In some cases, running the latest updates may not necessarily mean that you’re automatically protected from data breaches and data vulnerabilities associated with a specific patch. In recent weeks, a number of security experts have identified two major vulnerabilities found in many modern processors that can exploit access to memory that should remain private, ultimately allowing them to steal your business data (think credentials, email and sensitive data).
Microsoft has already released a patch to mitigate effects of these two vulnerabilities—and many hardware manufacturers are starting to follow suit by rolling out firmware updates to address their security flaws related to processor vulnerabilities. The big problem with these security issues is that they are difficult to completely fix and it can be difficult to tell if your computer has been completely protected against attacks directed at these security issues.
continue reading
One question that keeps popping up is “how do I know if my antivirus is working?” That question is not always clear cut. What I mean here is that antivirus is just one tool meant to help keeping your business safe.
There is no one all end all for business security—I wish I could just download a piece of software on every user machine and server and say “you’re 100% safe”. But the reality of our current cybersecurity landscape is that antivirus is just one of the many tools in your cybersecurity arsenal aimed at keeping your business safe.
In addition to antivirus, you need to make sure your patches are regularly updated, your team understands the current phishing attacks targeting businesses (in some instances, there are very targeted attacks on specific business verticals), you have ‘smart firewalls’ in place, a comprehensive and tested backup solution, backup disaster recovery and an IT Support team that can help your users navigate resolving their issues so that they don’t seek their own unsafe resolution paths (the list goes on!).
continue reading
The latest attacks are costing organizations even more money to recover from ransomware. Will you be the next big victim?
With ransomware attacks hitting governments, hospitals and business small and large in 2018, there is no sign of a shortage of case studies for cyber security experts. One recent attack—which I’m sure you’ve heard about by now—has shown just how costly ransomware can be.
I don’t simply mean the cost of paying the ransom note! While some folks may think ‘pay the ransom and be done with it’ may be the easiest solution to re-mediating a ransomware attack, it’s simply not that simple. While ransom notes have gone up in costs in the last year—the current $50,000 price tag is not even the tip of the iceberg when it comes to costs associated with an attack.
In that big Samsam attack in late March on the city of Atlanta, Georgia I alluded to above, city officials are still figuring out how to cap its security spending. To-date, the city has shelled out over 3 MILLION dollars in contracts to recover from its devastating ransom attack on March 22, 2018. To-date, there is yet a comprehensive resolution to completely re-mediating the effects from the attack.
continue reading
I know that even the thought of a ransom attack on your business leaves a deep burning ulcer-like feeling in the pit of your stomach. We’ve been seeing so many ransom attacks hit businesses, governments, hospitals, you name it—that we’re all tired of seeing the recurring headlines of who was last hit by malicious software encrypting ALL of your critical business files.
But one question that likely won’t surface until you’re actually hit by ransomware is “should I just pay the ransom and be done with this?”
This is a huge question in and of itself. On the one hand, if the criminals kept to their word (usually they do about 75% of the time) you and your team could be back working relatively quickly (typically it takes about a week or so—depending on the size of your network—for a hacker to decrypt all of your files).
continue reading
Ransomware has been wreaking havoc throughout the business world for the past decade. With no signs of stopping, security experts have been troubled as to what to advise to clients.
What specific steps have you likely taken already?
Patched your computers?—while experts have been hounding users for years, several businesses that stay vulnerable to attacks—including those throughout healthcare—lack even the most basic updates (updates that Microsoft and other software companies release free of charge) to keep hackers from penetrating their networks. If you’re powered by Dynamic Edge, rest assured we patch and test patches on ALL of your machines.
Train users to understand consequences of clicking on suspicious links?—I’m sure by now you are well-aware of the necessities in keeping your users up to speed on the latest types of attacks. In fact, many criminals still depend completely on users to give them the keys to your data. If you are a Dynamic Edge client, you should expect training as a part of our service to you (either in person, online or just chatting with a technician). We understand that training is a big part of the puzzle to keep your business and its sensitive data safe.
continue reading
Earlier this year in January and February, Microsoft issued emergency security updates for vulnerabilities in Windows 7 and Server 2008 R2 machines. These patches were to counter the chip vulnerabilities found in Intel x64 processors late last year. This series of patches were coined the Meltdown patches.
The problem?
Unfortunately, in hustling to get a patch ready, Microsoft left major vulnerabilities to your network if you or your IT support team had simply applied the Meltdown patch!
In fact, these patches blew gaping holes in your entire Windows operating system.
continue reading
