Threat Alert: Surge of Vishing Attacks

Threat Alert: Surge of Vishing Attacks

General
Threat Alert: Surge of Vishing Attacks The Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a joint alert, warning organizations of the surge of vishing attacks. What Is Vishing? Vishing is a type of phishing attack that leverages the phone, in particular, Voice Over Internet Protocol (VoIP), as a means of attack. The commonly known phishing attack weaponized the emails. In an email-based phishing attack, an attacker sends targets emails that masquerade as coming from legitimate sources. Phishing emails contain malicious attachments or links or both. Clicking on either the malicious attachment or link infects the computer used by the email receiver with malicious software (malware) leading to the stealing of sensitive data. The adoption of VoIP in the early 2000s as…
Read More
How to Secure the Most Common Cyberattack Initial Vectors

How to Secure the Most Common Cyberattack Initial Vectors

General, News
Cyberattackers gain access to their victims' networks by exploiting initial vectors – entry points that enable them to drop malicious software (malware).   Securing the most common cyberattack initial vectors is important in protecting your organization's network. Here are the most common cyberattack initial vectors and their corresponding cybersecurity best practices in securing them:   RDP RDP, short for Remote Desktop Protocol, is one of the most popular application-level protocols for accessing Windows workstations or Windows servers.   With the spread of the coronavirus disease 2019 (COVID-19) and the resulting government-mandated stay-at-home measures, remote working has become a new normal. This new normal, however, directly impact cybersecurity. The ransomware called "Phobos", for instance, typically leverage compromised RDP connections as an initial vector.   Kaspersky Lab reported that since the beginning…
Read More
Loyalty Programs: Hot Target for Cyber Criminals

Loyalty Programs: Hot Target for Cyber Criminals

General
Loyalty Programs: Hot Target for Cyber Criminals Cyber criminals are continually looking for new targets. In recent years, loyalty programs have become the hot target for cyber attackers. One of the least highlighted aspects of recent data breaches is how loyalty programs compromised organizations’ network security. In late November, this year, Marriottdisclosed that out of the 500 million guests affected by a 4-year long data breach, account information of 327 million guests relating to the company’s Starwood Preferred Guest (“SPG”) had been accessed by an unauthorized party. SPG is the loyalty program of Starwood Hotels & Resorts Worldwide – the hotel chain acquired by Marriott in September 2016. Early this year, Marriott completed the integration of the two companies’ loyalty programs. It’s too early to tell what would become of…
Read More
6 Basic Cyber Hygiene Practices Organizations Fail to Implement

6 Basic Cyber Hygiene Practices Organizations Fail to Implement

General
6 Basic Cyber Hygiene Practices Organizations Fail to Implement A new survey has shown that many organizations today are leaving themselves vulnerable to cyberattacks by failing to implement the basic cyber hygiene practices. The study "State of Cyber Hygiene Report" conducted by Tripwire and Dimensional Research surveyed 306 IT professionals last July 2018 to examine whether organizations are implementing the security controls that the Center for Internet Security (CIS)referred to as "Cyber Hygiene”. CIS considers the following 6 security controls as the basic cyber hygiene practices: Inventory and Control of Hardware Assets Inventory and Control of Software Assets Continuous Vulnerability Management Controlled Use of Administrative Privileges Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers Maintenance, Monitoring and Analysis of Audit Logs CIS Control 1: Inventory…
Read More

Server OS Update Key Terms

General
    BACK   Operating System The core software that a computer operates on, which acts as the basis that all other programs operate on   Security Support Periodically updated software updates that protect computers against evolving security threats   Server Virtual Space Dividing a single physical server into multiple virtual, independent environments  
Read More

What is a Server OS Update?

General
    BACK   A server system is the heart of a company's I.T. life. It often contains many, if not all company files, and acts as the central core that all company computers are connected to. A slowdown of such a system would therefore mean a slowdown of the company as a whole. Often, inefficiencies that begin to occur are caused by an aging operating system (OS), which inhibits the utilization efficiency of a server's components.   An OS is the fundamental program of a computer system. It acts as the interface between the components of a computer and its user, and acts as the ground on which other programs operate. However, like any other program, it requires constant updates from its developer to keep up with new components…
Read More

Data Storage Management Key Terms

General
  BACK Corrupted Data The inability to access previously stored data due to errors and inconsistencies that occur during reading or writing processes   Cloud-based backup systems Data backup strategy involving online storage and recovery of important information   Off-site redundancies Storage strategy that involves keeping copies of important data at a secondary location   Hardware Failure Loss of information due to the physical damage of computer components  
Read More

What is Data Storage Management?

General
  BACK   By nature, digital information will always be vulnerable to data loss. This can be through physical damage of computer hardware, digital corruption which occurs during regular reading and writing processes, or accidental deletion of company files. Loss of important information in a corporate setting can often result in devastating blows to the productivity of a company. Furthermore, if improper storage protocols were implemented prior to the event, there is often the potential for permanent data loss.   GenX provides numerous services to assist your company in setting up optimal data protection and storage strategies, to give you the peace of mind that your information will not be destroyed. Not only do we offer local solutions for employee computers, such as external hard drive backup protection, but our…
Read More

Security Best Practice Key Terms

General
  BACK   Cyberattack The malicious attempt to destroy or steal sensitive information through digital hacking   Informational Ransom The threat of publicizing stolen sensitive information for a demanded price   Threat Analysis The process of identifying the most pressing issues in a company's I.T. security protocols   Viruses The general term for programs with malicious intent. They may cause damage through data theft, software corruption, or other methods  
Read More

What is Security Best Practice?

General
  BACK   A company's perceived stability relies on its ability to protect its sensitive information from cyberattacks. Sensitive data such as confidential client information, financial records, or employee information are among the data that may be targeted for informational ransom.   In light of this, it should be of upmost importance of any company to exert every effort to maintain optimal protection of its critical information, as failure to protect this would cause irreparable damage to its integrity.   GenX's team of I.T. professionals have been working within this field with the cumulative experience of dozens of years. As such, our team has developed countless security plans over the years. Therefore, we are highly trained in the creation of thorough and impenetrable security plans, which have stood through through…
Read More