INFORMATION TECHNOLOGY FOR SMBs

Our blog articles archive includes it security tips, cybersecurity alerts, state of IT reports, and tips on information technology for small and medium size businesses.

Ransomware Report

Recommendations for ensuring recovery and continuity in the face of the growing cybersecurity threats to SMBs

Businesses must prepare the front line of defense against ransomware attacks: your employees. Today’s companies must provide regular and mandatory cybersecurity training to ensure all employees are able to spot and avoid a potential phishing scam in their inbox, a leading entrance point for ransomware. Businesses must leverage multiple solutions to prepare for the worst. Today’s standard security solutions are no match for today’s ransomware, which can penetrate organizations in multiple way. Reducing the risk of infections requires a multilayered

Read More »
DNS hijacking

You must protect your organization from DNS hijacking

DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer’s TCP/IP configuration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour of a trusted DNS server so that it does not comply with internet standards. These modifications may be made for malicious purposes such as phishing, for self-serving purposes by Internet

Read More »
Microsoft Storefront

Latest Security Patch released by Microsoft

Microsoft has published today 80 security fixes across 15 products and services, as part of the company’s monthly batch of security updates, known as Patch Tuesday. Of the 80 vulnerabilities patched today, two are so-called zero-days — security flaws that had been exploited  before fixes are released. The two zero-days are CVE-2019-1214 and CVE-2019-1215. Both are elevation of privilege (EoP) vulnerabilities. EoP vulnerabilities are usually exploited by malware to gain the ability to run malicious code with administrator privileges on

Read More »
Employees cybersecurity risk

How many of your employees don’t understand cybersecurity?

Did you know that in the U.S. 70% of employees lack a basic understanding of cybersecurity best practices? Vulnerabilities in your organization can lead to a major fallout in case of a cyberattack. Cyberattack simulation and invocation and test of incident response protocols  help businesses and regulators practice an effective coordination in the event of a systemic cyberattack, but many organizations underestimate the importance of the testing. Organizations participation in cyberattack exercises: 26% of organizations overall never participate in any

Read More »
SSL

SSL – what it means, how it works and where it is used.

If you want to run commercial transactions, or process your website’s data online securely, you need an SSL certificate for your website. Basically, it gives you the valid encryption for the website – and if you ever wondered what is the difference between domains that have http:// or https:// in the URL, this is it: letter S  in https:// means that it is a secure, encrypted connection. Most common everyday use for the SSL is in the e-Commerce. SSL stands

Read More »
Ransomware Report

Cyberthreats targeting municipalities are on the rise

Local governments are increasingly being targeted by cyber threats. These attacks typically come in the form on ransomware, holding the municipalities’ data hostage until either the ransom is paid or data is restored from a backup. Examples of ransomware attacks in 2019: June 20, 2019: Riviera Beach, Florida, discloses ransomware attack and payment. May 7, 2019: City of Baltimore hit with ransomware attack. April 2019: Cleveland Hopkins International Airport suffered a ransomware attack. April 2019: Augusta, Maine, suffered a highly targeted malware attack that froze the

Read More »
Hackers Exploit Medical Info

How Hackers Can Exploit Medical Information

A cybersecurity breach in any industry is a serious matter. Healthcare professionals are some of the most vulnerable targets. Not so long ago, one of the largest batch of data containing just over 9.2 million health insurance records was offered for sale on dark web – a huge blow for PHI. How sure are you about your records not being compromised? Data breach and Dark Web sales are a big worry not just because of HIPAA compliance. The most profitable

Read More »

Ad Fraud: one billion of sham Google AdSense ad impressions.

A new malware framework has been discovered padding statistics on social sites and ad impressions, according to new research from Flashpoint. Researchers explained that over the course of the past three months, the malware framework has been responsible for more than one billion fraudulent Google AdSense ad impressions. The malware uses three separate stages of installation to deliver a malicious browser extension that performs fraudulent AdSense impressions and generates likes on YouTube videos. It also watches hidden Twitch streams. The

Read More »

Interview with David Dadian, CEO of powersolution.com

INTERVIEW WITH DAVID DADIAN OF POWERSOLUTION.COM Interview with David Dadian of powersolution.com New Jersey Innovation Institute, an NJIT Corporation, July 16, 2019 Tamara Williams of New Jersey Innovation Institute (NJII) spoke with David Dadian, one of our Health IT Cohort members, about powersolution.com’s experience securing and supporting IT environments in physician practices, which many times are exposed to data losses and HIPAA violations due to a practice’s lack of understanding of the risks and/or not giving the right level of

Read More »

CBRE ranks Newark as top tech city

The Essex County city boasts more than 53,000 technology jobs, most in software development, computer programming and database system management, according to the report. The post CBRE ranks Newark as top tech city appeared first on NJBIZ.

Read More »

What is Email Spoofing and How to Identify It?

The word spoof means falsified. A spoofed email is when the sender purposely alters parts of the email to make the message appear as though it was authored by someone else. Commonly, the sender’s name/address and the body of the message are formatted to appear from a legitimate source. Sometimes, the ‘spoofer’ will make the email appear to come from a private citizen somewhere. A spoofed message can appear to be sent from a coworker, a bank, a family member

Read More »