The cyberattack on SolarWinds was devastating for many reasons, and Microsoft has officially uncovered yet another type of malware used in the attack on the software provider. This time, it is a backdoor threat they have named FoggyWeb. What does this threat do and why is it so important to look at this incident even now?

While it only makes sense to assume that a cybercriminal would focus specifically on those targets that would bring them the greatest profit—in other words, larger businesses—the reality of modern cybercrime renders this assumption grossly outdated. Let’s examine how different developments in ransomware have made it possible for cybercriminals to be far less discerning in who they target.

Ransomware is such a massive threat that all businesses should be aware of the latest news and findings regarding how it spreads and how it can be prevented. According to a recent report, the latest modes of transporting ransomware have been revealed. What can your organization do to keep ransomware off of its network? Let’s find out.

It doesn’t matter if you are a small locally-owned business or a larger-scale enterprise. Network security is equally important, as all businesses by default collect valuable information for hackers. It makes sense to protect your valuable assets, and your data is one of them. A recent threat called Agent Tesla is just another example of phishing malware designed to steal data from businesses just like yours.

According to a survey conducted by Splunk and Enterprise Strategy Group, more business leaders intend to funnel funding into their cybersecurity—88 percent of respondents reporting a planned increase into their investments, 35 percent reporting that these boosts will be substantial. Let’s examine a few of the insights that this survey has revealed.

Ransomware is the scariest type of malware out there. It can have a myriad of negative effects on a business, yet it seems to still be on the fringe of the mainstream. Today, we thought we would give somewhat of a refresher course on ransomware. 

The growing popularity of ransomware has been disconcerting to many IT professionals, particularly due to the different tactics that this malware variant has been spotted utilizing. In order to protect your business from these attacks, it helps to know how they work. We’ve put together a beginner’s field guide to ransomware types to help you identify (and hopefully avoid) it.

Ransomware attacks grew less common in both 2018 and thus far in 2019 when compared to 2017. Unfortunately, recent events have made it more likely that this trend will reverse in the near future. Why is that? Simple: some municipalities have set a precedent of paying up.

Your business is susceptible to countless threats and vulnerabilities, all of which aim to bring your organization crumbling to the ground. These include all types of technology-related problems that cause downtime and other terrible situations that your business has to overcome. Let’s look at some of the threats you face from day to day, and try to establish an appropriate response to each.

There was a time when people didn’t have to worry about getting computer viruses on their cell phones. Nowadays, with the exponential growth of mobile technologies, including application development options, mobile malware has become a problem, and it can be a big problem for your business. Today, we’ll take a look at the growing mobile malware market, from the threats to what you can do to keep it from being a problem for you.

While modern security solutions have made great strides to protect businesses, there are still a lot of threats out there that can create problems for your organization. If you don’t take a proactive stance on security, you could potentially expose your network to incoming threats of all kinds. We’ll help your business understand what threats are out there, why they are dangerous, and what you can do to keep your organization secure.

With a meager market share that is one-third the size of Google’s, one would think that Bing would be trying to keep controversy away from a user’s search results. However, the Microsoft search engine has recently encountered a few notable PR disasters that may be enough to convince some not to use it - especially if it leads to a security breach.

Ransomware has now been a major threat to businesses and other organizations for a couple of years, and 2018 is no different. For those who don’t know, ransomware is a form of malicious software (malware) that threatens the elimination of hijacked and encrypted data if a user doesn’t pay a ransom. It is known to be one of the most prolific and pervasive threats seen on the Internet today. We will take a look at how ransomware has evolved over the past several years, what the future of ransomware looks like, and what you can do to protect yourself against it.

Phishing scams have one of the most descriptive names in all of computing, mostly because of how similar phishing is with fishing. Just as one does when one goes fishing, bait is dangled in the hopes of getting a bite - but to take the comparison one step further, different types of bait can be used, depending on the catch one is trying to make.

Every business owner needs to consider how to approach network security. This is especially true with the litany of threats that face their organization’s network from simply being connected to the Internet. It may sound like an overstatement at first, but when you consider what some huge corporations--that have some very deep pockets--have dealt with very recently, it becomes evident that figuring out how to approach cybersecurity is one of the most important considerations any business owner has to make.

Certain threats out there are dangerous enough to cause major entities to warn against them. In particular, a recent malware by the name of VPNFilter has been deemed dangerous and prevalent enough that the FBI has addressed it. Since the malware targets routers (probably not your first guess in terms of possible vulnerabilities), it has considerable potential to become a nuisance for your organization.

Hackers and cybercriminals, like most people, tend to gravitate towards high-reward activities. In this case, that means that focus is turning to creating malware that attacks the router, potentially infecting the users that leverage it to connect wirelessly to the Internet. Researchers at Kaspersky Lab recently discovered an example of such a malware, so today, we will review this threat and how to best protect your network.

Email is often touted as a favorite medium for launching cyberattacks against businesses and individuals. This is because it’s easy to hide the true intent behind an email attack within its contents, whether they are embedded images in the message itself, or links to external sources. How can you know for sure whether the links in your email inbox are legitimate?

In a statement given by Tom Bossert, the homeland security adviser to the White House, blame for the WannaCry attacks leveraged from May 12th to the 15th in 2017 was attributed to the Democratic People’s Republic of Korea. This assertion is in line with the conclusions that New Zealand, Australia, Canada, and Japan have come to, according to Bossert.

Would you be surprised if we told you that cybercrime is one of the biggest threats to the success of your organization? Unfortunately, there’s no escaping the fact that your business will be under fire from all sides by security threats. One of the most notorious methods includes phishing--email scams that are designed to harvest credentials and other information from unsuspecting users.

Would you be surprised to hear that there are at least 1.4 million phishing websites set up each month? These numbers come from the Webroot Quarterly Threat Tread Reports, which estimate May 2017 as an all-time high for phishing website increase at over 2.3 million websites being set up during that month. This makes phishing one of the most prevalent methods of fraud in the world--in fact, phishing scams are the number one reason for data breaches all over the world.

Here are three of the most notable phishing scams from 2017 that you may have missed.

Amazon Shipping Phishing Scheme
Earlier this year, there was a massive phishing scam which disguised emails as coming from Amazon. The emails appear to be legitimate, but when you click on the link located in the email, you’ll be directed to a domain that either has nothing to do with Amazon, or closely resembles it, but isn’t quite the genuine article. The emails try to convince users to confirm their login credentials by logging into a portal that looks like the actual login screen.

Google Docs Hack
If you’ve ever used Google Docs to share text documents with others, you know that you’ll receive an email with a link to the document. You should never click on links in unsolicited emails, but you’d think you can trust something supposedly coming from a big company like Google. The truth of the matter is that the phishing scheme was notable because it tricked users into granting permissions to third-party apps rather than hand over personal credentials. It’s part of a growing trend that sees phishing malware growing more sophisticated, which should be cause for concern for just about anyone--particularly business owners.

IRS W-2 Tax Season Phishing Scams
Your business deals with employee W-2 forms and other information that’s important during tax season. In particular, tax season is a very popular time for phishing attacks, as users are expecting emails to confirm the submission of their tax forms. Recent phishing attacks targeting businesses asking for W-2 forms or other personal information can safely be regarded as phishing scams, and they only get worse during tax season.

For more information about how to avoid phishing scams and other issues, reach out to us at (508) 622-5100.