|
Blog
|
Security

Why You Need to Patch Your Windows 10, Server Instances ASAP

Arraya Insights Arraya Insights| January 27, 2020

Heads up: Microsoft and the National Security Agency (NSA) just sounded the alarm on a newly-discovered Windows vulnerability, one that has left potentially hundreds of millions of devices open to attack. Designated CVE-2020-0601, it affects certificate validation within devices running Windows 10, Windows Server 2016, Windows Server 2019, and Windows Server version 1803. Essentially, attackers […]

Read More >

Cyber Insurance Gap May Leave Merck Hanging After NotPetya

Arraya Insights Arraya Insights| December 10, 2019

During the summer of 2017, pharmaceutical giant Merck was one of countless companies, around the world hit by the most devastating cyber-attack in history: NotPetya. Initially masquerading as ransomware, NotPetya turned out to be far worse: a strain of malware designed to destroy systems rather than hold them hostage. The toll NotPetya inflicted on Merck […]

Read More >

3 Factors (Besides Budget) That Promote Cyber Security Success

Arraya Insights Arraya Insights| December 5, 2019

Here’s something we can all be thankful for this holiday season: Larger cyber security budgets are reportedly on their way! In a recent FireEye study, 76% of participants said they expect their security budgets to increase in 2020. That’s obviously encouraging for those fighting the good fight and bad news for those on the other […]

Read More >

Why Phishing Campaigns Succeed - And How to Fight Back

Arraya Insights Arraya Insights| September 25, 2019

Here’s an encouraging stat: Nearly all (99%) of email-based threats like phishing are totally harmless in and of themselves. In order to become dangerous, they require some type of user interaction, whether that’s clicking on a link, opening an attachment, etc. Yet, email remains a highly popular and lucrative attack vector. In fact, phishing ranks […]

Read More >

8 Cyber Security Blind Spots that Could Cost SMBs Big

Arraya Insights Arraya Insights| September 5, 2019

No entity, no matter the size, can afford cyber security blind spots. The recent string of ransomware attacks targeting local governments has underscored that point. Hackers have gone after major cities like Baltimore and they’ve hit places the average person is less familiar with, like Lake City, FL. Despite the risks, many small-to-midsized municipalities, businesses, […]

Read More >

Microsoft as a Security Company? 6 Updates Behind the Cliché

Arraya Insights Arraya Insights| September 3, 2019

Raise your hand if you’ve heard someone describe Microsoft as a “security company” at some point in the last few years. We can’t say for sure – maybe because your Microsoft desktop is so secure – but we’re guessing there are plenty of hands in the air. We get it. Given cyber security’s status as […]

Read More >

When to Trust in TACACS+: 3 Use Cases

Arraya Insights Arraya Insights| July 3, 2019

These days, everybody is looking for a cyber security silver bullet. Organizations want something flashy, new, and most importantly, capable of besting any threat or malicious actor that may cross its path. TACACS+ is none of those things. In truth, that perfect cyber security cure-all may never materialize. Instead, the most successful security postures use […]

Read More >

Keeping Your Organization Safe with Password Management and DUO 2FA

Brandon Levengood Brandon Levengood| June 27, 2019

Most cybersecurity experts will advise employees to keep their personal information off their company-issued devices. In fact, most companies’ acceptable use policies require it. Yet, despite the ample warnings and policies, employees continue to use their work devices for decidedly non-work purposes. With the growing popularity of remote working, road-warriors, bring your own device (BYOD), […]

Read More >

Microsoft Ditches Mandatory Password Expiration: What to Do Instead

Arraya Insights Arraya Insights| June 18, 2019

Earlier this month, Microsoft issued an exciting announcement regarding passwords. Now, “exciting” and “passwords” aren’t two things that normally find themselves together in the same sentence. However, this news is the most significant change in Microsoft’s password policy recommendations in nearly three decades. In a recent blog post, Microsoft announced plans to remove regular mandatory […]

Read More >

Citrix, Equifax, and How to Data Breach-Proof Your Business

Arraya Insights Arraya Insights| March 13, 2019

Last week, Citrix became the latest victim of a high-profile data breach while Equifax, a perennial cyber security punching bag, was raked over the coals by Congress. Both stories represent valuable learning opportunities for organizations seeking to avoid a similar fate. Let’s review each story, then we’ll share some insights into how companies can protect […]

Read More >