This month’s cybersecurity news includes ransomware masquerading as a cease-and-desist letter, a hacked password manager, and the Department of Justice trying to slow down the unbridled growth of cybercrime. Legal Threats are the Latest Malware Ruse Microsoft detailed a recent malware attack that arrives via a legal threat submitted on a company website form. In…
Posts by wsadmin
-
What’s Even More Annoying Than a Legal Threat?
-
Am I At Risk If a Customer or Vendor’s Data Is Breached?
You may have read recently that federal officials are more worried than ever about the security of government contractors’ computer networks. That’s because government data and network security is at risk if contractors’ networks are breached. But why would your organization’s data be at risk if a vendor or customer was breached? What data can…
-
What is a Zero Day Attack? How Do I Avoid One?
A few weeks ago, security experts revealed that a Chinese hacking group had compromised more than 30,000 US organizations since January by using a zero-day attack targeting on-site Exchange servers. The hackers also left behind an access portal allowing them to visit those companies’ networks in the future and steal any data they’d like. That…
-
Three Places You May Be Storing Sensitive Data without Knowing It
In the past, we’ve emphasized the vital role of controlling data access. A single stolen password can grant cyber attackers entry to your network, underscoring the principle of least privilege. Additionally, neglecting to secure newly added network components is akin to only safeguarding half your home with a security system. The convergence of these concepts…
-
Password Policies Leading to Indecipherable Passwords?
Password policies are really important. Depending on the software being breached, a simple eight-character password (with no capitals or symbols) can be cracked in less than a second. Time limits on passwords are even more important. If you’re using the same password on your work PC that you used when LinkedIn was breached in 2012,…
-
QuickBooks Attacks, New Data Privacy Laws, and Wringing Every Last Dollar out of a Password
We’re over a month away from tax season, but that hasn’t stopped hackers from targeting companies’ 2020 QuickBooks data – attacks are up over 600%. Learn more about this and other February developments below. Tax Season Brings Malware Targeting QuickBooks The number of QuickBooks attacks are up 6 to 7 fold as tax season approaches,…
-
Cyberattackers Attempt to Poison Entire Town (and other February 2021 IT threats)
Cyberattacks keep CEOs, governments and IT professionals up at night. But the latest attack in Florida is especially hard to swallow. Hackers (Briefly) Poison Water Supply Remotely A worst-case scenario cyberattack was nearly executed earlier this month when a hacker gained access to a small Florida town’s water supply system and increased the lye concentration…
-
Keeping Your Business Safe in the Post-Pandemic World of Cybercrime
Before 2020, many companies took a cybersecurity posture equivalent to buying a car with great brakes, headlights and wiper blades, but no seatbelts or airbags. Most small businesses were focused almost exclusively on preventing cyberattacks. Antivirus and anti-malware programs blocked dangerous software from being executed. Password policies ensured that old, hacked passwords weren’t used on…
-
A New Wave of Cyber-Regulation for Government Contractors
Russia’s SolarWinds hack in the fall of 2020 is shaping up to be the largest known theft of sensitive government information in history. Everyone knew the federal government’s outdated and poorly organized networks had security flaws. Across the federal government, IT experts spend billions each year building fences around “soft spots” on their network –…
-
What is Cyber Insurance, and Why Does My SMB Need It?
What is Cyber Insurance? A cyber insurance policy covers damage to you and/or damage to your clients and vendors from a cyberattack on your business. Although each policy is different, covered costs can include business interruption, data recovery, investigative services, legal fees, and the costs of providing legally required notifications and credit monitoring services to…