Our team of IT and security experts are here to help keep your family safe, as it is now more important than ever to talk to your child about staying safe online. Please discuss these online risks with them so they know how to avoid or report threats.
There is an incredible crew on the Cyber Advisors Service Desk and we are excited for you to get to know them more. Several times a month there will be individual Service Desk spotlights to highlight the people behind the computer.
First up, we have Jack McEvoy! Jack started with Cyber in April of 2020 and quickly stood out for his hard work and dedication to clients.
Tune into our YouTube Channel for a special on CMMC with Paul Beasley and Joe Moline! The interview highlights what CMMC is, who needs it, how Cyber Advisors is positioned to help companies through the process of getting CMMC certified, and breaks down the CMMC framework and levels. https://www.youtube.com/watch?v=f_DtvKHCjNY
Cyber Advisors is an approved Registered Provider Organization (RPO). The RPOs and RPs in the CMMC ecosystem provide advice, consulting, and recommendations to clients to help you navigate the CMMC. Cyber Advisors helps prepare our customers for CMMC readiness but does not conduct Certified CMMC assessments ourselves. Please find our profile below: https://cmmcab.org/marketplace/cyber-advisors-inc/
The country’s largest fuel pipeline was breached resulting in shutting down operations for multiple days. An estimated 100 gigabytes of data were stolen which was used for ransomware. The total effect has yet to be calculated but a surge in gasoline price was in effect in the eastern seaboard after operations were shut down. The FBI confirmed that a threat actor group in Russia identified as Darkside was behind the ransomware.
A new ransomware strain called "Qlocker" is targeting QNAP network-attached storage (NAS) devices as part of an ongoing campaign and encrypting files in password-protected 7zip archives. But it appears that “Qlocker” is not the only strain that's being used to encrypt NAS devices, what with threat actors deploying another ransomware named "eCh0raix" to lock sensitive data.
Check out more info on Qlocker Ransomware on our reference link, The Hacker News:
Verizon’s annual data breach investigation report (DBIR) released their report for 2021. A total of 29,207 quality incidents were reviewed, of which 5,258 were confirmed breaches.
The importance of penetration testing and vulnerability scanning are frequently confused for the same service. Business owners often purchase one when they really need the other, but each are important on their respective levels. Our team of security experts are diving into the differences and how they should fit into your organization's security practices.
Summary – A recent vulnerability (CVE-2021-1459) found in the web-based management interface of Cisco will have a large impact to small business routers. The vulnerability allows an unauthenticated, remote attacker to execute code on an affected appliance.
Cisco will not have a plan to fix the critical vulnerability, and instead will urge customers to replace the devices. The affected devices are RV110W VPN firewall and Small Business RV130, RV130W, and RV215W routers.
After a recent Fortinet breach, it is critical to understand the approach your organization needs to take to remediate. A successful exploit could allow the attacker to access critical information.
Summary – European companies’ Fortinet VPN devices have been targeted in more recent attacks. In the most recent attacks, a production site was taken down. The attacks happened in the first quarter of 2021.
On April 6th, 2021, a reported 500+ million LinkedIn accounts were leaked online. The accounts include email addresses, phone numbers, and links to other social media profiles. Information found in LinkedIn can be used to build a profile for their future victims. With LinkedIn’s recent breach, and the other recent social media (e.g., Facebook 533 million profiles) breaches, it is important to utilize a unique password for each site you visit in order to minimize your complete data from being exposed in the dark web.