Reports of hacking bank information, dating websites and even the 2016 presidential campaign have not only contributed to high levels of paranoia for businesses but driven them to consider testing their own networks and firewalls for any possible security breaches.

The only problem is choosing between doing PEN testing, vulnerability testing or both.

Making the choice can be difficult for organizations unversed in the differences between the two tests. PEN testing and vulnerability testing have been mistakenly labeled as the same because of some conflicting reports and marketing missteps.

As wireless in the workplace has evolved over the years from a handful of hotspots in a typical office to today’s total coverage needs, many organizations have failed to redesign and keep up with current demands and expectations. There are a couple of key reasons a redesign should be considered.  First the quantity of devices connecting to the wireless network has multiplied and second, the migration of newer devices to the 5ghz band.  Originally the 2.4ghz band was the easy choice due to the fact that it has superior range and also 2.4ghz devices were genarally less expensive than those that use the 5ghz band.  The fact that there are only 3 non-overlapping channels was not a problem due to the relatively small number of devices that were connecting.  Now with the thousands of wifi enabled devices the 2.4ghz band has become overcrowded.  The 5ghz band utilizing 24 non-overlapping channels and is much less suseptable to non wifi interference. Manufacturers of wifi enabled devices who do not want their customers to experience poor performance with their product have begun producing their product utilizing the less crowded 5ghz band.  Amoung the hurdles organizations are running into to accomadate these newer devices by adding addional 5ghz radios is repositioning their existing AP’s.  Signal on the 5ghz band does not have the same coverage as the 2.4ghz band therefore more AP’s closer together are generally needed.  Additionally, with the higher data rates of the new standards, additional wiring and switch port count needs to be considered.

Lately, political parties and governments have been serious victims of cyber-attacks.  These cyber hacks have affected millions of federal employee’s productivity in their work and have affected many outcomes of governments, such as voting results.

What is the cause for this?  The problem lies in the systems; they were built decades ago and as a result they are obsolete. Legacy systems are troublesome because they are out of date. Some legacy systems go back a half a century and cannot implement network defenses as a basic as encryption.  

Disguised payment requests are the result of financial losses for companies whose employees have been targeted and spammed with fraudulent emails. These Company exec posers, got their recipients to process payments for non-existent goods or services. They did it with a fake wire and/or card transfers.

This is a great example of social engineering and the W-2 phishing scam that had happened earlier this year.

WannaCry update from NSK

                WannaCry is far and away the most severe malware attack so far in 2017, and the spread of this troubling ransomware is far from over. This unprecedented malware attack began sweeping the globe late last week, and security researchers estimated that nearly 57,000 computers in more than 150 countries were infected by the end of the day on Friday. While the spread of this terrifying ransomware was slowed on Saturday, it was hardly stopped. As of Monday morning, more than 200,000 systems around the world are believed to have been infected.