July 16, 2019 / by Elteni / ransomware, ransomware attacks
Are you blocking websites today? If you are, they are most likely sites such as file sharing, public email, social media, and other non-business related websites.If you do not have a web filtering solution or have avoided blocking websites for the sake of keeping your employees happy, you should reconsider. Many of these sites, especially […]
Read more
Protect what's important to you!
New York State SHIELD (Stop Hacks and Improve Electronic Data Security) ACT
July 30, 2019 / by Elteni / Compliance, credit card breach, Credit Card Theft, Credit Monitoring, critical vulnerability, cyber security, cyberattack, Data, Data Breaches, Data Privacy, data privacy law
New York State SHIELD (Stop Hacks and Improve Electronic Data Security) will go into Effect March 21, 2020. This gives businesses a little less than nine months to become familiar with it and prepare for it entails. What is the SHIELD Act? The Stop Hacks and Improve Electronic Data Security (SHIELD) Act redefines data security […]
Read more
Update your web filters and block these sites
July 16, 2019 / by Elteni / ransomware, ransomware attacks
Are you blocking websites today? If you are, they are most likely sites such as file sharing, public email, social media, and other non-business related websites.If you do not have a web filtering solution or have avoided blocking websites for the sake of keeping your employees happy, you should reconsider. Many of these sites, especially […]
Read more
Cybersecurity Alert – OCIE – Safeguarding Customer Records and Information in Network Storage – Use of Third Party Security Features
May 27, 2019 / by Elteni / Compliance, Cyber, OCIE, Policies
Alert On May 23, 2019, the Office of Compliance Inspections and Examinations (“OCIE”) issued the alert “Safeguarding Customer Records and Information in Network Storage – Use of Third Party Security Features”. In this alert the OCIE ‘identified security risks associated with the storage of electronic customer records and information by broker-dealers and investment advisers in […]
Read more
External Vulnerability Assessments
April 2, 2019 / by Elteni / Services
Are you in need of external vulnerability assessments to satisfy business or regulatory requirements? Or are you afraid you can not keep up with the latest known threats, and want a better handle on it? Elteni can help you meet any of those needs, and more, by providing you various external vulnerability assessment options. We […]
Read more
Beyond the Grave virus, is it a hoax or a warning sign?
March 1, 2019 / by Elteni / Cyber
Here’s why we think there is something interesting about the “Beyond the Grave Virus” supposedly affecting hedge funds. We were curious because there was some chatter about it being a hoax. While this can be (very) true, we think it was worth looking in to. Who knows, it may possibly be an early exploration expedition […]
Read more
There is a difference between privacy and cyber(security).
February 28, 2019 / by Elteni / Cyber
We see too often that the terms privacy and security (cybersecurity) are used interchangeably and felt it was important to help people understand that they are not the same thing. Yes, there is a relationship between the two, but again, they are not the same thing. If you ask a group of cybsecurity professionals whether […]
Read more
Automating Password Cracking Using Responder and Hashcat! (Part 1)
February 7, 2019 / by Elteni / Cyber
Responder, one of the tools that is part of every pen-testers toolkit (if you are a pen-tester and you don’t use it, shame on you), is by far one of the greatest tools ever made. We use it on every internal and sometimes external pen test that we do. For those that aren’t familiar, responder […]
Read more
“New” phishing campaigns – leveraging scare tactics (Ransomware 3.0)
February 6, 2019 / by Elteni / Business Email Compromise, Cyber, Phishing, phishing attack, phishing campaign, phishing scam, ransomware
We got an email today that we thought was very interesting. Most of the email phishing campaigns that we’ve seen thus far, and the most common ones our clients typically get fall into two buckets: click a link or open an attachment. We all know how effective some of these campaigns are. Lots of people […]
Read more
How we were able to bypass Windows Defender on a Windows 10 machine to get a reverse shell!
January 23, 2019 / by Elteni / Cyber, defeat, Evade, Evasion, Internal, Penetration Test, Red Team, Reverse Shell, Unicorn, Window 10, windows defender
It seems we just peaked your interest, right? Isn’t that the reason you are here reading this? It’s either that, or you are just trolling, you know who you are. We’ve experienced first-hand and have also heard from many of our fellow pen testers that anti-virus solutions, especially some of the next-gen solutions are easy […]
Read more
Is your email address the new social security number, and what does that mean?
November 18, 2018 / by Elteni / Cyber
Remember that time when you registered your first email address? For many of you it was probably with America Online (AOL), Echomail, Yahoo, Hotmail, etc. How many of you are still using those accounts today? I venture to say probably a good number of you. I openly admit that I still use an account that […]
Read more