Category

Cybersecurity

I’m Not a Target, I’m Just a Little Guy

By Cybersecurity No Comments

These words represent a common mindset we hear from owners and IT professionals in small to medium sized business.  It is troublesome, to say the least.  It is easy to fall into a false sense of security with all of the high-profile news about big companies being compromised.  But we at Alpine Cyber Solutions want to remind everyone that there are very important reasons to be vigilant in the defense of your network, no matter your size. A primary attack vector for intrusion into a larger company is to take advantage of smaller partner companies that may not have the same standards as…

Read More

Anti-Virus Isn’t Enough – An Introduction to Layered Defense

By Cybersecurity One Comment

This is the first in Alpine’s series on the modern security stack.  Over the next few weeks, we will delve more deeply into each of the technologies that form a proper layered defense strategy. Do you have good security?  Of course!  We have the best anti-virus money can buy… Those of us in the security services and architecture arena have seen this conversation time and time again.  And it makes us cringe every time.  Sure, there was a time when a solid anti-virus would prevent the lion’s share of problems that the young malware authors presented.  But that time has passed….

Read More

Password Lessons from Starbucks

By Cybersecurity 5 Comments

Once again, there is a battle between security and convenience. Unfortunately this time it affects anyone who enjoys the simplicity of buying a latté with their smartphone. Bob Sullivan, an investigative journalist, reported that Starbucks consumers are being victimized by criminals who transfer funds leveraging the auto-reload capability of the mobile app. The theft starts with a username and password change outside of business hours, followed by a series of increasing account fund reloads – all within a matter of minutes. Criminals can steal hundreds of dollars without the victim realizing that it’s already too late. This was a relatively…

Read More

VM Vulnerability: VENOM

By Cybersecurity No Comments

A new zero-day exploit has been discovered by Jason Geffner, a Senior Security Researcher at CrowdStrike, and its target is the virtual data center.  VENOM (short for Virtualized Environment Neglected Operations Manipulation) allows a malicious user to send a command to their own virtual instance that will cause it to crash and open the door for exploitation of the entire hypervisor and connected network.  This means that the attacker could gain full bare metal control of other companies’ virtual machines, if they’re hosted in the same virtual data center or cloud.  The command targets a commonly ignored component of most virtual machines -the legacy floppy disk…

Read More