XSolutions On Security vol 1

XSolutions scours the internet and brings you the cybersecurity news you need to know to protect your business.

Our mission: “Deliver true Managed IT Services by putting people first. Because, there is no time, for downtime.”

ALERT: Flaw In New System Exposes County Court Data

Lubbock County, Texas, confirmed that private information was accessible to the public due to a new system glitch. Records containing data on non-disclosure orders, criminal cases, civil and family law records were exposed to the public. County officials blocked access to the portal to assess the issue.

This issue highlights a problem with our personal information that is supposedly “locked away” safely in Government and private systems. One incorrect setting can expose data on the internet. The bad guys know this and continually scour the internet, looking for exposed databases.

As citizens, consumers, and clients, we should expect that any information given to entities (Government or companies) is adequately protected. However, this only shows that even if you do everything right, third parties can easily compromise your security.

Folks, if it happened in Texas, it can happen in your State, County, and City.

Be careful who you give information to and take steps to protect yourself from fraud — as we can see from the above example, no one else is!

The Malicious Insider — Password Guessing In The Workplace

An article in TechRepublic mentioned a study by Beyond Identity that showed that 1 in 5 respondents have tried to guess the passwords of their coworkers and even their bosses!

What kind of passwords were they trying to guess? Here’s a shortlist:

  • Email accounts
  • Cell Phones
  • Video and streaming services accounts
  • Online banking accounts

Survey respondents used general information about their targets, checked social media for clues, or uncovered info during conversations.

Many of us see outside hackers as the primary threat. But insider threats are scarier since they’re hard to detect because they are perpetrated by the people we trust.

Folks, I’m not looking to sow suspicion amongst coworkers. Still, EVERYONE must protect their own “keys to the kingdom,” such as login information (personal and business).

All businesses must install strong internal controls, monitor their company’s network behavior, and investigate anomalies that pop up.

Are You Helping Criminals Steal Your Identity?

Fact: cybercriminals scour social media for information on targets or when searching for new victims.

Fact: Too many people are giving too much information on social media.

For instance, I see polls asking:

  • What was your first or favorite car
  • Do you remember certain events like specific sitcom shows, political, historical events, etc.?
  • What age group do you fall into
  • General Geographical location where you live or work

Some questions seem general, but your responses are used to place you in specific categories. They’re also close to the test questions many sites ask for resetting passwords? So here’s what to do:
1) STOP answering polls and surveys on social media.
2) NEVER give truthful answers to test questions when registering for a site. Use a password generator to create cryptic responses, and make sure you note them in your Password Manager.
3) Remove certain information such as an address, date of birth from your profiles.
4) Lockdown your account to only friends.

STOP helping cybercriminals.

ALERT: Open Redirects Sending Visitors To Bogus Sites

Microsoft recently identified a phishing campaign impersonating various trusted brands. Still, when the victim clicks on what they think is a legitimate URL, they are taken through a series of redirects, including a convincing CAPTCHA verification before landing on a bogus sign-in page.

This new tactic is an attempt (and a good one!) to bypass the widespread practice of users hovering over links to check their legitimacy before clicking.

To further evade detection, the bad guys use various sender domains, including free email domains from different countries (over 350 so far).

To learn more, go to Microsoft’s post: https://www(DOT)microsoft(DOT)com/security/blog/2021/08/26/widespread-credential-phishing-campaign-abuses-open-redirector-links/.

Bottom line, folks: if you receive an email asking you to click on a link, even if it looks legitimate, don’t do it. ALWAYS go directly to the website by manually typing in the official, published URL into your browser. NEVER visit a website via a link in an email.

BEWARE – QakBot Trojan Puts Business Email Compromise (BEC) On Steriods

Kaspersky’s researchers reveal that QakBot, a banking trojan created years ago, has undergone a devious transformation.

In addition to the usual data-stealing functions, Qakbot steals emails so hackers can study them for use in social engineering schemes like Business Email Compromise (BEC) plots.

Criminals have also updated the malware to detect if it is running in a virtual environment and stop its activity to evade detection.

QakBot is a powerful cyber-weapon to help add context to attack emails making BEC virtually undetectable.

Protect yourself by:

  • NEVER click links or open attachments in emails
  • ALWAYS use multifactor authentication
  • ALWAYS keep your OS, security software, and third-party applications updated
  • ALWAYS use a Business Continuity solution to backup your network
  • ALWAYS use a Managed Threat Response (MTR) solution for your business network (half-measure security solutions just don’t cut it anymore)
  • Set up a Security Awareness Training program to educate your employees on security

Need help? Email us at [email protected]. Stay safe.

Resilience Is The Key To Cyber-Security

Question: If you lost access to your systems and data, how soon would you recover?

This is a critical question and central to your ability to survive a cyber-attack. Ignore it, and you’re likely to be out of business after a disaster (manmade or natural).

Resilience is the key, and it includes a multi-layered approach to your company’s security. I have said it many times, but I’ll repeat it:


Instead, EVERY company, large and small, should have correctly set up and configured:

  • Hardware and software firewalls
  • Centrally managed and robust antivirus and antimalware protection
  • Endpoint Detection and Response (EDR)
  • Security Information and Event Management (SIEM)
  • A Proactive Security Operations Center (SOC) for 24/7/365 quick reaction and remediation of detected threats

A recent study by Webroot shows that only 26% of Small-to-Medium size Businesses (SMBs) have sufficient layers of security to defend against determined attacks. In addition, 24% of businesses between 1 to 19 employees are not prepared for a cyber attack.

XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection. Call (845) 362-9675 for a free consultation.