Need Assistance? Call us at (512) 814-8044, or submit a ticket

Protect Your Business From Dangerous Cryptomining Activities

Why Small Organizations Should Be Worried About Illicit Cryptomining Activities

cryptomining activity

There is a scourge currently targeting small businesses and organizations and many are not even aware of it because it does not do anything sensational meant to cause harm. It does not install a virus, send phishing emails, or attempt to kidnap business data for ransom. That scourge is cryptocurrency mining, or simply cryptomining.

What is cryptocurrency?

Cryptocurrency is a form of digital currency that can be used in exchange for goods, services, and even real money, similar to other currencies. However, unlike other currencies, cryptocurrency operates independently of a central bank and uses encryption techniques and blockchain technology to secure and verify transactions.

To quote Malwarebytes, “Two words—“cryptography” and “currency”—combine to form “cryptocurrency,” which is electronic money, based on the principles of complex mathematical encryption. All cryptocurrencies exist as encrypted decentralized monetary units, freely transferable between network participants.” Or put more simply, cryptocurrency is electricity converted into lines of code, which have a real monetary value.  (See a detailed article by Malwarebytes on this topic here).

While Cryptocurrency may be in its infancy, its popularity continues to increase, some would say, exponentially. You may have heard of terms like Bitcoin, Litecoin, Monero, Ethereum, Ripple etc. These are just a few types of the cryptocurrencies currently available. (more…)

Share

Comments Off on Protect Your Business From Dangerous Cryptomining Activities

How To Protect Online Data Privacy Using Enhanced Tools

Mobile device showing the various tools of data privacy attacks

In the first place, and speaking of data privacy, have you ever wondered why some online ads you see are targeted to your tastes and interests? Or how websites remember your preferences from visit-to-visit or device-to-device?

The answer may be in the “web tracking cookies” installed on your computer when you visit a website, and other online tracking methods like:

  • Device fingerprinting where information is collected about your device for the purpose of identification,
  • Cross-device tracking technology which enables the tracking of users across multiple devices such as smartphones, television sets, smart TVs, and personal computer, and
  • Cross-site tracking where companies collect data on where you’ve been and what you’ve done across multiple websites.

What is a web tracker?

A web tracker is a small computer program (called script) placed by a website on your computer and is designed to collect information about your preferences and who you are as you interact with the site. Sometimes this script is placed purposefully by the website you’re on, other times a script may be from a website you’ve never visited. (more…)

Share

Comments Off on How To Protect Online Data Privacy Using Enhanced Tools

How Software Vendors Encourage The Use Of Insecure Legacy Applications

QuickBooks "Internet Explorer is turned off" Error Message

Generally speaking, it is a common practice among IT professionals to associate bad user experience and clunky User Interfaces with legacy applications, and we bemoan the reluctance of users to use new and modern applications “that are right there.”

As a matter of fact, while we very often lament the refusal of technology users to wean themselves away from using legacy or outdated applications, the reality could be that sometimes, users have no choice in the matter: use legacy apps, or productivity comes to a screeching halt.

What Is A Legacy Application?

A legacy application (legacy app) is a software program that is outdated or obsolete. Although a legacy app still works, it may be unstable because of compatibility issues with current operating systems (OSes), browsers and information technology (IT) infrastructures. – – Definition from TechTarget

For example, at the start of 2016, Microsoft ended support for all versions of Internet Explorer (IE) prior to version 11. Users still browsing with older versions like IE 6 could continue to do so, but website pages were no longer going to be coded to be compatible, and any bugs or errors within the Internet Explorer program will not receive attention from Microsoft. (more…)

Share

Comments Off on How Software Vendors Encourage The Use Of Insecure Legacy Applications

How Businesses Can Protect Their Wireless Access Points

Image of Wireless Access Points And Devices

The current high rate of mobile users warrants that wireless access users, especially business users, should know how to protect their wireless access points.

First of all, regular business travelers, high-tech adventurers, or those who just love traveling are increasingly vulnerable to unique cyber security threats. This is even more dire in the case of business travelers because they often carry sensitive data that may be personal or business related.

And most noteworthy, this sensitive data reside on a variety of devices from laptops, tablets, and smartphones to other smart devices such as wearables and home appliances.

A recent survey of financial districts found a high percentage of Wi-Fi clients actively probing for “Free Public WiFi”, and cyber criminals create fake wireless access points (SSIDs), hoping that unsuspecting users will log into one of these.

Fraudulent SSIDs Can Lead To Wireless Access Points Attack

It can be tough to convince users — especially those challenged by shrinking travel budgets — to avoid the temptation and draw of free wireless Internet access. When employers can’t or won’t pay for unlimited wireless Internet, employees get creative. Why should they waste thankless hours waiting for planes and trains when they could be using Free Public WiFi to catch up on mail, download iTunes, or watch a little Slingbox? (more…)

Share

Comments Off on How Businesses Can Protect Their Wireless Access Points

Credential Management Vulnerabilities Exposed By Breaches

Credential Management BreachThe recent breach of OneLogin is once again shining the spotlight on the safety and sanity of entrusting sensitive data to cloud-based credential management services. OneLogin provides single sign-on for cloud-based applications.

What Is A Credential Management Service?

Credential management services that offer Single Sign-On or SSO are great, but as we are beginning to find out, it could also be a single point of entry to a treasure trove of sensitive data for cyber criminals.

How Does A Credential Management Service Work?

The way credential management services work is that after a user of these Identity and credential management services sign into their account, the service takes care of remembering and supplying the customer’s usernames and passwords for all of their other applications. It pretty much attempts to save the user the pain and stress of trying to remember numerous passwords, security questions and other hoops people normally have to jump through just to access some online services.

What Is The Problem With Credential Management Services?

While a lot of these services promise secure access to, and a simplified Identity and Access Management (IAM), the recent spate of multiple breaches of LastPass and now OneLogin makes us wonder just how efficient and  secure these credential management services really are. And here is why: a single compromise exposes the credentials of all users, especially if that data theft includes the ability to decrypt encrypted data [thanks to Mark Maunder of Wordfence for that emphasis].

A breach that allows intruders to decrypt customer data could be extremely damaging for affected customers.

The vulnerabilities in credential management services like LastPass were so bad that Tavis Ormandy, a security researcher at Google’s Project Zero wondered if people were “really using this lastpass thing” because he took a quick look and could see “a bunch of obvious critical problems”. (more…)

Share

Comments Off on Credential Management Vulnerabilities Exposed By Breaches

Is The Desktop Really (Pretty Much) Dead?

I read an article recently claiming that “The desktop is (pretty much) dead” and I could not help but wonder if this was just an attempt at riling people up, drawing readership (they got me to read it), or just plain fantasy that “cloud” providers cook up to justify their continued push for ever increasing budgets with limited returns.

Sure, they bombard us with International Data Corporation (IDC) statistics and charts to bolster their arguments. But like sports analysts who glowingly call U.S. MLB, NBA & NFL champions “World” champions, one is forced to ask “what “World” are they referring to?” (more…)

Share

Comments Off on Is The Desktop Really (Pretty Much) Dead?
Close Menu
Share
Share