XSolutions Latest Security Roundup

XSolutions’ Security Post Roundup: May 3, 2021

Our latest security posts on LinkedIn:

Parents Need To Take Action NOW! (Posted 4/26/2021)

Everyone is aware of the onslaught of hackers and cyber-thieves against businesses and adults. No one is safe — not even your kids!

Folks, stop only concentrating on yourselves because thieves are also targeting your children.

EVERY parent should do the following for each child:

* Check your kid’s credit report. Make sure it is clean.

* Check social media, Google, etc. See if there is any information on the web about your kid.

* STOP posting photos of your children online. Not only does this aid in identity theft, but it puts deviants on notice that there is a child in the house.

* If your kids use social media, check their privacy settings and institute parental controls.

* Review all apps on your child’s devices. Make sure they’re legitimate.

* Review gaming accounts and place limits on who they can chat with.

Sure, your kids won’t be happy. But, in the end, you are their parents, and you have a responsibility to protect them — even from themselves. They’ll complain, but it’s better that they’re unhappy now than you later on!

Over 20% of Users Running Windows 7 (Posted 4/27/2021)

A Scmagazine post disclosed that 22% of users are still running Windows 7.

Folks, Windows 7 is no longer supported by Microsoft and is highly vulnerable to hackers since there have been no security updates since January 2020. Using this end-of-life Operating System is putting yourself, and if you’re a business owner, your company at significant risk.

As an MSP, I see many business owners asking for help, and during the initial interview, we find that they’re still using Windows 7, with a few stating that they have no intention of spending the money to upgrade! A grave mistake.

Did you know that the bad guys actively scan the net looking for old, unsupported Operating Systems such as Windows 7 when making their choice on who to attack next?

Every time you visit a nefarious website, your system may be scanned, so the bad guys learn what Operating System you’re using to download specific malware targeted to its vulnerabilities secretly.


Social Media — The Hacker’s Playground (Posted 4/28/2021)

I’m on social media a lot, and honestly, the posts I see give me pause, especially on Facebook.

I know people today feel a need to share, but what good can come out of posts announcing a family’s vacation with dates and times BEFORE they take the trip? What do you think a crook can do with that tidbit of information?

And the photos? I see pictures of family members, children, cars with license plates in plain sight, and personal information in the background. Seriously, WHY WOULD YOU DO THAT?

No wonder why internet crimes are rising, including identity theft!

According to security expert Jim Stickley, Facebook’s online quizzes are a treasure trove of data for the bad guys. STOP TAKING THEM!

Right now, on all social media sites:

* Review your profile and remove dates of birth, personal contact info, etc.

* Limite who can see your posts and profile to those you trust.

* Change your password to something that’s at least 20 characters using upper and lower case letters, numbers, and symbols.

* Implement two-factor authentication immediately.

* STOP clicking links in posts.

Misconfigured Cloud-based Servers Are A BIG problem (Posted 4/29/2021)

A 2020 Cloud Security Alliance study revealed that 92% of IT professionals surveyed are worried about a breach, with 76% concerned about misconfigurations as a critical issue.

Cloud Misconfigurations are the number 1 cause of data breaches, and the pandemic has only made it worse. The common theme among IT Pros is that the swift mass migration to working from home created many new vulnerabilities.

A Censys Research Report found almost 2 million databases on cloud servers exposed on the internet. They had no firewalls or other basic security protocols. These systems are susceptible to attack should the bad guys discover them.

A significant and alarming find: 60% of databases on MySQL servers are exposed!

Think about the above statistic.

EVERY company with cloud servers MUST immediately review all configurations and implement security precautions. Leaving this amount of data exposed is outrageous. Ignore this warning and a Data Breach is only a click away.

ALERT: Nasty Malware Targets Android (Posted 4/30/2021)

The U.K.’s National Cyber Security Center issued guidance on a recent and very nasty Android phishing campaign that can quickly spread across the pond to the U.S.

Dubbed “FluBot,” this malware is sent via text claiming that you missed a delivery. When clicked, you’re prompted to download a tracking app. Once you comply — you’re infected.

Currently, cyber-thieves have disguised their texts as coming from DHL. But, they can easily change this to whatever is popular for the region they’re targeting.

Once FluBot is downloaded, it takes over a victim’s phone and steals data, including passwords, as well as messages and images. FluBot also sends texts to your contacts, intending on stealing their info also.

Protect yourself by:

* Backing up the data on your phone.

* Only install apps from the Google Play Store.

* If your phone supports it, enable Google’s Play Protect service.

XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions. We provide Disaster Recovery as a Service (DRaaS), Backup as a Service (BaaS), Cloud Data Protection (CDP), and Managed I.T. Services (MSP). Call (845) 362-9675 for a free consultation. Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection