Tuesday, December 31, 2019

Netherlands Warns of Global Ransomware Attacks


As this week’s newsletter reveals, ransomware attacks are impacting businesses of every size in every sector. This malware, which restricts access to a company’s IT infrastructure, is often totally debilitating, resulting in opportunity and productivity costs that accompany the already high price associated with ransomware recovery. 

Now a report from the National Cyber Security Center in the Netherlands is shedding some light on just how expansive this malady really is. The report found that 1,800 companies around the world are currently impacted by ransomware, a staggering number that officials believe underrepresents the real sum, since many ransomware incidents go unreported. 

What’s more, the report found that cybercriminals often rely on a single network intruder to plant the malware. These credentials can cost as much as $20,000 on the Dark Web, but they are readily available, and businesses need to know if their information is available on underground marketplaces to protect their IT from infiltration. Ransomware attacks have proven to be a low-risk, high-reward endeavor for many cybercriminals, which means that these attacks are unlikely to abate any time soon. Instead, SMBs should turn their attention towards maintaining a robust defensive posture capable of ensuring that their company name isn’t added to the growing list of companies impacted by ransomware.

https://www.bleepingcomputer.com/news/security/dutch-govt-warns-of-3-ransomware-infecting-1-800-businesses/


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Monday, December 30, 2019

Australian Companies have dangerous Data Sharing Practices

Third-party partnerships have become a normative, even necessary, component of doing business in 2019. Unfortunately, for many companies these potentially beneficial relationships are often a liability when it comes to data security. According to a recent study by Security in Depth, 84% of Australian companies had not completed a formal review of their data sharing practices with third-party partnerships, a staggering amount of negligence in today’s digital environment. 

For instance, nearly 60% of those surveyed acknowledged that they had experienced a third-party data breach in the past 12 months, a 3% increase from the previous year. These figures reveal a growing chasm between the known threat landscape and the steps that companies are willing to take to protect their valuable company and customer data. 

Indeed, today’s threat landscape is expansive, but companies can mitigate many of the most prescient threats by partnering with MSPs that can offer best practices for securing third-party vulnerabilities. As the cost of a data breach quickly escalates, business leaders have millions of reasons to focus on cybersecurity as a business priority.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Thursday, December 26, 2019

DarkWeb Trends

ransomware costs companies on multiple fronts, phishing scams have extensive data security consequences, and companies fail to adequately evaluate their third-party data sharing standards. 
Dark Web ID Trends:
Top Source Hits: ID Theft Forums 
Top Compromise Type: 
Domain 
Top Industry: 
Medical & Healthcare 
Top Employee Count: 
1 - 10 Employees 

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Wednesday, December 25, 2019

Merry Christmas!



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Tuesday, December 24, 2019

Monday, December 23, 2019

Dark Web Trends

ransomware erodes profitability, healthcare providers struggle to protect PII, and data breaches officially reach an all-time high. 
Dark Web ID Trends:
Top Source Hits: ID Theft Forums 
Top Compromise Type: 
Domain 
Top Industry: 
Education & Research 
Top Employee Count: 
1 - 10 Employees 

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Friday, December 20, 2019

What motivates a Cyber Attack?





Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Attack Motivations Nov 2019




Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Thursday, December 19, 2019

Does your state have data privacy laws?



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

We Couldn't Do This Without You



Dear Friends,

River Legacy Living Science Center is a Nature Center surrounded by beautiful River Legacy Park where you can learn, explore, play, and escape. River Legacy Foundation needs your help to continue our mission.
By supporting River Legacy, you keep trails, bridges, creeks, walkways, and habitats along the Trinity River accessible and inviting. You provide the opportunity for thousands of urban children to have their FIRST WALK IN THE WOODS. Your help allows them to fall in love with nature!
Your support shows that you care for animals that live here.

You partner with our Nature Center to create a rich, outdoor education experience that connects people to the environment and inspires them to protect the Earth.
Please support River Legacy Foundation. When you care about something, you nurture and protect it, now and for future generations.

Thank you for supporting River Legacy.
Jill Hill
Executive Director
817.860.6752, ext. 108
Becky Nussbaum Gerro
Director of Development
817.860.6752, ext. 120

Wednesday, December 18, 2019

Important Security Update from Ring



The facts about
password security.
You may have seen reports recently about our customers' Ring accounts. Rest assured, we've investigated these incidents and did not find any indication of an unauthorized intrusion or compromise of Ring's systems or network. However, even though Ring's systems were not compromised, we do want to share how these issues occurred, and some easy steps you can take to further protect your Ring account and other online accounts.
Here's what happened.
Malicious actors obtained some Ring users' account credentials (e.g., username and password) from a separate, external, non-Ring service and reused them to log into some Ring accounts.

When people reuse the same username and password on multiple services, it's possible for malicious actors to gain access to many accounts.

We've taken appropriate action to block these malicious actors and contacted all affected users directly.
Here's what you can do now.
Even if your credentials were not obtained by malicious actors, we strongly encourage everyone to enable Two-Factor Authentication and follow these password best practices.
Enable Two-Factor Authentication.
Turn on this enhanced security feature in the Ring app to receive a unique code via text message to your phone whenever you or someone else attempts to log into your Ring account and is asked for your Ring password. Many other online services offer Two-Factor Authentication as well, and we encourage you to turn this feature on wherever available in your other online accounts.
Add Shared Users.
Don't provide your login information to others. If you want to share access to your Ring devices with other people, simply add them as a Shared User. This allows you to maintain control of your account. And if you currently have Shared Users, please ask them to enable Two-Factor Authentication and follow the password best practices below.
Learn More
Use different passwords for each account.
By using different usernames and passwords for your various accounts, you reduce the risk that a malicious actor could reuse credentials compromised from one account to access another of your accounts.
Learn More
Create strong passwords.
When creating a password, use a mix of numbers, letters (both uppercase and lowercase), and symbols – embracing long, non-dictionary based words or phrases.
Learn More
Regularly update your passwords.
It's good practice to update your passwords every 3-6 months. If it has been more than 6 months since you last updated, we recommend updating it now.
Learn More
As a neighbor of Ring, your safety is our highest priority. We're committed to helping you keep your home safe and protected – and that means keeping you informed with best practices for your online security, too.

If you have questions or need assistance turning on Two-Factor Authentication or changing your password, please contact help@ring.com.

Wishing you a safe and happy holiday,
The Ring Team

New Threat Actor Impersonates Government Agencies


Cybersecurity researchers are warning consumers of a new threat actor impersonating government email accounts in the US and EU. To date, researchers have discovered hoax emails from the US Postal Service, the German Federal Ministry of Finance, and the Italian Revenue Agency. The emails are delivering malicious payloads containing ransomware to a variety of recipients. 

While researchers found that cybercriminals are targeting a broad audience with their messages, they concluded that most are heavily skewed toward businesses, which offer higher payouts and more robust data sets when attacks are successful. 

Fortunately, malicious emails rely on user response, so businesses can protect themselves by training their employees to spot fraudulent emails. This particular attack might be new, but the strategy is well-established, and today’s employees need to be aware of the threats that are potentially lurking in their inboxes.

https://www.bleepingcomputer.com/news/security/new-threat-actor-impersonates-govt-agencies-to-deliver-malware/

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Tuesday, December 17, 2019

Less than 30 days till Windows 7 is no longer supported.

On January 15th Microsoft will be ending support for Windows 7.  This does not mean that your computer will stop working, however, you will get a popup warning from Microsoft...  What is does mean is that Microsoft will no longer be providing patches, this can leave your network and data vulnerable to compromise.. 

You do have options, and depending on the age of the actual PC hardware, you may be able to simply run an upgrade on the operating system software.  This is also a good time to look at upgrading your hardware that would include an upgrade to Windows 10. 

If you need help or want more information on what this means please call me at 817.505.1257 or schedule a time with me at https://calendly.com/robertblake/30min

I will be happy to discuss your options for upgrading your windows or any other computer needs you may have.


imgpsh_mobile_save.jpg

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Data Breaches Reach New Highs



2019 has been a notorious year for data breaches, a reality that is playing out in front page headlines and major industry studies. According to Risk Based Security’s Q3 2019 Data Breach Report, it’s the worst ever recorded in history. 

The year’s third quarter saw a year-over-year increase of 112% in the total records exposed. Unfortunately, this isn’t all attributable to the high-volume data breaches at major corporations. This year, SMBs, government agencies, and educational institutions are also seeing an uptick in cybersecurity incidents, together creating a 33.3% increase in the total number of breaches for the year. 

Notably, many of these data breaches were avoidable. From misconfigured databases to phishing attacks, businesses have many options at their disposal for proactively protecting their most sensitive information. There is no indication that this recent data breach trend is likely to abate anytime soon, so businesses of every size have plenty of reasons to ensure that negligence isn’t the cause of yet another data catastrophe.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Thursday, December 12, 2019

Australian Cybersecurity Personnel Are On the Verge of Burnout


For companies around the world, the threat of a data breach is becoming ever-present. This reality is especially pronounced in Australia, where cybersecurity professionals are reporting fatigue and burnout as they battle the litany of threats facing their companies. According to the 2019 Asia Pacific CISO Benchmark Study, the burnout rate among Australian organizations is more than double the global average of 30%. 

In total, 69% of Australian organizations are receiving more than 100,000 cybersecurity alerts every day, significantly higher than the global average. At the same time, the survey, which polled 2,000 information-security professionals, found that Australian organizations were slower to respond to data breaches than companies in other countries. Such behavior compounds costs, as 84% of Australian businesses that experienced a data breach admitted that the expenses exceeded $1 million, a significantly higher sum than other countries in the region. 

SMBs are already struggling to hire sufficient cybersecurity personnel, so supporting IT professionals is a critical component of any company’s cybersecurity initiatives. Fortunately, they don't have to do it alone. The supportive services of an MSP can augment capabilities, lightening the load on in-house cybersecurity professionals.

https://www.cso.com.au/article/668151/surging-breach-alert-identity-burdens-fatiguing-security-practitioners-australia-more-than-anywhere-else/

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Wednesday, December 11, 2019

Google Has Access to Personal Health Information of Millions of US Patients



Recently Google partnered with Ascension - one of the largest health systems in America - but did so quietly. This partnership allows Google access to all of Ascension's patients' data. Ascension operates 150 hospital 21 states.

The effort was code named "Project Nightingale," and has allowed some Google employees access to data including names, birth dates, addresses, family members, allergies, immunizations, radiology scans, hospitalization records, lab tests, medications, medical conditions, and even some billing records. 

The current agreement does not appear to be a violation of HIPAA (Health Insurance Portability and Accountability Act). Google has been looking to expand their health information efforts, including plans to acquire Fitbit. However, Google has responded to the news of the partnership to say the data will not be used other than to assist Ascension medical providers.



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Tuesday, December 10, 2019

Italian Precision Engineering Companies Hit with Spear Phishing Campaign

Italian precision engineering companies are the latest victims of spear phishing attacks that trick employees into compromising personally identifiable information, login credentials, or other sensitive data. 

The attacks are arriving in employees’ inboxes disguised as authentic-looking inquiries from potential customers. The emails appear with a seemingly innocuous Microsoft Excel spreadsheet that actually contains a fileless trojan capable of capturing users’ credentials. 

The Excel spreadsheet is filled with lists of spare parts, real catalog codes, and other ordering information, making the attacks especially difficult to identify. In addition, the emails are being sent under the guise of international textile producers, a viable client for precision engineering companies.

Currently, only a fraction of antivirus software detects credential stealing malware, which underscores the importance of cybersecurity best practices for protecting company data. Holistic employee awareness trainingequips employees to spot phishing scams and trains them to follow cybersecurity best practices with a simple, streamlined solution.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Friday, December 6, 2019

Dark Web Trends

healthcare data is targeted by cyber criminals, lax account security compromises PII, and Australian cybersecurity specialists are on the verge of burnout.

Dark Web ID Trends:Top Source Hits: ID Theft Forums
Top Compromise Type: Domain 
Top Industry: Finance & Insurance
Top Employee Count: 1 - 10 Employees 


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com