Whether you’re working from home or trying to stay in touch with loved ones, video conferencing apps like Zoom are becoming the new normal. Cybercriminals have exploited this type of application before, but their latest scam may be the trickiest yet.
Just as you should take precautions to make sure returning workers aren't sick, you will want to make sure returning computers are not sick as well. It is imperative that incoming computers are checked for infections and safety measures are performed before you allow them back onto the corporate network.
Today, data breaches are more common than ever. A data breach is a leak of sensitive or confidential information, whether intentional or unintentional. It is almost a guarantee that at least one of your passwords, past or present, has been exposed by a data breach.
The Maze group, which is behind the relatively new REvil/Sodinokibi ransomware, has doubled down on the malicious functionality of their malware. The ransomware now exfiltrates large amounts of live data before encrypting the victim’s systems; and the Maze group threatens to dump that data online if the victims don’t pay. Not wanting to be left behind in how much damage they can do and potential money they can extort from businesses, other cybercriminal organizations are starting to jump on this bandwagon as well, including the LockBit ransomware developers.This means that whereas before “ransomware was just ransomware” (which is a bad enough crisis for a business), now it also must be considered a potential data breach, requiring all of the costly and potentially embarrassing notifications, forensic investigations, legal costs, and disclosure involved in that process. Also, if you’re in NYS, don’t forget about SHIELD data breach notification requirements.
If you’re not already doing everything you can to prevent these kinds of attacks from victimizing your business, the potential costs of an incident have just increased exponentially. Insurance and good backups are no longer good enough to weather the business disruption of a ransomware incident.
During this storm of COVID-19 phishing scams, the bad guys love posing as your trusted Human Resources department. One recent HR scam started with an overdramatic subject line: “COVID-19 PANDEMIC IS WITHIN, BEWARE! WARNING!!!” In a mess of run-on sentences, the email claims that some of your co-workers have tested positive for Coronavirus. Keeping with the HR theme, they ask that you do not discriminate against these people and they suggest that “everyone should rather cease panic”.
We recognize that with the constantly changing COVID-19 situation around the world, this is an unprecedented time for everyone. Governor Andrew Cuomo has enacted an Executive Order that all workers in non-essential businesses across New York state are required to stay home in an effort to combat the spread of COVID-19. LMT understands that you need an IT Support provider that can help you navigate these uncertain times.
LMT is prepared for this.
The beginning of Daylight Saving Time is filled with both trials and great opportunities. For optimists, it’s the unofficial start of Spring with longer days, warmer weather, and long-awaited time spent on the golf course. Yet increased health risks, psychological affects, and the (even greater) sleep deprivation from which we already suffer leaves many of us dreading the annual clock change.
In Part I of this two-part series “Cyber Insurance – Have You Read the Fine Print?” we wrote of the importance of carefully reviewing clauses when it comes to your Cyber Insurance policy. If you haven’t read the article, take a look here for some great insight into some seldom-known facts.
The Holiday season is the biggest shopping season – and also the largest and most profitable phishing season for cybercriminals.
Cybersecurity Manager, James Keeler, Earns Certified Information Security Systems Professional (CISSP) Certification
Rochester, NY, November 19, 2019 – James Keeler, Cybersecurity Manager, LMT Technology Solutions, has earned the Certified Information Security Systems Professional (CISSP) Certification granted by (ISC)2. CISSP certification is one of only three certifications that meet Department of Defense requirements for several high-level information security positions; and is used as the baseline for the National Security Agency-developed ISSEP program. James joins an elite group of information security professionals who have demonstrated a dedication to higher standards of practice in cybersecurity.