k_Street Consulting, LLC Blog

What is your mother’s maiden name? What street did you grow up on? What is your favorite movie?

How about: What good do you really think these questions are going to do to help keep your accounts any more secure?

Do you know those horror stories you catch every so often where a huge business has their network hacked and millions of their customers and employees have their personal and financial information leaked onto the Dark Web? Your organization isn't likely as big as theirs, but regardless of how much money, people, and diverse revenue streams an organization has, having its network breached and its customers’, or its employees’, information strewn about over the Dark Web is not an ideal scenario. 

In the technology news sector, you’ve probably noticed a trend where Patch Tuesday makes headlines at least once a month. This is generally the day when Microsoft issues patches and security updates for its many different technologies, and it’s important for your IT department to know when Patch Tuesday falls each month.

Malware has been a problem for people that rely on technology for decades. Like the security that is designed to mitigate the effect of malware, the malware itself has grown in potency and frequency and is a major problem for businesses. Today, we will take a look at a few ways you can get malware. 

Financially-focused cyberthreats are no joke, especially considering how digital payments now make up 41.8% of all payments made worldwide. Let’s consider a few statistics that highlight how important it is to ensure that the payment card data your business collects is sufficiently protected.

We haven’t been shy about pushing for multi-factor authentication, AKA MFA, and there’s a reason for that: if implemented correctly, it can help prevent many cyberthreats. Having said that, cybercriminals have managed to find a way to undermine MFA. Let’s consider how they’ve managed to do this.

It can be too easy to think about hackers and cybercriminals in an almost abstract way, diminishing them to little more than a faceless entity at a keyboard. Naturally, this is far from the truth. Let’s examine the reality of the cybercrime industry, which actually does as much harm to the perpetrators as it does to the people they scam...if not more.

Business owners often get unsolicited emails from individuals who want to sell them goods, services, or products. Depending on the message, they might even come across as a bit suspicious, prompting you to question the authenticity of the email. If you’re not careful, you might accidentally expose your organization by clicking on the wrong link in the wrong email, thus falling victim to the oldest trick in the book: the phishing attack.

Nowadays, file sharing is so ubiquitous that most people in the office likely take it for granted. However, this is not a luxury that you have, as you need to ensure the file sharing that takes part is sufficiently secure—otherwise, you could find yourself in a tight spot. That’s why we want to devote this week’s tip to a few practical steps to making sure your files get where they’re going safely.

Managing business technology is a challenge that many small businesses have difficulty overcoming, and this is largely in part due to the fact that managing technology is not the focus of these small businesses. The inability to overcome IT challenges can hold businesses back that otherwise would flourish. Let’s discuss some of the biggest issues that companies have for IT and how they could potentially be addressed.

Let me ask you a question… if you were a hacker, how quickly would you take advantage of newly disclosed bugs and other vulnerabilities? I’d bet it would be pretty quick, and industry experts agree. According to these experts, there’s less and less time for security professionals to react to vulnerabilities and zero-day threats… and it continues to shrink.

So, the question remains, how prepared is your business to respond when these kinds of vulnerabilities are taken advantage of?

With so many workers constantly connected to screens and other technology, it is a good idea to disconnect every so often by taking a vacation somewhere. However, it’s not always this easy, especially for a business owner who is still minimally connected to the office even while technically on vacation. We’ve got a couple of tips for how you can make the most of your technology while on your vacation without putting your company at risk in the process.

Botnets are nefarious entities consisting of countless connected devices, all of which have been infected by hackers to perform malicious deeds. One such botnet, a Russian botnet consisting of millions of infected Internet of Things devices, has been dismantled and taken down by the United States Department of Justice and various law enforcement agencies throughout Germany, the United Kingdom, and the Netherlands.

The modern cyberthreat landscape is nothing to be trifled with, so it makes sense that as threats grow more powerful, so too do the solutions used to address them. Nowadays, there is a practice that is designed to address just how serious the threat of cybersecurity is: zero-trust IT. Let’s discuss these policies and how you might put them in place.

Cyberattacks have caused many millions of dollars worth of damage to businesses over the past several years, so it makes sense that your business should invest in its cybersecurity to mitigate these damages. That said, there is only so much you can invest into your cybersecurity budget, as you have to factor in other parts of your business, too. Today, we want to share with you three ways you can invest in cybersecurity initiatives that won’t completely break your bank.

Cybersecurity is not easy to manage, and even professionals have their work cut out for them against modern threats like ransomware and other high-profile security threats. Today, we want to educate you on some of the terminology used in cybersecurity, namely the relationship between a vulnerability and an exploit, as well as what you can do to keep the risks associated with both relatively low.

One of the more overlooked parts of cybersecurity attacks involves social media and social engineering tactics targeting it. If you’re not careful, you could be putting yourself at risk of attacks through social media. How can you ensure that your staff members are keeping security at top of mind even when using social media? Let’s find out.

Cybersecurity is something that must be reinforced both in the office and out of the office for your remote employees, and it’s unfortunately quite difficult to maintain. Let’s take a look at the unique circumstances surrounding the remote worker and how you should reinforce security best practices for them, even if they are not physically present in the workplace.

If you aren’t making cybersecurity a priority for your business, then we urge you to review the following statistics to ensure that you understand the gravity of the consequences. Let’s take a look at some of the ways scammers and hackers are making their way around the carefully-laid defenses placed by businesses and how you can protect your own organization.

Phishing attacks are serious business, so it is important that your team members know what they are, for one, and know how to spot them. To facilitate this, let’s review the signs of a phishing attack—or ideally, a phishing attempt (because by spotting it, you’re more able to stop it).

Your wireless router handles a lot of the tough work for your business, and as such, it’s important that it’s protected and secured as best as can be. If you want to secure your router, we recommend that you use the following best practices to make it happen.

There are times when you, as a business owner, might receive unsolicited emails from organizations asking you to try a product or asking for your input on something. More likely than not, the one responsible used data scraping to get your contact information. If it’s used appropriately, data scraping can be an effective marketing tool, but it can also be utilized by scammers to make your life miserable.

With many people choosing to work remotely, and businesses more or less embracing the idea of employing mobile teams, the tools and strategies needed to keep your business’ data and infrastructure safe could be new to your business, but for the most part many of them are actions that any organization looking to secure their IT would take. Let’s take a look at some of the strategies used to secure remote endpoints.

Ransomware is an incredibly disruptive threat that can put your business at risk, but it is increasingly becoming not just a fiscal risk to organizations, but also to the physical health and wellbeing of communities and individuals. The Federal Bureau of Investigation has issued a warning that should have everyone concerned about the future of ransomware attacks, not just in business, but in everyday life.

Businesses largely rely on their information systems and other technology tools, so you need to make sure they stay secure and far from the many threats out there. To this end, we recommend that you implement security systems that prioritize business continuity and data security. Let’s examine three ways you can keep your business’ IT safe and secure.

Cybersecurity is incredibly important for any organization that requires IT to remain operational (basically all of them), so it’s time to start thinking about your own strategies and how you can keep threats out of your network. One viable solution your business can implement is a Security Operations Center (SOC). What is a SOC, and how can you use it to keep threats off your network?

If you are someone who gets stressed out easily by people having access to resources they shouldn’t, then you probably have heard much about how to keep your data and internal resources safe from external threats. However, access control is much more than just cybersecurity; you also need to take into account the physical space when considering your access controls.

For much of the past decade, data privacy has been a big issue. Ever since information was unveiled on how major tech companies (and other companies) use the information gleaned from their users, there has been a cross-section of people who have started to fight back against it. Unfortunately for Americans, this hasn’t resulted in an overarching data privacy law that protects people and their personal data. This month, we’ll take a look at the data privacy environment and discuss why there haven’t been any moves by U.S. lawmakers to protect data privacy.

It can be tough to get your staff to care about your business’ network security, especially if they don’t consider it part of their day-to-day tasks or responsibilities. However, network security is not just isolated to your IT department; it matters to everyone, and if you can convince your staff to adhere to best practices, your security will be that much more effective moving forward. Here are seven tips you can use to get your staff to care about network security.

During the first half of the Super Bowl last month, cryptocurrency exchange company Coinbase bought a minute of ad space to broadcast an ad that was just a QR code on the screen, meandering diagonally around the screen like the famous Windows screensaver. Millions of people took out their smartphones and scanned the code and now cybersecurity professionals are publicly decrying the tactic. 

When we tell you that it’s a best practice to implement complex passwords for your business, do you know what exactly a complex password is? The truth of the matter is that secure passwords are a little confusing, and the standards continue to shift back and forth. Let’s examine some of the industry-standard best practices for implementing secure passwords and how your organization can go about doing so.

How effective is your cybersecurity? It seems like a simple question, but no less important to consider and determine as the answer could be the difference between a prevented breach and a successful one. In order to keep track of your business’ cybersecurity preparedness, it is important that you regularly evaluate it. Let’s go through the essential steps to performing such an evaluation.

We all know at this point how dangerous ransomware can be for businesses. It can lock down files, threaten operational continuity, and in some cases subject victims to brutal fines as a result of privacy breaches. One place where you might not expect ransomware to hit, however, is customer reviews, and it all stems from the big question: do you pay to resolve a ransomware attack or not?

Do you ever see an advertisement for a free download of a popular Windows application and think, “Wow, this sure sounds too good to be true!”? Well, it most definitely is, and hackers use these malvertisements to infect computers with malware and other threats. Specifically, malvertising is used to download three different types of malware, all of which can cause harm to unwary businesses.

Passwords have been a staple in data security and user authentication for many, many years… to the point where the idea of using a password has become nearly synonymous with the concept of security. However, data has increasingly shown that alternative options are in fact more secure. Let’s examine some of these passwordless authentication methods, and their pros and cons.

We frequently encourage our clients to consider the cloud as a viable option for their data storage needs, be they someplace to store a copy of their data backup or even their primary storage option. Having said that, it is important that we clarify that this cloud storage needs to be secure. Let’s explore how to ensure that much is true.

Protecting your organization’s data is a major focus of businesses these days, especially as threats grow more powerful and they better learn to penetrate the countless safeguards put into place. Let’s go over how encryption can help you cover all your bases—especially if hackers do manage to get through your security precautions.

With every new year comes new resolutions designed to help you defeat bad habits and bring better ones into your organization. Here are a couple of resolutions you can adopt for your business, particularly in terms of technology management and IT.

Network security is challenging for many businesses, and it’s largely because of the large number of various threats that populate the Internet. Some companies simply don’t know what the correct measures to take are, leaving themselves vulnerable to these threats on both a security standpoint and an employee training standpoint. We’ll delve into some of these threats and how they can be addressed.

If you are traveling this holiday season to bridge the gaps created during the COVID-19 pandemic, then you’ll want to take specific precautions about your technology. Here are some of the best ways you can keep your technology secure while you travel from point A to point B, as well as how we can help you do so!

Before this week, you probably never heard about Log4j. Right now, though, it’s the biggest topic in cybersecurity due to a massive vulnerability that is estimated to affect millions of devices. Your business needs to take this seriously.

When we think about security and hackers, it’s easy to think of them all as the bad guys. However, this is far from the truth. Just like with other areas of life, there is a shade of gray involved with hacking, and there are good guys that use these skills to benefit others while the bad guys try to exploit them for their gain.

There are a lot of threats out on the Internet, and many of them have absolutely a slim chance to threaten your business. Unfortunately, there are plenty that can and it only takes one to set your business back. Many IT professionals currently working for enterprise businesses deal with threats day-in and day-out, so they are experienced and knowledgeable. Small business owners, who for all intents and purposes are the lead IT decision-makers, don’t always consider these risks; they just need to keep their business running effectively. 

The past couple of years have been difficult for businesses, regardless of if they are large organizations or small businesses. Likewise, cybersecurity has been a challenge. Let’s take a look at what 2022 could pose for cybersecurity, especially considering recent trends.

When it comes to your business, what do you prioritize? Do you focus more on security, or do you focus more on the business continuity side of things? The reality here is that both are of critical importance. Unfortunately, however, it seems that many executives feel like the current circumstances surrounding the ongoing COVID-19 pandemic have led them to prioritize one over the other.

As modern warfare has evolved, so too has cyberwarfare. There is always a war occurring in cyberspace, where hackers attempt to outdo security researchers. One such example of hackers—often sponsored by government agencies—attempting to engage in cyberwarfare can be seen in the United States and Israeli technology sectors, which have become the target of password spraying.

Earlier this year, there was a string of high-profile ransomware attacks leveraged against major companies. Now, the United States has issued an order that dictates guidelines for how to patch various vulnerabilities in affected systems within federal agencies and organizations. It’s a huge move in an effort to stop hackers and other cyberthreats from becoming more serious problems in the future.

You see the headlines every single day while browsing the Internet: “So-and-So Suffers Massive Data Breach” or “Huge Data Breach Leaves Thousands of Credentials Exposed to Hackers.” Maybe you don’t see these specific headlines, but you get the idea; cybersecurity is a big deal these days, and you need to take it seriously before your business encounters problems that it cannot recover from.

Artificial intelligence, or AI, is a technology that many industries have found themselves benefiting greatly from, especially in the domains of cybersecurity and automation. Unfortunately, for every one great use of something, hackers will find two bad uses for it. AI has dramatically changed the landscape of cybersecurity and, more interestingly, cybercrime. Let’s take a look at why these threats are so concerning.

Businesses need all of the advantages they can get against threats, especially considering the fact that many of them adapt and evolve in response to advances in security measures. Some security researchers are seeing great success with artificial intelligence measures, a concept that could eventually become the future of network security in the business world.

Dealing with a hacked computer can be scary, but depending on the severity of the hack, you might not even know your infrastructure has been breached until it’s too late to stop it, putting you in a reactionary position. Let’s go over some of the telltale signs of a computer hack and what you should do about it.

Today’s cybersecurity landscape is dangerous, to say the least, prompting many organizations to adopt what is called a zero-trust policy for their security standards. Is a zero-trust policy the best solution for your company’s cybersecurity woes, and how effective is it toward preventing security issues? Let’s take a look.

While reading our blog and newsletters, you might come across the word “encrypted” quite a lot. Sometimes it’s in the form of ransomware encrypting data, while other times it might be regarding the encryption of passwords within a password manager. Regardless, one thing is certain: encryption is an important part of the modern workplace.

For twenty years, hackers have tried to breach organizational networks by finding or breaking holes in the network’s perimeter, or in exposed servers. This led to the cybersecurity industry creating software designed specifically to stop these threat actors in the act. This, in essence, created a situation where the perimeter of an organization’s network was extremely hard to breach. The problem was that as soon as something was able to get through the outer defenses, there was no end to the devastation a hacker could cause inside a network.

A recent trend even amongst ransomware threats is that the FBI is issuing warnings regarding how dangerous it is or how difficult certain variants are. This particular threat—the OnePercent ransomware gang—is no exception. Let’s break down what you need to know about the OnePercent Group and how you can prepare to handle attacks not just from this threat, but most ransomware threats.

One of the most difficult things to do in business is to imagine a scenario in which someone you trust puts your organization at risk. We focus so much on the external threats that the internal ones often go unnoticed. How can you make sure that your organization does not fall victim to the several different types of insider threats out there? Let’s take a look.

You’d think that cybercriminals would use ransomware to target high-profile businesses with loads of money to extort, but this is not always the case. Even a small business can fall victim to these particularly devastating threats. Ransomware, just like other threats out there, has continued to evolve and adjust its approaches based on the current cybersecurity climate, so what are some of the latest developments in ransomware?

Technology has always been ingrained in the operations of businesses to an extent, but it was only recently (in the grand scheme of things) that standard business technology such as desktops, server units, and other computing hardware really started to take off. That said, it’s now a staple, so your organization should be making informed decisions regarding any new hardware that you implement.

To be adept at a task is to say that the one doing the task is a professional, or someone with substantial knowledge that can be used to effectively complete the task. Cybersecurity is one such area where having a considerable amount of knowledge is of particular importance to help navigate the complex environment surrounding it. How can your organization achieve this level of mindfulness and expertise?

The Kaseya ransomware attack targeting VSA servers for approximately 1,500 organizations was another notable attack in a recent string of high-profile ransomware attacks, and while most organizations did what most security professionals recommend and did not pay the ransom, others did not listen. Now those who did pay the ransom are having trouble decrypting their data, and REvil is nowhere to be found to help them in this effort.

The cloud is a popular choice for businesses that need access to tools to sustain operations, but there is an innate flaw that comes from hosting anything in an online environment: security. Do not pretend that security is not an issue for your cloud-based resources—failing to acknowledge the importance of security could be a fatal mistake for organizations that leverage cloud-based technology resources.

Access control can be a touchy subject for some employees, especially for those who might feel they can do their jobs more effectively if they were to be given access to certain files or sensitive information. That said, in the interest of network security and data protection, it is your responsibility to consider who amongst your staff has access to certain information and why.

Data breaches are a well-known fact in the business environment, and small businesses in particular have many challenges that threaten their operations. It is important that you consider these security issues when putting together your risk management strategy, especially as it pertains to cybersecurity. Let’s take a look at how you can overcome some of the security challenges present for small businesses in 2021.

There is no denying that the cloud has become one of the most popular options for a business to obtain the tools required for their operations. Despite this, it is equally important to acknowledge that there are many ways that the cloud could facilitate security threats if not managed properly. Let’s go over some of the issues that must be addressed if a business is going to successfully leverage cloud technology to its advantage.

If a hacker were to find themselves on your network or within one of your accounts, would you be able to detect them and eliminate them? Today we want to share some of our best strategies for how you can identify the warning signs of a hacking attack, as well as how you should respond. This is particularly important for a workforce that is working remotely, so we hope you take these tips to heart.

With so many high-profile ransomware attacks being launched against manufacturers, pipelines, and even hospitals, it’s no surprise that many companies are worried about what the future of this threat means for their organizations. Ransomware poses a serious threat, one that cannot possibly be ignored, so we urge you to take action now so you don’t come to regret it later.

Securing your digital platforms has to be a major point of emphasis for every business. For years, having a password was enough to keep unauthorized entities out of secured accounts. Those days are effectively over. With threats multiplying and getting more and more dangerous, companies have to do more to secure their IT. This month, we thought we’d take a look at some of the best practices in creating passwords and alternatives that can help you better protect your business’ technology. 

If anything has been made clear by recent strings of high-profile ransomware attacks, it is that businesses and organizations simply do not take security as seriously as they need to. We urge you to use this opportunity to reconsider your own levels of network security. Are you doing all that you can to keep your data and assets secure? There are countless threats out there, and they all must be addressed (or at least prepared for) in some way.

Cybersecurity is an important part of running a business, especially in today’s age of ransomware and other high-profile hacks. It stands to reason that you periodically assess how effective your security practices are and how well-prepared your team is to respond to threats, but how often should you do so? Let’s take a closer look.

It is certainly important that you update your software and hardware with the latest patches and updates, but it is also important to keep in mind that while these patches and updates resolve certain issues, these updates can also create problems of their own. An upcoming update to Google Workspace is the perfect example of this.

Imagine going to log into one of your devices only to find that it has been completely wiped of any files located on it. Furthermore, imagine trying to log into your online account to manage the settings of said device, only to find that the password you know is correct is being identified as incorrect. This is the experience that many users of Western Digital’s My Book NAS device are currently going through, and it’s suspected that it is all because of an unpatched vulnerability.

With the addition of end-to-end encryption to Google’s Android Messages application, we have a perfect opportunity to discuss the concept of encryption and why it is so important. Let’s dive right in, shall we?

A recent surge of high-profile ransomware attacks strikes again with an assault on the world’s largest meat processor and distributor, JBS S.A. The cyberattack was so disruptive that the company was forced to suspend operations in both North America and Australia, leading to a considerable impact on the supply chain. Let’s take a deeper dive into what lessons can be learned from this situation.

Many organizations are pushing for two-factor authentication, and it is easy to see why. The benefits are so great and the risks so devastating (and unnecessary) that there is no good reason to not implement two-factor authentication. Let’s discuss what two-factor authentication is, why it matters, and how you can set it up for your Microsoft, Google, and Apple accounts.

Passwords are the first line of defense your accounts have against the myriad of threats out there. It’s imperative that you follow industry best practices when creating them so as to maximize security. Thankfully, the latest guidelines from the National Institute of Standards and Technology, or NIST, make creating secure passwords easy.

Passwords are quite literally everywhere nowadays. With so much of modern life now controlled or held within user accounts, keeping your passwords both secure and straight in your head is crucial. Many web browsers now offer some built-in password management utility to help make this process more convenient for the user, but is this option available at the cost of security?

Most companies have some sort of regulation they need to stay compliant to, and 2021 seems to be a landmark year. Over the past year, companies have had to deal with a growing remote workforce, end-of-life upgrades, the development of new privacy laws, as well as the existing regulatory landscape. Let’s take a look at why compliance is important for your business.

Many small and medium-sized businesses don’t consider making physical security investments if they already have some type of workable solution in place. The problem is that there have been a lot of innovative moves made that would make those investments strategically smart at the time. So, while a physical security upgrade may not be a priority for your business, we thought we’d go through some of the tools used, and how they have improved. 

Contemporary movies are filled with high-stakes cybercrime, where a lovable criminal syndicate breaks into a company’s systems to help wreak havoc on the true villains of the film, all the while exposing the company’s dirty laundry. Naturally, this idea can be frightening for any business, whether or not they have any dirty laundry to air out—after all, nobody wants a ruined reputation—and is unfortunately less and less of a fantasy all the time.

More businesses rely on their mobile strategies than ever before. For the most part, this uptick in mobility has helped sustain some business at a time when many would be expected to fail, but relying more on mobile definitely comes with some risks. This month we thought we would take a long look at mobility and how it can be a risky proposition for the modern small business.

While you’ll probably hear us recommend that you update as soon as possible at every opportunity, the source of these updates is important to consider. This is especially the case now that mobile security firm Zimperium has discovered a new mobile spyware that pretends to update your mobile device… but actually steals data and monitors the user’s search history and location.

In the course of doing business everyone has their own specific responsibilities. One overarching responsibility that all employees need to have today is awareness. The health of a business depends on it. A staff’s failure to properly shoulder their load of security can have an immensely negative result for both the employee and the company. Today, we’re going to explain that when your organization gets breached by hackers, that fault is largely yours.

Businesses of all kinds depend on the technology that they use, whether it’s their email, a CRM, or just a single PC with a spreadsheet program. Those businesses that keep it real simple, have to know that there is technology out there that can help them bring in more revenue streams or properly manage the ones they already have. Those that look to technology to solve their business’ operational woes, tend to have several options to choose from. One thing is certain, if you have proper counsel when making technology decisions for your business, your chances of spending your capital wisely increase substantially.

As commonly happens with any disaster, COVID-19 has inspired no short supply of scams. While these scams initially focused upon the relief funds that were delivered to people to help sustain the suffering economy, the ongoing vaccine distribution efforts have given those behind these efforts a new means of attack.

Recently, a story broke in Florida that sounds like something out of a terse action film: a hacker managed to access a water treatment facility and subjected the Pinellas County water supply with increased levels of sodium hydroxide. While onsite operators were able to correct the issue right away and keep the public safe from danger, this event is the latest in a line of cyberattacks directed at public utilities. Let’s consider this unpleasant trend.

Google search is synonymous with searching the internet, but that hasn’t stopped them from constantly innovating the service. One of the most recent updates is to give users more context for the content that returns on search results. This works to protect users from potentially clicking on websites that could contain threats. Today, we discuss this innovation and how it will look to the end-user.

You’d think that the healthcare industry would be at the very cutting-edge when it comes to information technology implementation. That isn’t always the case. One technology that developers are really looking to take advantage of in the healthcare space is blockchain. The technology behind cryptocurrency is being used to help patients better control their care. Let’s take a brief look now. 

Businesses that don’t see after their vulnerabilities are just asking to be breached. That’s the consensus view in the IT industry. It’s disconcerting, then, to consider how many businesses don’t actively assess their IT security, especially considering how much these platforms change from year-to-year. Today, we’ll briefly discuss what a security and compliance audit is, and why we think you need one. 

While we would strongly recommend that you update your passwords more than once a year, now is as good a time as any to do so. Reflecting on this, let’s go over how to fully lock down your Microsoft accounts.

Let’s begin with a cold, hard fact—if a business has been targeted by cybercrime from an outside source, there is a 68 percent chance that another attempt to access their network will come within one year. This statistic comes from Crowdstrike, a cybersecurity solutions provider. Despite this reality, there seems to be a perception that there’s some unwritten rule somewhere that a company can only be attacked once. 

If you haven’t taken the time to go through and update your passwords lately, particularly the one protecting your Google account, you should do so… despite it undeniably being a pain. After all, Google serves various purposes and is attached to many accounts for most. Considering the number of data breaches and other cybersecurity issues this potentially contributes to, you will want to ensure your Google account is properly locked down.

GoDaddy—the domain registrar and web-hosting company once famed for its risqué advertisements—is facing some significant backlash for a much different reason. On December 14th, GoDaddy’s employees received an email that appeared to be from the company, promising a holiday bonus. However, while the email was from the company as it appeared to be, it was actually a phishing test that the hosting provider decided to run.

2020 has been filled to the brim with adversity and just as we’ve mercifully arrived to the end, the largest and most brazen cyberespionage attack ever has been carried out. Today, we’ll tell you what we know about the attack, what problems it caused, and what we should learn from it going forward.

Browser extensions are nifty little programs that can be implemented into your web browser itself, adding onto its capabilities and utility… at least, that’s the concept. Unfortunately, these programs also give cybercriminals a means of secretly launching an attack. The security firm Avast recently identified 28 such third-party extensions that have been installed—according to the download numbers, at least—by about three million people on Google Chrome and Microsoft Edge combined.

Many small business owners will temper their investments into IT security because they are of the notion that because their businesses are so small, they can’t be affected by hackers. We get it: prioritizing IT security is more expensive than you like and that money can justifiably be used elsewhere for more gain. The problem is that small businesses can and do get targeted by hackers. In fact, over 25 percent of all data breaches happen to small businesses. In today’s cyberthreat climate, your business can’t rely on luck. Let’s take a look at what you can invest in to protect your network and infrastructure.

One of the major shifts we’ve seen in business in 2020 is the establishment of the remote workforce. Stay-at-home orders brought on by the COVID-19 pandemic made it necessary for businesses to find solutions on how to securely transfer information from what could be unprotected networks. The virtual private network is a solution to this problem. Today, we will describe what a VPN is, what its primary use is, and how secure it really is for secure file transmission. 

With the holidays approaching, and with the global pandemic still underway, online shopping is going to be under even more demand than usual in 2020. With all of these transactions online, it would stand to reason that people would be more keen to follow best security practices than ever before. This week, we take a look at how people are staying secure online and whether or not the need for speed outweighs their security and privacy efforts.

Being told by an IT provider how important it is for you to update your software is probably a bit like your grade school teacher telling you how important it is to do your homework: of course they’re going to say it, it’s their job to do so. However, we’re telling you what the Department of Homeland Security announced when they released a warning to update your Google Chrome web browser.

As serious as they are, cyberattacks are not always labeled with the most serious-sounding names. We are, of course, talking about phishing: the use of spoofed email addresses and fraudulent messages to get hold of data, or whatever goal the attacker has in mind. One of the silliest-sounding versions of phishing—smishing—has proven to be of particular risk.

Your business depends on a budget to come out in the black at the end of the fiscal year, and the way you invest that budget will have a considerable impact. As you create this budget, your IT needs to be one of your top considerations… after all, it is what effectively powers the modern business. This month, we’ll discuss how diligently incorporating your IT into your budget can help your business be more successful down the line.