Cybersecurity & IT Insights
What is a Zero Day Attack? How Do I Avoid One?
A few weeks ago, security experts revealed that a Chinese hacking group had compromised more than 30,000 US organizations since January by using a zero-day attack targeting on-site Exchange servers. The hackers also left behind an access portal allowing them to visit...
Three Places You May Be Storing Sensitive Data without Knowing It
In the past, we've emphasized the vital role of controlling data access. A single stolen password can grant cyber attackers entry to your network, underscoring the principle of least privilege. Additionally, neglecting to secure newly added network components is akin...
Password Policies Leading to Indecipherable Passwords?
Password policies are really important. Depending on the software being breached, a simple eight-character password (with no capitals or symbols) can be cracked in less than a second. Time limits on passwords are even more important. If you're using the same...
QuickBooks Attacks, New Data Privacy Laws, and Wringing Every Last Dollar out of a Password
We’re over a month away from tax season, but that hasn’t stopped hackers from targeting companies’ 2020 QuickBooks data – attacks are up over 600%. Learn more about this and other February developments below. Tax Season Brings Malware Targeting QuickBooks The number...
Keeping Your Business Safe in the Post-Pandemic World of Cybercrime
Before 2020, many companies took a cybersecurity posture equivalent to buying a car with great brakes, headlights and wiper blades, but no seatbelts or airbags. Most small businesses were focused almost exclusively on preventing cyberattacks. Antivirus and...
What is Cyber Insurance, and Why Does My SMB Need It?
What is Cyber Insurance? A cyber insurance policy covers damage to you and/or damage to your clients and vendors from a cyberattack on your business. Although each policy is different, covered costs can include business interruption, data recovery, investigative...
Unmonitored Account Hacking, Dirty Out-of-Office Tricks and Phone Malware Attacks
Cybercriminals and hackers have found a few new spins on old techniques to steal your data and your money. Here are some of the newest techniques, which are just surfacing in the past couple of weeks. Deceased Employee’s Account Hacked, More Than 100 Systems...
Have (or Want) Federal Contracts? What You Need to Know About DFARS 252.204-7012/NIST 800-171
You’ve probably heard about the recent SolarWinds hack, which exposed a tremendous amount of government and corporate data to Russian hackers. While the scale was shocking, the hack itself was not. Foreign countries are constantly looking for sensitive US government...
Bypassing Authentication, New Extortion Techniques, and the Perils of Default Passwords
So far, 2021 is starting much like 2020 ended in the world of cybersecurity – new techniques are constantly being devised by cybercriminals to earn higher payouts than ever. Here are two new techniques - and one very old one – to ring in the new year. Hackers...