A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.
CAI Managed IT blog
Hundreds of millions of people use wireless Internet connections every day, and as a result, hackers are taking that as a challenge. They are now starting to develop malware that targets people through their routers. Recently, security researchers at Kaspersky Lab have discovered the malware named Slingshot. The code is designed to spy on PCs through a multi-layer attack that targets MikroTik routers. Today we take a look at Slingshot, and other router-based malware and what you can do about it.
The IRS has issued a warning to tax professionals to step up their cyber security to prevent sensitive taxpayer information from being stolen. CPA firms, large and small, are being targeted by hackers and identity thieves, especially during the high traffic tax season.
Just a few months after finding themselves in a firmware fiasco, Intel is making news for all the wrong reasons. This issue had the potential to affect the CPU of a device, causing a severe dip in the performance of the device.
One of the best ways your organization’s network can remain secure is to always use the most recent version of any critical software solutions on your network. Unfortunately, making the jump to a more recent operating system is easier said than done, particularly for small businesses that have limited budgets. The problem of security becomes even more pressing for businesses that need to upgrade multiple servers and workstations, as failing to do so could prove to be fatal for your organization.
All across the United States, banks are rolling out ATM improvements to help boost the security of their members by utilizing mobile devices. While these measures will undoubtedly help, they aren’t enough to fix all of the vulnerabilities that ATMs suffer from without some vigilance on the user’s part.
Thanks to one of Google’s researchers with the Zero Day Project, it has been discovered that LastPass has a major vulnerability as a result of a major architectural problem. This news comes on the heels of many other flaws the same researcher discovered within LastPass. However, based on what the researcher claims, these vulnerabilities were much less serious than his latest discovery.
In recent news, millions of records containing personal information were made available to the public in a sizable data leak, providing potential scammers with plenty of information to utilize in their schemes. These records were all part of a 53 GB database that was available for purchase from Dun & Bradstreet, a business service firm.
Do you know what today is? It’s National Clean Out Your Computer Day! This means that there is no time like the present to make sure that you’re taking good care of your business’s technology assets. In honor of this day, we’ll discuss ways in which you can take better care of your technology.
Banks and companies that manage automated teller machines, better known as ATMs, have been warned against another method thieves have been utilizing to commit identity theft--by no less than the Secret Service.
If you panic in the event of a hacking attack, imagine how the National Security Agency (NSA) feels knowing that some of its exploits are for sale on the black market. While there isn’t any proof that the NSA has been breached, there’s evidence to suspect that their exploits are available for purchase on the black market. This means that a willing hacker could get their hands on government-grade hacking tools--a dangerous concept.
Ransomware is a particularly nasty strain of malware that continues to pop up in unexpected forms. In the case of a new variant of called Cerber, it targets users of Microsoft Outlook using a zero-day vulnerability via phishing messages. To make matters worse, Cerber can also utilize DDoS attacks, which is a major cause for concern.
Microsoft recently issued security patches to fix 27 vulnerabilities, many of which are critical in nature. The vulnerabilities are significant and popular titles are affected like Windows, Microsoft Office, Internet Explorer, and the new Edge browser. Microsoft users that ignore these security patches are putting their system at unnecessary risk.
The ransomware Petya (previously thought to have been eradicated) has unfortunately resurfaced, and it’s brought a friend to the party. Petya was delivered via an email containing an invitation to apply for a job, including the virus in an executable file that was disguised as a PDF job resume. When a hepless user clicked the file, Petya would get to work.
You don’t often hear about mobile operating systems being vulnerable to security threats (desktop vulnerabilities usually hog the spotlight), but when you do, they’re usually major problems that you need to be aware of. One such threat is called “Hummer,” a trojan that has installed unwanted apps and malware to more than a million phones all over the world.
Software vulnerabilities can cause major issues for individuals and businesses. Cisco’s Talos Security Intelligence and Research Group, which is designed as an organization to “protect consumers from known and emerging threats,” has found such a vulnerability with 7zip.
What kind of Microsoft products does your business use on a regular basis? If you can’t answer this question, you could be in trouble when it comes time to update your crucial applications and operating systems. This is a necessary part of working with technology; if your software can’t be considered secure, you need to upgrade to a more recent, better-functioning tool, or find yourself in a dangerous situation.
Do you know which database management system is used by your company’s servers? Obviously your end users aren’t expected to know the answer to this question, but this is something that you, as a business owner, need to be aware of. If you don’t keep track of which database software you’re using, you might accidentally wait too long and wind up running an unsupported piece of software. For example, you need to move away from SQL Server 2005 (which is now unsupported) as soon as possible.
Modern ransomware is exceptionally dangerous, even by malware standards. Ransomware is capable of locking down important files on a victim’s computer, displaying a massive threat to both business professionals and their networks, as well as the average PC user. While other types of ransomware like CryptoLocker and CryptoWall are somewhat manageable, a new variant called CryptoJoker makes it borderline impossible to recover your files.