Comar Technologies

09/29/2025

In many growing businesses, access controls take a back seat to convenience.

But before you know it, the wrong people have access to the wrong things.

Here’s what that risk looks like in real life:

▪️ Someone in sales can view HR files they shouldn’t
▪️ An ex-employee’s login still works months after they left
▪️ A generic login is shared by half the team

These situations aren’t just inefficient. They’re dangerous.

Over-permissioned accounts make it easier for attackers to move laterally once they’re in. One breach can escalate fast if access isn’t limited.

Here are four simple ways to close the gap:

1) Set access levels based on job responsibilities
2) Schedule regular permission reviews
3) Immediately deactivate accounts during offboarding
4) Avoid shared logins, use individual credentials, and MFA

Is your business giving away more than it should?

09/27/2025

09/24/2025

AI has the potential to transform cybersecurity: automating detection, surfacing smarter insights, and easing the burden on security teams.

But achieving those outcomes takes more than plugging in a new tool.

Here are a few common obstacles that get in the way:

1. Unreliable data. AI depends on clean, complete input. Inaccurate or inconsistent logs can lead to blind spots or false alarms.
2. Lack of situational awareness. An AI engine might detect unusual behavior, but without knowing your business context, it can misread what’s truly risky.
3. Disconnected systems. When tools don’t integrate well, valuable insights remain fragmented, and response times suffer.
4. Skill shortages. AI-driven environments require a different set of skills. Without proper training and support, teams can’t use these tools effectively.

How is your organization preparing for AI in security?

09/18/2025

Think a link looks safe just because it’s been scanned and wrapped by a security tool?

Think again.

Attackers are now using link-wrapping services (services that rewrite URLs to protect against malicious sites by routing them through a secure server for scanning) to disguise phishing links that lead to fake Microsoft 365 login pages.

Here’s how it works:

▪️ Attackers hijack a real email account
▪️ They use a URL shortener to mask a phishing link
▪️ A link-wrapping service scans and rewrites the link to look secure
▪️ The email lands in your inbox, appearing clean and trusted
▪️ One click leads to a fake Microsoft 365 login page designed to steal your credentials

Subject lines like “New voicemail,” “Secure document,” or “Message in Teams” make it feel routine. But the damage can be anything but.

It’s not about paranoia, it’s about awareness. Even “safe-looking” links deserve a second glance.

Have you seen suspicious emails sneak past your filters lately?

09/16/2025

Did you know today is National IT Professionals Day?

From maintaining secure systems to solving problems before most of us even notice them, IT pros keep the digital world moving.

At Comar Technologies, we are proud to work alongside a team of talented IT experts whose dedication and skill help our clients thrive.

We wouldn’t be where we are today without them.

Join us in celebrating the IT professionals in your life on this special day!

09/12/2025

Windows 10 is officially being retired on October 14, 2025.

After that, Microsoft will end support for the decade-old operating system.

For businesses still relying on Windows 10, here’s what that really means:

▪️ Ongoing vulnerabilities won’t be fixed, making systems easier to exploit.
▪️ Compliance requirements may no longer be met, especially in heavily regulated industries.
▪️ Software and hardware may stop functioning reliably as vendors prioritize Windows 11.
▪️ Extended Security Updates? They are available, but costly and only temporary.

It’s easy to think, “We’ll deal with it later.” But the longer you wait to transition to Windows 11, the more risks you take.

The deadline isn’t far off. If you haven’t started preparing, now is the time.

Need guidance? Check out the article in the comments to help you map out the next steps.

09/01/2025

Happy Labor Day!

Today, we’re celebrating the people who keep things running: On the ground, behind the scenes, and everywhere in between.

If you’re off today, enjoy your well-earned rest. And if you’re still working, we hope you find some time to reflect on all you’ve accomplished.

Thank you for everything you do.

08/23/2025

In 2021, the notorious REvil ransomware gang reappeared.

For us, this moment was more than just another headline. It was a clear reminder of how persistent and adaptable these threat actors can be.

REvil had already proven they could disrupt supply chains and target high-profile organizations.

So, when they resurfaced, it sent a message:

· Ransomware groups don’t just disappear
· Takedowns are often temporary
· The threat landscape is constantly shifting

What stood out most was how quickly things changed. One day, the group was gone. The next, they were operating like nothing had happened.

That’s why we believe cybersecurity should never be treated as a one-time fix. It’s an ongoing process. And staying ready means:

· Regularly testing backups
· Maintaining strong endpoint security
· Updating and practicing incident response plans
· Treating employee training as a culture, not a checkbox

REvil’s resurgence might feel like history. But the lesson is still relevant. Complacency is not an option.

08/21/2025

Just because a system is still running doesn’t mean it’s safe.

Legacy infrastructure often plays a key role in daily operations. But as it ages, it quietly increases your exposure to security threats.

Some of the key issues we see with outdated systems include:

· Security patches stop coming. That leaves exploitable holes that ransomware groups are quick to find.
· Older tech lacks defenses. Malware often slips past protections that weren’t designed for today’s threats.
· Integration causes friction. Modern tools connected to legacy systems can open up new vulnerabilities.
· Hackers take notice. They actively scan for unpatched systems and use them as an entry point into broader networks.

If you can’t retire these systems yet, make sure you’re managing the risk.
Prioritize visibility. Strengthen your defenses. And build a clear plan for containment.

Because the longer legacy systems go unchecked, the more they put the rest of your environment at risk.