Month: May 2019
Social engineering: a hacker’s most effective weapon
What is the weakest link in your client’s network? It’s not unpatched software (although you should patch) or the unimaginative passwords (although you should change it). The weakest links are humans themselves. It’s Joan in accounting or Stan in human...
Cybersecurity Threat Advisory: Advanced Persistent Threat Activity exploiting MSPs
What is the Issue? The National Cybersecurity and Communications integration center identified ongoing APT (advanced persistent threat) attempting to infiltrate networks of managed service providers (MSPs). APT actors are leveraging legitimate credentials to exploit trusted network relationships and allowing these...
The best defense against ransomware
Ransomware has been striking businesses of all sizes, including municipalities, impacting their infrastructures. In the past three months, cybercriminals have successfully attacked six major cities. In each case, the attack brought great inconvenience to the victims. The city of Baltimore...
Worldwide popularity of GDPR on the rise
The first anniversary of a move by the European Union to impose a General Data Protection Rule (GDPR) arrives at the end of this week. GDPR was enacted to protect the digital rights of anyone doing business with a company...
Cybersecurity Threat Advisory: HIDDEN COBRA – FASTCash Campaign
What is the Issue? The FBI – in partnership with U.S. government partners, DHS, and Treasury – identified malware and other indicators of compromise (IOCs) used by the North Korean government in an Automated Teller Machine (ATM) cash-out scheme –...
Lessons from a prospect
Working in the MSP space, we’re well-acquainted with strange technical issues. Whenever we’re dealing with users, we’ll occasionally receive baffling complaints or inquiries. During one of our recent sales team meetings, John Pojeta, our VP of Business Development, told an...
Cybersecurity Threat Advisory: Access-Token-Harvesting Attack Affects Facebook
What is the Issue? Many applications typically require an email verification step to authenticate identity before logging the user in. If a person signs up for any app using Facebook Login, an account is created for them, and the authentication...
Cybersecurity Threat Advisory: Newegg Data Breach Left Customer Credit Cards Exposed
What is the Issue? The online retailer Newegg confirmed on Wednesday that credit card information from customers had been stolen using a sophisticated attack. Hackers injected 15 lines of card skimming code on the online retailer’s payments page; the code...
Cybersecurity Threat Advisory: Data Theft Risks from “Cold Boot Attack” Variation
What is the Issue? Researchers have discovered that a new exploit built on the foundations of the cold boot attack leaves nearly all laptops and desktops; both Windows and Mac users vulnerable. Attackers can meddle with a computer’s firmware to...
Latest Intel chip vulnerabilities represent a major challenge for MSPs
Remember the news about the Intel Meltdown and Spectre chip vulnerabilities that emerged last year? Remember all the panic and the patches? Well, get ready because you’re about to go through all of that again with the latest Intel chip vulnerability....