Home Router Alert!! All Have Known Flaws & Most Are Unpatched

There are no routers in the study from the Fraunhofer Institute without known security flaws.  Germany’s Fraunhofer Institute for Communication (FKIE) has carried out a study involving 127 home routers from seven brands to check for the presence of known security vulnerabilities in the latest firmware. The results are appallingThe FKIE study found that 46 routers hadn’t got a single security update within the past year and that many routers are affected by hundreds of known vulnerabilities. …

Has your iPhone, iPad, or iPod touch been hacked? Here’s how to find out

Has your iPhone, iPad, or iPod touch been hacked? Probably not, but there’s so much information on a smartphone — not to mention the fact that it can also be used to precisely pinpoint its owner — that more and more tools exist to help unscrupulous people get a foot in the door of your digital fortress. The good news is that tools exist to help you determine whether your device has been compromised. One such tool that I’ve been testing is Certo AntiSpy. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How you ever wondered if your iPhone has been hacked?Join the conversation on our Facebook Page!

Cortana’s Promotion Is Tied To Microsoft 365

Today, if you click the Cortana button on a Windows 10 PC, you still get the “Ask Cortana” prompt, and you can click the microphone button to start talking. But saying “Hey Cortana” does nothing. All those third-party skills are no longer operative, and Cortana’s notebook has officially been tossed into the digital dumpster. … Cortana is “Your personal productivity assistant in Microsoft 365,” and the tasks are no longer about music and fitness and home automation. Instead, the skill set includes things like catching up with your email, coordinating meetings, and filing expense reports. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

What do you think of Cortana’s new job?Join the conversation on our Facebook Page!

Microsoft’s Firmware Scanner Takes Security to a Whole New Level

Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) is extending its protection capabilities to the firmware level with a new Unified Extensible Firmware Interface (UEFI) scanner.  Hardware and firmware-level attacks have continued to rise in recent years, as modern security solutions made persistence and detection evasion on the operating system more difficult. Attackers compromise the boot flow to achieve low-level malware behavior that’s hard to detect, posing a significant risk to an organization’s security posture.  Windows Defender System Guard helps defend against firmware attacks by providing guarantees for secure boot through hardware-backed security features

Microsoft.com click the link to read the rest of the story.  Get our free tools here.

Has your firm begun using Microsoft ATP yet?
Join the conversation on our Facebook Page!

Ripple20 vulnerabilities will haunt the IoT landscape for years to come

Cyber-security experts have revealed today 19 vulnerabilities in a small library designed in the 90s that has been widely used and integrated into countless of enterprise and consumer-grade products over the last 20+ years.  The number if impacted products is estimated at “hundreds of millions” and includes products such as smart home devices, power grid equipment, healthcare systems, industrial gear, transportation systems, printers, routers, mobile/satellite communications equipment, data center devices, commercial aircraft devices, various enterprise solutions, and many others.  Experts now fear that all products using this library will most likely remain unpatched due to complex or untracked software supply chains. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you going to protect your IOT devices?Join the conversation on our Facebook Page!

Microsoft Teams: Free version can now create video meetings

Users of the free version of Teams, the Microsoft 365 online collaboration platform, can now create video meetings.  The change, spotted by OnMSFT, means Teams free users can create a Teams meeting from their account, rather than only being able to join a meeting created by paying customers. … Microsoft Teams, which launched in 2017, has grown from 44 million daily active users in March, 2020 to 75 million in April, 2020. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Have you used it yet?Join the conversation on our Facebook Page!

Google tracking your private browsing activity?

A class action was filed against Google on Tuesday, accusing the tech giant of invading the privacy of millions of users without their knowledge by tracking internet use even when using private browsing mode.   The class action accuses Google of tracking and collecting consumer browsing history and other web activity data even when using private browsing mode.  The complaint, filed to the District Court of Northern California, claims Google tracks users’ browsing data and other identifying information through Google Analytics, Google Ad Manager, and various other application and website plug-ins, such as Google applications on mobile devices and the Google Sign-In button for websites regardless of what mode of browsing is chosen. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Would you join this lawsuit?Join the conversation on our Facebook Page!

The PC is suddenly in fashion again, but there are tough times ahead

Remote working may have caused many people to value their laptop and desktops a lot more, but the PC industry is likely to struggle as companies and consumers cut back on spending. PCs may have been viewed as yesterday’s news thanks to the rise of smaller form factors like smartphones, tablets and wearables, but trusty laptops and desktops (and variations on them like Chromebooks and even Raspberry Pis) have proven their worth during lockdown for workers and kids doing home schooling.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you upgrading your remote users PC’s?Join the conversation on our Facebook Page!

Hidden Android malware infects thousands of smartphones

A carefully managed hacking and espionage campaign is infecting smartphones with a potent form of Android malware, providing those behind it with total control of the device, while also remaining completely hidden from the user. Mandrake spyware abuses legitimate Android functions to help gain access to everything on the compromised device in attacks that can gather almost any information about the user. The attacker can browse and collect all data on the device, steal account credentials for accounts including banking applications. secretly take recordings of activity on the screen, track the GPS location of the user and more, all while continuously covering their tracks…

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your mobile devices?Join the conversation on our Facebook Page!

Chinese apps can pose security risks

So what are these security concerns? Let’s split these up into two distinct areas to see the strategic nature of these apps and investments;  pps such as UC Browser and TikTok, and investments Chinese companies are making in entertainment-based apps…

Businessline.com click the link to read the rest of the story. Our FREE Tools can help!

Do you use these apps?

Join the conversation on our Facebook Page!

Dark Web selling access to corporate networks

The Dark Web is an underground marketplace where criminals trade in all sorts of illegal or malicious items. One valuable product up for sale consists of information that can help hackers break into corporate networks. Comprised of malware and services, this type of information has seen an increase in Dark Web postings over the past couple of years.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Do you know if access to your business is being sold?

Join the conversation on our Facebook Page!

That used or refurbished Android phone might be unsafe: 6 things to know

If your Android phone isn’t running the latest software, your security and privacy might be in jeopardy. Phones released years ago run outdated versions of Android. That may well mean that they don’t have critical security updates that can keep you — and your data — safe from prying eyes. If you’re concerned about security and privacy on your previously owned phone, here are some things you should consider.

CNet.com click the link to read the rest of the story.  Get our free tools here.

Have you updated all of your mobile phone software?
Join the conversation on our Facebook Page!

Zoom won’t add end-to-end encryption so it can aid the police

Zoom’s decision not to add end-to-end encryption to free users’ calls keeps the door open for law enforcement cooperation, CEO Eric Yuan told analysts in a Tuesday conference call, as previously reported by Bloomberg. “Free user, for sure, we don’t want to give that because we also want to work together with FBI, with local law enforcement…” Yuan said. End-to-end encryption, which the videoconferencing company is currently working on, secures connections all the way from each device to every other device on a call. It’ll only be enabled on paid accounts…

CNet.com click the link to read the rest of the story.  Get our free tools here.

Do you want end to end encryption on your account?
Join the conversation on our Facebook Page!

60% of cybersecurity incidents now due to exiting employees

The majority of staff planning their exit also take sensitive information with them, research suggests.  Employees planning to leave their jobs are involved in 60% of insider cybersecurity incidents and data leaks… According to the Securonix 2020 Insider Threat Report, published on Wednesday, “flight risk” employees, … often change their behavioral patterns from two months to two weeks before conducting an insider attack.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business from exiting employees?Join the conversation on our Facebook Page!

How to use an authenticator app to improve your online security

Want to avoid having your online accounts hacked? Enable two-factor authentication, a crucial security measure that requires an extra step when signing in to high-value services. I explain how to set up 2FA and which accounts to focus on first. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Do you use 2fa?
Join the conversation on our Facebook Page!

​Microsoft 365 (formerly Office 365) for business: Everything you need to know

In this guide, we cover the multitude of Microsoft 365 Business and Enterprise editions… The exact mix of apps and services available with a Microsoft 365 subscription depends on which edition you’ve chosen. The following five services are common to all business and enterprise plans.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

What do you think of Microsoft 365?
Join the conversation on our Facebook Page!

Phishing emails caught exploiting DocuSign and COVID-19

Cybercriminals are exploiting DocuSign, the coronavirus, and the transition to remote working to try to capture account credentials. … The phishing email itself tries to look legitimate by copying the content and images of real emails from DocuSign. … Clicking on the button to review the documents redirects the user several times, first through the SendGrid link and then through two compromised websites. These redirects are created specifically to confuse the user and to get past URL detection security. In the end, the page that comes up is a malicious one …

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Have you encountered this yet?

Join the conversation on our Facebook Page!

Best password managers for business in 2020

Everyone needs a password manager. Period, full stop. It’s the only possible way to maintain unique, hard-to-guess credentials for every secure site you, your family members, and your team access daily.  The 15 programs listed in this guide share many core features.  On a Windows PC, a Mac, or a mobile device, you install a stand-alone program or browser extension that does the work of saving sets of credentials in a database whose contents are protected with high-grade, 256-bit encryption. To unlock the password database, you enter a decryption key (your master password) that only you know. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

What do you like your current password manager?
Join the conversation on our Facebook Page!

 

Spear-phishing campaign compromises executives at 150+ companies

A cybercrime group operating since mid-2019 has breached the email accounts of high-ranking executives at more than 150 companies, cyber-security firm Group-IB reported today.  The group, codenamed PerSwaysion, appears to have targeted the financial sector primarily, which accounted for more than half of its victims; although, victims have been recorded at companies active across other verticals as well.  PerSwaysion operations were not sophisticated

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you prepared for these attacks?
Join the conversation on our Facebook Page!

 

Best encryption software for business in 2020

If strong encryption and security practices are not in place, businesses are not only opening themselves up to potential cyberattacks, but also the loss of corporate and customer information, fines for non-compliance with laws including HIPAA and GDPR, financial damage, and the loss of reputation.  Below, we list our favorite encryption solutions, suitable for users, SMBs, and enterprise players…

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you encrypting everything in your workplace?
Join the conversation on our Facebook Page!

Zoom vs Skype: Can Microsoft offer ‘hassle-free’ video calls?

Skype has now used Twitter to promote a recently added feature that offers users “a simple, hassle-free way to connect with the important people in your life on #Skype, no sign-ups or downloads required”.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Have you tried both lately?Join the conversation on our Facebook Page!

Who has banned Zoom? Google, NASA, and more

Video conferencing app Zoom has had a massive increase in users because of new remote work requirements due to the COVID-19 pandemic. That spike in users also exposed a growing list of security flawsZoom bombing trolls have emerged, user email addresses and photos have leaked, calls aren’t being end-to-end encrypted, and flaws found in the Zoom installer allow an attacker to gain root access to computers that run a malicious version of it.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Are you still using Zoom?

Join the conversation on our Facebook Page!

71% of Security Pros See Threats Jump Since COVID-19 Outbreak

Cybercriminals are exploiting fears around the COVID-19 pandemic to tailor their threats, and businesses are feeling the effects: 71% of security professionals surveyed have seen an increase in security threats or cyberattacks since the coronavirus outbreak began, researchers report.

DarkReading.com click the link to read the rest of the story.  Get our free tools here.

What threats are you seeing?Join the conversation on our Facebook Page!

New Zoom Users beware: Hackers Now Targeting You

As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake “Zoom” domains and malicious “Zoom” executable files in an attempt to trick people into downloading malware on their devices. …

TheHackerNews.com click the link to read the rest of the story. Our FREE Tools can help!

Are you using zoom yet? Update software now?Join the conversation on our Facebook Page!

 

Hackers attacking Citrix and Zoho users during lockdown

The global operation by hacking group APT 41 – widely believed to linked to the Chinese government – targeted businesses in telecoms, manufacturing, healthcare, defence, higher education, pharmaceuticals, banking, media, oil and gas, chemicals, plus government.  Campaigns by APT 41 are often deployed in an effort to steal intellectual property…

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your remote users?Join the conversation on our Facebook Page!

Routers hacked to point you to coronavirus-themed malware

For almost a week, a group of hackers has been breaking into people’s routers and changing DNS settings in order to point unsuspecting device users to coronavirus-related sites pushing malware. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your home from these threats?Join the conversation on our Facebook Page!

Password managers: A little pain for a lot better security

If you’re one of the countless people who unwisely use easy-to-guess passwords or reuse a password for several accounts, cybersecurity experts have a message for you: It isn’t your fault. Memorizing a unique, complex password for each account is impossible. … That’s why many cybersecurity experts suggest using a password manager.

Cnet.com click the link to read the rest of the story.  Get our free tools here.

Do you use a password manager? Join the conversation on our Facebook Page!

“Shark Tank” star loses $388,700 in phishing scam

Barbara Corcoran of ABC’s “Shark Tank” has lost nearly $400,000 in a phishing scam this week. … “I lost the $388,700 as a result of a fake email chain sent to my company,” she told the magazine. “The scammer disappeared and I’m told that it’s a common practice, and I won’t be getting the money back.” …

CBS.com click the link to read the rest of the story.  Get our free tools here.

Is you team trained in how to spot these scams?Join the conversation on our Facebook Page!

Iranian hackers planting backdoors in companies around the world

ClearSky research team has uncovered a widespread Iranian offensive campaign which we call “Fox Kitten Campaign”; this campaign is being conducted in the last three years against dozens of companies and organizations in Israel and around the world. Though the campaign, the attackers succeeded in gaining access and persistent foothold in the networks of numerous companies and organizations from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors around the world. …

ClearSkySec.com click the link to read the rest of the story.  Get our free tools here.

How does your firm monitor such breaches?Join the conversation on our Facebook Page!

FBI: passphrases superior to complex passwords

The FBI says “Instead of using a short, complex password that is hard to remember, consider using a longer passphrase.”  “This involves combining multiple words into a long string of at least 15 characters,” it added. “The extra length of a passphrase makes it harder to crack while also making it easier for you to remember.” …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Do you use pass Phrases?Join the conversation on our Facebook Page!