(402) 261-0123

Archives

Learn more news

Archives for Author: Infogressive Team

Justin on InSecurity Podcast

Our very own Justin Kallhoff, Infogressive founder and CEO, joined Matt Stephenson, host of Insecurity Podcast, for a discussion about securing SMBs (small to mid-sized businesses).

Justin and Matt chat about:

  • The difference between MSP and MSSP
  • The beginning years of Infogressive
  • Ransomware
  • How we do what we do
  • Common mistakes
  • and m...

Families Are Targets, Too: 5 Home Cybersecurity Tips

It's not just big businesses that are at risk of being hacked or cyber-attacked.

It may seem scary to let your kids–or yourself–go online after you hear that, but don't throw all the computers away and live off-the-grid just yet. Try implementing these five cybersecurity practices in your home to give your family some peace-of-mind online:

1. Create strong passwords

...

MSP vs Hacker: Penetration Test Demo

     We all know that security is hard… for an MSP, it’s even more difficult.
In addition to balancing the everyday security risks that every business faces, MSP’s also have to focus on their customers’ networks. A lot of times, customer networks take precedence and MSP’s in-house security falls short.

This is a message to all MSP’s: it’s time to take security off the...

Vulnerability Management: Don’t Be That Guy

Ignore security at your own and your customers’ peril. Recently there was a post on r/sysadmin from a network administrator who had a client system hacked because he left their iLO card facing the internet… and didn’t stay up to date on vulnerabilities and patching. His lack of situational awareness led to what he initially viewed as a brief operational interruption, but has now come to und...

Scam Alert: Sextortion Email Using Real Passwords

In the past 48 hours, security operators have seen a new ‘sextortion’ message begin popping up in client inboxes almost everywhere. The most frightening part of this message is that it lists a password either in the subject line or the first sentence. This password probably looks familiar, and if you’re one of the (too many!!!) people who reuse the same password for multiple sites (or everyt...

A Simple Guide to Online Privacy and Protecting Your Identity

It is easier than ever for cyber criminals to obtain your private information, especially when "trustworthy" sites are the ones putting it on the line. Follow these simple steps to ensure you're doing what you can to keep your information safe at work and at home:

Check for credibility

When you're shopping online or creating an account on a website, ask yourself the follow...

Don’t Get Hooked! 7 Signs of a Phishing Email

it, but your computer, mobile devices, accounts, and information all have value to cyber criminals. According to Verizon's 2017 Data Breach Report, 91% of company breaches start with an email. Knowing how to maintain email security at the user-level will keep you and your company safe. Here are the top 7 signs of a phishing email to watch out for:

Healthcare Case Study -Malware on Surgical Laser

ase studies that give you goosebumps thinking about the current state of cybersecurity in the healthcare industry. For example, a medical laser being infected by malware. Read on for the details.

The Organization 

A regional health system with more than 13,000 employees

The Environment

CEO, Justin Kallhoff’s Interview with Bar Napkin Business

11 Years Ago, Justin Kallhoff, our CEO saw a significant gap in the cybersecurity of businesses. Large businesses have sufficient funds for the cybersecurity needed. Small to medium businesses however, are left with little to no protection. To make matters worse, criminals out to steal data from such companies figured this out rather quickly. Big companies may have deeper p...

Cylance Case Study – Healthcare

The Customer 

A US-based healthcare services and product provider with over 400 locations nationwide, directly supporting over one million patients.

Scam Alert – Cyber Monday

Scam Alert - Cyber Monday is coming and scammers will take advantage!

Savvy criminals are getting ready to celebrate the holiday season just like we are. The difference is they plan to fund their holiday with your bank account. Hackers go into scam-overdrive mode during Black Friday and Cyber Monday.<...

Alert: Bad Rabbit Ransomware

What we know so far...

Looks like there's a new kid on the block in Ransomware today that is creating havoc for a number of organizations in Russia, Ukraine, Germany, and Turkey. Sources have confirmed that several media sites in Russia as well as Kiev Metro and Odessa airports have been hit with what is being called the Bad Rabbit ransomware. No confirmed hits in the US as...

Infogressive is Growing Stronger

Heather Lantz - Chief Operating Officer

Congratulations to Heather Lantz! Heather has just been promoted to our newly created position of Chief Operating Officer. She has been with Infogressive since April 2016 in the ...

What Do You Have That Cyber Criminals Want?

You may not realize it, but you, your company, and your employees are all targets for cyber criminals. Computers, mobile devices, accounts and your information all have tremendous value.

Usernames & Passwords

If your computer or mobile devices are compromised, cyber criminals can install programs on your computer that can log all of your keystrokes. This program is called a

Whiteboard Wednesdays: Major Equifax Breach and What You Can Do

The recent breach reported by Equifax is massive, with more information surfacing all the time. When something like this happens, we hear a lot of questions from concerned individuals, such as: Could this happen to our business or organization? Could this have been prevented? How do I protect myself in case my information was stolen? What exactly happened? Derrick Masters, Security Enginee...

Whiteboard Wednesdays: Are You A Target?

When you think about organizations that have experienced a data breach, what are the first ones that come to mind? If you’re like most people, chances are your answers were likely Target, Home Depot, The IRS, Anthem Blue Cross, or any of the other big-name breaches that have occurred in the last few years. While these are the breaches that make headlines and stick out i...

Client Spotlight: Adam Walter

There is nothing more important to us at Infogressive than our customers. Through roles in both the public and private sector, Adam Walter has retained our team to work with him on a wide variety of cybersecutiy needs. As he says in the video, sometimes you are just too close to a problem. It can take outside eyes to come in and uncover some issues that you didn’t know you h...

Whiteboard Wednesdays: MSP vs. MSSP

It seems like there’s always a new buzzword or acronym emerging in the IT and Cybersecurity industries. It can be tough to keep up on what they are and what they mean. The differences between a Managed Services Provider (MSP) and a Managed Security Services Provider (MSSP) are sometimes difficult to decipher. At Infogressive, we’re an

Whiteboard Wednesdays: Vulnerability Scanning Authentication

Vulnerability scans are a great way to dive deeper into a network and search for problems that may go otherwise undetected. Many times, however, security professionals are performing scans that are only scratching the surface of what could potentially be uncovered. So how do you know if you’re doing it the right way? Follow along in this week’s Whiteboard Wednesdays video to find the ans...

Client Spotlight: Cornhusker Bank

As a $500m bank with 10 locations throughout Lincoln, Cornhusker Bank has a lot of data to protect. Facing threats that were constantly evolving and an incumbent MSSP that wasn’t hitting the mark, they knew it was time to make a change. To overcome these challenges, Cornhusker sought to find a new cybersecurity partner that could provide a complete solution that was customized to their enviro...

Cylance vs. Malware Posing as a Sneaky Flash Installer

Written By: Derrick Masters, Security Engineer Thanks to the deluge of Crypto malware attacks recently, everyone in infosec has been VERY on edge about anything that pops in a quarantine. "Oh crap. What'd they hit? Where's it going? What IS this?!" Unless you have Cylance. Recently, we noticed such a hit with one of our customers in the financial world. We received an alarm out of our SIE...

Whiteboard Wednesdays: Vulnerability Scans vs. Penetration Tests

There is still quite a bit of confusion out there on the differences between a Vulnerability Scan and a Penetration Test. The truth is both services can be successful in keeping you ahead of the hackers, but the trick is knowing which one is right for you and when. Understanding the features and benefits of both Vulnerability Scans and Penetration tests will help you be sure you make the most o...

Whiteboard Wednesdays: The Basics of Keylogger Protection

As a cybersecurity professional, chances are that having a keylogger installed on any of your company’s machines is one of your worst case scenarios. Once a keylogger is installed, nothing is sacred. Passwords, proprietary information, and banking credentials are just a few of the many things that are now known to hackers. So how does this happen and how do you prevent it? Check out this w...

Whiteboard Wednesdays: Flat vs. Segmented Networks

The fact is, there’s a right way and wrong way to deploy a firewall in a network. Positioning your firewall correctly could make all the difference if a malicious actor were to obtain access to a workstation in your environment. Follow along in this week’s Whiteboard Wednesday video as our CEO, Justin Kallhoff, discusses the differences between a flat and segmented network. Having your f...

Whiteboard Wednesdays: What Does A Hacker Look Like?

Infogressive is excited to begin our new Whiteboard Wednesdays series! What is Whiteboard Wednesdays, you ask? Every Wednesday our Security Engineers tackle a new topic in a bite-sized video, with the goal of providing some useful insight into the world of cybersecurity. First up is a question we get asked all the time: What does a hacker look like? We’re not going to giv...

Scam of the Week – June 20, 2017

Voter data on 198 million (yes that's million) US citizens was improperly stored and freely available for 12 days on the Internet. There has never been a data breach this big. The information includes: birthdates, home addresses, telephone numbers, political views, suspected religious affiliations, ethnicities, where they stood on topics like gun control, and the right to abortion and stem cel...

Scam of the Week – June 5, 2017

Here is a reminder that you need to be alert for fake emails that look like they come from your local police or State Dept of Motor Vehicles (DMV) claiming you have a traffic violation. At the moment, there is a local scam in New York that falsely states you have outstanding violations you need to either pay for or refute, and if you don't your license will be revoked. This scam may spread t...

Ten Cybersecurity Tips and Tools for Professionals in the Industry

Written By: Michael Wisthoff, Information Security Analyst Surviving as a professional in the cybersecurity realm is no easy task, but the need for more of us is ever increasing. Below are some tips and tools that you might find useful if cybersecurity has been entrusted to you.

10 Tips & Tools You Should Be Using

Password Manager - KeePass

With the need for more...

Starting Your Cybersecurity Strategy From Scratch? Follow These 4 Steps

ure Written By: Cory Rutten, Security Account Manager If you are like most of the business owners we talk to these days, you’re likely overwhelmed with trying to effectively secure your data. We still encounter organizations starting their security from square one on a fairly regular basis, and we know it’s not an easy task. It can be tempting to get caught up in the single sol...

CylancePROTECT vs. RansomFree: Do You Get What You Pay For?

Written By: Derrick Masters, Security Engineer As an all-around nerd, not just a security nerd, I spend a lot of time checking out non security related blogs that involve a lot of technology. One in particular is Lifehacker.com. They usually have some pretty interesting blurbs about software or attacking a problem in a different way. Nothing too heavy, but still useful. The other day, though...

Hotel Hacked in Austria – Third Time is a Charm?

Written By: Jeff Eckley, Security Account Manager Once, twice, three times…...no not the song, unfortunately. Three is the number of times a hotel in Turrach, Austria was hit by hackers. The cyber criminals left a backdoor on the hotel network exposed, allowing them to hold the hotel hostage with ransomware at any time. The hackers had total control of the reservation systems, all ho...

6 Scary Cybersecurity Threats Facing SMBs

Although cyber attacks against large companies make the biggest headlines, small and medium-sized businesses are not immune to the threats. SMBs are just as vulnerable as large enterprises, and in many cases, more so; because they have fewer resources to devote to cybersecurity. According to ...

Pros and Cons of SSL Encryption

People familiar with Hypertext Transfer Protocol Security (HTTPS) know it protects online activities and communications by applying Secure Sockets Layer (SSL) encryption to web traffic. This is a benefit to organizations that need to shield private data from exposure. And what organization doesn’t? But SSL encryption is also a double-edged sword, because bad act...

Quick Guide To Mobile Device Security Risks & Best Practices

Most people are never far away from a tablet, smartphone or both. In fact, according to a Bank of America survey, more people reach for their phone first thing in the morning than a toothbrush or cup of coffee. Yet our attachment to our phones brings new risks. With the advent of BYOD in the workplace, businesses must face the fact that their corporate data could be compromised. Every mobi...

Top 5 Cybersecurity Predictions for 2017

It's no secret that 2016 was a rough year in terms of cybersecurity attacks. We saw big name breaches at the IRS, Verizon, the DNC, LinkedIn, and who could forget- Yahoo! But while those breaches are top-of-mind and easy to remember, it’s important to also remember the impact hackers had on small businesses this year. Retail shops, medical offices, and financial...

The 5 Ways Infogressive Protects Your Castle with Managed Security Services

Written By: Jared Froehlich, Security Account Manager It seems that our newsfeeds are constantly flooded with the headlines of the latest cyber attack. Wishing it away or hoping that our news filters were malfunctioning, is just not possible. Sadly, it is due to the fact that these crimes are happening more frequently than ever before. The worst part is that the r...

Penetration Test or Risk Assessment: Which One Is Right For Me?

It's not uncommon for the terms ‘Risk Assessment’ and ‘Penetration Test’ to be used interchangeably, but the truth is, the two are very different. A Risk Assessment typically involves identifying areas of vulnerability or potential weakness, and then providing a roadmap to a stronger security posture. Penetration Tests take that one step further by actively exploiting those vulnerabili...

That’s No Moon… It’s Malware

Written By: Derrick Masters, Security Engineer Thanks to the deluge of Crypto malware attacks recently, everyone in infosec has been VERY on edge about anything that pops in a quarantine. "Oh crap. What'd they hit? Where's it going? What IS this?!" Recently, we noticed such a hit with one of our customers in the financial world. We received an alarm out of our SIEM that Cylance had quaran...

Preventing 3rd-Party Security Breaches: A Must For Healthcare

Businesses in all sectors are increasingly relying on vendors and associates. This is especially true in healthcare, where functions such as billing are frequently performed by outside parties, and providers rely on various partners for services like imaging and diagnostics. While third-party contractors provide benefits such as cost-savings, supplemental expertise and improved efficiencies...

What a Successful SIEM Can’t Do Without

In response to increased compliance concerns and the need to protect against security breaches, more companies are implementing SIEM technology to more easily collect, correlate and analyze data and security alerts from a central location. But once a SIEM is in place, how can organizations be sure it remains effective over time? That’s where a detailed threat assessment comes in. At its b...

Financial Regulators Crack Down on Cybersecurity

>With the ever increasing number of financially oriented businesses, there are a lot more assets that are of value to criminals—in addition to money. This includes retail customers’ personal data as well as competitive information. It’s all valuable. And it’s a big reason why financial firms get attacked four times more often than firms in other industries.

Multiple Attacks, Multip...

The One Thing All Secure Networks Should Have in Common

Written By: Jeff Murphy, Security Engineer The days of dividing your firewall up into three primary zones, inside, outside and DMZ are fast coming to an end. Security standards such as PCI-DSS, HIPAA, NIST and a host of others all suggest the use of segmentation in order to protect critical systems. But what’s the best way to design that segmentation? What goes where and who gets to ta...

5 Smart Reasons To Consider a Managed Security Service Provider

The media is full of news when cyber attacks on big, billion dollar companies expose millions of customers' personal information. Attacks on smaller companies tend to fall under the radar screen, leading many to think they’re too small to attract hackers’ attention. This is a mistake because as bad publicity forces big companies to take steps to improve their cybersecurity, smaller compani...

Drinking from the SANS Fire Hose: The Finest Cybersecurity Instruction

Written By: Jeff Murphy, Security Engineer The SANS Institute is a cooperative research and education organization that reaches more than 165,000 security professionals around the world. Their programs undergo constant scrutiny and revision to ensure that the content is both on point and represents the state of the information security landscape as it stands today. They are, without a doubt...

Privileged Accounts: Catch-22 for Network Security

Written By: Rob Frickel, Director of Engineering Privileged accounts represent one of the largest vulnerabilities an organization faces today in network security. It doesn’t matter if the accounts are compromised by an external attacker or a malicious insider. If privileged accounts are in the hands of an adversary it is a very real and scary threat. These accounts have the ability to tak...

IRS: Hacked to the Third Power

Written By: Derrick Masters, Security Engineer

IRS Breach Update

In May 2015 the IRS announced that they had been breached and that only about 100,000 people had been affected. A couple of months later, they said “wait…wait…Maybe that number was higher…to about 334,000.” Now, here we are several months later and the IRS is saying “Just kidding! It was actually 724,000....

IT Professionals: Quit Buying Bad Customer Service

Written By: Lindsay Doll, Chief Growth Hacker Think about the last time you went to a restaurant and experienced truly terrible service. Whether you waited an hour for your food, they messed up your order, your server needed an attitude adjustment, or all of the above, how likely is it that you will return anytime in the near future? No matter how good the food was, I’m betting your answe...

Prepare for the Hunt – Five Practical Tips to Make Log Analysis Less Miserable with Fortinet

Written By: Derrick Masters, Security Engineer Log analysis. It's a thing. First reactions are probably going to be "Yuck," "Make the new guy do it," "Insert expletive here," or the more common "Why? What broke now?" Everyone in IT knows that logs are one of the single most important things in any environment. If something breaks, check the logs. Someone blaming the firewall for a site ...