Global Tech Solutions Blog

Before this week, you probably never heard about Log4j. Right now, though, it’s the biggest topic in cybersecurity due to a massive vulnerability that is estimated to affect millions of devices. Your business needs to take this seriously.

It is certainly important that you update your software and hardware with the latest patches and updates, but it is also important to keep in mind that while these patches and updates resolve certain issues, these updates can also create problems of their own. An upcoming update to Google Workspace is the perfect example of this.

2020 has been filled to the brim with adversity and just as we’ve mercifully arrived to the end, the largest and most brazen cyberespionage attack ever has been carried out. Today, we’ll tell you what we know about the attack, what problems it caused, and what we should learn from it going forward.

Being told by an IT provider how important it is for you to update your software is probably a bit like your grade school teacher telling you how important it is to do your homework: of course they’re going to say it, it’s their job to do so. However, we’re telling you what the Department of Homeland Security announced when they released a warning to update your Google Chrome web browser.

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

27 vulnerabilities: The amount of vulnerabilities that were resolved with the round of security patches in Microsoft’s latest Patch Tuesday. Windows, Microsoft Office, Internet Explorer, the Edge browser, and more, were all affected. It’s important to patch these vulnerabilities as soon as possible, especially if you haven’t done so already.

Guess what? Today is National Clean Out Your Computer Day, and we know the perfect way to celebrate! Go grab yourself a can of compressed air and your trusted IT technician, because it would be a shame if you were to miss out on this annual opportunity to improve your computer’s performance.

Hundreds of millions of people use wireless Internet connections every day, and as a result, hackers are taking that as a challenge. They are now starting to develop malware that targets people through their routers. Recently, security researchers at Kaspersky Lab have discovered the malware named Slingshot. The code is designed to spy on PCs through a multi-layer attack that targets MikroTik routers. Today we take a look at Slingshot, and other router-based malware and what you can do about it.

Virtual private networks are vulnerable to an exploit that was recently brought to light. Cisco has announced that this exploit undermines its ASA, or Adaptive Security Appliance tool. If this issue isn’t patched immediately, you could find your organization vulnerable through remote code exploitation.

In a statement given by Tom Bossert, the homeland security adviser to the White House, blame for the WannaCry attacks leveraged from May 12th to the 15th in 2017 was attributed to the Democratic People’s Republic of Korea. This assertion is in line with the conclusions that New Zealand, Australia, Canada, and Japan have come to, according to Bossert.

Using the most up-to-date versions of your technology’s operating systems is one of the best ways to stay secure. Yet, some organizations forego the jump to more recent operating systems due to the immense up-front expense represented by upgrading multiple servers or workstations at once. Unfortunately, this can be detrimental to your organization’s security, and potentially even put your business’s future at risk.

Run your Windows Updates and be very skeptical about opening unsolicited emails. Failure to do so may result in a very dangerous strain of ransomware that could infect your entire network and spread to your clients, partners, and prospects.

ATMs are, surprisingly enough, not the most secure pieces of technology out there, though there are efforts to improve security by taking advantage of mobile devices. Granted, this won’t be enough to protect against the considerable vulnerabilities in ATMs. In order to maximize security and minimize the amount of damage done by vulnerabilities, the user needs to understand how to protect themselves while using ATMs.

One of the major password managers out there, LastPass, has become the victim of a major vulnerability. Google researchers from the Zero Day Project discovered this, along with other flaws within LastPass.

If we told you that automated teller machines, or ATMs, were susceptible to hacking attacks, would you believe us? You should; there are a plethora of ways for hackers to infiltrate and steal money from ATMs, with the latest being so dangerous that even the Secret Service has issued warnings about it.

Every security professional’s worst nightmare consists of the National Security Agency (NSA) being hacked. While there’s no proof that the NSA itself has been hacked, there is some evidence to suggest that some of the exploits used by the agency are up for grabs on the black market. What this means is that a lucky group of hackers could potentially get their hands on some very dangerous tools.

The Internal Revenue Service is one organization that you don’t want to mess with. Thanks to their antics filing fraudulent tax returns through the often-exploited Get Transcript site managed by the IRS, Anthony and Sonia Alika have to do some time in the slammer; and that’s not even mentioning what they have to pay the IRS in restitution.

Ransomware, the malware variant that has appeared more and more frequently has struck again, this time targeting users of Microsoft Outlook in a zero-day attack. A malware variant of Cerber (a ransomware) was recently utilized in a large scale attack on users of the messaging program, sent via phishing emails to corporate users.

The Petya ransomware, a particularly vicious monster of a threat, has reared its ugly head once again, only this time, it’s not alone. Petya now comes bundled together with Mischa, yet another ransomware that works well alongside Petya. The ransomware is delivered via an inconspicuous email disguised as a job application, with a resume attached. Once the user downloads the file, Petya encrypts the files located on the device.

While security experts tend to focus the brunt of their discussions on desktop OS vulnerabilities, there are plenty of mobile malware threats that fly under the radar. One such malware is called Hummer; a trojan that installs unwanted apps and malware on a device, and can be found on over a million phones worldwide.