ly/H0JG9q60
FRSECURE.COM
Free CISSP Training Program | FRSecure
