>





5 Ways to Help Secure Your Hyper-V Virtual Machines


Posted on 10/16/2017



5 Ways to Help Secure Your Hyper-V Virtual Machines.


The security of every server on your network is of paramount importance. Virtual servers are no less important, nor inherently any more secure - though their virtual design may leave some with that impression. As with any other server, follow these general steps for a good start on securing your VM servers:

READ MORE.

Click here for Free Assessment


VIDEO QUICKTIP: How to Prepare Your Water Damaged Hard Drive for Restoration


Posted on 10/10/2017



VIDEO QUICKTIP: How to Prepare Your Water Damaged Hard Drive for Restoration.


After the recent string of damaging hurricanes that hit Texas, Florida, and the Caribbean, many businesses may be left with damaged computers, printers, and servers. All of the equipment above can be replaced — what can’t be replaced, however, is your company’s critical data.

The safest way to protect your business data in the face of a natural disaster is through remote, redundant backup. The vast majority of business backups are done on-site — often on drives located directly next to the computers they’re backing up. But if a flood affects your office, those backups can be destroyed. CMIT’s Guardian solution houses your critical business information in dedicated locations that are safe, secure, and often located far away from the natural disaster you might be facing.

If you do have hard drives that were damaged by rising floods, record rainfall, or any other water, don’t despair — there’s a chance your business information could be recovered. It is imperative, however, to act carefully with a water-damaged device. Many ideas that might seem like common sense can have disastrous consequences. Follow the steps below in our latest installment of our Video QuickTip, and if you are unsure, proceed only after consulting a trusted IT provider.

READ MORE.

Click here for Free Assessment


Yahoo Breach Even Bigger Than Thought — 3 Billion Impacted


Posted on 10/4/2017



Aaron Montemayor Walker @ G2 Crowd.



More and more information has come to light since Yahoo’s major security breach in 2013. In September 2016, Yahoo revealed that a hack in 2014 comprised an estimated 500 million. A second disclosure in December of that year acknowledged that an earlier hack in 2013 was found to 1 billion user accounts.

Today that number is reportedly 3 billion, virtually every single Yahoo account in existence, making it far and away the largest known cybersecurity breach in modern history.

With the 2014 Yahoo breach at number two, additional runners-up include the Adult Friend Finder breach of 2016 and the eBay breach of 2014, which hit 412 million and 145 million users, respectively. Newest data also puts the Equifax breach on par with eBay’s.

READ MORE.

Click here for Free Assessment


New 2017 Compliance Standards Could Radically Change the Cybersecurity Landscape


Posted on 10/4/2017



Lost among all the recent news about data vulnerability — last month’s Equifax credit report breach, last year’s Yahoo password hack, or the Whole Foods payment card breach reported just the other day — are three new government cybersecurity programs. The FTC’s “Start With Security” initiative, New York State’s Department of Financial Services regulations, and the US Department of Defense’s DFARS (Defense Federal Acquisition Regulation Supplement) orders have all gone into effect this year. But each program could represent the future of the cybersecurity landscape.



First, the Federal Trade Commission (FTC) kicked off its push for cybersecurity best practices in September, focusing on how sensitive data is collected and protected. In addition to encouraging companies not to collect data it might be required by compliance regulations to encrypt or protect, “Start With Security” also emphasizes what it calls a company’s #1 threat for data breach compromise:

READ MORE.

Click here for Free Assessment


VIDEO: The Evolution of the Computer Virus


Posted on 9/27/2017



In May 2017, the WannaCry ransomware attack infected more than 230,000 computers in 150 countries, encrypting data, demanding Bitcoin ransom for its return, and disabling computer systems at the United Kingdom’s National Health Service, Spain’s biggest telecommunications provider, Russian banks, and much more.

READ MORE.

Click here for Free Assessment


Equifax Breach - Now what?


Posted on 9/13/2017



4 Important Security Steps to Take in the Wake of the Massive Equifax Breach.


Last week, Equifax, one of the three largest consumer credit reporting agencies in the United States, reported that a massive data breach exposed the Social Security numbers, driver’s license numbers, and other private information of more than 143 million US residents.

Hackers were apparently able to access the company’s files for two months this summer, exploiting a vulnerability in Equifax’s website between May and July. Equifax reported that it discovered the data compromise on July 29th and in the ensuing six weeks has uncovered no further evidence of illicit access to its consumer and commercial credit reporting databases.

In addition to the hacked Social Security numbers and driver’s license numbers, cybercriminals reportedly accessed birthdays, credit card numbers, and addresses for more than 200,000 users, while documents used in disputes that contained personal information were lifted from more than 175,000 more users. Data on British and Canadian residents was also compromised.

How bad is the Equifax breach?
Nowhere near as widespread as Yahoo’s hack, which in total affected nearly one billion accounts. But the scope of the Equifax breach as it pertains to such important information is much wider and potentially more troublesome — the company houses data on more than 820 million consumers and 91 million businesses worldwide and manages a database with employee information from more than 7,100 employers. “This is about as bad as it gets,” Pamela Dixon, executive director of the World Privacy Forum, a nonprofit research group, told The New York Times. “If you have a credit report, the chances are better than 50% you may be in this breach.”

Finding out whether you were affected hasn’t been easy.
Equifax set up a website to help consumers determine whether their data was at risk, but the site asks customers to enter their last name and the last six digits of their Social Security number, a risky proposition given the current cybersecurity landscape. If you do, however, you may not receive a concrete confirmation about whether your data was affected. Instead, the site provides an enrollment date for a free year of identity protection service, which can be inadequate both in the days until the service starts and after the year is up, when any compromised data can still be sold on the black market.

So what should you do next? READ MORE.

Click here for Free Assessment


Bit Paymer Ransomware Hits Scottish Hospitals


Posted on 9/6/2017



BitPaymer Ransomware.


The Bit Paymer ransomware — sometimes also spelled as Bitpaymer — first came to Bleeping Computer's attention on July 11, when security researcher Michael Gillespie tweeted a link to a sample uploaded on VirusTotal, a web-based file scanning service.

Unlike most ransomware we see today, Bit Paymer is well coded and appears to be the work of experienced programmers.

An Emsisoft security researcher who goes online by the pseudonym of xXToffeeXx‏ believes the ransomware is installed after attackers performed brute-force attacks on exposed RDP endpoints.

After gaining access to one system, attackers move laterally on the breached network and install Bit Paymer manually on each compromised system.

The ransom note instructs victims to connect to a Tor-based portal where victims can pay to recover their files.

The interesting thing about Bitpaymer is that they are specifically targeting companies.

Bit Paymer should not be confused with the Defray ransomware, which Proofpoint researchers discovered last week targeting healthcare organizations. According to a Proofpoint report, Defray is spread via email spam, not RDP brute-force attacks. READ MORE.

Click here for Free Assessment


Feeling Hopelessly Behind after a long Holiday Weekend? Here are 5 ways to boost productivity


Posted on 9/6/2017



Feeling Hopelessly Behind after a long Holiday Weekend? Here are 5 ways to boost productivity.




For many of us, September 5th is a day to return to work energized after the Labor Day weekend. The kids are back in school, fall is right around the corner, and we feel confident about our ability to tackle the new week’s obstacles — only to be confronted by an inbox bursting at its seams with unread emails. As the “new message” pings add up, your ability to be productive decreases, until an hour into the day you throw in the towel, let the cascade of messages wash over you, and turn your attention to what seem like more pressing issues like the ongoing recovery from Hurricane Harvey’s devastation, or the Category 5 threat coming from Hurricane Irma, which could threaten the entire Eastern Seaboard later this week.

There is a way to fight such an overwhelming feeling, however: by taking control of email instead of letting email control you. Whether your goal is getting to Inbox Zero, implementing an organized folder structure, or only responding to the emails that require immediate attention, creating a plan of action is the best way to fight the post-holiday weekend blues.

CMIT Solutions collected five of our favorite productivity-boosting, efficiency-enhancing strategies to get you on the right track this week: READ MORE.

Click here for Free Assessment


Hurricane Harvey’s Devastation Highlights the Critical Need for Disaster Preparation and Safe Damage Assessment


Posted on 8/30/2017



Hurricane Harvey’s Devastation Highlights the Critical Need for Disaster Preparation and Safe Damage Assessment.




Hurricane Harvey slammed into the Texas coast last Friday night as a Category 4 storm with winds in excess of 130 mph. By Sunday, Harvey’s path of destruction spread inland, claiming at least five lives and flooding the Houston metropolitan area with record-breaking rainfall — in some areas, more than 30 inches and counting. That’s because Harvey, now downgraded to a tropical storm, stalled, exiting back into the Gulf of Mexico while still inundating the area with rain.

Thousands of search and rescue operations are still in progress, meaning it might take weeks or even months until a full assessment of economic damage can be taken. But all indications point to Hurricane Harvey delivering an enormous blow to the 4th-largest city in the United States, with thousands of homes and businesses destroyed and lingering effects for months and years to come.

Below, CMIT Solutions has compiled two critical checklists: one to follow for anyone feeling the effects of Harvey who plans to assess flood damage to an office or IT equipment, and one for those who might be unaffected at this moment but hope to plan more effectively for natural disasters in the future.

Why is such a list necessary? Because more than 2/3rds of American small businesses still don’t have a written disaster recovery plan. That’s according to the Small Business Indicator, a survey of 502 companies conducted in 2016 by Harris Poll. Other findings from the poll? 21% of small business owners say disaster preparedness isn’t a high priority, but 22% say they’ve already been impacted by a natural disaster.

First, the critical checklist for anyone dealing with the effects of flooding from Hurricane Harvey:

1) If any equipment has been waterlogged, do not turn it on.

This can cause short circuits and electrical fires, compounding problems and possibly leading to further loss of property or even life. Even in offices that weren’t completely flooded, power outages can be serious culprits— when air-conditioning or dehumidifying units go down for days at a time, small amounts of moisture can build up in computers, servers, and other IT equipment.

2) Work with a trusted IT provider to safely assess and test any electronic devices.

This is an intricate process that requires the utmost level of security and safety: moving all devices out of the affected location to a dry and clean area; wearing grounded shoes, suits, and eye protection; plugging in each device one at a time and allowing 24 hours for full boot-up, diagnostic, and regular operations; and restoring equipment to its original place. Do not attempt this step without the direct assistance of a trusted IT provider — it may seem like overkill, but office fires can occur several days after severe weather due to waterlogged equipment, even in a location that was otherwise unaffected by flooding.

3) If a hard drive containing critical data is affected by water damage, keep it wet in distilled water or with a wet paper towel in a Ziploc bag — especially if it was in saltwater.

When saltwater dries, it can leave serious deposits on electronics that are very difficult to remove.

Anyone affected by Hurricane Harvey (or any other natural disaster) should be aware that equipment can be destroyed by more than just floodwaters. Power outages, moisture, mold, and other environmental issues can create unsafe operating conditions, even after the worst of the storm has passed and even if devastating floods are avoided.

SECOND, THE GENERAL CHECKLIST FOR FUTURE DISASTER PREPAREDNESS:

1) Implement off-site, redundant, and encrypted data backups.

Most business data backups are completed on-site — often on drives located directly next to the computers they’re backing up. If fire, flood, or theft affects your business, you can’t expect those backups to survive. Having an employee take home data backups at the end of each workday isn’t an effective strategy either — fire, flood, and theft can strike vehicles just as easily.

2) Formulate a disaster recovery and business continuity plan.

Many business owners think that, even if a disaster strikes, they’ll only be affected for a few days. This is one of the most indirectly harmful assumptions one can make — disaster relief experts expect Houston and surrounding cities (and the 6.5 million people who live in them) to be dealing with the effects of Harvey for months and even years to come. An estimated 25% of all businesses struck by natural disasters never reopen their doors — having a disaster recovery and business continuity plan in place before rain starts to fall or floodwaters start to rise is the crucial first step to long-term success.

3) Create (and test!) a virtualization strategy before disaster strikes.

The best disaster preparedness plans include virtualization, which takes the data you have backed up remotely and rebuilds it on existing or backup equipment in the event of a hurricane, fire, flood, or other catastrophe. But if you haven’t tested your solution in a best-case scenario to see how quickly it can retrieve information and get daily operations back up and running, things probably won’t go well when faced with the worst-case scenario. Elite backup and disaster recovery offerings can perform a full restore in less than 48 hours — and those hours can mean the difference between weathering a storm and succumbing to it.

CMIT Solutions is committed to helping our clients survive and thrive in the face of natural disasters. Our nationwide network of more than 170 offices and 800 technical staff members mobilized last week in the face of Hurricane Harvey to help both CMIT franchisees in Texas and their clients prepare for and then address the aftermath of the storm, offering remote support capabilities, on-site damage assessment, and a level of service unmatched by anyone in the IT industry. Contact CMIT Solutions today to find out more about how we worry about your IT no matter what the challenge. READ MORE.

Click here for Free Assessment


Phishing is Still the Top Threat Faced by Organizations


Posted on 8/30/2017



Phishing is Still the Top Threat Faced by Organizations.




The new 2017 SANS Threat Landscape survey from the well-known research and education specialist finds that security professionals rate phishing at 72 percent, spyware at 50 percent, ransomware at 49 percent, and Trojans at 47 percent as being the top threats today. We strongly recommend you download the whole study and read it top to bottom. There is also an on-demand webcast you should watch.

READ MORE.

Click here for Free Assessment


5 Characteristics of a Great IT Provider


Posted on 8/30/2017



Considering a New IT Provider? Consider These 5 Recommendations.


Many of us know the feeling: a computer or laptop crashes, bringing productivity to a standstill. If you’re lucky, you have a tech-savvy friend or hard-working employee who will go the extra mile to try to keep systems in working order. Or maybe you know an IT professional who is available to diagnose problems and resolve major issues.

The problem, though, is that when you REALLY need assistance — 4:00 PM on a Friday with a big deadline looming, say, or 8:00 AM on Monday when your inbox is full of important messages — that person may not be available to immediately react to your request for service. What then? Now you and your employees aren’t able to work while downtime affects productivity and decreases revenue.

Say you run a medical office with 20 employees that have an average salary of $50,000, an average yearly workload of 2,000 hours, and an average hourly rate of $25. Say your network is down for four hours and you can’t access email, software, or client records while you wait for IT help. Assuming that productivity is cut in half, if you multiply two hours of downtime at $25 an hour by 20 employees, you just paid your employees $1,000 to not perform their job duties. Add in the cost of that IT professional and it’s safe to say that your business is truly suffering.

If you’ve realized that it’s time to find a new IT provider, you’ve made an important step toward steadier operations and enhanced efficiency. But how do you protect your business while bringing on a new partner? How do you know if this new IT provider will maintain day-to-day operations and empower your employees to remain productive while the switch is happening? Maybe it’s better to stick with the lackluster support you know than risk everything on a fresh start.

But here’s the catch: in the long run, proactive IT services cost far less than reactive or break/fix services. Now, that doesn’t mean switching to a new IT provider isn’t stressful. You don’t just wake up one day and decide to switch your lawyer or your accountant — your IT provider should engender the same level of trust. If you’re considering a new partner, consider these 5 things:

READ MORE.

Click here for Free Assessment


What Does the Game of Thrones Hack Mean For the Average Business?


Posted on8/10/2017



What Does the Game of Thrones Hack Mean For the Average Business?


Two weeks ago, unidentified hackers accessed 1.5 terabytes of data from cable channel HBO, including scripts and a full episode of the wildly popular show Game of Thrones. Last week, Distributor Star India was forced to admit the cyberattack originated from their servers, releasing a statement that said, “We take this breach very seriously and have immediately initiated forensic investigations at our and the technology partner’s end to swiftly determine the cause.”

The most interesting quote, however, came from HBO CEO Richard Plepler in the immediate wake of the cyberattack: “The problem before us is unfortunately all too familiar in the world we now find ourselves a part of.” So even if you don’t watch Game of Thrones, don’t subscribe to HBO, or don’t think your personal or business information is of the same value to hackers as that of an international hit TV series, you could still be at risk

Click here for Free Assessment

READ MORE.

Outsourced IT


Posted on8/4/2017



Outsourced IT? that's a buzzword.


We prefer to think of ourselves as collaborative IT - but nobody searches for that term. We're collaborative because we serve as an extension of your team. Your goals are our goals. We want to keep your technology working at its peak efficiency so it serves you, empowers you, and makes your day.

So what do we do? You name it. If it beeps or blinks, we manage it. If you can't afford to lose it, we protect it. If you can't decide which ap to use, we'll find the right one. If you don't want to manage a heard of vendors, let us do it.

We can serve as both the CIO and CTO for your company. We can keep technology running at peak efficiency adn hewlp you leverage the advantages that outsourced support can bring to your organization.

Click here for Free Assessment


For more more information, contact:

Pete Groman
Client Engagement Manager
CMIT Solutions Fort Worth
pete@namorgy.com
817-332-2648 opt 2
https://cmitfortworth.com
#CyberSecurity #CMITFortWorth #ISpeakGeekDOTBIZ #cmitfortworthdt @cmitfortworthdt

CMIT's GOT YOUR BACK


Posted on8/3/2017



CMIT’S GOT YOUR BACK.


CMIT Solutions serves as Mission Control for our clients and their systems. Our nationwide network employs:

⊕ Hundreds of level-one technicians
⊕ An advanced Network Operations Center
⊕ A strategic Special Projects Staff
⊕ And a 24/7 End-User Help Desk that serves as the human intelligence behind our IT support


If it beeps or blinks, we fix it — and usually before you even know there’s a problem. We take a proactive as opposed to reactive approach to IT support. What does that mean?

⊕ We don’t wait around for problems to occur
⊕ We monitor and maintain our clients’ systems 24 hours a day, 7 days a week
⊕ We alleviate technology pain before it sets in
⊕ We don’t waste your time fixing things after business has been interrupted
⊕ We protect your data, we secure your network, and we empower your employees to be more productive


If you’ve ever been left hanging by unresolved technology issues — or you feel like no one’s got your back — reach out to CMIT Solutions today by filling out this form.

A knowledgeable IT expert will be in touch shortly with the kind of trusted advice that most companies can only dream of.

We’d be honored to earn your trust and demonstrate to you why our team is the most proven Mission Control in the IT business. No other company provides our level of local service backed by strong nationwide support.

No other IT company is able to provide what CMIT does for our clients each and every day: Prompt, friendly and knowledgeable service on a local level, backed by a nationwide network of over 800 technology experts and technicians. Fill out the form below and we will send you a white paper: “How Proactive, Preventative Monitoring Can Enhance Your Business”

Click here for Free Assessment

READ MORE.

5 Ways to Combat a Slow-Moving Desktop


Posted on 8/1/2017



Is Your Computer Running Slow? 5 Reasons Why And 5 Ways to Combat a Slow-Moving Desktop or Lethargic Laptop.


Today’s digital world requires us all to be expert multi-taskers. Over the course of an average business day, we might bounce between different operating systems, software applications, and workflows, all of which require a standard of expertise and a powerful memory (both inside our computers and inside our brains).

Even though we train ourselves to plow through our to-do list, though, that doesn’t always mean our devices can keep up. One of the complaints heard most often in modern office environments is, “My computer can’t keep up with me!” Which might sound like a pointless protest, until you realize just how much time and money a business can lose due to increased inefficiency.

So what can you do to avoid such a pitfall and increase the performance of your company’s devices?

First things first, don’t panic. Slow-moving desktops and lethargic laptops are more normal than you think — unless you’ve set up a new computer at some point in the past few months, chances are you’re actually using one right now. But that sluggishness can be caused due to normal activity, as well: running multiple programs, browsing the Internet, and slowly accumulating data on your hard drive.

Below, we’ve included five of the most common problems that can cause your computer to lag, followed by five strategies for battling those problems so that your preferred device can keep pace with your work ethic.

READ MORE.

10 best MS Outlook tips


Posted on 7/28/2017



Enhance Your Microsoft Outlook Experience with These 10 Tips & Tricks.


The way the modern office operates has changed significantly in the last few years, but one thing remains the same: email represents the lifeblood of communication. It doesn’t matter how far you travel or how much time you spend on the road — keeping up with your inbox is a necessity, not a luxury.

Microsoft Outlook, the industry standard for business email, comes with several built-in tools to make remote communication, inbox organization, and streamlined sharing easier. As they should — Microsoft estimates that more than a half a billion people currently use the company’s flagship email program.

But that doesn’t mean Outlook is always a breeze, which is where this week’s QuickTip comes in. Below, we’ve identified 10 of our favorite tips and tricks to maximize productivity and enhance the efficient use of the popular program

READ MORE.

Recent World Wrestling Entertainment Data Breach Highlights the Need for Enhanced Cybersecurity


Posted on 7/28/2017



Earlier this month, another data breach announcement reared its ugly head, and this time it came from an unlikely source — the World Wrestling Entertainment (WWE). According to experts, the breach exposed the private information (birthdates, earnings, ethnicity, gender, and email addresses, among other things) of more than three million users thanks to two open and publicly accessible Amazon Web Services (AWS) “buckets,” or servers that the WWE used to store data..


The most striking aspect of the story, however, wasn’t that the data breach occurred: it was that Amazon quickly announced it was not responsible for the hack. That’s because Amazon offers several options for securing information through its Web Services Shared Responsibility Model. But customers are required to take advantage of those options, providing a great example of how a cloud provider is not an IT manager or cybersecurity expert.

But proper cybersecurity measures and data compliance processes could have prevented the embarrassing and costly breach before it happened. In this day and age, it’s not a matter of if but when in regards to cyberattacks, malware and ransomware attempts, and data hacks. And where small to medium-sized businesses may have once been immune to the kind of breaches that have stricken large enterprises like the WWE, the new cybersecurity normal requires a comprehensive strategy that devotes resources to advance prevention and proactive monitoring.

READ MORE.

Ransomware 6 Reasons Why you Need to Protect your Business


Posted on 7/18/2017



3 WAYS TO PROTECT YOURSELF FROM RANSOMWARE



Basic security protocols will keep you protected, but only up to a point — and ransomware architects are constantly working to sneak their handiwork past any and all systems working to stop it. But with stronger defenses like proactive monitoring, Internet traffic analysis, and content filtering, preventing ransomware while keeping your data safe and accessible is possible.

We recommend three basic steps to help keep your business safe from Ransomware attacks:

READ MORE.

4 Crucial Disaster Recovery Tips


Posted on 7/18/2017



Our thoughts and prayers go out to our clients and everyone in the Caribbean and the Southeast who has been impacted by Hurricane Matthew. If you have felt the effects of this Category 3 storm’s winds, rains, and floods, check out the critical tips below to assist with recovery once the storm passes.



This time of year, concerns about remote backup, disaster recovery, and business continuity become far more critical. Numerous studies indicate that catastrophic data loss is one of the most detrimental events that can occur to a business. The Small Business Administration estimates that nearly three-quarters of business owners don’t have a disaster recovery plan, while more than 80% don’t have natural disaster insurance and 70% don’t have access to a back-up generator.

Just as striking, 25 – 45% of businesses don’t open at all after a disaster — and 70% that suffer data loss go out of business within two years. Business surveys indicate that 95% of PCs are not adequately backed up, too. With Hurricane Matthew expected to be one of the costliest natural disasters in US history, we’ve prepared the following four tips to get you back on track...

READ MORE.

Video QuickTip — How to Spot a Phishing Attack


Posted on 7/10/2017



In these email-dominated days, phishing attempts are a fact of life. More than half of all users who receive these fraudulent messages end up opening such emails — and many even fall for the scam.



READ MORE.

How to Avoid a Ransomware Attack


Posted on 7/10/2017



Another Week, Another Ransomware Attack — Here’s How to Avoid it and Keep Your Data Safe.


Last week, less than a month after the WannaCry ransomware attack infected more than 250,000 computers in 150 countries, security experts announced new revelations about a new attack, which originated in the Ukraine and spread to Russia, Poland, Italy, Germany, France, Spain, and the United States, along with nearly 60 other countries.

This attack began with a specific target: 12,500 machines running older versions of Microsoft Windows and software owned by M.E.Doc, a tax-accounting company based in Ukraine. Several private companies, including the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, and TNT Express, a global subsidiary of FedEx, were subsequently struck with a message featuring red text on a black screen: “Oops, your important files have been encrypted. If you see this text then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking to recover your files but don’t waste your time.”

Here’s what we suggest to keep your business safe:

READ MORE

Ransomware Now Hits Linux - Web Hosting Provider Pays a Million


Posted on 7/3/2017



Ransomware Now Hits Linux - Web Hosting Provider Pays a Million.


Courtesy of KnowBe4 CyberheistNews

South Korean web hosting company Nayana agreed to pay a whopping 1 million in Bitcoin after a ransomware attack hit their 153 Linux servers.

The attack took place June 10 and resulted in over 3,400 business websites the company hosts being encrypted. According to the Nayana’s initial announcement, the attacker demanded 550 Bitcoins to decrypt the infected files. Following a few days of negotiations, they lowered the ransom demand to 397.6 Bitcoins (around a Mil at the time but the rates are volatile).

READ MORE

Petya is not Ransomeware, it is worse..


Posted on 7/3/2017



Another Week, Another Ransomware Attack — Here’s How to Avoid it and Keep Your Data Safe .


Last week, less than a month after the WannaCry ransomware attack infected more than 250,000 computers in 150 countries, security experts announced new revelations about a new attack, which originated in the Ukraine and spread to Russia, Poland, Italy, Germany, France, Spain, and the United States, along with nearly 60 other countries.

This attack began with a specific target: 12,500 machines running older versions of Microsoft Windows and software owned by M.E.Doc, a tax-accounting company based in Ukraine. Several private companies, including the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, and TNT Express, a global subsidiary of FedEx, were subsequently struck with a message featuring red text on a black screen: “Oops, your important files have been encrypted. If you see this text then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking to recover your files but don’t waste your time.”

READ MORE

New Twist on Tax Preparer Phishing Scam


Posted on 7/3/2017



New Twist on Tax Preparer Phishing Attempt Highlights Need for Heightened Online Security.


On June 23rd, the IRS released information from its latest Security Summit, highlighting the fact that cybercriminals and hackers are again targeting tax professionals. This attack is similar to past scams, arriving in the form of a phishing email that tries to steal important information. The difference, however, is that these emails look like they come from a real tax software education provider requesting preparer information that could then be used by thieves to pilfer client data and file fraudulent tax returns.

In a security bulletin, the IRS reiterated the fact that legitimate businesses and organizations should never ask for usernames, passwords, or sensitive data via email. Although hackers are phishing for specific tax professional information like Electronic Filing Information Numbers (EFIN), Preparer Tax Identification Numbers (PTIN), and Centralized Authorization File (CAF) numbers, the bigger lessons learned from this recent attack are broadly applicable as well.

Tax preparers are targeted for a simple reason: if an accountant works on 500 sets of taxes each year, that’s 500 opportunities to steal somebody’s identity. But whether you’re a CPA, a lawyer, a doctor, or a banker, or any worker in any industry, one thing is constant: if your company houses confidential data, your systems are at risk.

READ MORE

DMV Warns Drivers About Traffic Ticket Phishing


Posted on DATE AND TIME HERE



DMV Warns Drivers About Traffic Ticket Phishing.


Online reporter Doug Olenick at SC Media was the first to point to a press release from the NY State Department of Motor Vehicles warning about a phishing scam where New York drivers are being targeted, stating they have 48 hours to pay a fine or have their driver's license revoked. This may happen in your state as well, so this is your heads-up.

The NY DMV alerted motorists that the scam is just bait to entice them to click on a “payment” link that will in turn infect their workstation with malware. The DMV does not know how many people have been affected, but Owen McShane, director of investigations at New York State DMV, said calls came in from New York City, Albany and Syracuse.

READ MORE

10 Tips to Mastering Microsoft Excel


Posted on 6/16/2017



Make Yourself a Microsoft Excel Master with These 10 Tips & Tricks.


In today’s fast-paced digital age, it’s almost required that we work more efficiently while utilizing technology to solve complicated problems. And no computer program does a better job of that than Microsoft Excel.

First introduced in the mid 1980s, many business experts consider Excel one of the greatest pieces of software ever developed — in 2013, PCMag called it “the first and only choice for manipulating numeric data.” And with huge chunks of the modern digital economy now reliant on the program, mastering its intricacies is a surefire way to boost productivity, enhance efficiency, and impress co-workers and employees.

Given its prominence in the software world, there are countless ways to turbocharge your Microsoft Excel experience, some of which are baked directly into the program’s interface and some of which are available as add-ins and plug-ins.

And since nobody ever said Excel was easy, we’ve collected our favorite strategies for improved performance...

READ MORE

5 Tips to Draft the Perfect Out of Office Email


Posted on 6/7/2017



With Summer In Full Swing, Get Your Vacation Autoresponder Squared Away




The official beginning of summer is still two weeks away, but with Memorial Day in the rearview mirror and most schools finished up for the season, summer is informally in full swing. Many families are planning their first extended vacations, getaways, and road trips of the year, which means that vacation autoresponses will start filling up our inboxes soon.

This tool is a must for any regular email user — and these days, who isn’t? But there are right ways to let everyone know you’re unavailable and wrong ways to rub your epic summer adventure in everyone’s faces. So before the season officially starts on June 21st, follow these 5 crucial tips to strike the right out of office note this month.

READ MORE

BEWARE: Cyber Insurance Does Not Pay out for Human Error


Posted on 5/30/2017



CyberheistNews




The WanaCry ransomworm has caused insurance companies really to take notice. Customers have started to file damage claims, however it is a bit early to see the insurance industry's full exposure to this recent malware pandemic. For insurers, the main threat regarding WanaCry is not about any one individual company that gets infected but rather as an aggregated risk.

The estimated total financial damage caused by WanaCry in just the initial 4 days would exceed a billion dollars, looking at the massive downtime caused for large organizations worldwide.

Cyber-security policies are a fast-growing new insurance market, pundits predict 5 billion in premiums by 2020. Organizations buy policies so that in the event of a data breach or ransomware infection they can file a claim and get help to recover costs and remediate damage.

Three Things to Be Aware of in the Fine Print..

READ MORE

NSA Leak Round 2


Posted on 5/30/2017



Another virus now leveraging leaked NSA tools to infect your PC.


One of Dell's Threats Research teams has reported finding a new variant of cryptocurrency miner "Adylkuzz" that is spreading quickly using leaked NSA tools.

Like this month's famous "WannaCry" outbreak, this attack makes use of leaked NSA hacking tools and leverages a patched vulnerability in Microsoft Windows networking.

READ MORE

DocuSign Breach leads to Phishing Outbreak


Posted on 5/30/2017



DocuSign has admitted they were the victim of a data breach. This breach has led to an outbreak of phishing attacks specifically targeting DocuSign customers.


The breach was discovered on May 9, 15, and 17 as customers were being targeted with phishing campaigns. DocuSign is now advising customers delete emails with specific subject lines...

READ MORE

6 Ways to Protect Your Network and Data


Posted on 5/22/2017



6 Ways to Protect Your Data, Your Devices, and Your Digital Identity

In the wake of last week’s massive global ransomware attack, a lot of people are asking similar questions: how can I protect myself from such an incident? And how I can enhance the security of my data and my digital identity? No question is more critical, especially with more than 200,000 computers infected by the WannaCry malware variant in 150 countries..



The answer is both more straightforward and more complex than expected. First, the hard truth: no single security practice or strategy can provide comprehensive protection. That’s why a multi-tiered approach to security is necessary, with different IT solutions like proactive maintenance and monitoring, password management, data encryption, automatic backup, and online common sense must work together to weave a tapestry of components that, taken together, can provide strong security.

Below, CMIT Solutions has collected 6 of our top strategies for protecting your data and your digital identity. Some can be implemented immediately, and some are best deployed with strategic help from a trusted IT provider. But all can work together to keep you a little safer today than you were yesterday, which is so important in the ever-changing Internet-driven world.

READ MORE

WannaCry Cyber Attack - Everything You Need to Know


Posted on 5/17/2017



As the WannaCry Ransomware Cyber-Attack Spreads Across the Globe, What Do You Need to Do to Protect Your Computers?.


The most extensive ransomware attack in history spread around the globe over the weekend. Utilizing a Microsoft Windows vulnerability and the malicious software meant to exploit it, unidentified hackers used tools first revealed in April after classified information was stolen from the National Security Agency. Within hours, the cyberattack made front-page news around the world, inflicting damage across a wide range of industries, systems, and countries.

By Tuesday morning, security experts estimated that more than 200,000 computers in 150 countries had been struck by the bold worldwide blackmail attempt. Employees of Britain’s public health service were locked out of computers, systems inside Russia’s highly secure Interior Ministry were afflicted, German train passengers were confronted with ransomware messages at stations across the country, universities in China were attacked, and data was held hostage in Australia, Turkey, India, Italy, Taiwan, the Philippines, Japan, Mexico, and more. Estimates of the economic impact are still being tabulated, but they could easily run into the tens of billions of dollars.

Initial reports suspected that this attack followed standard ransomware procedures: an infected ZIP file is sent via phishing email to an untold number of computer users. When those users inadvertently click on the malicious file, illicit ransomware is quickly installed on the computer. Because the file arrives in an encrypted format, many security systems are not able to immediately detect the problem, allowing the ransomware to quickly spread across any connected drives or networks.

The WannaCry ransomware is different than most cyberattacks

READ MORE

New Ransomware Crypto virus WANNACRY outbreak growing fast


Posted on 5/15/2017



The WANNACRY RANSOMWARE ATTACK has quickly become the worst digital disaster to strike the internet in years, crippling transportation and hospitals globally.


A ransomware attack that began in Europe on Friday is lingering — and hitting new targets in Japan and China. The WannaCry software has locked thousands of computers in more than 150 countries. Users are confronted with a screen demanding a $300 payment to restore their files. The ransomware has shut down life-saving equipment in hospitals and paralyzed trains, ATMs, and subway systems

Windows-powered PCs that aren't running updated software that protect from this vulnerability are the most at risk. WannaCry appears to travel across corporate networks, spreading quickly through file-sharing systems.

So far there doesn't appear to be a way to fix WannaCry. The identity of whoever deployed the software remains unknown.

READ MORE

10 Best Microsoft Outlook Tips and Tricks


Posted on 5/12/2017



Want to Give Your Inbox a Boost? Implement These Smart Microsoft Outlook Strategies.


Although the manner and method of modern office work has changed dramatically in the last few years, one thing remains constant: email represents the lifeblood of communication. No matter how far you have to travel or how much time you spend in the field, keeping up with your inbox is a must, not a maybe.

Luckily, Microsoft Outlook, the industry standard for business email, contains several built-in tools to make remote communication, inbox organization, and streamlined calendar sharing stronger. That makes sense — firm numbers are hard to come by, but Microsoft estimates that more than 500 million people currently use their flagship email program.

But that doesn’t mean Outlook is always a breeze —that’s where this week’s QuickTip comes in. Below, we’ve identified 10 of our favorite Microsoft Outlook tips and tricks to maximize productivity and streamline your use of the popular program.

READ MORE

When your anti-virus IS the hole in your security


Posted on 5/12/2017



Last week a serious bug with the anti-virus software "Windows Defender" was discovered which could compromise your machine simply by receiving a coded email – without you even having to open it.


Natalie Silvanovich and Tavis Ormandy of Google Project Zero found the fatal flaw and reported it to microsoft last week.

READ MORE

Preventing A Data Breach At Your Company With Monitoring And Security Awareness Training


Posted on 5/12/2017



Cyber security is a complex problem. "Set it and forget it" security barriers like corporate forewalls alone are no longer sufficient to protect your network. Despite expensive security safeguards, the weak link remains the end user. Once user click can kill your network. Recent surveys show that executives can be some of the biggest culprits when it comes to clicking on phishing links and opening malicious email attachments.



The threats are coming:



Social engineering:

Social engineering threats are highly effective. Studies show that approximately one quarter of all recipients will open phishing emails, often within minutes of receiving them. Types of social engineering threats:

Phishing: A social engineering tactic involving the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

Spear-phishing: A thoroughly researched phishing attempt against a specific target company.

Executive Whaling: A type of spear-phishing that targets high-profile end users such as C-level corporate executives, politicians and celebrities. Whaling emails and websites are highly customized and personalized, often incorporating the target's name, job title or other relevant information gleaned from a variety of sources.

CEO Fraud: The latest in a new generation of cyber-attacks involving impersonation of senior company officials, using social engineering to coerce employees to transfer company money under the auspice of a legitimate business purpose.


Malware:

Malware is software that is intended to damage or disable computers and computer systems. Computer viruses are a type of Malware.

The most prevalent form of virus today is the Ransome-ware attack. Ransom-ware is a type of malicious software designed to block access to a computer's data until a sum of money is paid. Once the ransom is paid, the attacker often will not release the data, leaving the target now both broke and without their data. Ransome-ware can affect not only computers, but also servers and cloud-based file-sharing systems, going into nightly backups as well. The main issue with ransome-ware is that even once the infection itself is cleaned up, all of your important files and business data will remain scrambled with virtually unbreakable encryption.

READ MORE

Google Docs Phishing Scam


Posted on 5/6/2017



Hackers Go Phishing with Widespread Google Docs Scam
If You Were Affected, Here are the Actions You Can Take Now.



On Wednesday, a fresh email scam swept through millions of inboxes: millions of Gmail users received a message suggesting that a friend or colleague had shared a Google Doc with them.

Early reports indicated that the scheme was geared toward journalists, with up to 150 illicit messages being sent per minute; Google eventually reported that up to 0.1% of its one billion active accounts were affected. The email, which appeared to be addressed to an address like hhhhhhhhhhhhh@mailinator.com with specific addresses listed under BCC, tricked users into thinking a real document had been shared with them and asking for them to click on an “Open in Docs” button. That led to a page that asked for permission to access a user’s Google Drive and contact list — another click would then lead to the fake email being sent out to everyone in the affected person’s address book.

If you fell for the scam, don’t worry — the damage was quickly mitigated, as Google disabled accounts connected to the offending email and stemmed the phishing tide within one hour. Google released the following statement:

READ MORE

Dangerous Weather Highlights the Need for Strong Backup and Disaster Recovery Procedures


Posted on 5/2/2017 at 10:00 PM



Dangerous Weather Highlights the Need for Strong Backup and Disaster Recovery Procedures.


They say April showers bring May flowers, but last week’s severe weather delivered far bigger problems to the Southeast and Mid-Atlantic. A low-pressure system tracked up the Eastern Seaboard dumped much-needed rain on the drought-stricken region. But water rescues in Charleston, sewer overflows in Columbia, flash flooding in the Western North Carolina mountains, and mudslides in Virginia — not to mention the loss of power for more than 65,000 residents — proved disastrous. Forecasters warn of a heightened risk of tornados in Kansas, Oklahoma, Texas, and Arkansas.

How does this recent severe weather impact your business’ use of technology? In quite a few ways, actually. Here are five takeaways that CMIT Solutions has gleaned from such widespread impacts:

READ MORE

How Secure is Your Data in the Cloud?


Posted on 5/1/2017 at 10:40 PM



How Secure is Your Data in the Cloud?


What exactly is the cloud and what happens when we send our data "up there"?

Is that data secure?

Who has access to my files?

What happens if that cloud provider goes down?

At CMIT Solutions we demystify the cloud and deliver real-world solutions that are secure, reliable and meet the needs and requirements for your business.

READ MORE

Microsoft's Bad Patch Release


Posted on 4/23/2017 at 7:00 PM



Bad Patch Results in Blue Screen of Death


Microsoft's April Cumulative Update is causing installs to fail and the target devices to blue screen, leaving users with inoperable devices.

What steps should you take when you find out a patch is harmful? Are you able to quarantine a patch before it causes disaster and disrupts business?

READ MORE

Microsoft Word Exploit Used to Spread Malware


Posted on 4/17/2017 at 11:26 AM



Microsoft Word Exploit Used to Stealthily Install Malware on Users’ Computers


If you assumed that today's cyberthreat risk had gone down, think again: security experts revealed last week that hackers have figured out a way to exploit a previously undisclosed vulnerability in Microsoft Word. This allows malware to be surreptitiously installed, even on computers and networks that users thought were protected.

READ MORE

Proof: Yes MACs Catch Viruses - And Nasty Ones Too


Posted on 4/12/2017 at 09:26 PM



New malware affects MAC; Undetectable by anti-virus; Past Apple’s security using genuine certification from Apple


It has long been a commonly held myth that MAC computers are invulnerable to viruses. This is extremely dangerous to MAC users, creating a false sense of security.

READ MORE

Millions of Unpatched Systems Hacked. Are you one?


Posted on 4/12/2017 at 12:01 AM



Unpatched Microsoft exploit targets millions.


A new virus uses an unpatched flaw in MS Word to install the a banking trojan called Dridex. While Dridex isnt new, this method of infecting a PC with Dridex is new. Unpatched systems are vulnerable.

The Dridex trojan can steal your bank account login and make changes in your bank account

READ MORE

Mystified by Track Changes? These 5 Tips Will Have You Editing and Collaborating in Microsoft Word like a Pro


Posted on 4/7/2017 3:50 PM



“Just turn on Track Changes.” If those words have ever struck fear in your heart and wreaked havoc on your to-do list, don’t worry — we know the feeling. Yes, Microsoft Word is the industry standard when it comes to word processing. And yes, Track Changes is the most popular collaborative tool out there. But that doesn’t mean editing and tracking is easy with this long-standing Word plug-in.


READ MORE

Fresh IT Strategies - The Human Firewall


Posted on April 7, 2017 at 03:05 PM



IT security experts have revealed a sharp increase in so-called “fileless” malware — device and network infections that are not readily apparent since they’re embedded directly into a computer’s actual memory.


These malicious agents can quietly infiltrate data for months or even years, as more than 140 companies in 40 different countries have learned over the last two years.

Researchers at Russia’s Kaspersky Lab first identified...
READ MORE

Phishing Scams Proliferate Again with Tax Day Right Around the Corner


Posted on April 4, 2017 at 11:15 PM



With tax day right around the corner, the targeting of payroll professionals, human resources executives, and tax preparers is again proliferating.


READ MORE

The 3 P’s of Cybersecurity — How to Put These Basic Fundamentals to Work for Your Business


Posted on April 4, 2017 at 11:05 PM



Bob Lord, Chief Information Security Officer at Yahoo, headlined a panel at SXSW in Austin, TX, entitled The New Normal: User Security in an Insecure World.


Instead of focusing solely on the threats presented by this terrifying cybersecurity world we live in (see the massive Russian intelligence-directed hack on Yahoo, which compromised 500 million user accounts in 2014), Lord also presented a positive message: three crucial principles that can lead to a healthy cybersecurity environment.

READ MORE

3 Myths about Cyber Security


Posted on April 4, 2017 at 10:55 PM



Many people believe these 3 myths, but the truth is not good news...


READ MORE

How To Protect Your Online Privacy Now That Congress Sold You Out

by Eric Limer via Popular Mechanics


Posted on March 30, 2017 at 9:40 PM



All your private online data—the websites you visit, the content of your chats and emails, your health info, and your location—just became suddenly less secure. Not because of hackers, but because Congress just blocked crucial privacy regulations. This will allow your internet service provider to collect all your data and sell that info to the highest bidder without asking you first.



READ MORE

Your own staff can kill your computers with just one click...


Posted on March 23, 2017 at 9:10 PM



All it takes is one click on one illicit link by one employee to infect your entire technology ecosystem. .


READ MORE

SITE UNDER CONSTRUCTION

by Pete Groman @ I Speak Geek


Posted on March 29, 2017 at 10:00 PM



This website is still under construction. Please come back and visit us again soon.

Look here for Business technology articles affecting small businesses.

Continuous improvement is better than delayed perfection

- Mark Twain

Coming soon to a browser near you.


Our Sponsor

Namorgy Network Solutions is dedicated to providing cost-effective IT Managed Services to small and midsize businesses that want to improve their productivity. With our comprehensive approach to Managed Services, we are your single source for all things IT, fully committed to customer service excellence. Our fast and friendly team of experts is always thinking ahead to deliver the best service possible.



Pete Groman, President
Namorgy Network Solutions - GeekByTheWeek[TM]
pete@namorgy.com
972-454-0029
#NNSIT #ISpeakGeekDOTBIZ #GeekByTheWeek[TM]
CHAT
Have questions? Feel free to click the "Live Chat" button at the bottom right during business hours. Or the "Contact us" button after hours. Thanks!
ADVERTISEMENT