Category Archives: Support Blog

Home   Support Blog

Staying Cyber Resilient During a Pandemic

blog-thumbnail

We’re all thinking about it, so let’s call it out by name right away. The novel coronavirus, COVID-19, is a big deal. For many of us, the structure of our lives is changing daily; and those of us who are capable of doing our work remotely are likely doing so more than we ever have before. It’s not likely that cybercriminals will cut us a break during this difficult time of quarantine and pandemic outbreak. If anything, we will only see an increase of attacks and ransom amounts since this is when infrastructures of modern civilization are needed most but have the least amount of time to react and debate […]

Important tips for safe online shopping post COVID-19

blog-thumbnail

As more and more countries order their citizens inside in response to COVID-19, online shopping—already a widespread practice—has surged in popularity, especially for practical items like hand sanitizer, groceries, and cleaning products. When people don’t feel safe outside, it’s only natural they’d prefer to shop as much as possible from the safety of their own homes. Unfortunately, you can bet your last toilet paper roll that cybercriminals anticipated the rush and were ready to take advantage of our need to buy supplies of all kinds online. Because we know how cybercriminals think and have already seen an uptick in web skimmers and coronavirus scams, we wanted to prepare our readers for a safer online […]

5 cybersecurity questions retailers must ask to protect their businesses

blog-thumbnail

The Target breach in 2013 may not be the biggest retail breach in history, but for many retailers, it was their watershed moment. Point-of-sale (PoS) terminals were compromised for more than two weeks. 40 million card details and 70 million records of personal information swiped—part of which was “backlist,” historical transaction information dating back to more or less a decade ago. Card unions paid over $200 million in cost for card reissues. They then filed a class-action lawsuit against Target to regain this cost. And the most mind-blowing fact of all? Target actually had (and still does have) cybersecurity measures in place and a security policy for employees to follow. How […]

What is a Firewall?

Connecting personal computers to other IT systems or the internet opens up a range of positive possibilities — easy collaboration with others, combining of resources, enhanced creativity — but it also exposes users to dangers. Hacking, identity theft, malware, and online fraud are common threats users could face when they expose themselves by linking their computers to a network or the internet. What if there was a way users could protect themselves from the very worst dangers by erecting an invisible wall to filter out those threats? It would be essential to have it — fortunately, it already exists. That invisible wall is what is known as a firewall. Erected between a computer and […]

Computer Vandalism

In everyday life, there are vandals that seem to enjoy destroying things – even though it can be hard to understand how they derive any tangible benefit from their acts of vandalism. Unfortunately, the same type of behavor is also present in cyberspace. There are malware creators that devote time and effort to acts of computer vandalism that can damage your computers and data, and affect the services that businesses deliver. Who are the computer vandals? In the early days of the development of malware, the majority of computer viruses and Trojans were created by students and other young programmers – plus some older, more experienced programmers. Today, there are still four main types of […]

What is a Trojan Virus Cyber Threat?

A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users’ systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system. These actions can include: Deleting data Blocking data Modifying data Copying data Disrupting the performance of computers or computer networks Unlike computer viruses and worms, Trojans are not able to self-replicate. How Trojans can impact you Trojans are classified […]

What is Spear Phishing Cyber Threat?

Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer. This is how it works: An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims’ attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Center for Missing and Exploited Children. Many times, government-sponsored hackers and hacktivists are behind these attacks. […]

Why You Should Use a VPN on Public WiFi

blog-thumbnail

Working remotely? It only takes a moment on a free WiFi connection for a hacker to access to your personal accounts. While complimentary WiFi is convenient, protecting your connection with a VPN is the best way stay safe on public networks, keeping your data and browsing history secure.   What is a VPN? VPN stands for “virtual private network” and is a technology that can be used to add privacy and security while online. It’s specifically recommended when using public WiFi which is often less secure and is often no password protected.   VPN’s act as a bulletproof vest for your internet connection. In addition to encrypting the data exchanged through that […]

Security Weakness Found In Intel Processors

blog-thumbnail

There’s some bad news if you own a computer driven by an Intel processor.  Recently, a dangerous, catastrophic security flaw has been discovered in Intel’s X86-64 architecture that allows hackers to access the kernel, which sits at the heart of your OS.  By accessing the kernel, a hacker can gain access to virtually everything on the targeted machine. This is accomplished by way of a little-known feature called “speculative execution” which allows the processor to perform operations before it’s received definitive instructions that they need to be done.  It’s a way of milking more speed out of the system. Unfortunately, any such system runs the risk of giving programs permission […]

Something’s phishy: How to detect phishing attempts

blog-thumbnail

These days it’s hard to tell a phish apart from a foul, if you catch my drift. Modern-day phishing campaigns use stealthy techniques to target folks online and trick them into believing their messages are legit. Yet for all its sophistication, phishing relies on one of the basest of human foibles: trust. Detecting a phish, in its various forms, then requires you to hone a healthy level of skepticism when receiving any kind of digital communication, be it email, text, or even social media message. In order to understand how we got here, let’s go back to the first instance of phishing. The Nigerian prince and early phishing Back in […]

A Number Of Linksys Routers Are Vulnerable To Attack

blog-thumbnail

It’s not an overstatement to say that Linksys, to a large degree, powers the web. The company makes a broad range of routers that lie at the heart of everything from small home networks to keeping small and medium sized businesses interconnected. Unfortunately, a pair of researchers from IOActive recently discovered a total of ten different security vulnerabilities that impact the company’s popular EA3500 router, and more than two dozen other models as well, including models from the company’s Smart Wi-Fi, Wireless-AC and WRT series. The common theme here is that all of the impacted routers have web-based admin interfaces. Not all of the security flaws that were found are […]

Snake malware ported from Windows to Mac

blog-thumbnail

Snake, also known as Turla and Uroburos, is backdoor malware that has been around and infecting Windows systems since at least 2008. It is thought to be Russian governmental malware and on Windows is highly-sophisticated. It was even seen infecting Linux systems in 2014. Now, it appears to have been ported to Mac. Fox-IT International wrote about the discovery of a Mac version of Snake on Tuesday. It’s not known at this point how Snake is spread, although the fact that it imitates an Adobe Flash Player installer suggests a not-very-sophisticated method. (I mean, come on, there are other pieces of software out there! Why are the bad guys so hung […]

3 Tips for Securing Your Home WiFi Networks

blog-thumbnail

 Once your home WiFi network is up and running and your family’s devices are connected, it’s normal to turn a blind eye to your router. After all, it’s mostly out of sight and out of mind. Unfortunately, that small, seemingly harmless box isn’t as secure as you may think. Your router is your gateway to the internet. Once it’s compromised, cybercriminals may be able to view your browser history, gain access to your login information, redirect your searches to malicious pages, and potentially even take over your computer to make it part of a botnet. Attacks like these are becoming all too common. Last year, we saw a prime example […]

How to create an intentional culture of security

blog-thumbnail

In this day and age, companies great and small are vulnerable to potential attacks that they are exposed to every day. From insider threats to simple phishing, one is always left guessing if they know enough to handle them or are well prepared to face the risks. Educating your staff about basic computing hygiene is one thing, but ingraining in them security practices that they do almost naturally, even beyond the confines of the office, is another. The latter involves being part of a culture where people think, act, and behave the same way. And we’re not just talking about an organic culture, but one that was created with intentionality […]

Mac malware OSX.Proton strikes again

blog-thumbnail

The hackers responsible for the Mac malware OSX.Proton have struck again, this time infecting a copy of the Elmedia Player app that was being distributed from the official Eltima website. At this time, it is still unknown how long their website was providing the hijacked app. Proton was silently added to Apple’s XProtect definitions in early March, and not much was known about it at the time. Then, in May, one of the servers responsible for distributing the popular Handbrake software was hacked, resulting in the distribution of a Proton-infected copy of Handbrake for a four-day period. Now, Eltima Software has fallen victim to a similar attack. Researchers discovered the […]

More trouble in Google Play land

blog-thumbnail

After our mobile security experts repeatedly discovered adware on several apps on the Google Play store, our friends at Symantec have unearthed at least eight malicious apps that are found capable of adding affected mobile devices to a botnet. According to their blog post, the apps have been downloaded and installed onto 2.6 million smartphones, tablets, and possibly some IoTs. Threat actors behind the bogus apps have banked on the popularity of Minecraft, a sandbox video game with a user base of 100 million. They specifically targeted Minecraft: Pocket Edition (PE), which launched in 2015. Symantec explained how the malicious apps work: The app connects to a command and control […]

Top 10 Nastiest Ransomware Attacks of 2017

blog-thumbnail

 We’re revealing the top 10 nastiest ransomware attacks from the past year. NotPetya came in on our list as the most destructive ransomware attack of 2017, followed closely by WannaCry and Locky in the number two and three spots, respectively. NotPetya took number one because of its intent to damage a country’s infrastructure. Unlike most ransomware attacks, NotPetya’s code wasn’t designed to extort money from its victims, but to destroy everything in its path. While NotPetya and WannaCry were first uncovered in 2017, the other ransomware attacks on our top 10 list made their debuts last year. These attacks either continued into 2017 or returned with a vengeance. This top […]

Infected CCleaner downloads from official servers

blog-thumbnail

In a supply chain attack that may be unprecedented in the number of downloads, servers hosting CCleaner, a popular tool for cleaning up the PC, has been delivering a version of the said software with malware. Threat actors have managed to change the files that were being delivered by Avast servers hosting CCleaner updates. In case you are wondering why they were on those servers, Avast acquired Piriform, the original publishers of CCleaner, a few months ago. Piriform is aware of the situation and is acting to prevent further damage. They are also investigating how the files coming from their servers were modified before being released to the public. It […]

Crowdsourced fraud and kickstarted scams

blog-thumbnail

Crowdsourced funding opportunities via Kickstarter, Patreon, and GoFundMe have removed many structural roadblocks for people to access capital quickly and conveniently. But they’ve also lowered the barrier to entry for many very old scams. So how do you tell the difference between a great cause or project to contribute to and a digital confidence scam? What’s outright fraudulent, and what’s just a company with poor organizational skills? Let us take a look at pitfalls on two crowdfunding platforms. Gofundme.com primarily serves personal projects and donation pages, or other campaigns that otherwise don’t fit the more common commercial model found on Kickstarter. Funding requests cover a wide range of needs, from […]

Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards

blog-thumbnail

Sonic Drive-In, a fast-food chain with nearly 3,600 locations across 45 U.S. states, has acknowledged a breach affecting an unknown number of store payment systems. The ongoing breach may have led to a fire sale on millions of stolen credit and debit card accounts that are now being peddled in shadowy underground cybercrime stores. The first hints of a breach at Oklahoma City-based Sonic came last week when I began hearing from sources at multiple financial institutions who noticed a recent pattern of fraudulent transactions on cards that had all previously been used at Sonic.   The accounts apparently stolen from Sonic are part of a batch of cards that […]

Deloitte breached by hackers for months

blog-thumbnail

On September 25, 2017, Deloitte announced that they detected a breach of the firm’s global email server via a poorly secured admin email in March of this year. Further, the attackers most likely had control of the server since November of 2016. Deloitte’s initial statement indicated that only six of their consultancy clients were impacted by the breach, but insider sources later disclosed to the media that the attack most likely compromised every admin account at the firm. The startling severity of the breach has brought attention to Deloitte’s other cybersecurity practices, which, as we can see here with a likely Active Directory server, are not ideal. (There are valid […]

Netflix scam warning

blog-thumbnail

While we are used to receiving scam attempts pretending to be from banks, online shops, credit card companies, and international courier services that does not mean all the other emails are safe. Far from it. To demonstrate this point we will show you a scam aimed at Netflix customers which has been used in the Netherlands and is now doing the rounds in the UK but could just as easily spread to the US. The sender address, in this case, was supportnetflix@checkinformation[.]com and the content of the email informs us that there has been a problem with our last payment. Obviously to those of us who are not customers of […]

Equifax aftermath: How to protect against identity theft

blog-thumbnail

Who here is scrambling around in the aftermath of the recent breach at Equifax to figure out if you’ve been compromised? Who here is wondering what to do about it if you are? If you’re one of the 143 million Americans whose data was accessed by cybercriminals, then you probably raised your hand. Even if you weren’t one of the 143 million, you might still want to take some precautions. You could instead be part of the millions of folks who’ve had their data stolen over the course of online history. Basically, if you have a social security number, have ever run a credit check, or have a pulse, you should listen […]

Equifax Hackers Stole 200k Credit Card Accounts

blog-thumbnail

Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax. Equifax says the accounts were all stolen at the same time — when hackers accessed the company’s systems in mid-May 2017. Both Visa and MasterCard frequently send alerts to card-issuing financial institutions with information about specific credit and debit cards that may have been compromised in a recent breach. But it is unusual for these alerts to state from which company the accounts were thought to have been pilfered. In this case, however, Visa […]

Dow Chemical Balances Between Virtual Teamwork And Workplace Security

blog-thumbnail

Today’s post was written by Ron Markezich, corporate vice president for Microsoft. These are exciting times for one of the world’s largest chemical companies. This month, Dow Chemical expects to finalize its merger with DuPont, creating DowDuPont and spinning off into three global businesses that focus on material sciences, specialty products, and agriculture. Global changes at this level require a complete, intelligent, and secure workplace transformation supported by agile cloud services. We’re excited that Dow chose Microsoft 365 Enterprise to empower more than 60,000 employees to work together creatively in highly secure virtual environments. Mario Ferket, IT engineering director at Dow Chemical, explains why Microsoft 365 Enterprise is part of […]

Beware of Hurricane Harvey Relief Scams

blog-thumbnail

U.S. federal agencies are warning citizens anxious to donate money for those victimized by Hurricane Harvey to be especially wary of scam artists. In years past we’ve seen shameless fraudsters stand up fake charities and other bogus relief efforts in a bid to capitalize on public concern over an ongoing disaster. Here are some tips to help ensure sure your aid dollars go directly to those most in need. The Federal Trade Commission (FTC) issued an alert Monday urging consumers to be on the lookout for a potential surge in charity scams. The FTC advises those who wish to donate to stick to charities they know, and to be on the lookout […]

TD redefines banking in the digital age with the Microsoft Cloud to empower employees and transform the customer experience

blog-thumbnail

Today’s post was written by Jeff Henderson, executive vice president and CIO of TD Bank Group. Growing from Canada’s smallest bank to one of North America’s largest in just over 20 years, TD Bank Group (TD) is in the habit of planning for the future. As we continue to expand, we are taking bold steps to make sure that the technology we use grows with us. Transforming technology at TD starts with listening to our employees and creating a “Workplace of the Future” that supports enhanced mobility and collaboration across the organization. We are deploying Microsoft Office 365 to empower employees to be more mobile and productive, so they can […]

Four Steps To Improving Employee Trust While Securing Your Business

blog-thumbnail

With so many evolving threats from cybercriminals who employ a variety of tactics and techniques, there’s one element that many security pros consider to be the weak link in any security practice–humans. The challenge is to minimize the impact your users have on your well-laid plans to secure them. To help answer this question and inspire anyone else who is facing this same concern, I thought I’d share 4 key steps you can take within your business to help gain trust with your employees while accomplishing your mission. #1 Company Expectations: Your business needs to ensure it has spelled out (clearly) what is expected from your employees. Not just for […]

Adobe And Microsoft Release Critical Security Fixes

blog-thumbnail

Adobe has released updates to fix dozens of vulnerabilities in its Acrobat, Reader and Flash Player software. Separately, Microsoft today issued patches to plug 48 security holes in Windows and other Microsoft products. If you use Windows or Adobe products, it’s time once again to get your patches on. More than two dozen of the vulnerabilities fixed in today’s Windows patch bundle address “critical” flaws that can be exploited by malware or miscreants to assume complete, remote control over a vulnerable PC with little or no help from the user. Security firm Qualys recommends that top priority for patching should go to a vulnerability in the Windows Search service, noting that […]

Back To School Cybersecurity Tips For Parents And Kids

blog-thumbnail

The time to start the new school term is just around the corner. And for parents, the excitement and anxiety may be palpable, especially if it’s their kid’s first time attending a new school. Ads for back-to-school gear start as early as July, increasing in frequency and urgency until the kiddos step foot on the bus. And while they may not be begging you for new pencils and erasers, chances are they’ll turn on the puppy dog–eyed charm when it comes to new tech. Handing your young one their very own mobile device—a laptop, usually—that they can use in their studies almost seems like a rite of passage. In their […]

New Bill Seeks Basic IoT Security Standards

blog-thumbnail

Lawmakers in the U.S. Senate recently introduced a bill that would set baseline security standards for the government’s purchase and use of a broad range of Internet-connected devices, including computers, routers and security cameras. The legislation, which also seeks to remedy some widely-perceived shortcomings in existing cybercrime law, was developed in direct response to a series of massive cyber attacks in 2016 that were fueled for the most part by poorly-secured “Internet of Things” (IoT) devices. The IoT Cybersecurity Improvement Act of 2017 seeks to use the government’s buying power to signal the basic level of security that IoT devices sold to Uncle Sam will need to have. For example, the bill would […]

Things Startups Should Know About Cybersecurity

blog-thumbnail

It’s hard to imagine any business that doesn’t use any form of technology these days. The problem is, any computing infrastructure or equipment can be exposed to various methods of cyberattacks. Just last May, the WannaCry ransomware affected more than 10,000 organizations of all sizes in more than 150 countries. The attack caused stoppages in critical services and operations such as the UK’s National Health Service and several of Renault’s automotive manufacturing plants. Last year, one billion Yahoo users saw their accounts hacked, costing the company dearly. While these reported ones were about large organizations, there were many anecdotal accounts of SMEs getting hit by the attack. Many of these […]

The Real Affect of Ransomware on Businesses

blog-thumbnail

Ransomware is a specialized form of malware that encrypts files and renders them inaccessible until the victim pays a ransom fee. The FBI estimated that ransomware payments were $1 billion in 2016, up from “just” $24 million a year earlier. 2017 will likely see another dramatic increase in extortion payments with tens of thousands of ransomware victims paying several hundred dollars each to recover their encrypted files. Despite the significant payments to the cybercriminals behind ransomware, research has found that most ransomware victims don’t pay the fee that cybercriminals attempt to extort from them. Since most organizations choose not to pay the ransom, the primary challenge stemming from a ransomware attack […]

More Former Employees Than You Know It Take Company Information With Them

blog-thumbnail

How safe is your company’s data? According to a new survey released by tech giant Dell, it is not very safe. The statistics revealed by the survey are dismaying. Be sure you want to know before reading any further, because once you do, it may well change the way you view your own employees. The survey’s key finding was that fully 35 percent of employees report that it’s common to take proprietary company information on leaving their firm. As bad as that is, the rest of the statistics in Dell’s survey were even worse, with 36 percent of employees regularly opening emails from unknown, untrusted sources, which make them extremely […]

FBI: Smart toys could harm children’s privacy and physical safety

blog-thumbnail

The Federal Bureau of Investigation has recently issued a Public Service Announcement (PSA), encouraging consumers—parents, in particular—to think twice before purchasing internet-connected toys. Smart toys and entertainment devices for kids are part of the Internet of Things, and as such, they have built-in Wi-Fi capabilities. This enables them to communicate with the cloud and with each other. Other than that, these are also equipped with sensors, cameras, microphones, and other bits that allow them to not just respond to their child owners but also store data and tag a child’s location for parents/guardians to keep track of them in real time. CloudPets, Hello Barbie, My Friend Cayla, i-Que Robot, and […]

Android’s new security system is now available

blog-thumbnail

Play Protect, a security suite for Android devices, was originally introduced in mid-May of this year during the Google I/O conference. And in just a couple of months, the tech giant has made it available for all their mobile users. Play Protect is the amalgamation of Google’s Android security features, such as Verify Apps and Bouncer, and it’s integrated into the Google Play Store app. As such, users don’t need to look up, download, and install a separate app. Here’s how Play Protect works: It scans and verifies all apps in the Google Play Store before users can download them. It also periodically scans for all apps already installed on […]

7 Tips To Stay CyberSafe

blog-thumbnail

You’ve probably already seen the back-to-school ads on TV and rolled your eyes a little bit. We’re with you: There’s still plenty of summer left. That’s why we want to remind you about some of the cybersecurity pitfalls you might encounter during the remainder of the summer season. Whether you’re home with the kids or heading out on vacation, here are some ways you can tighten up your security profile and avoid spending the rest of the summer reclaiming your identity or filing credit card insurance claims. 1. Monitor your children’s Internet habits. With homework and extracurricular activities for your students, parents may already enforce safe surfing habits during, but […]

Improving Business Leadership Through Technology

blog-thumbnail

Business leaders are tasked with the often tricky obligation of steering organizations to the financial ‘happily ever after’. This is a big responsibility, and as a business leader, you need to be able to foster cooperation across all the levels of an organization, be agile, and be flexible. All these will help you move towards a more lateral type of management. Good leadership is about being able to do away with the conventional, hierarchical structures that only end up in stagnation and bureaucracy and many business leaders are aware of this. Still, many organizations continue to hang on to familiar hierarchies as they always find themselves in some sort of […]

Get the most out of your day with new calendar features in Outlook.com

blog-thumbnail

New calendar features in Outlook.com help you stay on top of your family activities; automatically add dinner reservations, concerts and events to your calendar; follow your favorite sports teams; and share your calendar with others. Here’s a look at the features we’re releasing today, which make your Outlook.com calendar more intelligent and helpful: Microsoft Family calendar—Keep your family up-to-date with a single place for all of your events that everyone in the family can access. Improved calendar sharing—Easily share your Outlook calendar with anyone who has an Outlook.com or Office 365 account. Expanded support for events in your email—Outlook now automatically adds dinner reservations and other events to your calendar. […]

14M Verizon Customer Records Exposed

blog-thumbnail

A misconfigured server of a third-party vendor working with Verizon exposed names, addresses, account details, account personal identification numbers (PINs) and information fields indicating customer satisfaction tracking for as many as 14 million US customers If an attacker were to access the information on this misconfigured server it could allow them to pose as customers in calls to Verizon and gain access to a user’s account. Researchers described this scenario as “an especially threatening prospect, given the increasing reliance upon mobile communications for purposes of two-factor authentication.” In addition, researchers described the information being used in combination with internal Verizon account PINs to takeover customer accounts is not implausible as the weakest point […]