Like an AV Bridge Over Troubled Water, These Cybersecurity Guidelines Will Ease Your Mind

Back in 2021, I wrote a rAVe column entitled “SecuringAV: The Remote Desktop Attack on a Florida Water Treatment Plant.” In this article, I talked about the different forms of infrastructure being targeted by cyberattacks, and connected the attack on the water treatment plant to similar vulnerabilities in AV systems. I also shared some lessons […]

Like an AV Bridge Over Troubled Water, These Cybersecurity Guidelines Will Ease Your Mind

Exposing the Most Vulnerable Passwords of 2024

In a world where digital interactions have become the norm, safeguarding your personal information online is paramount. Recent cybersecurity analyses, coupled with a Forbes Advisor survey conducted in 2024, have shed light on a concerning reality: many individuals still rely on easily compromised passwords, leaving their online accounts susceptible to hacking. Trevor Cooke, the online […]

Exposing the Most Vulnerable Passwords of 2024

Security Versus Convenience

It does not take much time browsing the internet recently to find an instance of a cyber breach, data theft, invasion of privacy, or to read the expectations of an impending threat. Just Google what the FBI director told Congress recently about the threat that China poses to our critical infrastructure. I often find that […]

Security Versus Convenience

Have You #AVtweeps Heard About the One With the 3 Million Hacked Toothbrushes?

A few weeks ago, a Swiss newspaper story about “3 million hacked toothbrushes” went viral. I personally shared a link about the distributed denial-of-service (DDoS) attack with my cybersecurity coworkers via Teams message, prompting a number of comments and “Jurassic Park” memes. We all fell for it, but there is very little evidence that this […]

Have You #AVtweeps Heard About the One With the 3 Million Hacked Toothbrushes?

23andMe, and You, and Your Mama and Your Sister

On Oct. 1, 2023, a small percentage of 23AndMe user profile information was improperly accessed and downloaded from individual 23andMe.com accounts on its website. The company found out after an anonymous hacker began advertising “millions” of stolen genetic profiles that were supposedly from 23andMe customer accounts. The profiles included emails, photos, gender, date of birth […]

23andMe, and You, and Your Mama and Your Sister

Highlights From Cybersecurity and Infrastructure Security Agency’s Cybersecurity Advisory

In my last rAVe column, I summarized some recent cyberattacks on MGM and Caesars’ casinos. In that article, I tried to drop some social engineering science and some lessons learned from Scattered Spider (aka 0ktapus, UNC3944, Starfraud, Scatter Swine, Muddled Libra and most recently, Octo Tempest). I warned #AVtweeps about their aggressive social engineering Tactics, […]

Highlights From Cybersecurity and Infrastructure Security Agency’s Cybersecurity Advisory

Cybersecurity Awareness Month: Update Your Software

Approximately 2 in 5 survey respondents say they either “sometimes,” “rarely,” or “never” install software updates, according to the National Cybersecurity Alliance (NCA). One of the easiest ways to protect accounts and information is to keep software and applications updated. Updates are periodically released to fix software problems and provide security patches for known vulnerabilities. […]

Cybersecurity Awareness Month: Update Your Software

Cybersecurity Awareness Month: Recognize and Report Phishing

Phishing attacks have become an increasingly common problem for organizations of all sizes and can be very difficult to spot. It’s important every individual stop and think before clicking on a link or opening an attachment and know how to spot red flags. Cybersecurity Awareness Month 2023 guidance provides the tools needed to recognize and […]

Cybersecurity Awareness Month: Recognize and Report Phishing

Incoming: A rAVe Newsletter All About Security!

We’ve heard you and we’ve seen you. We know that security has become an increasingly important part of the AV world. From the amount of stories we’ve covered on cybersecurity (we even have a cybersecurity BlogSquadder — shout out to Paul Konikowski!) to what we’ve seen reach our news desk about physical security, we can […]

Incoming: A rAVe Newsletter All About Security!

Cybersecurity Awareness Month: Turn on Multifactor Authentication

In a recent National Cybersecurity Alliance (NCA) survey, 57% of respondents said they have heard of multifactor authentication (MFA), but many people don’t realize that multifactor authentication is an incredibly important layer of protection in keeping accounts secure. MFA provides extra security by providing a secondary method confirming your identity when logging into accounts. MFA […]

Cybersecurity Awareness Month: Turn on Multifactor Authentication

Social Engineering Safety Takeaways From MGM Resorts and Caesar’s Entertainment Cyberattacks

On Sept. 11, 2023, a number of MGM resorts and casinos were simultaneously disrupted by ransomware and data extortion attackers, costing the company $100 million, according to AP News. Caesar’s Entertainment was also attacked, which the Wall Street Journal reported resulted in the company paying roughly half of the $30 million demanded. The resorts and […]

Social Engineering Safety Takeaways From MGM Resorts and Caesar’s Entertainment Cyberattacks

Cybersecurity Awareness Month: Use Strong Passwords

As our online lives expand, the average user has gone from having just a few passwords to now managing upwards of 100. That’s 100 unique passwords to remember, if you’re using strong password habits. Password managers can save users the trouble of having to remember multiple passwords and make accounts safer by recommending strong, unique […]

Cybersecurity Awareness Month: Use Strong Passwords

Stay Safe Online this Cybersecurity Awareness Month

October is Cybersecurity Awareness Month and our friends at the National Cybersecurity Alliance, in partnership with the Cybersecurity and Infrastructure Security Agency have produced this infographic with tips to stay safe online — whether at home or in the office! rAVe [PUBS] will be posting about Cybersecurity Awareness Month throughout October. Click here to read more stories […]

Stay Safe Online this Cybersecurity Awareness Month

Celebrating Cybersecurity Awareness Month

In 2004, President Bush and Congress declared October “Cybersecurity Awareness Month.” 2004 was a much different time and the event centered around advice like “Update your antivirus software twice a year like you do with your smoke detector batteries.” for U.S. residents. Nowadays, cybersecurity is a much more complex issue and Cybersecurity Awareness Month has […]

Celebrating Cybersecurity Awareness Month

CompTIA Launches Emergency Response Team for Cybersecurity

CompTIA has created an Emergency Response Team to provide real-time guidance to solution providers experiencing a cybersecurity incident or service disruption. The new Emergency Response Team (ERT) is a group of dedicated CompTIA members who have either experienced a security incident or can provide guidance to solution providers that have been victimized. As a volunteer-led […]

CompTIA Launches Emergency Response Team for Cybersecurity

CompTIA Report Finds Steady Progress on the Cybersecurity Front

Changing approaches to cybersecurity have led to slow but steady progress in defense and protection, but competing interests create a growing challenge for cybersecurity decision makers and practitioners, according to CompTIA. A majority of business and technology professionals feel that the overall state of cybersecurity is improving, both generally and within their organizations, according to […]

CompTIA Report Finds Steady Progress on the Cybersecurity Front

NCA Receives 200K Grant from Craig Newmark Philanthropies for HBCU Cybersecurity Program

The National Cybersecurity Alliance (NCA) has received a significant boost in funding from Craig Newmark Philanthropies in the form of a $200,000 grant. The grant will support ongoing initiatives within NCA’s Historically Black Colleges and Universities (HBCU) Cybersecurity Career, Mentoring and Scholarship Program, as students return to school. Launched in 2022, the ‘See Yourself In […]

NCA Receives 200K Grant from Craig Newmark Philanthropies for HBCU Cybersecurity Program

National Cybersecurity Alliance Kicks Off 2nd Annual HBCU Career Program

The National Cybersecurity Alliance (NCA) is kicking off the 2nd year of the Historically Black Colleges and Universities (HBCU) Cybersecurity Career Program “See Yourself In Cyber.” “See Yourself In Cyber” aims to change the narrative around cybersecurity careers by showing students that there is a role in security for everyone and multiple pathways to a […]

National Cybersecurity Alliance Kicks Off 2nd  Annual HBCU Career Program

Call for Proposals Open for ISC East and West

The Security Industry Association (SIA) and ISC Security Events are seeking proposals from subject matter experts for the SIA Education at ISC conference programs at ISC East 2023 and ISC West 2024. ISC East 2023 will take place Nov. 14-16 at the Javits Center in New York City, and ISC West 2024 will be held […]

Call for Proposals Open for ISC East and West

It’s a New Year

Over the past several weeks, people much smarter and more creative than I have made predictions on what 2023 will bring to the AV world. These are always fun to read and keep score of throughout the year. Rather than make predictions, I tend to think about what the important issues will be throughout the […]

It’s a New Year

Lessons From Uber: How NOT to Respond to a Cybersecurity Incident

After suffering a major data breach six years ago, you would think that a company like Uber would be ready for more cyberattacks, but here we are. How did we get here? [insert flashback music] It was late 2016. Cyberattackers quietly breached the security perimeter of Uber networks and accessed the personal data of 57 […]

Lessons From Uber: How NOT to Respond to a Cybersecurity Incident

Make a Disaster Recovery Plan

Last month I wrote about cybersecurity in schools and what steps we can take to prevent attacks from happening. I wrote in the blog that there are many things we can do to harden our security and to make our institutions less of a soft target. Yet, as I pointed out in that piece, chances […]

Make a Disaster Recovery Plan

#HootHoot Meeting Owls Security Vulnerabilities Have Been Patched, Have Yours?

In January 2022, cybersecurity researchers at Modzero reported a handful of security vulnerabilities to Owl Labs regarding their 360-degree videoconferencing Meeting Owl, Meeting Owl Pro, Meeting Owl 3, and Whiteboard Owl. Owl Labs has since released patches for these vulnerabilities. (The below is the Meeting Owl 3, as shown at InfoComm 2022.) The security patches […]

#HootHoot Meeting Owls Security Vulnerabilities Have Been Patched, Have Yours?

Part 2: What I Learned About the Industry by (Not Attending ISE or InfoComm, But) Watching 2,000 Product Videos

Part 2: AV-Over-IP, Software-Based AV and AI This is part 2 of an article about all the things I noticed from ISE and InfoComm this year, two shows to which I didn’t go, but as the editor in charge of video titling for rAVe [PUBS] for both, I did watch pretty much every video the […]

Part 2: What I Learned About the Industry by (Not Attending ISE or InfoComm, But) Watching 2,000 Product Videos

Security Could Be Success or Failure for Schools

In December 2021, Lincoln College in rural Illinois suffered a devastating ransomware attack. The attack shut down all systems, including those for recruitment, retention and fundraising. While the college had preexisting fiscal problems due to the pandemic, this ransomware attack proved to be too much for the college to navigate. In the spring of 2022, […]

Security Could Be Success or Failure for Schools

BenQ Adds More Security InstaShow WDC30

BenQ has added more security to its InstaShow WDC30, including Wi-Fi 6 encryption, ISO EAL6+ and FIPS 140-3, in order to meet the stringent security requirements of U.S. government agencies, financial institutions and other organizations with high-risk data. Wireless meetings can contain highly sensitive and confidential data and intellectual property that can be leaked or […]

BenQ Adds More Security InstaShow WDC30

Log4j Could Drive New Business for AV

In late December, a flaw in software that is ubiquitous around the world was reported, and it sent cybersecurity pros into a frenzy and turned the hairs of technology pros gray. There are countless articles about this vulnerability, so I am not going to go deep into the technology of what occurs. Here is what […]

Log4j Could Drive New Business for AV

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 2

What motivates a hacker or group of cyberattackers? The answer is typically money. For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security. The Colonial Pipeline ransomware attack in May of 2021 caused […]

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 2

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 1

Why did the pipeline get shut down if the hackers only attacked the business end?  For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security. By now, most people heard about the Colonial […]

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 1

SecuringAV: The Christmas Morning Bombing in Nashville

For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure, and cyber-physical security. In my last SecuringAV column about the SolarWinds hack attack, I asked rAVe readers an open-ended question: If extremists think that Big Tech is […]

SecuringAV: The Christmas Morning Bombing in Nashville

White Paper: Securing Command and Control Centers With Cyviz

THIS IS A PROMOTED POST By Jason Rowley Vice President Federal, Cyviz It’s no secret that governments face more challenges than ever before. Information technology is advancing rapidly — and governments at all levels must be even quicker to protect operational networks and citizens from cybersecurity threats. Command and control centers need content visualization technologies […]

White Paper: Securing Command and Control Centers With Cyviz

Lessons From the SolarWinds Hack

In mid-December, news broke about a massive cyber breach that occurred through SolarWinds software. There is a chance (I hope not) that many in the AV community briefly looked at this, decided it was an IT issue and moved on. If you did, I think that was a mistake — and want to tell you […]

Lessons From the SolarWinds Hack