How to Secure Data Backups to Protect Against Ransomware

Understanding the Risks of Ransomware Securing data backups against ransomware is a critical concern for us at Alvaka. As specialists in IT management and network services, we recognize the evolving threat landscape that ransomware represents. Ransomware attacks can encrypt your [...]

How to Secure Data Backups to Protect Against Ransomware2024-11-27T15:38:33-08:00

The Technology Behind Rhysida: Exploring Their Use of Advanced Encryption Methods

The Rhysida ransomware gang has gained notoriety for their sophisticated attacks that employ advanced encryption techniques to lock victims' data and demand ransom payments. Understanding the encryption methods used by Rhysida is crucial for developing effective defense strategies and ensuring [...]

The Technology Behind Rhysida: Exploring Their Use of Advanced Encryption Methods2024-08-14T11:45:52-07:00

Proactive Protection: How to Prepare Your Organization Against Rhysida’s Tactics

In today’s digital landscape, ransomware attacks are becoming more frequent and sophisticated, with groups like the Rhysida ransomware gang leveraging advanced tactics to infiltrate and disrupt businesses. Preparing your organization to defend against these threats requires a proactive and comprehensive [...]

Proactive Protection: How to Prepare Your Organization Against Rhysida’s Tactics2024-08-14T11:53:45-07:00

CryptXXX is ransomware that also steals your passwords and your Bitcoins

Most of my recent blogs are about ransomware. That is because ransomware is the most prevalent cyber threat today facing individuals, small and large businesses, governments and not-for-profits. No one is safe from this scourge.

Today I must tell you about a new one. Like Jigsaw, this new one called CryptXXX, is a game changer. Jigsaw was different from prior strains in that it immediately starts to delete your files just to show you that it means business. CryptXXX is different in that it introduces two new problems other than encrypting all your files and then demanding payment. Up until now ransomware has not actually breached your system and exfiltrated data. Sure you had a security incident, but it was not identified as a breach in the classic sense. Now with CryptXXX not only is your data held hostage, but now the culprits steal two new things from you. CryptXXX steals login names and passwords which puts all your systems, local and in the cloud, and any websites you frequent at risk. CryptXXX also steals your Bitcoins if you have any. The stealing of the Bitcoins is a particular insult because....

CryptXXX is ransomware that also steals your passwords and your Bitcoins2024-04-21T19:40:11-07:00

Beware of CryptoLocker v4.0

It appears this new ransomware, rather than exploiting through e-mail attachments, is exploiting users by redirecting them to infected websites.It then delivers its payload through an installer.  This makes the case we are always trumpeting at Alvaka, your users should [...]

Beware of CryptoLocker v4.02015-12-03T21:15:17-08:00

What 12 Security Things Should I Focus on to Be Defensible in 2016?

Here is a sneak-peek and what is likely my most important blog for the upcoming New Year.  This is just a partial teaser....

----------------------------------------------------------------------

Irvine, CA - I was recently asked by a roundtable of CEOs to advise them on network security.  They had a lot of questions and a lot of misinformation.  I was surprised as this was a group of technology company CEOs and what I quickly found out is that they did not know much more than my non-tech company CEO clients.  From that discussion they asked me to come back and present to them a short list of actions they should take in 2016 to better secure their systems.  Initially I wanted to present them with a list of 10 things they should focus upon.  For anyone that knows, it is easy to create a list of 100 things that should be done to secure a system. However, I decided in order to make the list actionable and not overwhelming I needed to focus on the 10 things I have seen in the past year or two that have caused the most real-life grief for our new and existing clients.  I wanted to keep the list to 10 items, but I had to fudge a bit and expand to 12 core items. Then I added three bonus items for those who are over-achievers and another three for those in regulated businesses like healthcare, financial services and Sarbanes-Oxley.

This list is not complete nor absolute.  It is a list I have created largely in order of my perceived importance based upon the real-life hacks, breaches and other maladies related to failures of network security to keep the bad guys out.  You will need to assess the requirements that are appropriate for your firm.  If you are looking for a good place to start, I offer up my suggestions below.

1.       You need to do a vulnerability assessment or security assessment.  It is impossible for you to know what actions you should take to properly secure your systems without first doing an assessment.  Assessments are common practice at many firms, yet completely ignored at others.  It is fairly easy for you to order a vulnerability assessment and the best part is that it takes very little time and participation from you and your IT staff.  The cost for this service ranges from a few thousand dollars for a very small firm to several tens-of-thousands or even hundreds of thousands of dollars for larger enterprises.  These should be done at least once per year just like your financial audit.

2.       Patching for Software Security Updates is perhaps one of the most overlooked and under-rated security measures you can implement to better secure your systems.  I maintain that good software patching measures are in some ways more important than your firewall.  A firewall is a formidable device that once it gets set-up has a number of ports opened up so that your firm can transact business.  That is where it gets weak.  Through these legitimately opened ports attackers will send nasty payloads that compromise your system, often without you knowing.  Imagine a hardened castle all buttoned up, but the draw bridge must be opened in order to conduct commerce.  Through that legitimately opened bridge come the sneak attacks, the scammers, crooks, mischievous and spies....

What 12 Security Things Should I Focus on to Be Defensible in 2016?2015-11-12T03:10:52-08:00

Did You Think the OPM Breach Could Be This Bad? I Didn’t

These are some serious allegations.  Read the whole story for the chilling insight and alleged incompetency.  Here are some choice quotes:

"From my perspective, OPM compromised this information more than three years ago," he added. "And my take on the current breach is 'so what's new?'"

In fact, the breach was unprecedented in its breadth and scope: "Security-wise, this may be the worst breach of personally identifying information ever,"

Did You Think the OPM Breach Could Be This Bad? I Didn’t2023-08-11T01:02:32-07:00

Beware – There is a New Ransomware Variant Running Loose

I just read on BleepingComputer.com a new post about a variation of the CoinVault ransomware.  This one is called BitCryptor and unless you have a good backup it sounds like you will be paying the ransom if you are hit.

Here are some key characteristics:

Beware – There is a New Ransomware Variant Running Loose2015-05-19T02:55:34-07:00