HIPAA Blog - VM Racks
Questions? Contact Sales: 888-558-3645 Live Chat Email

Top 3 Website Security Vulnerabilities

24May 2018
By admin, VM Racks

When performing a scan of your system servers, applications, and network devices, it’s not uncommon to see certain, predictable vulnerabilities showing up in the results. As each vulnerability represents a potential “weak spot,” or opening for attackers to penetrate and compromise your system, it’s important to be aware of them. The following represent the most common vulnerabilities:

Weak Cipher Suites/Protocols

Cipher suites are unique sets of methods or cryptographic algorithms, used for securing and encrypting data. They are used to turn plaintext into ciphertext (i.e. the word “hello” would turn into a random scrambled text like “grkki”). In non-technical terms, data…

Read more

Blocking Foreign IPs

23May 2018
By admin, VM Racks

Cyber experts are noting a continuing increase in aggressive cyber attacks, with major players like China, Russia, Iran, and North Korea continuing to lead the way. The Ukraine and Brazil also represent growing threats in the cyber war.

The motives behind these foreign IP attacks may include monetary gain, political agenda, or access to confidential information. If your company works with any type of confidential information or sensitive data, configuring your web applications and server settings to block suspicious, foreign IP addresses is vital to add a greater layer of protection to your systems.

In addition, a huge market exists…

Read more

Session Hijacking

08May 2018
By admin, VM Racks

Session hijacking is the use of a valid computer session to gain access to otherwise prohibited parts of a computer system. Specifically, session hijacking refers to the use of a cookie to authenticate a user to a network that is breached. In this way, the attacker can use that cookie to trick the server into believing that he is actually the regular user.

Most modern computer systems are vulnerable to session hijacking attempts because they communicate using a standardized protocol to identify users. For example, one method an attacker might use is called a Session Fixation attack. A Session Fixation…

Read more

Identity Management

07May 2018
By admin, VM Racks

Many organizations have mission critical systems that contain sensitive information, such as protected health information (PHI) or personally identifiable information (PII). If those mission critical systems are breached by hackers, confidential PHI or PII may be extracted, negatively impacting the company’s welfare, operations, and customers they serve. The enforcement of strong identity (ID) management on a system-wide basis is therefore necessary for these organizations to ensure the protection of these mission critical systems.

ID management essentially consists of managing the identification, authorization, and authentication of users within an organization’s system. Identification simply refers to verifying the identity of a particular…

Read more

What is HTTPS and How Do You Enable It?

12Apr 2018
By admin, VM Racks

HTTP VS HTTPS

One of the easiest ways to protect the data of those who visit your website is by enabling HTTPS. HTTP, or Hypertext Transfer Protocol, is what web browsers use to communicate with web servers to display information; this traffic, however, is vulnerable to interception and “sniffing.” HTTPS, on the other hand, takes advantage of SSL Certificates to authenticate website traffic as legitimate, and ensure that data transferred between the site and the user is encrypted.

Data transferred using HTTPS travels over a secure tunnel known as Transport Layer Security. TLS uses three primary methods of securing your data….

Read more

Using Kali Linux to Defend Against System Security Vulnerabilities

11Apr 2018
By admin, VM Racks

Securing our digital world involves utilizing the best offensive, cyber security penetration measures to test each environment’s security. Some of the finest tools available for this “ethical hacking” process are those offered through Kali Linux. Kali Linux is an open-source, Debian-derived distribution available to download and install through Windows and Linux. Kali Linux is developed and maintained by Offensive Security, a group of highly skilled information security and certified penetration testing professionals.

Aided by an open source community of hackers, the Kali Linux environment promotes security training through a multitude of penetration testing tools, as well as a website that…

Read more

3 Basic Steps for Securing WordPress

10Apr 2018
By admin, VM Racks

WordPress is the world’s most popular open-source content management system (CMS). As such, it is also the most frequently attacked CMS. It is vital, therefore, to understand how to make your wordpress site more secure. Keeping in mind the following 3 concepts will go a long way toward meeting that goal.

Secure WP Access

The first and most obvious step is to make sure your passwords are secure. The most common type of attack is simply obtaining someone’s username/password combination. Easy to guess passwords like ‘password’ and ‘opensesame’ should be avoided. This will make hacking your password much more difficult, and…

Read more

How to obtain CISSP Status

05Apr 2018
By admin, VM Racks

As an organization that focuses on managed security, VM Racks is often asked how to enter the cybersecurity field and become an IT Security Expert. As an aide to those interested in this field of study, a CISSP certification may be helpful for you. Here is guide to help you get your CISSP:

Pursuing CISSP certification

Excel in the information security career field. This certification status will raise visibility and credibility, improve job security, plus generate new business opportunities. The Certified Information Systems Security Professional (CISSP) curriculum includes a variety of Information Security topics to include Risk Management, Communications, Identity and…

Read more

Denial-of-Service Attacks Threaten Organizations Around the World

04Apr 2018
By admin, VM Racks

Denial-of-Service (DoS) attacks are an especially common form of cyberattack, intended to overload a target’s system and resources by sending enormous amounts of traffic. This type of volumetric attack typically utilizes zombie hosts, or computers infected with botnets to flood networks or applications with requests and traffic. The primary hacker’s IP is difficult to track in system logs, which makes it hard to identify IPs accessing the system.

If a web server has been down for many hours, or even days, it may be a result of the web domain’s hosting server having errors, or a Denial-of-Service attack. The vast…

Read more

Creating a Strong Password to Protect Your Accounts

03Apr 2018
By admin, VM Racks

“Password strength” is a measure of a password’s ability to resist brute-force attacks. The longer, more complex, and more unpredictable a password, the greater its password strength. Unfortunately, weak passwords are one of the most common and overlooked causes of system breaches. For this reason, passwords must be sufficiently strong to keep vital systems from being compromised.
Computers can be effective…

Read more

Our certifications