Category: Information Security

Information Security Best Practices: How to Protect Your Business

Information Security Best Practices: How to Protect Your Business

Information Security
Information Security Best Practices: How to Protect Your Business An effective information security setup will help to safeguard your business against potential cyber attacks, but what does that mean? In this post, GenX will explore 7 essential information security best practices for your organization. Establish a Clear Security Policy Start by documenting your security policy in clear terms. This outlines your business’s strategy for staying safe from danger and handling situations that may arise. Your policy should cover: The steps your organization is taking to stay secure and which threats they protect against How you will continue to improve security through updates to software and hardware Which team members are required to maintain the security policy and ensure that staff adhere to it Who will take charge to contain and…
Read More
Why does your business need a VPN?

Why does your business need a VPN?

Information Security
Why does your business need a VPN? Virtual private networking (VPN) services have become more popular, and more mainstream, in the past few years. But while some users take advantage of VPNs to watch Netflix shows that might be unavailable in their own country or to prevent companies tracking them while browsing, these services actually offer a wider range of benefits. And that’s why they’re a smart investment for businesses of any size. In this post, we’ll explore the four main reasons why your company needs a business VPN and look at a few factors to consider before setup. First, though, let’s establish how a VPN works. What is a business VPN and how does it work? A VPN is an online security service that encrypts connections between your company’s…
Read More
Microsoft Warns of Active Exploitation of the “Zerologon” Bug in Windows Server

Microsoft Warns of Active Exploitation of the “Zerologon” Bug in Windows Server

Information Security
Microsoft Warns of Active Exploitation of the “Zerologon” Bug in Windows Server Over the last two weeks, Microsoft has warned that the security vulnerability in Windows Server operating systems called “Zerologon” has been actively exploited. What Is Zerologon? The security vulnerability dubbed as Zerologon was first discovered by Tom Tervoort, Senior Security Specialist at Secura. This vulnerability designated as CVE-2020-1472 is a vulnerability in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory – referring to Microsoft’s proprietary directory service that allows IT administrators to authenticate computers within a network. The vulnerability in Netlogon Remote Protocol allows an unauthenticated attacker with existing network access to a Windows Server operating system with the Active Directory domain controller role to completely compromise all Active Directory identity services. In…
Read More
MFA Adoption: Benefits and Risks

MFA Adoption: Benefits and Risks

Information Security, IT Support
MFA Adoption: Benefits and Risks The global pandemic which forces many organizations to adopt the work from home model has led to the dramatic adoption of multi-factor authentication (MFA) as a cybersecurity measure. While MFA has its benefits, it also presents some risks. What Is MFA? MFA, short for multi-factor authentication, is another route to account security. Traditionally, accounts are protected by single-factor authentication composed mainly of the username and password combination. Single-factor authentication has shown to be easily compromised, for instance, through brute force attack – guessing the correct username and password combination through automated means. MFA promises to secure an account by requiring multiple forms of verification to prove one’s identity when signing into an application. There are many forms of MFA. One form is through the use…
Read More
Access to Corporate Network: Why It’s Important to Secure This Entry Point

Access to Corporate Network: Why It’s Important to Secure This Entry Point

Information Security, IT Support
Access to Corporate Network: Why It’s Important to Secure This Entry Point A hacker group specializing in gaining and maintaining access to corporate networks has been observed selling access to compromised corporate networks to other threat actors on underground forums. This highlights the importance of securing access to your organization’s network. An actor assessed to be associated with the hacker group behind the malicious campaign called “Pioneer Kitten”, also known as “Parisite” and “Fox Kitten”, has begun selling access to compromised corporate networks on underground forums since late July of this year, this according to the recent report released by CrowdStrike Intelligence. Access to Corporate Networks COVID-19 has forced many companies to open access to their corporate networks to remote workers. This opening unleashed a Pandora’s box of new cyberthreats, especially…
Read More
Thousands of Canadian Gov’t Accounts Hacked, Lessons Learned from this Attack

Thousands of Canadian Gov’t Accounts Hacked, Lessons Learned from this Attack

Information Security
Thousands of Canadian Gov’t Accounts Hacked, Lessons Learned from this Attack The Government of Canada recently confirmed that thousands of Canadian Government accounts had been hacked. In a statement issued last August 15th, the Treasury Board of Canadasaid that the attackers zeroed-in the government's GCKey system – a single sign-on (SSO) system used by 30 Canadian federal departments for the public to access different government services, including employment, citizenship, social services such as access to Covid-19 relief programs. GCKey is also used as an alternative access route to login to the Canadian Revenue Agency (CRA) systems. Credential Stuffing Attack In the August 15th statement released by the Treasury Board of Canada, out of 12 million GCKey accounts, 9,041 accounts were compromised via the cyberattack called "credential stuffing". In a credential…
Read More
How to Secure Remote Access for Your Employees

How to Secure Remote Access for Your Employees

Information Security, IT Support
How to Secure Remote Access for Your Employees The restrictions that come along with the COVID-19 pandemic have forced many organizations to adopt the work from home model. One key component of the work from home model is remote access – the ability to connect to another computer or network over the internet. Remote Desktop Protocol (RDP) Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft that enables a computer user to access another computer over the internet. While this protocol was initially released for most Windows operating systems, this protocol can now be used with Mac operating systems. A remote desktop user can access another desktop, open and edit files, and use applications of this desktop no matter where this desktop is geographically located. In the context…
Read More
NetWalker Ransomware Earns $25 Million in Just 5 Months

NetWalker Ransomware Earns $25 Million in Just 5 Months

Information Security
NetWalker Ransomware Earns $25 Million in Just 5 Months In the last 5 months, when most people were sheltering in place and working from home due to COVID-19 restrictions, the group behind the ransomware called “NetWalker” earned US $25 million by extorting organizations for large amounts of money. In the blog post "Take a 'NetWalk' on the Wild Side" published on August 3, 2020, researchers at McAfee reported that between March 1, 2020 and July 27, 2020, victims of NetWalker ransomware paid to the group behind the ransomware 2,795 bitcoin, valued at US $25 million. “Even though we do not have complete visibility into the BTC flow before NetWalker started ramping up, one thing is certain, this quarter alone it has been highly successful at extorting organisations for large amounts…
Read More
Canadian Organizations Attacked via Unpatched Devices & Inadequate Authentication, Canadian Centre for Cyber Security Says

Canadian Organizations Attacked via Unpatched Devices & Inadequate Authentication, Canadian Centre for Cyber Security Says

Information Security, IT Support
Canadian Organizations Attacked via Unpatched Devices & Inadequate Authentication, Canadian Centre for Cyber Security Says The Canadian Centre for Cyber Security recently revealed that in recent months several Canadian organizations' computer networks have fallen victim to cyberattackers via unpatched devices and inadequate authentication. "In recent months, the Cyber Centre [Canadian Centre for Cyber Security] has been made aware of several compromises of computer networks in Canada," the Canadian Centre for Cyber Security said. "In each case, a threat actor was able to compromise infrastructure exposed to the internet because it was not properly secured via 2FA and/or because software running on an exposed server was not patched to the latest version." Inadequate Authentication Inadequate authentication refers to the insecure process of accessing a device. According to the Canadian Centre for…
Read More
How to Protect Remote Workforce from Web Application-Based Attacks

How to Protect Remote Workforce from Web Application-Based Attacks

Information Security
How to Protect Remote Workforce from Web Application-Based Attacks The on-going pandemic has changed the way people work. Organizations around the globe have turned to cloud applications for better collaboration and productivity for their remote workforce. Microsoft has warned that today’s malicious actors are leveraging malicious web applications in gaining access to legitimate cloud services such as Office 365. In the blog post "Protecting your remote workforce from application-based attacks like consent phishing", Agnieszka Girling, Partner Group PM Manager at Microsoft said, "While application use has accelerated and enabled employees to be productive remotely, attackers are looking at leveraging application-based attacks to gain unwarranted access to valuable data in cloud services." Consent phishing, Girling said, is an example of a web application-based attack that "can target the valuable data your…
Read More

Category: Information Security

Information Security Best Practices: How to Protect Your Business

Information Security Best Practices: How to Protect Your Business

Information Security
Information Security Best Practices: How to Protect Your Business An effective information security setup will help to safeguard your business against potential cyber attacks, but what does that mean? In this post, GenX will explore 7 essential information security best practices for your organization. Establish a Clear Security Policy Start by documenting your security policy in clear terms. This outlines your business’s strategy for staying safe from danger and handling situations that may arise. Your policy should cover: The steps your organization is taking to stay secure and which threats they protect against How you will continue to improve security through updates to software and hardware Which team members are required to maintain the security policy and ensure that staff adhere to it Who will take charge to contain and…
Read More
Why does your business need a VPN?

Why does your business need a VPN?

Information Security
Why does your business need a VPN? Virtual private networking (VPN) services have become more popular, and more mainstream, in the past few years. But while some users take advantage of VPNs to watch Netflix shows that might be unavailable in their own country or to prevent companies tracking them while browsing, these services actually offer a wider range of benefits. And that’s why they’re a smart investment for businesses of any size. In this post, we’ll explore the four main reasons why your company needs a business VPN and look at a few factors to consider before setup. First, though, let’s establish how a VPN works. What is a business VPN and how does it work? A VPN is an online security service that encrypts connections between your company’s…
Read More
Microsoft Warns of Active Exploitation of the “Zerologon” Bug in Windows Server

Microsoft Warns of Active Exploitation of the “Zerologon” Bug in Windows Server

Information Security
Microsoft Warns of Active Exploitation of the “Zerologon” Bug in Windows Server Over the last two weeks, Microsoft has warned that the security vulnerability in Windows Server operating systems called “Zerologon” has been actively exploited. What Is Zerologon? The security vulnerability dubbed as Zerologon was first discovered by Tom Tervoort, Senior Security Specialist at Secura. This vulnerability designated as CVE-2020-1472 is a vulnerability in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory – referring to Microsoft’s proprietary directory service that allows IT administrators to authenticate computers within a network. The vulnerability in Netlogon Remote Protocol allows an unauthenticated attacker with existing network access to a Windows Server operating system with the Active Directory domain controller role to completely compromise all Active Directory identity services. In…
Read More
MFA Adoption: Benefits and Risks

MFA Adoption: Benefits and Risks

Information Security, IT Support
MFA Adoption: Benefits and Risks The global pandemic which forces many organizations to adopt the work from home model has led to the dramatic adoption of multi-factor authentication (MFA) as a cybersecurity measure. While MFA has its benefits, it also presents some risks. What Is MFA? MFA, short for multi-factor authentication, is another route to account security. Traditionally, accounts are protected by single-factor authentication composed mainly of the username and password combination. Single-factor authentication has shown to be easily compromised, for instance, through brute force attack – guessing the correct username and password combination through automated means. MFA promises to secure an account by requiring multiple forms of verification to prove one’s identity when signing into an application. There are many forms of MFA. One form is through the use…
Read More
Access to Corporate Network: Why It’s Important to Secure This Entry Point

Access to Corporate Network: Why It’s Important to Secure This Entry Point

Information Security, IT Support
Access to Corporate Network: Why It’s Important to Secure This Entry Point A hacker group specializing in gaining and maintaining access to corporate networks has been observed selling access to compromised corporate networks to other threat actors on underground forums. This highlights the importance of securing access to your organization’s network. An actor assessed to be associated with the hacker group behind the malicious campaign called “Pioneer Kitten”, also known as “Parisite” and “Fox Kitten”, has begun selling access to compromised corporate networks on underground forums since late July of this year, this according to the recent report released by CrowdStrike Intelligence. Access to Corporate Networks COVID-19 has forced many companies to open access to their corporate networks to remote workers. This opening unleashed a Pandora’s box of new cyberthreats, especially…
Read More
Thousands of Canadian Gov’t Accounts Hacked, Lessons Learned from this Attack

Thousands of Canadian Gov’t Accounts Hacked, Lessons Learned from this Attack

Information Security
Thousands of Canadian Gov’t Accounts Hacked, Lessons Learned from this Attack The Government of Canada recently confirmed that thousands of Canadian Government accounts had been hacked. In a statement issued last August 15th, the Treasury Board of Canadasaid that the attackers zeroed-in the government's GCKey system – a single sign-on (SSO) system used by 30 Canadian federal departments for the public to access different government services, including employment, citizenship, social services such as access to Covid-19 relief programs. GCKey is also used as an alternative access route to login to the Canadian Revenue Agency (CRA) systems. Credential Stuffing Attack In the August 15th statement released by the Treasury Board of Canada, out of 12 million GCKey accounts, 9,041 accounts were compromised via the cyberattack called "credential stuffing". In a credential…
Read More
How to Secure Remote Access for Your Employees

How to Secure Remote Access for Your Employees

Information Security, IT Support
How to Secure Remote Access for Your Employees The restrictions that come along with the COVID-19 pandemic have forced many organizations to adopt the work from home model. One key component of the work from home model is remote access – the ability to connect to another computer or network over the internet. Remote Desktop Protocol (RDP) Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft that enables a computer user to access another computer over the internet. While this protocol was initially released for most Windows operating systems, this protocol can now be used with Mac operating systems. A remote desktop user can access another desktop, open and edit files, and use applications of this desktop no matter where this desktop is geographically located. In the context…
Read More
NetWalker Ransomware Earns $25 Million in Just 5 Months

NetWalker Ransomware Earns $25 Million in Just 5 Months

Information Security
NetWalker Ransomware Earns $25 Million in Just 5 Months In the last 5 months, when most people were sheltering in place and working from home due to COVID-19 restrictions, the group behind the ransomware called “NetWalker” earned US $25 million by extorting organizations for large amounts of money. In the blog post "Take a 'NetWalk' on the Wild Side" published on August 3, 2020, researchers at McAfee reported that between March 1, 2020 and July 27, 2020, victims of NetWalker ransomware paid to the group behind the ransomware 2,795 bitcoin, valued at US $25 million. “Even though we do not have complete visibility into the BTC flow before NetWalker started ramping up, one thing is certain, this quarter alone it has been highly successful at extorting organisations for large amounts…
Read More
Canadian Organizations Attacked via Unpatched Devices & Inadequate Authentication, Canadian Centre for Cyber Security Says

Canadian Organizations Attacked via Unpatched Devices & Inadequate Authentication, Canadian Centre for Cyber Security Says

Information Security, IT Support
Canadian Organizations Attacked via Unpatched Devices & Inadequate Authentication, Canadian Centre for Cyber Security Says The Canadian Centre for Cyber Security recently revealed that in recent months several Canadian organizations' computer networks have fallen victim to cyberattackers via unpatched devices and inadequate authentication. "In recent months, the Cyber Centre [Canadian Centre for Cyber Security] has been made aware of several compromises of computer networks in Canada," the Canadian Centre for Cyber Security said. "In each case, a threat actor was able to compromise infrastructure exposed to the internet because it was not properly secured via 2FA and/or because software running on an exposed server was not patched to the latest version." Inadequate Authentication Inadequate authentication refers to the insecure process of accessing a device. According to the Canadian Centre for…
Read More
How to Protect Remote Workforce from Web Application-Based Attacks

How to Protect Remote Workforce from Web Application-Based Attacks

Information Security
How to Protect Remote Workforce from Web Application-Based Attacks The on-going pandemic has changed the way people work. Organizations around the globe have turned to cloud applications for better collaboration and productivity for their remote workforce. Microsoft has warned that today’s malicious actors are leveraging malicious web applications in gaining access to legitimate cloud services such as Office 365. In the blog post "Protecting your remote workforce from application-based attacks like consent phishing", Agnieszka Girling, Partner Group PM Manager at Microsoft said, "While application use has accelerated and enabled employees to be productive remotely, attackers are looking at leveraging application-based attacks to gain unwarranted access to valuable data in cloud services." Consent phishing, Girling said, is an example of a web application-based attack that "can target the valuable data your…
Read More