Microsoft Exchange Hack – Essential Steps to Protect Your Data

On March 2, Microsoft warned of exploits that take advantage of multiple Microsoft Exchange vulnerabilities. Security experts warn that any organization running on-premises Microsoft Exchange could be at risk for the Microsoft Exchange Hack. They must take the threat seriously and follow the steps necessary to protect data assets. Hafnium Hack The Microsoft hack appears to have originated with the Hafnium organization out of China. Hence, some refer to it as the Hafnium Hack. However, experts have now identified at least ten advanced persistent threat groups using the vulnerabilities to attack thousands of servers an hour. And it appears the…

READ MORE

Fight Double Extortion Ransomware Threat with Essential Security

Late in 2019, a new cyber security threat emerged. Criminals used ransomware to attack Allied Universal. In a twist now known as double extortion, the bad actors first extracted sensitive information before encrypting company data. Then they insisted that Allied pay a stiff ransom to avoid seeing sensitive data leaked publicly. Throughout 2020, other attackers have followed suit. To convince organizations to pay a ransom, criminals threaten to publish or sell the stolen data. To prove their point, they post samples of the data on their websites. Thus, the tactic effectively combines ransomware with data breach. And it places organizations…

READ MORE

7 bizarre security analogies about preventing ransomware hacks

7 bizarre security analogies about preventing ransomware hacks. Ransomware is the worst. Attacks grew 250 percent last year, and 26.2 percent of those targets were businesses. Even worse, one in six businesses that paid the ransom still didn’t get their data back. WannaCry alone affected over 400,000 machines, and let’s not even get started about ExPetr—the wipervirus formerly known as Petya—or October’s Bad Rabbit. And even though you’ve already implemented as many “new” and “innovative” strategies as you can, you still can’t sleep at night. First, the good news: Some script kiddies are switching to cryptocurrency mining. Fewer new strains were discovered last year than expected, and…

READ MORE

What NOT to do after a data breach

What NOT to do after a data breach Breathe deep, reduce anxiety, and avoid these 9 things It’s an IT department’s worst nightmare: Your business has been hacked by a third party that has accessed your sensitive, confidential data. And often, by the time you discover it, a breach is well underway: US companies take an average of 221 days to detect a breach, according to a 2018 study. So what do you do? Well, it turns out that knowing what not to do is just as important—because, even with the best of intentions, your team could accidentally make the…

READ MORE

Ten ways to keep your data private

The Internet has blurred the lines between real world and the virtual one. Technology is barreling into our hands through smartphones at an unbelievable pace. This is good for productivity and progress, but it makes it easy for thieves to do their job. The anonymity and location independence that comes with the Internet muddles the moral character of even the most ethical person. There’s no assuming your phone and the information it stores is safe from the malicious intentions of the human mind. Remember, the first line of defense in protecting your data is you. Learn about new threats, stay…

READ MORE

Online security tips for working from home

Teleworking during the Coronavirus outbreak? While working from home can help slow the spread of the virus, it brings new challenges: juggling work while kids are home from school; learning new software and conferencing programs; and managing paper files at home. As you’re getting your work-at-home systems set up, here are some tips for protecting your devices and personal information. Start with cybersecurity basics. Keep your security software up to date. Use passwords on all your devices and apps. Make sure the passwords are long, strong and unique: at least 12 characters that are a mix of numbers, symbols and capital and…

READ MORE

Close the Door to Hackers by Purging Weak Passwords

Marriott, Target, Home Depot and others have made headlines in recent years for data breaches that affected millions of customers. But did you know that 43 percent of breaches hit small businesses? Limited resources and lack of expertise often leave security gaps in smaller organizations, compounded by weak passwords and other risky practices. For instance, in the Target attack, hackers stole credentials from a much smaller company in the retailer’s supply chain. They then used the stolen credentials to access Target’s network. Sadly, similar scenarios play out over and over again. And users make the job much easier for criminals…

READ MORE

Stop Abbreviating 2020 and Essential Tech Tips for the New Year

While you work on those resolutions to eat right and exercise, make a few resolutions for your business, as well. A fresh year presents the perfect opportunity to tighten security and run some much-needed maintenance. Protect your business with these basic tech tips for the new year. 1. Stop Abbreviating 2020 Commit now to writing out all four digits of the year. Writing “20” instead of “2020” leaves the door open for fraudsters. For example, suppose you sign a credit contract with the date 1/27/20. A bad actor could change the date to 1/27/2019 and attempt to collect an additional…

READ MORE

Gone Phishing: How to Be Safe from Personalized Spear Phishing Attacks

Phishing attacks entered the scene when AOL still ruled the Internet. More than two decades later, cyber criminals continue to use targeted phishing techniques for one simple reason. They work. Specialized attacks, known as spear phishing, use personal details to trick victims into clicking malicious links or sending sensitive information. For example, last year, hackers compromised the email system for an Ohio parish. After spying on email conversations, they posed as a construction company hired to complete parish renovations. Soon, the parish received an email, supposedly from the contractor, listing new instructions for payment transfer. In response, they paid nearly…

READ MORE

Seven cybersecurity tips for 2020

Seven cybersecurity tips for 2020 Used with the permission of http://thenetwork.cisco.com by Kevin Delaney Security experts share their predictions, warnings, and best practices for the coming year. 2020 promises a wave of technology change that will further transform the enterprise — and our very lives — in profound ways. But that inclusive, sustainable, and productive future demands a far-reaching commitment to cybersecurity. In 2019, there was no shortage of damaging, heavily publicized security breaches. And given the ever-increasing sophistication of cybercriminals — and the mounting complexity facing the defenders — the threat landscape in 2020 promises all-new challenges. So how…

READ MORE