The LMT Blog

Multifactor Authentication: Because Passwords Aren't Enough

Sep 2, 2020 9:00:00 AM / by April L. Sy posted in IT, Cyber-Security, Cybersecurity, Email Compromise, Vendor Email Compromise, Cybercrime, Small Business, Phishing, MFA, 2FA, Multifactor Authentication

0 Comments

What is MFA and Why Aren't Passwords Alone Good Enough?

If you’ve heard of Two-Factor Authentication (2FA), then you’re familiar with MFA. MFA, or MultiFactor Authentication, simply requires an individual to provide two or more credentials to authenticate their identity, thus adding an extra level of protection to user accounts.

Read More

Alert from KnowBe4 - Exploiting the Coronavirus: Financial Relief Scam Targeting Organizations

Aug 20, 2020 9:00:00 AM / by KnowBe4 posted in Cyber-Security, Cybersecurity, Coronavirus, Email Compromise, Business, Financial Relief, Phishing

0 Comments

The Coronavirus pandemic continues to impact organizations across the globe. This hardship gives cybercriminals the perfect bait: a promise of financial relief. Currently, cybercriminals are impersonating the United States Small Business Administration (SBA) with a very convincing phishing email. While this specific scam targets organizations in the US, this tactic could be used in any country, for any kind of relief fund.

Read More

Warning! Vendor Email Compromise on the Rise

Aug 12, 2020 9:00:00 AM / by April L. Sy and James Keeler posted in IT, security, Cyber-Security, Cybersecurity, Email Compromise, Vendor Email Compromise, VEC, Cybercrime, Cyber Crime, Silent Starling

0 Comments

There’s a phishing attack out there that is stealthy and not easily detected until the damage is done. It’s called Vendor Email Compromise, and it’s worth billions worldwide.

Read More

Alert from KnowBe4 - Massive Excel Phishing Attack

Jun 10, 2020 10:19:35 AM / by KnowBe4 posted in Cyber-Security, Cybersecurity, Email Compromise

0 Comments

Microsoft has reported a massive phishing campaign that uses an Excel attachment as bait. The phishing email looks like it is from the Coronavirus Research Center of John Hopkins University–a well known medical organization in the US. The email includes an Excel attachment that is disguised as an updated list of Coronavirus-related deaths, but the file actually contains a hidden piece of malware.

Read More

Alert from KnowBe4 - Malicious Zoom Installer

May 29, 2020 12:31:30 PM / by KnowBe4 posted in Cyber-Security, Cybersecurity, Email Compromise

0 Comments

Whether you’re working from home or trying to stay in touch with loved ones, video conferencing apps like Zoom are becoming the new normal. Cybercriminals have exploited this type of application before, but their latest scam may be the trickiest yet.

Read More

Ransomware + Data Breach Attacks = Expensive Incident

Apr 28, 2020 11:04:31 AM / by James Keeler posted in IT, Ransomware, Cybersecurity, Email Compromise

0 Comments

The Maze group, which is behind the relatively new REvil/Sodinokibi ransomware, has doubled down on the malicious functionality of their malware. The ransomware now exfiltrates large amounts of live data before encrypting the victim’s systems; and the Maze group threatens to dump that data online if the victims don’t pay. Not wanting to be left behind in how much damage they can do and potential money they can extort from businesses, other cybercriminal organizations are starting to jump on this bandwagon as well, including the LockBit ransomware developers.This means that whereas before “ransomware was just ransomware” (which is a bad enough crisis for a business), now it also must be considered a potential data breach, requiring all of the costly and potentially embarrassing notifications, forensic investigations, legal costs, and disclosure involved in that process. Also, if you’re in NYS, don’t forget about SHIELD data breach notification requirements.

If you’re not already doing everything you can to prevent these kinds of attacks from victimizing your business, the potential costs of an incident have just increased exponentially. Insurance and good backups are no longer good enough to weather the business disruption of a ransomware incident.

Read More
Share on Social: