Chris Hartwig

“Chris
Find me on:

Recent Posts

NIST 800-63b Password Guidelines Surprises

Posted by Chris Hartwig on Oct 16, 2017 9:53:21 AM
submit to reddit

 

NIST released new guidelines for user password requirements that are significantly different than those you may be used to following. For anyone keeping up with identity management guidelines over the past several years, this is not a surprise. For the non-security geeks among us, these changes may seem like a revelation to the mantra of password management we’ve heard for the past 20 years.

Read More

Topics: passwords

What Usually Happens In a Ransomware Attack

Posted by Chris Hartwig on Oct 5, 2017 9:20:28 AM
submit to reddit

 

 

So, you got hit with ransomware today. You know…. that thing you’ve been hearing about that encrypts your data and holds it for a bitcoin ransom? You were so sure ransomware would never infect your network because you have an email filter, you have a firewall, you have up-to-date antivirus installed on your desktops, and you are probably using FSRM to control what files can be saved on your file server. Even if you did get hit with ransomware, you would probably just use one of those neat decryptors to reverse it. That sounds like several layers of protection that should stop any intruder, right??

Read More

45 New Decryptors added to the Free Ransomware Decryptors

Posted by Chris Hartwig on Oct 4, 2017 2:21:29 PM
submit to reddit

Cybercriminals have been busy creating thousands of new ransomware variants over the past few months which they have used to steal hundreds of thousands of dollars from unsuspecting companies all over the world. WatchPoint continuously scours the web for new decryptors released by antivirus companies and has compiled one of the most extensive lists of free decryptors available.

Read More

WatchPoint Tip of the Week - Employee Ransomware Email Notice

Posted by Chris Hartwig on Apr 24, 2017 10:52:57 AM
submit to reddit

Ransomware attacks have beome a grave threat to businesses across the world. Cybercriminals use data encrypting ransomware to hold a companies data hostage until a ransom of hundreds or several thousand dollars has been paid. Since a majority of ransomware attacks are delivered to your end users in email, it's important to educate your end users of the danger that ranomware poses and what they can do to help protect the company from ransomware. Here is a short letter you can email your employees to inform them of the dangers of ransomware.

Read More

Topics: Cyber Threats, Ransomware, Phishing

Death of Aaron Hernandez Exploited by Ransomware Cybercriminals

Posted by Chris Hartwig on Apr 21, 2017 7:00:00 AM
submit to reddit

Cybercriminals stooped to new lows this week after the death of Aaron Hernandez. It was reported yesterday that the former New England Patriots tight end and convicted murderer committed suicide in his jail cell. Aaron took his life the same day the 2017 Super Bowl champion New England Patriots were invited to meet with President Donald Trump in the White House. The fall from grace of Aaron Hernandez was widely recounted in the news media starting June 26, 2013, with his arrest and charge of murder for the death of Odin Lloyd. Things never got better for Aaron. Just one day before his alleged suicide Hernandez was charged with two previous murders and implicated in the shootings of three other individuals in two separate incidents dating back to when Aaron attended college.

Read More

Topics: Cyber Threats, Ransomware, Phishing

Ransomware Targeting HR Departments

Posted by Chris Hartwig on Jan 9, 2017 9:47:46 AM
submit to reddit

Last year I wrote an article after I received an email that was intended to go to our Human Resources department. I noticed some red flags in the email and was able to conclude that it was a phishing attempt. I got to thinking from the cybercriminals perspective about how easy it would be to compromise the Human Resources department with ransomware due to the high volume of applications that many companies receive. I had no idea how accurate my thoughts would turn out to be.

Read More

Topics: Cyber Threats, Scams, Ransomware

How Ransomware Stole Christmas

Posted by Chris Hartwig on Nov 22, 2016 3:03:44 PM
submit to reddit

We are all familiar with the story How the Grinch Stole Christmas! written by Dr. Seuss and published December 25th, 1956. A children’s story about a Grinch who attempts to end Christmas by stealing all the food, candies, decorations, and presents in Whoville, it captured the hearts of generations of children and adults alike. If you’re like me, you remember having the story read to you in elementary school and watching the animated movie every year on or around Christmas time.

Read More

Topics: Cyber Threats, Data Breach, Ransomware

Oh The Irony - Russian Government Hacked

Posted by Chris Hartwig on Nov 21, 2016 8:00:00 AM
submit to reddit

An American hacker who goes by the name of “Jester” has struck back against the Russian federation in retaliation for Russian cyber-attacks against American companies and the recent cyber-attack against the DNC. The attack against Russia really wasn’t that impressive; just a message placed on an archived page of the foreign affairs website, but the note left behind is intriguing and maybe a bit comical.

Read More

Topics: Data Breach

Using Group Policy to Disable Show Hidden Files

Posted by Chris Hartwig on Oct 25, 2016 1:29:20 PM
submit to reddit

There are thousands of hidden files on your workstation that were installed with your applications and operating system that you probably are not aware exist. Deleting these hidden files could be catastrophic, so keeping these files safe and hidden is important. If you discover certain hidden files and attempt to delete or alter them, there could be a number of unforeseen consequences for the operating system and applications, including data loss and completely crashing the system.

Read More

Topics: Uncategorized

What is Endpoint Detection and Response (EDR)?

Posted by Chris Hartwig on Oct 17, 2016 9:23:34 AM
submit to reddit

Talk to any security expert in the field who has a few years of experience under their belt, and they will tell you the current threat landscape is ever-evolving and it takes a lot of effort and expertise to stay on top of the continual development and attacks of malware. There are approximately 86,000 new malware products produced every day. To make matters worse, security provider FireEye says that “82 percent of all malware it detects stays active for a mere hour, and 70 percent of all threats only surface once, as malware authors rapidly change their software to skirt detection from traditional antivirus solutions. The function signature-based AV serves has become more akin to ghost hunting than threat detection and prevention.”

Read More

Topics: Cyber Threats, Data Breach, Ransomware