You have probably heard the news by now that Russia has invaded Ukraine, and this will likely have a major impact on the cybersecurity world moving forward. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is recommending that all American organizations be on high alert, especially small and mid-sized businesses as they are seen as softer targets for cybercriminals.
Every year, Verizon releases their Data Breach Investigations Report (DBIR) and it usually contains some useful takeaways about how SMBs can protect themselves from cybercriminals. In case you haven’t read this 119-page report, here’s TechMD’s breakdown of the Top 3 most relevant takeaways for your business.
Microsoft has announced that Hafnium, a Chinese-backed cybercriminal organization, has been taking advantage of four zero-day exploits to attack on-premises Microsoft Exchange servers. We strongly recommend that any organizations with on-premises Exchange servers, including hybrid Office 365 setups, should apply Microsoft’s patch immediately.
Cybersecurity has become an even hotter topic over the last 12 months as businesses have accelerated their plans to operate in virtual and remote environments. Despite the growth of sophisticated techniques used by cyber criminals, we know that 98% of data breaches can be prevented by implementing the Center for Internet Security’s Top 20 Critical Security Controls correctly.
Ransomware has long been a real threat with real risks to businesses of all sizes, but hacking techniques are evolving and ransom payments are going up. In a new trend, cybercriminals are directly targeting the computers of top executives at small and mid-sized companies. Here are a few simple steps that every executive can take right now to protect themselves from cybercriminals.
Reuters reported over the weekend that foreign state-backed hackers have breached Microsoft 365 accounts at the US Treasury Department, using their access to secretly monitor email accounts at the US Treasury. Aside from implementing Microsoft’s recommendations for securing Microsoft 365 accounts, here are 3 additional tips to help protect personal and business accounts from cybercriminals.
In the modern workforce, managing passwords is tough. Most employees manage 85 different passwords, and this presents a significant cybersecurity risk for businesses while also harming productivity and user experience. One of the best solutions to this security/productivity dilemma is called Single Sign-On (SSO).
TechMD’s Security Maturity Level Assessment (SMLA) follows the nationally-recognized NIST Cybersecurity Framework and helps your business understand where your cybersecurity is today, where it needs to be, and how to get to there.
Many California businesses will need to address new compliance and privacy requirements this year due to the California Consumer Privacy Act (CCPA), which went into effect on January 1st, 2020. Does CCPA apply to you, and if so, what do you need to do about it?
A good cybersecurity foundation is made up of the right knowledge, daily practices, and tools. In this Tech Talk, we’ll review three best practices you can implement to protect yourself from cyberattacks, whether at work or home.
Recently we have been seeing a new phishing attack called PhishPoint that is targeting Office 365 customers. In this scam, cybercriminals are inserting malicious links into SharePoint files and then sharing them with potential victims, ultimately allowing them to steal Office 365 user credentials.
WannaCry Ransomware Causes Global Security Breach You may have seen the news this weekend: cybercriminals released a new strain of ransomware that can automatically spread itself across all computers in a network. It’s been dubbed “WannaCry” and it’s causing a global epidemic. More than 40 hospitals in the UK were shut down over the weekend. […]
Make sure you change duplicate passwords immediately! On Thursday of last week, website security provider Cloudflare announced a major security vulnerability affecting their service. This vulnerability has caused sensitive user data to be exposed across a number of popular websites, like Yelp, Uber, and others. To protect yourself, make sure you are not reusing any […]
Tax season kicks off with W-2 phishing and wire transfer scams These days, most of us are probably aware of CEO fraud, where cybercriminals impersonate high-level executives and trick employees into wiring company funds to an external account. And you may remember hearing about W-2 phishing during last year’s tax season, where scammers impersonated CEOs […]
Shop Smart and Secure This Holiday Season! Christmas is just around the corner, and while you might have all your shopping done already, most of us are still looking around for the perfect gift! And like many people, you’ll do a good portion (or even all) of your shopping online. However, is your financial data […]
On Thursday, Yahoo announced a massive security breach involving user account credentials for its services. According to Yahoo’s investor relations page, “a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor”. The account information in question includes names, email addresses, passwords, […]