• Search for:
    binary numbers as the background and locks in front of it. Security briefing
    15Nov, 2016
    Security Briefing 11.15.16

    Security firm Cylance has published a video showing how an attacker with physical access to Sequoia AVC Edge Mk1 voting machines can use a PCMCIA card to re-flash the device’s firmware and manipulate the voting tallies in memory. Happy voting!

    Cisco last week prompted a password reset for the user accounts on its Cisco Professional Careers mobile website after a security researcher discovered a vulnerability in the portal.

    US, UK, EU, AUS, NZ all join forces in Operation Hyperion – Oct 22-28, they collectively took down a number of TOR marketplace sites and made several arrests.

    Something took Liberia’s internet offline and experts aren’t quite sure what. The Mirai botnet certainly attacked the infrastructure of the country and brought about a gaping security flaw in the ‘IoT’ devices, but there is no evidence to support this claim.

    Virus, likely ransomware, effectively closes UK hospital, compromising systems and effectively diverting all planned operations and major trauma cases to others in area.

    Microsoft to provide a safe training environment and cybersecurity protection to Norway world chess champion as he prepares to take on his Ukraine opponent in world championship match. Amid rising fears of ‘Russian Hackers,’ he reached out to Microsoft for protection of his training data and analysis. Microsoft agreed.

    Mirai botnet is being actively upgraded at an alarming rate. The botnet source code has been making the rounds on the internet, picking up traction to be made better, faster, stronger.

    Firefox has a very low market share of browser users, but has been continuously being made better over the last year, with free-lance white-hat hackers discovering and helping to patch over 130 serious vulnerabilities. UPDATE FIREFOX WHEN YOU CAN.

    Scary vulnerability in Belkin WeMo devices (electrical switches, cameras, light bulbs, coffee makers, air purifiers, etc.) allows hackers to not only hack the devices, but to hack the android phone running the app that controls the devices.

    White hat hacker releases worm that finds ‘IoT’ devices with default credentials and changes them. Interesting theory, nearly non-existent possibility that it will be used in the wild.

    background is a blurry IT industry man in a suit pointing at a screen with a lock and other icons on it
    7Nov, 2016
    Security Briefing 11.7.16

    Every day, every week there is always something new coming into play in the realm of Cyber Security. In today’s world this is the hottest topic in the IT industry, mostly because everything we do these days involves some computer based equipment, and cyber criminals are plentiful, attempting to take advantage of anyone and everything. Even within the medical industry- hackers are targeting patients with cardiac implants, which is a potentially life-threatening attack.

    E-mail breaches are not limited to the United States. A Ukraine-based group is playing with fire; they claimed responsibility for stealing 2,000 emails from Putin advisor. Historically, Russia handles things a bit differently than the U.S. does, so this could be an interesting one to follow.

    Some groups, like Apple, are willing to give white-hat hackers (the good guys) some cash if they help uncover potential security flaws. This is a great plan- most of the time. Recently though, an 18-year-old from Arizona was arrested after iOS the exploit he was trying to find hammered local 911 service. He knew it was wrong, but there was little he could do about it after the exploit was public.

    In modern times, one can buy almost anything ‘as a service,’ meaning that you pay a fee for something to happen, be it physical or virtual. It comes as no surprise that some criminals are looking to capitalize on this, selling what has been coined as ‘Scamming as a Service.’ It is exactly what you think it is—people are selling their services to scam others. Let’s hope this one doesn’t gain too much traction.

    A fake ‘Security Essentials’ download is making the rounds on the internet as of late. This ‘branded by Microsoft’ software will give you the dreaded blue-screen-of-death with a catch – there’s a phone number at the bottom to call. Spoiler alert, Microsoft will never give you a phone number to call.

    Did you know that 15% of all routers use weak passwords and 20% have open telnet ports? This is a large reason for the massive internet outage two weeks ago; ‘Internet of Things’ devices were compromised and used in distributed denial of service (DDoS) attacks.

    Have you heard about hackers exploiting St. Jude’s cardiac implant devices? This article, along with evidence from the well-known cyber security firm Bishop Fox discusses how cyber criminals are targeting these individuals, allowing for the possibility of the devices to stop functioning at potentially fatal times.

    A recent trend in hacking is taking hackers away from systems and toward social engineering. It is significantly easier to compromise a person than it is a secured system. Targeted phishing attempts are on the rise. The BEST way you can combat this is to not open email attachments from people you do not know and have secure passwords that only you know. Another good security tip is if you use a service that has the ability for 2-factor authentication (where you have a password to login, but then your cell phone receives a text message/phone call with a code to verify it is actually you), turn that on.

    Matrix offers cloud computing assessment
    26Apr, 2016
    Cloud Computing 101: Is Your Business Ready for the Cloud?

    Cloud computing. You’ve heard of it, most likely, and you’ve heard there are advantages to it, but if you’re like a lot of people, the idea might be a bit fuzzy. What exactly is cloud computing and how can it help?

    Cloud computing can be defined as the storing of programs and data in secure super-servers on the Internet. This is opposed to traditional, onsite servers.  Storing information in the cloud can help keep more dollars in your pocket by cutting down on your IT costs.

    Why is it cheaper to do business this way?

    If you have programs that you use every day and you store them on local servers, you have to pay money for:

    • software licenses for all the machines that use that particular software
    • hardware to store the information
    • upgrades to hardware and software
    • services to keep it all running smoothly

    Cloud-based computing simplifies that process for business owners and puts the maintenance costs on the “utility” company that owns the Internet based servers. This is great news, especially for small business owners who need to harness cost effective solutions.

    You may be using cloud-base solutions right now and aren’t even aware of what is happening behind the scenes. Furthermore, Many applications now are web-based and you only pay for the space, licenses and features that you use. Most of these applications are on a pay-as-you-go basis, so there’s no long-term commitment. Also, you can experience all the functionality of the program you need for a fraction of the cost.

    It makes sense, especially for smaller businesses, to take advantage of the higher IT budgets of the large, cloud-based computing companies. They also specialize in IT operations and can more efficiently help store your applications and data than you could do on site with a small business budget.

    Finally, virtually everything from watches to refrigerators has Internet connectivity, cloud-based solutions are accessible for any company. Internet-connected devices are getting less and less expensive and connectivity is everywhere. This is making cloud-based solutions a good option to lower the cost of doing business, while increasing productivity.

    Free Cloud Readiness Assessment

    Want to know if your business is ready for cloud-based solutions (and how much money you could save on IT costs)? During May, we are offering free assessments to any business in the area with 10 or more computers and an onsite server. We come to your office and review your network software, data, hardware and processes to determine how cloud computing could help your business. There’s no cost or obligation, simply information that could potentially save you money. Contact Matrix Computer Consulting today to make an appointment. Call us at 703-368-2553 or email us at info@matrixcc.net.