In the cybersecurity industry, we use several tools to keep networks and data secure. Two of the most important are multi-factor authentication (or MFA) and least privilege access. These are both ways of keeping would-be hackers from breaching your network, but they come at it from slightly different angles and are best used in tandem. Multi-Factor Authentication Multi-factor authentication refers to a layered approach to securing data and applications in which the system requires users to present a combination of two or more credentials to verify their identity for login. For example, entering your login credentials and then a 6-digit code sent to your phone as a text message or to your email address. Even the strongest credentials can…

Cybersecurity breaches, unfortunately, do not slow down in the summer. In fact, most security professionals will tell you that they are actually more frequent in the summer months. The reasons for this are murky, but having more staff out on vacation or working remotely are likely contributors. One measure we can take to prevent catastrophic infiltration is network segmentation. What Is Network Segmentation? When we segment a network, we partition a physical network into separate, logical sub-networks. We then distinguish the sub-networks and create unique security controls and services for each of them.  Applying controls to the individual, compartmentalized segments provides more control over network traffic. Network segmentation…

Strong password management is a critical aspect of keeping your network secure. Poor management of passwords is one of the most common ways that cybercriminals gain access to a network. The Verizon Data Breach Information Report 2022 found that over 80% of Basic Web Application Attacks (BWAA) use stolen credentials. What Makes A Strong Password? A strong password is impossible to guess. To accomplish this, you must use a mixture of lowercase and capital letters, numbers, and symbols. The longer your password, the stronger it is. Each character you add increases the potential combinations exponentially. It is advisable to use at least twelve characters. Passwords should be all random characters. They should not contain any intuitive or…

Cyber security is more critical than ever for industrial control systems (ICS) and operational technology networks (OT). These industries are being heavily targeted by nation-state threat actors in connection with the Russian attack on Ukraine and are included in the Shields Up warning from CISA.  Industry 4.0 has brought about a new era of manufacturing that relies on connected machines that communicate with one another. This technology has enhanced production considerably, but it also creates opportunities for hackers to steal sensitive information and interfere with manufacturing processes. Cyber Security Best Practices For ICS and OT If you haven’t already, you need to change passwords, review your internal and external exposure, and…

Network security experts across the country are warning that Russia’s invasion of Ukraine could impact organizations beyond the region as well as within, including malicious cyber activity against businesses in the U.S. Shields Up Is A Network Security Warning The Cybersecurity and Infrastructure Security Agency, or CISA, has issued a “Shields Up” warning, stating “Evolving intelligence indicates that the Russian Government is exploring options for potential cyberattacks. Every organization—large and small—must be prepared to respond to disruptive cyber incidents.” “In the wake of continued denial of service and destructive malware attacks affecting Ukraine and other countries in the region, we are working very closely with our Joint Cyber…

Cyber security consulting and training are available from RAVENii in Kansas City and across the globe. Security Awareness Training and Phishing Testing as well as training on your internal policies and procedures for your employees is a crucial element of a comprehensive network security strategy. This is primarily because the vast majority of cyber security breaches can be traced back to human error. Cyber Security Consulting And Training Is Critical Data breaches cost organizations millions of dollars every year. A cyber security consulting and training program that addresses the network security mistakes that employees may make when using email and the web as well as in the physical world, such as improper document disposal, is a modest…

Cyber enemies are now using Microsoft’s Azure’s Static Web Apps service against its customers, aggressively targeting users with Microsoft, Office 365, Outlook, and OneDrive accounts with the purpose of stealing the user’s credentials. The Azure Static Web Apps service permits web application developers to use customized domains for labeling web applications. It also provides web hosting for static content such as HTML, JavaScript, and CSS. Unfortunately, these features can effortlessly be exploited to host very tricky and Microsoft official looking static landing phishing pages. These phishing pages are fooling even the most diligent of employees and allowing the bad guys to get access to their Microsoft credentials. The impact to your…

Network security breaches resulting from social engineering attacks are on the rise in Kansas City and around the world. Social engineers use various manipulative techniques to trick victims into disclosing sensitive information, which they then use to facilitate their cyberattacks. These techniques include phishing/vishing/smishing, pretexting, baiting, tailgating/piggybacking, and quid pro quo. Phishing, Vishing, and Smishing No, this isn’t another nursery rhyme. Most everyone is familiar with phishing by now. Attackers send fraudulent emails claiming to be from a reputable source and requesting personal information. Generally speaking, phishing scams tend to target as many people as possible, but there are a couple more targeted types…

Well great salutations! Today is your day. Ravenii provides Network Security in Kansas City And to places not so far away! You have computers on desks You have problems with Zero Day threats You have Ransomware looming You’re not on your own. You have Ravenii network security! Just pick up your phone. We bring big city solutions, To wherever you call home! We’ll assess all the risks Those you know and those you don’t. We’ll look up and down. We’ll look in and out. We’ll look all over and always with care. Ravenii network security Keeps ALL types of companies, Small/rural municipalities too, Safe from attacks and ransomware. If you look on your own For threats and attacks You may not find any And choose to ignore. In that case, of course…

A cybersecurity war is being waged in addition to the Russian ground attack on Ukraine. At this point, the targets are largely Ukraine and Russian critical infrastructure.  A few statistics:  Nearly 80% of nation-state activity targeted enterprises; 21% targeted consumers.  The most targeted sectors were government (48%), NGOs and think tanks (31%), education (3%), intergovernmental organizations (3%), IT (2%), energy (1%), and media (1%).  Microsoft has alerted customers of nation-state attack attempts 20,500 times in the past three years. Russian nation-state actors primarily target the United States, Ukraine, and the United Kingdom, Microsoft data shows. US commercial enterprises are not being targeted for damage at this point, but you…