PNSCG

07/24/2018

The excuse “my company is too small to be a target” is no longer valid, as hackers are using small companies as an entry point into their intended target.

The time is quickly approaching when organization will require that all the companies they do business with can prove that they are doing their best to stay secure.

“The Russian hackers, who worked for a shadowy state-sponsored group previously identified as Dragonfly or Energetic Bear, broke into supposedly secure, “air-gapped” or isolated networks owned by utilities with relative ease by first penetrating the networks of key vendors who had trusted relationships with the power companies, said officials at the Department of Homeland Security.”

Hackers working for Russia claimed “hundreds of victims” last year in a long-running campaign that put them inside the control rooms of U.S. electric utilities where they could have caused blackouts, federal officials said.

06/06/2018

Classic Phishing Scam

A good illustration of how this type of a scam is played out.

05/29/2018

It’s important that everyone reboot their home internet/WiFi routers. Even those provided by an ISP (internet service provider).

How to reboot: unplug the power and waiting 10 seconds to plug it back in will do the job.

The size and scope of this infrastructure impacted by VPNFilter malware is significant. The persistent VPNFilter malware linked to this infrastructure targets a variety of SOHO routers and network-attached storage devices. The initial exploit vector for this malware is currently unknown.

05/14/2018

Adobe has released critical security patch updates for Adobe Acrobat, Reader and Adobe Photoshop CC

04/27/2018

Vendor/Third-party risk management concerns are growing: is your small business prepared?

04/12/2018

This stresses the importance of keeping your PC security patches up to date.

An information disclosure vulnerability (CVE-2018-0950) has been discovered in Microsoft Outlook that could allow hackers to steal Windows users’ login credentials.

07/22/2017

Are you still using the same password for multiple sites or writing them down somewhere "safe"?

As organizations begin to require the use of more complex passwords and that they be changed frequently, it will become more necessary to utilize a password management system.

The best password is one you probably can't easily remember—that's why a password manager is so crucial to your online security. This guide will help you find the best tool for generating and storing strong passwords to shore up your online defenses.

07/15/2017

Great source of information. Too many to list out.

If you are an end user or IT pro, there is something for you here.

Eric Ligman, Microsoft Director of Sales Excellence Blog

07/07/2017

Why SMBs are at high risk for ransomware attacks, and how they can protect themselves

Many SMBs (Small Medium Business) that fall victim to a ransomware attack never recover from it and are eventually forced to go out of business. Taking the necessary steps to reduce the impact of such an attack now, will lessen the chance of potentially loosing all your data and possibly your business.

Awareness- establish an employee awareness program. At a minimum the program should educate employees on:
1. How to detect phishing emails
2. Safe internet browsing
3. Safe file sharing
4. The importance of keeping system patches up to date
5. Reporting suspicious emails

Backups - establish and maintain a backup policy and procedures.

While there are more things that can be done, the above are foundational to improving cyber security

Ransomware cost businesses more than $1B last year, and SMBs are particularly susceptible to attack. Here are some tips and best practices for keeping your company safe.

06/19/2017

No OS is immune to attack.

South Korean web hosting provider pays $1 million to Erebus Linux ransomware hackers to get files back hosted on its hosting servers.

05/14/2017

Patch your systems and always keep them up to date.

A security researcher has activated the 'Kill Switch' to stop WannaCry ransomware, but it's not over yet, install the security patch for Windows SMB vulnerability.