Tag

Endpoint Security

Comprehensive resources on securing laptops, desktops, mobile devices, and other endpoints that connect to your network. Covers endpoint detection and response tools, device hardening, patch management, encryption, and policies that minimize the attack surface across distributed environments.

posts

Computer Virus Prevention

Computer Virus Prevention: 9 Steps That Actually Work

The Virus That Cost One Hospital Chain $67 Million In 2017, the NotPetya attack crippled organizations worldwide. Heritage Valley Health System in Pennsylvania lost access to its entire network. Surgeries were delayed. Patient records vanished. The total global damage from NotPetya exceeded $10 billion, according to the White House. And

Carl B. Johnson Jul 30, 2022 6 min read
Ransomware

How Ransomware Spreads: 6 Attack Vectors You Must Know

In February 2022, the FBI and CISA issued a joint advisory warning that ransomware incidents against 14 of 16 U.S. critical infrastructure sectors had increased dramatically. That advisory wasn't theoretical — it followed real attacks against water treatment facilities, hospitals, and food processors. If you're searching

Carl B. Johnson Mar 18, 2022 7 min read
Remote Work Cybersecurity Tips

Remote Work Cybersecurity Tips That Actually Work

In July 2021, a remote employee at a Florida IT management firm clicked a link that looked like a routine software update. Within hours, the REvil ransomware gang had compromised Kaseya's VSA platform and cascaded the attack to an estimated 1,500 downstream businesses. The initial foothold? A

Carl B. Johnson Jan 15, 2022 6 min read
Mobile Device Security Policy

Mobile Device Security Policy: A Practical Guide

In April 2021, the FBI's IC3 reported a sharp rise in mobile-focused phishing attacks — schemes specifically designed to exploit the smaller screens and always-on nature of smartphones. I've watched organizations pour millions into securing their perimeters while ignoring the devices employees actually use the most. The

Carl B. Johnson Dec 22, 2021 7 min read
BYOD Security Risks

BYOD Security Risks: What Your Policy Is Missing

A Single Employee's Phone Just Cost This Company Everything In August 2021, T-Mobile confirmed a massive data breach affecting over 50 million people. While the full attack chain was complex, the reality is that personal devices connecting to corporate environments create attack surfaces that most IT teams drastically

Carl B. Johnson Dec 22, 2021 7 min read
USB Drive Security Risks

USB Drive Security Risks: The Threat Already on Your Desk

A Parking Lot Full of Malware In 2016, researchers at the University of Illinois dropped 297 USB drives across a campus. Nearly 48% were picked up and plugged into a computer. Some were plugged in within six minutes of being dropped. That study still haunts me because the fundamental behavior

Carl B. Johnson Dec 18, 2021 7 min read
Types of Malware

Types of Malware: What's Actually Hitting Networks in 2021

Colonial Pipeline Was Just the Beginning In May 2021, a single compromised password shut down the largest fuel pipeline in the United States. Colonial Pipeline paid DarkSide operators $4.4 million in ransom. Fuel shortages rippled across the Southeast for days. That attack used just one of the many types

Carl B. Johnson Sep 16, 2021 7 min read
Adware vs Spyware

Adware vs Spyware: What Security Pros Know You Don't

In March 2021, Avast researchers disclosed that at least 28 browser extensions — used by roughly three million people — were quietly harvesting browsing data and redirecting users to phishing and ad-laden sites. Some of those extensions looked like simple ad-blocking tools. Others posed as social media helpers. Under the hood, they

Carl B. Johnson Sep 16, 2021 7 min read
Trojan Horse Malware

Trojan Horse Malware: What It Is and How to Stop It

In July 2021, the REvil ransomware gang exploited a vulnerability in Kaseya's VSA software and dropped a trojan payload onto the systems of roughly 1,500 businesses worldwide. The attack didn't arrive as an obvious virus. It masqueraded as a legitimate software update — the textbook definition

Carl B. Johnson Sep 03, 2021 7 min read