Blog PostsAll RAVENii blog posts.
Blog Categories
blog preview image
Managed Services Include Malware Analysis
Managed services from RAVENii include continuous monitoring for suspicious malware. Malware analysis is the process of detecting potential threats within a file and preventing or mitigating the potential damage from embedded malware. The analysis is useful during and after an attack as well as for preventing them entirely.  When Malware Attacks While a malware attack is in progress, malware analysis identifies and classifies the malware as well as evaluates the potential damages, which tells security analysts how to respond.  After an incident, malware analysis can help security teams identify the source and determine the extent of the damage. It gives them insight into the behavior and methods of attack in the malware that helps them…
blog preview image
Network Security Challenges In The Cloud
Network security has become a lot more complex since most organizations have adopted some form of a cloud-based environment. It is estimated that cloud spending will hit $500 billion this year. That’s up almost 20% from last year. As you move more applications and data to the cloud, the risk of a data breach increases. Three of the biggest threats to your network security are social engineering and human error, lack of access controls, and flat networks. 1. Social Engineering And Human Error The call is coming from inside the house! Research indicates that 95% of security breaches involve human error. This means that if you are not including security awareness training and phishing testing in your network security plan, you are effectively…
blog preview image
Cyber Security: All About Multi-Factor Authentication
Cyber security begins and ends with users, so the ability to verify their identity is crucial to protecting your networks. Multi-Factor Authentication, or MFA, requires each user to use more than a username and password for login. There are several types of MFA requiring a variety of verification factors, but they all fall into three main categories: knowledge, like a password or PIN; a possession, like a badge or a smartphone, or inherence, like voice recognition or fingerprints. Why do you need MFA? Though usernames and passwords are still valuable, they can be stolen by third parties and are vulnerable to brute force attacks. Compromised credentials are one of the biggest problems in the cyber security industry. Not only because they…
blog preview image
Cybersecurity Critical Concepts: MFA And PoLP
In the cybersecurity industry, we use several tools to keep networks and data secure. Two of the most important are multi-factor authentication (or MFA) and least privilege access. These are both ways of keeping would-be hackers from breaching your network, but they come at it from slightly different angles and are best used in tandem. Multi-Factor Authentication Multi-factor authentication refers to a layered approach to securing data and applications in which the system requires users to present a combination of two or more credentials to verify their identity for login. For example, entering your login credentials and then a 6-digit code sent to your phone as a text message or to your email address. Even the strongest credentials can…
blog preview image
Cybersecurity: Hackers Don't Take Vacations!
Cybersecurity breaches, unfortunately, do not slow down in the summer. In fact, most security professionals will tell you that they are actually more frequent in the summer months. The reasons for this are murky, but having more staff out on vacation or working remotely are likely contributors. One measure we can take to prevent catastrophic infiltration is network segmentation. What Is Network Segmentation? When we segment a network, we partition a physical network into separate, logical sub-networks. We then distinguish the sub-networks and create unique security controls and services for each of them.  Applying controls to the individual, compartmentalized segments provides more control over network traffic. Network segmentation…
blog preview image
Password Management Is Critical
Strong password management is a critical aspect of keeping your network secure. Poor management of passwords is one of the most common ways that cybercriminals gain access to a network. The Verizon Data Breach Information Report 2022 found that over 80% of Basic Web Application Attacks (BWAA) use stolen credentials. What Makes A Strong Password? A strong password is impossible to guess. To accomplish this, you must use a mixture of lowercase and capital letters, numbers, and symbols. The longer your password, the stronger it is. Each character you add increases the potential combinations exponentially. It is advisable to use at least twelve characters. Passwords should be all random characters. They should not contain any intuitive or…
blog preview image
Cyber Security: Shields Up for Industrial Control Systems & Operational Technology Networks
Cyber security is more critical than ever for industrial control systems (ICS) and operational technology networks (OT). These industries are being heavily targeted by nation-state threat actors in connection with the Russian attack on Ukraine and are included in the Shields Up warning from CISA.  Industry 4.0 has brought about a new era of manufacturing that relies on connected machines that communicate with one another. This technology has enhanced production considerably, but it also creates opportunities for hackers to steal sensitive information and interfere with manufacturing processes. Cyber Security Best Practices For ICS and OT If you haven’t already, you need to change passwords, review your internal and external exposure, and…
blog preview image
Network Security: What Is Shields Up?
Network security experts across the country are warning that Russia’s invasion of Ukraine could impact organizations beyond the region as well as within, including malicious cyber activity against businesses in the U.S. Shields Up Is A Network Security Warning The Cybersecurity and Infrastructure Security Agency, or CISA, has issued a “Shields Up” warning, stating “Evolving intelligence indicates that the Russian Government is exploring options for potential cyberattacks. Every organization—large and small—must be prepared to respond to disruptive cyber incidents.” “In the wake of continued denial of service and destructive malware attacks affecting Ukraine and other countries in the region, we are working very closely with our Joint Cyber…
blog preview image
Cyber Security Consulting In Kansas City And Beyond
Cyber security consulting and training are available from RAVENii in Kansas City and across the globe. Security Awareness Training and Phishing Testing as well as training on your internal policies and procedures for your employees is a crucial element of a comprehensive network security strategy. This is primarily because the vast majority of cyber security breaches can be traced back to human error. Cyber Security Consulting And Training Is Critical Data breaches cost organizations millions of dollars every year. A cyber security consulting and training program that addresses the network security mistakes that employees may make when using email and the web as well as in the physical world, such as improper document disposal, is a modest…
Security Alert | New Microsoft Phishing Scam
Cyber enemies are now using Microsoft’s Azure’s Static Web Apps service against its customers, aggressively targeting users with Microsoft, Office 365, Outlook, and OneDrive accounts with the purpose of stealing the user’s credentials. The Azure Static Web Apps service permits web application developers to use customized domains for labeling web applications. It also provides web hosting for static content such as HTML, JavaScript, and CSS. Unfortunately, these features can effortlessly be exploited to host very tricky and Microsoft official looking static landing phishing pages. These phishing pages are fooling even the most diligent of employees and allowing the bad guys to get access to their Microsoft credentials. The impact to your…
CONTACT US

For more information about our services or to ask a question, please use this form. One of us will contact you soon.