Tag Archives: Security

Posted on

Microsoft Teams: Complete Starter Guide for Business Owners

For organizations that are settled into Microsoft’s family of apps and services, the obvious collaboration platform is Microsoft Teams. And the killer feature is that Teams supports a robust API for add-ins.  The more far-flung your organization is, the more your people need software to help them communicate and collaborate.  … Teams integrates a collection of Microsoft 365 online services, making it possible for members of your organization to talk face to face, chat, hold virtual meetings, share files, and collaborate on documents, spreadsheets, and other projects in real time. The chat capabilities cover the same ground as those found in Slack, while the meeting and video conferencing features compare favorably with those available in Zoom and other video conferencing tools. And the killer feature for Microsoft Teams is that it supports a robust API for add-ins …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Has your business taken a serious look at the entire Teams platform yet?
Join the conversation on our Facebook Page!

Posted on

Home Router Alert!! All Have Known Flaws & Most Are Unpatched

There are no routers in the study from the Fraunhofer Institute without known security flaws.  Germany’s Fraunhofer Institute for Communication (FKIE) has carried out a study involving 127 home routers from seven brands to check for the presence of known security vulnerabilities in the latest firmware. The results are appallingThe FKIE study found that 46 routers hadn’t got a single security update within the past year and that many routers are affected by hundreds of known vulnerabilities. …

Posted on

Has your iPhone, iPad, or iPod touch been hacked? Here’s how to find out

Has your iPhone, iPad, or iPod touch been hacked? Probably not, but there’s so much information on a smartphone — not to mention the fact that it can also be used to precisely pinpoint its owner — that more and more tools exist to help unscrupulous people get a foot in the door of your digital fortress. The good news is that tools exist to help you determine whether your device has been compromised. One such tool that I’ve been testing is Certo AntiSpy. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How you ever wondered if your iPhone has been hacked?Join the conversation on our Facebook Page!

Posted on

Phishing attacks: Sophisticated new group found operating undiscovered for a year

A newly uncovered phishing group is targeting big companies around the world. It’s thought to be the first major scam gang of its type operating out of Russia, indicating a potential shift in the cyber-threat landscape.  Business email compromise (BEC) scams can be highly lucrative for cyber criminals, with organisations losing hundreds of millions of dollars a month after being tricked into sending finances into accounts owned by criminals.  … Cosmic Lynx – the campaign has targeted individuals in 46 countries across six continents and combines in-depth research on target organisations and their executives

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your office from Phishing Attacks?Join the conversation on our Facebook Page!

Posted on

New ThiefQuest ransomware discovered targeting macOS users

Security researchers have discovered this week a new ransomware strain targeting macOS users.  Named OSX.ThiefQuest (or EvilQuest), this ransomware is different from previous macOS ransomware threats because besides encrypting the victim’s files, ThiefQuest also installs a keylogger, a reverse shell, and steals cryptocurrency wallet-related files from infected hosts. “Armed with these capabilities, the attacker can main full control over an infected host,” …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your Mac?Join the conversation on our Facebook Page!

Posted on

Adobe wants users to uninstall Flash Player by the end of the year

Adobe plans to prompt users and ask them to uninstall Flash Player from their computers by the end of the year when the software is scheduled to reach End-Of-Life (EOL), on December 31, 2020.  The move was announced in a new Flash Player EOL support page that Adobe published earlier this month, six months before the EOL date. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you still using Flash on your website?Join the conversation on our Facebook Page!

Posted on

Ransomware attacks on the rise

Ransomware attacks against shipping companies have spiked in number and severity over the past year, according to security firms. Norwegian shipbuilder Vard, part of Italy’s Fincantieri, was hit last week but has declined to give details …

LlyodList click the link to read the rest of the story.  Get our free tools here.

How do you dealing with the increase in ransomware?
Join the conversation on our Facebook Page!

Posted on

Cybersecurity: Four ways you can keep the hackers away

CIOs are under more pressure than ever before when it comes to cybersecurity concerns, especially now that many or even all of the staff in their organisation are working from home, perhaps using unfamiliar software and hardware as they try to do their jobs on lockdown.  The array of devices and applications that they have to take responsibility for has been rapidly expanded by the coronavirus crisis, and criminals have been keen to exploit any organisations thrown off-balance by the rapidly changing circumstances, which means taking a fresh look at what IT security really means. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business?Join the conversation on our Facebook Page!

Posted on

Hackers are targeting your smartphone as way into the company network

The number of phishing attacks targeting smartphones as the entry point for attempting to compromise enterprise networks has risen by more than a third over the course of just a few months.  Analysis by cybersecurity company Lookout found that there’s been a 37% increase in mobile phishing attacks worldwide between the last three months of 2019 and the first few months of 2020 alone.  Phishing emails have long been a problem for desktop and laptop users, but the increased use of mobile devices – especially as more people are working remotely …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business mobile phones?Join the conversation on our Facebook Page!

Posted on

Microsoft’s Firmware Scanner Takes Security to a Whole New Level

Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) is extending its protection capabilities to the firmware level with a new Unified Extensible Firmware Interface (UEFI) scanner.  Hardware and firmware-level attacks have continued to rise in recent years, as modern security solutions made persistence and detection evasion on the operating system more difficult. Attackers compromise the boot flow to achieve low-level malware behavior that’s hard to detect, posing a significant risk to an organization’s security posture.  Windows Defender System Guard helps defend against firmware attacks by providing guarantees for secure boot through hardware-backed security features

Microsoft.com click the link to read the rest of the story.  Get our free tools here.

Has your firm begun using Microsoft ATP yet?
Join the conversation on our Facebook Page!

Posted on

Ripple20 vulnerabilities will haunt the IoT landscape for years to come

Cyber-security experts have revealed today 19 vulnerabilities in a small library designed in the 90s that has been widely used and integrated into countless of enterprise and consumer-grade products over the last 20+ years.  The number if impacted products is estimated at “hundreds of millions” and includes products such as smart home devices, power grid equipment, healthcare systems, industrial gear, transportation systems, printers, routers, mobile/satellite communications equipment, data center devices, commercial aircraft devices, various enterprise solutions, and many others.  Experts now fear that all products using this library will most likely remain unpatched due to complex or untracked software supply chains. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you going to protect your IOT devices?Join the conversation on our Facebook Page!

Posted on

New Trickbot malware update makes it even harder to detect

Trickbot malware has been updated with a new method of propagation that makes it even harder to detect.  Starting life as a banking trojan, Trickbot first emerged in 2016 but in the years since it has been repeatedly re-purposed for other means including being used as a fully-fledged information stealer, as well as providing backdoor access to infected machines, enabling cyber criminal groups to use it as gateway for delivering other malware onto already compromised networks. Trickbot can also operate as a botnet to help spread itself to additional victims, commonly using phishing email spam campaigns to distribute malicious attachments that execute it on a Windows machine if opened. Once executed on a machine, Trickbot can also exploit the EternalBlue vulnerability to move laterally around a network. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business from this?Join the conversation on our Facebook Page!

Posted on

Forget sextortion scams, we’re more worried about deepfake ransomware

Appetite for deepfake scams is expanding among users of underground forums, leading to concerns the technology could be used as part of extortion-based ransomware attacks. Deepfakes are AI-generated videos and images that transplant the face of another individual – traditionally a celebrity or politician – into a scene in which they were not originally present. In recent years, deepfakes have been used primarily in the dissemination of fake news and the creation of hoax pornography – and have become increasingly convincing. Here’s why you shouldn’t watch ‘inappropriate content’ on remote working devices: Adult streaming site leaks info on millions of users, Stalkerware now poses a greater privacy risk than ever.  According to a report from security firm Trend Micro, deepfake technology could soon be used to blackmail members of the public or workforce into divulging sensitive information or paying significant ransom fees.

TechRadar click the link to read the rest of the story.  Get our free tools here.

Know anyone hit with this scam?
Join the conversation on our Facebook Page!

Posted on

The PC is suddenly in fashion again, but there are tough times ahead

Remote working may have caused many people to value their laptop and desktops a lot more, but the PC industry is likely to struggle as companies and consumers cut back on spending. PCs may have been viewed as yesterday’s news thanks to the rise of smaller form factors like smartphones, tablets and wearables, but trusty laptops and desktops (and variations on them like Chromebooks and even Raspberry Pis) have proven their worth during lockdown for workers and kids doing home schooling.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you upgrading your remote users PC’s?Join the conversation on our Facebook Page!

Posted on

Hidden Android malware infects thousands of smartphones

A carefully managed hacking and espionage campaign is infecting smartphones with a potent form of Android malware, providing those behind it with total control of the device, while also remaining completely hidden from the user. Mandrake spyware abuses legitimate Android functions to help gain access to everything on the compromised device in attacks that can gather almost any information about the user. The attacker can browse and collect all data on the device, steal account credentials for accounts including banking applications. secretly take recordings of activity on the screen, track the GPS location of the user and more, all while continuously covering their tracks…

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your mobile devices?Join the conversation on our Facebook Page!

Posted on

Chinese apps can pose security risks

So what are these security concerns? Let’s split these up into two distinct areas to see the strategic nature of these apps and investments;  pps such as UC Browser and TikTok, and investments Chinese companies are making in entertainment-based apps…

Businessline.com click the link to read the rest of the story. Our FREE Tools can help!

Do you use these apps?

Join the conversation on our Facebook Page!

Posted on

Dark Web selling access to corporate networks

The Dark Web is an underground marketplace where criminals trade in all sorts of illegal or malicious items. One valuable product up for sale consists of information that can help hackers break into corporate networks. Comprised of malware and services, this type of information has seen an increase in Dark Web postings over the past couple of years.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Do you know if access to your business is being sold?

Join the conversation on our Facebook Page!

Posted on

That used or refurbished Android phone might be unsafe: 6 things to know

If your Android phone isn’t running the latest software, your security and privacy might be in jeopardy. Phones released years ago run outdated versions of Android. That may well mean that they don’t have critical security updates that can keep you — and your data — safe from prying eyes. If you’re concerned about security and privacy on your previously owned phone, here are some things you should consider.

CNet.com click the link to read the rest of the story.  Get our free tools here.

Have you updated all of your mobile phone software?
Join the conversation on our Facebook Page!

Posted on

Microsoft Teams: Now free version lets you create video meetings

Users of the free version of Teams, the Microsoft 365 online collaboration platform, can now create video meetings.  … The move is likely to be another effort from Microsoft to go to battle with Zoom, the biggest winner in video calling and conferencing since the global coronavirus pandemic shoved the world toward teleworking. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How will you use Teams now?Join the conversation on our Facebook Page!

Posted on

Your insurance policy probably doesn’t cover ransomware payments

Long aware they’ve been in hackers’ crosshairs, law firms are currently under attack by a new breed of ransomware and attackers.  However, when law firms are hit with a ransomware attack, some are shocked to find out their insurance policies don’t include coverage for ransomware payments. Indeed, ransomware is a 21st century business threat that older insurance policies weren’t drafted for, observers say.

Law.com click the link to read the rest of the story.  Get our free tools here.

Are you certain that your business is properly covered?
Join the conversation on our Facebook Page!

Posted on

Zoom won’t add end-to-end encryption so it can aid the police

Zoom’s decision not to add end-to-end encryption to free users’ calls keeps the door open for law enforcement cooperation, CEO Eric Yuan told analysts in a Tuesday conference call, as previously reported by Bloomberg. “Free user, for sure, we don’t want to give that because we also want to work together with FBI, with local law enforcement…” Yuan said. End-to-end encryption, which the videoconferencing company is currently working on, secures connections all the way from each device to every other device on a call. It’ll only be enabled on paid accounts…

CNet.com click the link to read the rest of the story.  Get our free tools here.

Do you want end to end encryption on your account?
Join the conversation on our Facebook Page!

Posted on

This new ransomware is targeting Windows and Linux PCs with a ‘unique’ attack

A newly uncovered form of ransomware is going after Windows and Linux systems in what appears to be a targeted campaign.  Named Tycoon after references in the code, this ransomware has been active since December 2019 and looks to be the work of cyber criminals who are highly selective in their targeting. The malware also uses an uncommon deployment technique that helps stay hidden on compromised networks. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your business from ransomware?Join the conversation on our Facebook Page!

Posted on

Ransomware creates virtual machines to fool your antivirus software

The operators of the RagnarLocker ransomware are installing the VirtualBox app and running virtual machines on computers they infect in order to run their ransomware in a “safe” environment, outside the reach of local antivirus software.  This latest trick has been spotted and detailed today by UK cyber-security firm Sophos and shows the creativity and great lengths some ransomware gangs will go to avoid detection while attacking a victim.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Have you been hit by ransomware?Join the conversation on our Facebook Page!

Posted on

60% of cybersecurity incidents now due to exiting employees

The majority of staff planning their exit also take sensitive information with them, research suggests.  Employees planning to leave their jobs are involved in 60% of insider cybersecurity incidents and data leaks… According to the Securonix 2020 Insider Threat Report, published on Wednesday, “flight risk” employees, … often change their behavioral patterns from two months to two weeks before conducting an insider attack.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business from exiting employees?Join the conversation on our Facebook Page!

Posted on

COVID-19 blamed for 238% surge in cyberattacks against banks

VMware Carbon Black released the third edition of the Modern Bank Heists report, which says that financial organizations experienced a massive uptick in cyberattack attempts between February and April this year — the same months in which COVID-19 began to spread rapidly across the globe.  The cybersecurity firm’s research, which includes input from 25 CIOS at major financial institutions, adds that 80% of firms surveyed have experienced more cyberattacks over the past 12 months, an increase of 13% year-over-year.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Have you seen an increase of attacks on your business?Join the conversation on our Facebook Page!

 

Posted on

The Darkweb store is selling access to 43,000+ hacked servers

MagBo, a shadowy online marketplace where hackers sell and buy hacked servers, is doing better than ever and has soared in popularity to become the largest criminal marketplace of its kind since its launch in the summer of 2018. … Today, MagBo has become the de-facto go-to marketplace for many cybercrime operations. Some groups register on the MagBo platform to sell hacked servers, while others are there just to buy. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Is your server safe?Join the conversation on our Facebook Page!

Posted on

That old Android phone might not be safe to use: 6 things to consider

If your Android phone isn’t running the latest software, your security and privacy might be in jeopardy. … Manufacturers such as Samsung, Sony, Google and HTC only provide support to a phone for so long. Each new handset that’s released and each new version of Android require new threat assessment and patching. That’s a lot of work…

CNet.com click the link to read the rest of the story.  Get our free tools here.

Do you use an old android?
Join the conversation on our Facebook Page!

Posted on

How to use an authenticator app to improve your online security

Want to avoid having your online accounts hacked? Enable two-factor authentication, a crucial security measure that requires an extra step when signing in to high-value services. I explain how to set up 2FA and which accounts to focus on first. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Do you use 2fa?
Join the conversation on our Facebook Page!

Posted on

​Microsoft 365 (formerly Office 365) for business: Everything you need to know

In this guide, we cover the multitude of Microsoft 365 Business and Enterprise editions… The exact mix of apps and services available with a Microsoft 365 subscription depends on which edition you’ve chosen. The following five services are common to all business and enterprise plans.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

What do you think of Microsoft 365?
Join the conversation on our Facebook Page!

Posted on

Phishing emails caught exploiting DocuSign and COVID-19

Cybercriminals are exploiting DocuSign, the coronavirus, and the transition to remote working to try to capture account credentials. … The phishing email itself tries to look legitimate by copying the content and images of real emails from DocuSign. … Clicking on the button to review the documents redirects the user several times, first through the SendGrid link and then through two compromised websites. These redirects are created specifically to confuse the user and to get past URL detection security. In the end, the page that comes up is a malicious one …

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Have you encountered this yet?

Join the conversation on our Facebook Page!