May262021 by genxwordadminNo Comments
7 Simple Tips to Boost Your Small Business’s Cybersecurity

7 Simple Tips to Boost Your Small Business’s Cybersecurity

Information Security, Security
7 Simple Tips to Boost Your Small Business's Cybersecurity Effective cybersecurity should be a priority for every small business today when more than 70% of cyber-attacks are targeted at them. Hackers know they have less money to invest in state-of-the-art measures like bigger companies do, so they’re easier prey. Sadly, cyber-attacks can have devastating results. More than one-fifth of companies in Canada have been affected by cybersecurity incidents that disrupted their operations, and employees were unable to use key resources or services (computers, email) in over 50% of these cases. But implementing solid cybersecurity measures to protect your small business can be difficult if you’re not sure where to start or you don’t know how to make the best of the limited resources available. In this post, we’ll explore 7…
Read More
Sep112020 by genxwordadminNo Comments
Canada, Together with Other Countries, Issues Advisory Aimed at Helping Organizations Protect Themselves Online

Canada, Together with Other Countries, Issues Advisory Aimed at Helping Organizations Protect Themselves Online

Information Security
Canada, Together with Other Countries, Issues Advisory Aimed at Helping Organizations Protect Themselves Online Canada joins four other countries, Australia, New Zealand, UK and the US, in issuing a joint technical advisory that details approaches for organizations to stay safe from malicious cyber actors. The advisory called “Technical Approaches to Uncovering and Remediating Malicious Activity” highlights technical approaches to uncovering malicious activity and includes mitigation steps according to best practices. The following are the highlights of the joint advisory: Uncovering Malicious Activity To uncover malicious activity, the advisory recommends to organizations to conduct the following: 1. Indicators of compromise (IOC) Search IOC search refers to the hunt of an artifact – referring to any element of a software – on the network or in an operating system that suggests with…
Read More
Apr82020 by genxwordadminNo Comments
Cybersecurity Considerations When Video-Teleconferencing

Cybersecurity Considerations When Video-Teleconferencing

Information Security
Cybersecurity Considerations When Video-Teleconferencing As the COVID-19 crisis fast-forward the work-from-home and study-from-home adoption, many are increasingly using the video-teleconferencing platform. This platform, however, has become the new target by cybercriminals. What Is Video-Teleconferencing? Video-teleconferencing, also known as VTC, is a technology that allows two or more people in different geographic locations to conduct meetings or online classes in real-time by using simultaneous audio and video transmission. Video-teleconferencing is often confused with Voice over Internet Protocol (VoIP). The reason why video-teleconferencing is often confused with VoIP is that video-teleconferencing is often an integral part of a VoIP system. VoIP, which serves as a foundation of unified communications, includes not just video-teleconferencing service, but also voice and instant messaging services. Microsoft’s Skype, Google’s Duo and Zoom are examples of video-teleconferencing software…
Read More
Feb42020 by genxwordadminNo Comments
Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company

Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company

Information Security
Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company A recently published decision by the High Court of Business and Property, a division of the High Court of England and Wales, revealed that the attacker or attackers behind the ransomware attack on a Canadian insurance company were paid nearly a million U.S. dollars. The ransomware attack at a Canadian insurance company and the issuing ransom payment, which were hidden from the public, only surfaced after the insurer of the Canadian insurance company, an insurance company based in the UK, filed a case in court to recover the ransom paid to the attackers. Ransomware is a type of malicious software (malware) that encrypts victims’ computers or data, locking out legitimate users from accessing these computers or…
Read More
Jan202020 by genxwordadminNo Comments
Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet

Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet

Information Security, IT Support
Canadian Centre for Cyber Security Recommends Disconnecting Vulnerable Citrix Devices from the Internet The Canadian Centre for Cyber Security has issued a security alert, advising Canadian organizations to disconnect their Citrix devices from the internet to prevent cyber-attacks. According to the Canadian Centre for Cyber Security, ongoing exploitation of the security vulnerability in Citrix devices officially designated as CVE-2019-19781 has been observed within Canada. The security vulnerability in Citrix devices allows an attacker to gain direct access to an organization’s local network from the internet. In exploiting this vulnerability, an attacker doesn’t need access to any accounts. As such, exploitation can be performed by any attacker. Citrix, for its part, said that CVE-2019-19781, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution. This vulnerability is rated Critical,…
Read More
Jan62020 by genxwordadminNo Comments
300 Employees Lost Jobs Following a Botched Ransomware Recovery Process

300 Employees Lost Jobs Following a Botched Ransomware Recovery Process

Data Backup, Information Security
300 Employees Lost Jobs Following a Botched Ransomware Recovery Process More than 300 employees of The Heritage Company, an Arkansas-based telemarketing company, lost their jobs following a botched ransomware data recovery process. Just a few days before Christmas, Sandra Franecke, Owner and CEO of The Heritage Company, informed the more than 300 employees of the company that in October last year, the company’s servers were “attacked by malicious software that basically ‘held us hostage for ransom’ and we were forced to pay the crooks to get the ‘key’ just to get our systems back up and running”. While not naming the attack as ransomware attack, the attack described by the owner and CEO of The Heritage Company is typical of a ransomware attack – a type of cyber-attack that uses…
Read More
Dec22019 by genxwordadminNo Comments
How to Protect Your Organization’s Network from Complex and Evolving Malware

How to Protect Your Organization’s Network from Complex and Evolving Malware

Information Security, News
How to Protect Your Organization’s Network from Complex and Evolving Malware Microsoft recently reported about Dexphot, an evolving malware (malicious software) that exhibits a level of complexity and evolution aimed at evading traditional security protections and flying under the radar of cyber defenders. Microsoft, in its latest blog post “Insights from one year of tracking a polymorphic threat” reported that it first detected Dexphot in October 2018. On June 18, 2019 alone, the report said, computers infected by this malware reached 80,000. According to Microsoft, while Dexphot won’t attract media attention as this malware’s goal is simply to steal the infected computers’ computing power for cryptocurrency mining to raise revenue for the attackers, this malware “exemplifies the level of complexity and rate of evolution of even everyday threats, intent on…
Read More
Jul62019 by genxwordadminNo Comments
Human Error Drives Cyber Insurance Claims, Data Shows

Human Error Drives Cyber Insurance Claims, Data Shows

Information Security, News
Human Error Drives Cyber Insurance Claims, Data Shows   Insurance company CFC Underwriting, which conducts business in over 80 countries, reported that human error plays a part in the vast majority of cyber insurance claims.   CFC Underwritingreported that in 2018 the company responded to over 1,000 cyber insurance claims comprised of data breaches, theft of funds, ransomware and extortion, malware and more. In Canada alone, CFC Underwriting said that 32% of cyber insurance claims were about ransomware and extortion, 24% about non-malicious data breach, 20% about malicious data breach, 9% about theft of funds, 9% about malware and 6% referring to other cyber incidents.   "Whether a business suffers a data breach, a ransomware attack, or accidentally sends money to a fraudulent bank account, human error plays a part…
Read More
May312019 by genxwordadminNo Comments
Cybercriminals Target Another Legitimate Tool: MYSQL Servers

Cybercriminals Target Another Legitimate Tool: MYSQL Servers

Information Security, IT Support
Cybercriminals Target Another Legitimate Tool: MYSQL Servers The recent discovery by researchers at Sophos that attackers are scanning the internet to find vulnerable MYSQL servers for the purpose of infecting them with the GandCrab ransomware shows that attackers are increasingly targeting legitimate tools as a means to sneak into organizations’ networks. MySQL server is a database platform that uses tables to store data and indexes to sort data and speed up performance. This database platform supports desktop and web applications and runs on either Linux or Windows operating system. GandCrab ransomware, meanwhile, is a particular type of malicious software (malware) designed to lock out legitimate users from their computer system or data until a ransom is paid. Researchers at Sophossaid that they set-up a mocked up insecure MySQL server for…
Read More
Feb112019 by genxwordadminNo Comments
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

Information Security, Servers
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks Servers are the core of every organization’s I.T. operations. Many organizations, however, leave this core component open to cyberattacks through SMBv1. What Is SMBv1? SMBv1, which stands for Server Message Block version 1, was created by Barry Feigenbaum in the early 80s as a file sharing protocol for DOS. In the 90s, Microsoft started using SMBv1 in its operating systems as a protocol for sharing access to files, printers and other resources on a network. SMBv2, which stands for Server Message Block version 2, was introduced in Windows Vista and Windows Server 2008. SMBv3 was introduced in Windows 8 and Windows Server 2012. In 2014, Microsoft publicly regarded SMBv1 as obsolete and best avoided. SMBv1 isn’t installed by default in the…
Read More