Since 2014, the Emotet Banking Trojan has been making headlines because of its ability to keep evolving and being used in more sophisticated attacks. At first, Emotet stole banking credentials from...
Brian Petzold
Recent Posts
Microsoft Azure AD Options Explained
by Brian Petzold | Oct 4, 2019
If your institution is using Office 365, you are already utilizing Azure Active Directory (“Azure AD”) and may not know it. It is the identity and access management system that manages how users...
What in the World is DNSSEC?
by Brian Petzold | Sep 27, 2019
At Bedel Security, we work with many financial institutions on their Cybersecurity Assessment Toolkit (CAT) or Automated Cybersecurity Examination Tool (ACET). There are certain statements in the...
Unsecure VPNs
by Brian Petzold | Aug 30, 2019
Many financial institutions utilize VPNs (Virtual Private Networks) to allow employees to work remotely. While VPNs are normally thought to be secure methods of connecting to the office, recent...
How Cyber-Attacks Start (Part 2)
by Brian Petzold | Aug 9, 2019
In Part 1 of this series we started to look at some of the tactics that attackers use to initially gain access to systems in your institution. The attack tactics are based on the MITRE ATT&CK...
How Cyber-Attacks Start (Part 1)
by Brian Petzold | Jul 19, 2019
There are many types of cyber-attacks used by criminals today. Financial institutions should employ a layered approach to defending against these attacks. These layers are often thought of in terms...
Assessing Endpoint Protection
by Brian Petzold | Jul 5, 2019
If you search the Internet for a definition of “Endpoint Protection”, you will get a myriad of different (and sometimes conflicting) definitions. As one vendor told me, “Endpoint protection is...
Is Encryption Making You Less Secure?
by Brian Petzold | Jun 21, 2019
As more and more traffic on the Internet is encrypted, the very encryption that is meant to protect data is also being used to hide malicious traffic. One very publicized example of this turns...
The Biggest Insider Breach
by Brian Petzold | Jun 7, 2019
While we tend to think of breaches by insiders as an employee intentionally stealing data, the truth is that most insider breaches occur when employees accidentally send email containing customer or...
A Bad Month for Anti-Virus
by Brian Petzold | May 24, 2019
Bad news sometimes comes in waves, and this month has included one of those waves. We had an announcement that three anti-virus companies had been breached and an announcement from Microsoft that...