UK study shines spotlight on scope of IT security challenge

Posted by Mike Vizard on Apr 20, 2017 11:36:38 AM

Despite the increased awareness concerning IT security threats, a new survey from the United Kingdom suggests far too many organizations still don’t have anything approaching a formal IT security strategy.

Three-fifths (57 percent) of the respondents to a survey conducted by the University of Portsmouth have attempted to identify cybersecurity risks to their organization using, for example, health checks and risk assessments. But, the survey also highlights that a sizable number of those businesses still do not have basic IT security protections place.

Read More

Topics: Cyber Security

What is a phlashing attack?

Posted by Michelle Burke on Apr 11, 2017 3:06:48 PM

Throughout the past year, our inboxes and RSS feeds have been flooded with news about malware and ransomware. But what about phlashing attacks?

Phlashing attacks have been designed by hackers with one sole purpose: to infect and permanently damage — or “brick” — a device. More specifically, phlashing attacks are targeting Internet of Things (IoT) connected devices to exploit known vulnerabilities in IoT device security and software.

Read More

Topics: Cyber Security

Vulnerabilities beyond phishing: Why SMBs need to be cautious

Posted by Lauren Beliveau on Apr 5, 2017 11:35:49 AM

Did you know that the average worker gets 121 emails a day? With so many emails pouring into inboxes, it’s no wonder that phishing attacks are successful. Not only are workers tirelessly keeping up with answering their emails, but the attacks themselves are becoming more sophisticated—and they prey on tired employees who, without thinking, click on the malicious link or attachment.

Read More

Topics: Cyber Security

The MSP’s Bookshelf: The Art of Intrusion

Posted by Lauren Beliveau on Mar 29, 2017 12:33:00 PM

Security can be a challenge. One unprotected port, one unchanged default password, or even one improperly configured item can leave businesses open to vulnerabilities and breaches. With so much to safeguard, it can be easy to miss the one small thing that could leave a crack in the wall. But hackers are persistent, and they’ll keep trying until they finally find the vulnerability you overlooked. “The adage is true that the security systems have to win every time, the attacker has to win once” says Dustin Dykes; a security consultant interviewed in the book by Kevin Mitnick.  

To keep systems protected and business-critical data safe, MSPs and their SMB customers need to truly understand how hackers and social engineers think. To get inside the head of these cyber criminals, I recently read “The Art of Intrusion” by Kevin Mitnick. When he was hacker nicknamed Condor back in the ’90s, Kevin hacked numerous organizations like IBM, Motorola, and even the Pentagon. After getting caught and serving jail time, he turned over a new leaf and now acts as a trusted cybersecurity consultant. In his book, Kevin dives into stories of hackers who have spilled their secrets, and he shares his advice on what businesses can do to mitigate cybersecurity risks.

Read More

Topics: Cyber Security

The spear phishing attack that caused the Yahoo data breach: What MSPs can learn

Posted by Michelle Burke on Mar 21, 2017 10:56:44 AM

As more information unfolds about the Yahoo data breach, it all comes down to a single fact: the entire breach was enabled by just one click on a spear phishing link.

Read More

Topics: Cyber Security

The woes of password management

Posted by Brent Fairbanks on Mar 20, 2017 12:00:00 PM

If you’re like anybody who uses computers today, you’re dealing with passwords. I alone have more than 58 just for the websites I use on a regular basis. That doesn’t include any hardware passwords,  Wi-Fi passwords, computer logins, or clients’ passwords. We all have too many to remember, and nobody is exactly sure who is responsible for something we all love to hate.

Passwords enable us to restrict access to only those who are permitted. Restriction of access is nothing new. It has been used for thousands of years, such as sentries in Roman times requiring someone to have special knowledge to pass. One thing we do know is that the minute we attempt to restrict access it invites abuse by both those with access and those without.

Read More

Topics: Cyber Security

Ask Intronis: How to create firewall policies for a company

Posted by Lauren Beliveau on Mar 20, 2017 8:33:00 AM

Q: With today’s evolving cyber threats, my IT service company is trying to offer our customers more proactive security measures beyond anti-malware and anti-spam filters. To really protect our customers, we want to offer a more sophisticated firewall solution. Once we choose a solution, how should we determine what policies we need to create for our SMBs?

Offering new solutions to protect customers from today’s evolving cyber threats is a smart way to both safeguard their business-critical data and grow your business. While every SMB may require different policies within their organization, there are certainly a few policies you can standardize on.

To help you determine which policies to put in place for your SMBs, we consulted Mark Ballegeer one of our systems engineers at Intronis MSP Solutions by Barracuda. Based on his extensive background in and knowledge of firewalls, Mark offered these tips on how to easily define policies within your customers’ businesses.

Read More

Topics: Cyber Security, Ask Intronis

Threat Watch: Resume Files containing Advanced Persistent Threats

Posted by Lindsay Faria on Mar 14, 2017 8:59:32 AM

As cybercriminals become more duplicitous by the day, businesses and individuals alike need to be more aware than ever of their digital surroundings. One example of this was recently highlighted on the Barracuda blog: Resume files containing Advanced Persistent Threats (APTs).  

This threat counts on unsuspecting email recipients to open a .doc file supposedly containing a resume from a job applicant. From there, chaos ensues.

Read More

Topics: Cyber Security

Lessons from XChange University: Even the best security guard needs backup

Posted by Michelle Burke on Mar 9, 2017 9:13:03 PM

In the security space, you’re always on guard, working hard to prevent the next big disaster. Aside from mitigating risk internally — whether that means deciding which vendor will be best to partner with next or which BDR solution could make or break your business — you now need to carefully consider risk from an external perspective.

This past Sunday morning at The Channel Company’s XChange University event, keynote speaker Robert Westervelt of IDC's Data Security practice shared some interesting stats with the audience of MSPs. For example, a recent IDC study revealed that 99 percent of hackers hit already-known vulnerabilities in platforms like Adobe, Microsoft, and Internet browsers.

Read More

Topics: Cyber Security

Quiz: How much do you really know about ransomware?

Posted by Lauren Beliveau on Feb 20, 2017 11:15:00 AM

Ransomware has quickly evolved from simply blocking users from gaining access to their files to encrypting files and even attacking servers. Cybercriminals are also becoming savvier when it comes to disguising attacks, making it harder for businesses to avoid them. A recent report from IBM security found that one in two business executives have experienced a ransomware attack, and 70 percent admitted to paying the ransom to regain access to their data.

Read More

Topics: Cyber Security

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment