Here is the best secure networking for small business. All the devices are consumer devices and can be setup at home. Please contact Robin if you need support.

NSO Group’s spyware has been used to facilitate human rights violations around the world on a massive scale, according to a major investigation into the leak of 50,000 phone numbers of potential surveillance targets. These include heads of state, activists and journalists, including Jamal Khashoggi’s family. More information

Read the full story – Top cybersecurity firm FireEye hit by cyber attack

A major hospital chain has been hit by what appears to be one of the largest medical cyberattacks in United States history. Computer systems for Universal Health Services, which has more than 400 locations, primarily in the U.S., began to fail over the weekend, and some hospitals have had to resort to filing patient information with

Native Windows Ransomware protection works better than any 3rd party endpoint protection  How Windows Defender Ransomware protection works Step 0 Turn on Windows Defender Ransomware protection(Start   > Settings  > Update & Security > Windows Security > Virus & threat protection> Manage ransomware protection> Controlled folder access. ) Step 1 Windows Defender will identify malicious software/process/access Step 2

Microsoft Put Off Fixing Zero Day for 2 Years https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464 https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/ https://blog.virustotal.com/2019/01/distribution-of-malicious-jar-appended.html https://medium.com/@TalBeerySec/glueball-the-story-of-cve-2020-1464-50091a1f98bd This is fucking bonkers https://t.co/XXiwW2b062 — SwiftOnSecurity (@SwiftOnSecurity) June 13, 2020 What does this matter? 1) Attackers can bypass security features(Any antivirus/security endpoint) and load improperly signed files 2)Windows cannot validate file signatures correctly 3)This was first spotted in attacks used in

Initial spreading Drive-by Compromise https://attack.mitre.org/techniques/T1189/ Fake Google Chrome updates that are delivered to victims via drive-by download attacks when victims browse compromised websites. The initial malware is delivered to victims in the form of a ZIP archive that contains a malicious JavaScript file. Theoretical mitigations: Application Isolation and Sandboxing, Exploit Protection, Restrict Web-Based Content, Update

More details about Zero trust network

Network security appliance/protection 1 Firewall/WAF 2 IPS 3 Endpoint security/Antivirus Risk and Security Management 1 Security awareness 2 Security policy Customized security solutions 1 Heterogeneous network design 2 Zero-trust network design Data management 1 Data at rest 2 Data in motion 3 Data in use 4 Data backup Recovery Plan 1 Data recovery 2 Infrastructure

Who will be the potential targets 1 High-value targets who can pay the ransom 2 Those who cannot afford service outage 3 Those who cannot afford data lose 4 Those who use their own cloud infrastructure Is your business sensitive to the data/service 1 What data do you have and what is the protection 2