TECH TALK

Tech Talk

November 14, 2024
Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and investment fraud schemes for years. The findings come from Infoblox, which said it identified nearly 800,000 vulnerable registered domains over the past three months, of which approximately 9% (70,000) have been subsequently hijacked. "Cybercriminals have used this vector since 2018 to hijack tens of thousands of domain names," the cybersecurity company said in a deep-dive report shared with The Hacker News. "Victim domains include well-known brands, non-profits, and government entities." The little-known attack vector, although originally documented by security researcher Matthew Bryant way back in 2016, didn't attract a lot of attention until the scale of the hijacks was disclosed earlier this August. "I believe there is more awareness [since then]," Dr. Renee Burton, vice president of threat intelligence at Infoblox, told The Hacker News. "While we haven't seen the number of hijackings go down, we have seen customers very interested in the topic and grateful for awareness around their own potential risks. The Sitting Ducks attack, at its core, allows a malicious actor to seize control of a domain by leveraging misconfigurations in its domain name system (DNS) settings. This includes scenarios where the DNS points to the wrong authoritative name server. However, there are certain prerequisites in order to pull this off: A registered domain delegates authoritative DNS services to a different provider than the domain registrar, the delegation is lame, and the attacker can "claim" the domain at the DNS provider and set up DNS records without access to the valid owner's account at the domain registrar.
November 14, 2024
Vilius Petkauskas Deputy Editor
November 6, 2024
Techsavvi at Work Recently, one of our clients experienced a network outage due to a device failure. Thanks to our proactive approach, Techsavvi swiftly delivered and installed a new device the very next day, restoring their network without delay. At Techsavvi, we prioritize the stability, security, and integrity of our clients' networks. Our goal is to provide seamless solutions with minimal service interruptions, ensuring your operations continue to run smoothly. Should you ever need support, rest assured that we are here to respond quickly and efficiently.
October 6, 2024
Techsavvi at Work Recently, one of our clients experienced a network outage due to a device failure. Thanks to our proactive approach, Techsavvi swiftly delivered and installed a new device the very next day, restoring their network without delay. At Techsavvi, we prioritize the stability, security, and integrity of our clients' networks. Our goal is to provide seamless solutions with minimal service interruptions, ensuring your operations continue to run smoothly. Should you ever need support, rest assured that we are here to respond quickly and efficiently.
September 8, 2024
Ernestas Naprys Senior Journalist Updated on: September 2, 2024 11:58AM
September 8, 2024
Ernestas Naprys Senior Journalist Updated on: September 2, 2024 11:58AM
September 8, 2024
Paulina Okunytė Updated on: September 4, 2024 206PM
September 8, 2024
Paulina Okunytė Updated on: September 4, 2024 206PM
September 8, 2024
Techsavvi at Work Recently, one of our clients experienced a network outage due to a device failure. Thanks to our proactive approach, Techsavvi swiftly delivered and installed a new device the very next day, restoring their network without delay. At Techsavvi, we prioritize the stability, security, and integrity of our clients' networks. Our goal is to provide seamless solutions with minimal service interruptions, ensuring your operations continue to run smoothly. Should you ever need support, rest assured that we are here to respond quickly and efficiently.
August 4, 2024
Techsavvi at Work One of our clients was struggling to get reliable internet speeds, they had reached out to ISP for solutions, but they were not able to make any progress. Their internet speeds averaged 1.5 Mbps. They reached out to the Techsavvi Team. We were able to walk them through a step-by-step process that allowed us to pinpoint the issue and boost their speeds significantly. Now their operation is reaching industry standards at 90 Mbps. This improvement came without purchasing new services from MSP and at no additional cost to their business.
July 17, 2024
Gintaras Radauskas Senior journalist Updated on: July 11, 2024 7:52 AM
July 17, 2024
Vilius Petkauskas Deputy Editor Updated on: July 11, 2024 9:19 AM
July 2, 2024
Techsavvi at Work One of our clients was struggling to get reliable internet speeds, they had reached out to ISP for solutions, but they were not able to make any progress. Their internet speeds averaged 1.5 Mbps. They reached out to the Techsavvi Team. We were able to walk them through a step-by-step process that allowed us to pinpoint the issue and boost their speeds significantly. Now their operation is reaching industry standards at 90 Mbps. This improvement came without purchasing new services from MSP and at no additional cost to their business.
By Michael Harris June 20, 2024
Techsavvi at Work One of our clients was struggling to get reliable internet speeds, they had reached out to ISP for solutions, but they were not able to make any progress. Their internet speeds averaged 1.5 Mbps. They reached out to the Techsavvi Team. We were able to walk them through a step-by-step process that allowed us to pinpoint the issue and boost their speeds significantly. Now their operation is reaching industry standards at 90 Mbps. This improvement came without purchasing new services from MSP and at no additional cost to their business.
By Michael Harris May 22, 2024
By SHARON D. NELSON, JOHN W. SIMEK, AND MICHAEL C. MASCHKE It’s been a very bad year for law firms. Not only were many law firms breached — and some from BigLaw — but the class action attorneys also have apparently discovered there is money to be made from class action lawsuits against breached law firms. It seemed like a good time to talk about foolish things that law firms and lawyers do that amount to an engraved “breach me” invitation to cybercriminals. No. 1: They Don’t Adopt Multifactor Authentication (MFA) As all lawyers know, there is an inconvenience factor to adopting MFA. And an amazing number of lawyers resist the very minor inconvenience of having to authenticate themselves twice, first entering their password (something they know) and then authenticating again via something they have (i.e. an app on their phone) or using biometrics. According to Microsoft, the adoption of MFA will prevent 99.9% of account takeovers. We have seen multiple law firms refuse MFA (groaning about its inconvenience) only to suffer account takeovers. They sure were anxious to adopt MFA after the breach. D’oh. No. 2: They Don’t Have Multiple Backups Most importantly, you must have more than one backup — and one of the backups should not be connected to your network. The first thing cybercriminals will do after breaching your network is to break into any accessible backups so you cannot recover from the breach without paying the ransom. Also, make sure your cloud backup has multiple versions and doesn’t only sync the contents of the local backup. Encrypting the local backup shouldn’t replicate so that your cloud backups are encrypted too. It is also important to recognize that, while having your data in the cloud is not a guarantee that you won’t be breached, your data is infinitely safer in the cloud. While there have been cloud breaches, MOST of them have happened because an employee of yours misconfigured something in the cloud. We’re down to only two clients who have their data on-premise — one is stubborn — and we feel for the other because that law firm is commanded by a major client to have the data onsite. The cloud is where it’s all happening these days. If you cling to the past, you do yourself no favors — and note that some IT folks will encourage staying with an on-premise solution because they make more money that way. No. 3: They Skimp on Employee Training Law firm employees are your first line of defense. Endless phishing emails (which have gotten more sophisticated thanks to artificial intelligence) and social engineering are dire threats. So why wouldn’t you train employees to recognize these kinds of attacks — and offer them as many different examples as possible of those attacks and others? And yet most law firms, particularly the solo/small/midsized firms, do not offer this training. The cost of an annual cybersecurity training online session is modest — the cost of a data breach is immense. Tip: get a reference from a fellow lawyer about cybersecurity firms who do good employee training at a reasonable fee. No. 4: They Don’t Have An Adequate Plan An incident response plan (IRP) may salvage your firm in the event of a breach, and yet only 42% of firms have one. And we’re pretty sure that many of the IRPs that do exist are either outdated or not quite up to snuff. Get some help from a cybersecurity professional who is accustomed to drafting these plans. Minus a thorough plan, after a breach you will haplessly do all sorts of things that are wrong, done in the incorrect order, etc. Remember, there are penalties (lots of them) for not handling a breach correctly and reporting it timely. And did we mention the ethics rules? No.5: They Trust Without Verifying Don’t trust your employees. Why? Because they take your data when they go to another firm. You see that in the headlines regularly. You also often see law firm bookkeepers embezzle money. Just do a search and you will see the necessity of having someone audit your books. Hopefully, you do not allow sharing of passwords. But employees do it anyway. The usual excuse is that, for instance, a lawyer and a paralegal need to have access to one another’s email. If one is compromised, both are compromised. Enforce your policy! When you need a security assessment, do NOT let your IT folks do it. They have a vested interest in the outcome. We could go on, but you get the idea. To adapt Ronald Reagan’s words, “if you must trust, then verify.” No. 6: They Take Their Work Laptop Abroad If you take your work laptop abroad, you take your chances. Some countries are more dangerous than others. We have seen a video of a laptop left in a hotel room in China and watched as two men entered the lawyer’s room and downloaded the entire contents of the laptop. Mind you, not every country is as dangerous as China when it comes to coveting a lawyer’s data. But routinely, large firms have clean laptops that they loan out for trips abroad. For small firms, the cost of an extra laptop or two is well worth it. Make sure you make this a law firm policy requirement. Remember the post roll call words of police Sgt. Phil Esterhaus on Hill Street Blues? “Let’s be careful out there.” Those words apply here – and there may be ethical implications as well. No. 7: They Let Apps Access Their ‘Contacts’ We routinely see lawyers do this. MANY apps ask for access to your “Contacts,” and the average lawyer simply allows it. What are they thinking???? Your “Contacts” contain all kinds of sensitive data — and the integrity of most apps is highly questionable. Many sell data. Several bars have already said it is unethical to allow apps to access your “Contacts.” And they are right! This list could go on and on, but following the advice above should upgrade your cybersecurity significantly! Sharon D. Nelson is a practicing attorney and the president of Sensei Enterprises, Inc. She is a past president of the Virginia State Bar, the Fairfax Bar Association and the Fairfax Law Foundation. She is a co-author of 18 books published by the ABA. snelson@senseient.com John W. Simek is vice president of Sensei Enterprises, Inc. He is a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) and a nationally known expert in the area of digital forensics. He and Sharon provide legal technology, cybersecurity and digital forensics services from their Fairfax, Virginia firm. jsimek@senseient.com Michael C. Maschke is the CEO/Director of Cybersecurity and Digital Forensics of Sensei Enterprises, Inc. He is an EnCase Certified Examiner, a Certified Computer Examiner (CCE #744) a Certified Ethical Hacker and an AccessData Certified Examiner. He is also a Certified Information Systems Security Professional. mmaschke@senseient.com
April 26, 2024
In continuation of Microsoft’s series of data security incidents, employees accidentally exposed internal data to the public. The leak exposed an unprotected Azure storage server containing code, scripts, and configuration files. Microsoft has announced that it has fixed a security breach that exposed internal company credentials and files to the open internet. The breach was first discovered by security researchers from cybersecurity firm SOC Radar. According to their report, an internal error resulted in an Azure storage server without password protection being given public access. The exposed data was primarily related to Microsoft’s Bing search engine, including configuration files, code, and scripts that employees used to access a range of internal systems and databases. Consequently, bad actors could identify and access locations for Microsoft's internal data. So far, it has not been made clear how long the data has been exposed. Anuj Mudaliar Assistant Editor - Tech, SWZD opens a new window opens a new window Anuj Mudaliar is a content development professional with a keen interest in emerging technologies, particularly advances in AI. As a tech editor for Spiceworks, Anuj covers many topics, including cloud, cybersecurity, emerging tech innovation, AI, and hardware. When not at work, he spends his time outdoors - trekking, camping, and stargazing. He is also interested in cooking and experiencing cuisine from around the world.
April 26, 2024
AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained. These notifications are related to the recent leak of a massive amount of AT&T customer data on the Breach hacking forums that was offered for sale for $1 million in 2021. When threat actor ShinyHunters first listed the AT&T data for sale in 2021, the company told BleepingComputer that the collection did not belong to them and that their systems had not been breached. Last month, when another threat actor known as 'MajorNelson' leaked the entire dataset on the hacking forum, AT&T once again told BleepingComputer that the data did not originate from them and their systems were not breached. After BleepingComputer confirmed that the data belonged to AT&T and DirectTV accounts, and TechCrunch reported AT&T passcodes were in the data dump, AT&T finally confirmed that the data belonged to them. While the leak contained information for more than 70 million people, AT&T is now saying that it impacted a total of 51,226,382 customers. "The [exposed] information varied by individual and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and AT&T passcode," reads the notification. "To the best of our knowledge, personal financial information and call history were not included. Based on our investigation to date, the data appears to be from June 2019 or earlier." BleepingComputer contacted AT&T as to why there is such a large difference in impacted customers and was told that some of the people had multiple accounts in the dataset. "We are sending a communication to each person whose sensitive personal information was included. Some people had more than one account in the dataset, and others did not have sensitive personal information," AT&T told BleepingComputer. The company has still not disclosed how the data was stolen and why it took them almost five years to confirm that it belonged to them and to alert customers. Furthermore, the company told the Maine Attorney General's Office that they first learned of the breach on March 26, 2024, yet BleepingComputer first contacted AT&T about it on March 17th and the information was for sale first in 2021. While it is likely too late, as the data has been privately circulating for years, AT&T is offering one year of identity theft protection and credit monitoring services through Experian, with instructions enclosed in the notices. The enrollment deadline was set to August 30, 2024, but exposed people should move much faster to protect themselves. Recipients are urged to stay vigilant, monitor their accounts and credit reports for suspicious activity, and treat unsolicited communications with elevated caution. For the admitted security lapse and the massive delay in verifying the data breach claims and informing affected customers accordingly, AT&T is facing multiple class-action lawsuits in the U.S. Considering that the data was stolen in 2021, cybercriminals have had ample opportunity to exploit the dataset and launch targeted attacks against exposed AT&T customers. However, the dataset has now been leaked to the broader cybercrime community, exponentially increasing the risk for former and current AT&T customers. Update 4/10/24: Added statement from AT&T about discrepancy in numbers. BILL TOULAS Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.
April 26, 2024
Home improvement retailer Home Depot confirmed with multiple publishers that it suffered a data break due to a third-party SaaS vendor inadvertently exposing a subset of employee data. IntelBroker, the threat actor behind the attack claims it has the information of 10,000 Home Depot employees. A Home Depot software vendor suffered a data breach leading to the compromise of an undisclosed number of employees. IntelBroker, the threat actor behind the attack claims it has the information of 10,000 Home Depot employees. Home improvement retailer Home Depot confirmed with multiple publishers that it suffered a data break due to a third-party software vendor inadvertently exposing a subset of employee data. Reportedly, the breach was caused by a misconfigured software-as-a-service (SaaS) application.
April 25, 2024
Explaining a SIEM in Simple Terms (Kind Of …) What Kind of Things Can a SIEM Do for Law Firms? What Are the Core Functions of a SIEM? What Are the Benefits of Using a SIEM for a Law Firm? How Does a Law Firm Implement a SIEM? How Much Will a SIEM Cost Your Small Law Firm? The Role a SIEM Will Play for Your Law Firm
By admin January 8, 2024
Sometimes, you can’t even trust links with your own domain. As the Cybernews research team has discovered, some BMW subdomains were vulnerable to redirect vulnerability, enabling attackers to forge links… The post Don’t trust links with known domains: BMW affected by redirect vulnerability appeared first on .
By admin December 31, 2023
Malicious actors have hacked two governmental servers running end-of-life software. The US cybersecurity agency CISA warns that cybercriminals are exploiting a vulnerability in discontinued Adobe ColdFusion versions and urges users… The post Hackers breach US Government agencies running end-of-life software appeared first on .
By admin December 17, 2023
Microsoft has seized domains and social media accounts belonging to Storm-1152. a large cybercrime actor. The group used the infrastructure to create 750 million fraudulent Microsoft accounts and earn millions… The post Cybercriminals selling fraudulent Outlook accounts taken down by Microsoft appeared first on .
By admin November 30, 2023
Since the public release of ChatGPT, the adoption of artificial (AI) and machine learning (ML) systems has seen a significant boost. Companies are now rushing to integrate AI technology for… The post AI under criminal influence: adversarial machine learning explained appeared first on .
By admin November 15, 2023
Prospect Medical Holdings admits that it was hacked, with hundreds of thousands of employees and patients left affected. Prospect Medical Holdings is a healthcare company operating more than 150 clinics… The post Hackers attack US healthcare giant, more than 190K people affected appeared first on .
By admin November 7, 2023
Inside the Newsletter | November 2023 Watch Out for Ransomware Pretending to Be a Windows Update!  Gadget of The Month  Smart Home Safety Tips  What Is Microsoft Sales Copilot? Biggest… The post November Newsletter appeared first on .
By admin September 29, 2023
Thousands of users are expressing frustration on X or review sites, as Facebook’s fight against fake accounts affects innocent bystanders. In case your Facebook account gets hacked or disabled, prepare… The post Facebook has deleted four planets’ worth of fake users – while real people struggle to get support appeared first on .
By admin September 18, 2023
Cl0p ransomware gang may have garnered a lot of attention with this year’s high-profile string of MOVEit hacks, but now it’s also on the radar of the cybersecurity industry. FalconFeeds.io… The post Cl0p study sheds light on rising ransom gang appeared first on .
By admin September 15, 2023
Inside the Newsletter | September 2023 Spot Fake LinkedIn Sales Bots Have You Tried Microsoft Designer?  Technologies to Help Run Your Small Business Better Tech Trends to Fuel Your Growth… The post September Newsletter appeared first on .
By admin August 25, 2023
Cloud-based software company Salesforce was left wide open to a cyberattack exploiting the reputation of tech giant Meta thanks to a previously undetected bug, cybersecurity firm Guardio has disclosed. “The… The post Zero-day bug exploiting Meta hits Salesforce appeared first on .
By admin August 10, 2023
While the performance of current AI systems may seem impressive, there’s a long way to go before we’re likely to see true human-like capabilities. AI is everywhere – or so… The post Three different types of artificial intelligence, explained appeared first on .
By admin August 2, 2023
Inside the Newsletter | August 2023 What is Zero-Click Malware? Common Tech Myths 7 Cybersecurity Risks of Remote Work Page  7 Advantages of a Defense-in-Depth / Cybersecurity Strategy Page  Tech… The post August Newsletter appeared first on .
By admin July 25, 2023
ChatGPT’s API program, designed to incorporate artificial intelligence (AI) functionality into pre-existing apps and software, comes with a considerable cybersecurity risk, warns analyst Endor Labs. Its research team found that… The post Malware risk in AI software packages, warns analyst appeared first on .
By admin July 5, 2023
Millions of malicious IP addresses are analyzing the internet daily in an attempt to find security holes in networks. CrowdSec has recently released a Majority Report looking into the landscape… The post No, criminals are not in love with VPNs, expert insists appeared first on .
By admin July 3, 2023
Inside the Newsletter | July 2023 Is Your Online Shopping App Invading Your Privacy? How Microsoft 365 Copilot Is Going to Transform M365 Apps Fight Business Email Compromise 10 Helpful… The post July Newsletter appeared first on .
By admin June 30, 2023
Managing data and IT solutions in-house can be challenging and expensive. That’s why many organizations turn to MSPs. Digitalization has forced businesses to alter their operations and make IT a… The post What Is an MSP (And How to Choose the Right One for Your Business) appeared first on .
By admin June 14, 2023
Cloud computing has been front and centre of the global shift to remote working. Find out how you can maximize this technology for your small business. The onset of the… The post Seven Ways to Maximize Cloud Solutions for Your Small Business appeared first on .
By admin June 7, 2023
Inside the Newsletter | June 2023 Is it time to ditch the password for more secure passkeys? Create dashboard in power BI What is push-bombing? How to use ChatGPT at… The post June Newsletter appeared first on .
By admin May 30, 2023
Most of us have heard that chip cards are more secure. When it comes to processing credit cards and debit cards, chip cards have been the standard for many years.… The post Is Swiping Chip Cards Putting Your Business at Risk? appeared first on .
By admin May 14, 2023
Discover the compelling potential while exploring the ethical implications of an AGI-defined future. In 2023, tech giants are racing to leverage generative AI. Many are already looking beyond the capabilities… The post Unleashing artificial general intelligence: utopia or dystopia? appeared first on .
By admin April 30, 2023
HAYS, Kan. – Kansas farmers battered by drought and heat now have more weather to worry about — in outer space. An expected surge in solar flares over the next several… The post How weather in outer space could cost Midwestern farmers $1 billion appeared first on .
By admin April 14, 2023
We’ve compiled a list of disruptive innovations that are shaping the technological landscape around the world and shaping our future through reports from reputable scientific journals and the world’s largest… The post 10 Most Important Technologies Of 2023 appeared first on .
By admin March 30, 2023
Online reputation can make or break your chances of landing and retaining clients. That’s why managing this aspect in your business is critical. Your store, whether brick-and-mortar or online, looks… The post The Importance of Online Reputation Management (And 8 Tips To Improve It) appeared first on .
By admin March 14, 2023
Scaling your business doesn’t just entail having suitable systems, staff, or partners. It also includes finding new and innovative ways to save time and money. And that’s where Virtual Reality… The post Immersive Experiences Can Scale Your Business – The 5 Ways Virtual Reality Can Save Your Business Time and Money appeared first on .
By admin February 28, 2023
When you see those people with two monitors, you may assume they do some specialized work that requires all that screen space, or they just really like technology. But having… The post Are Two Monitors Really More Productive Than One? appeared first on .
By admin February 15, 2023
New research shows hackers are exploiting ChatGPT to write usable malware and sharing their results on the dark web. The latest report, from cybersecurity software retailer Check Point, backs recent… The post Threat actors can use ChatGPT to create deployable malware appeared first on .
By admin January 30, 2023
Just five or six years ago, VoIP was still considered a “different” type of business phone system. One that wasn’t the norm. But the pandemic changed that way of thinking.… The post What Are the Most Helpful VoIP Features for Small Businesses? appeared first on .
By admin January 14, 2023
Leaked API keys of three popular email service providers allowed threat actors to perform various unauthorized actions such as sending emails, accessing mailing lists and personal data, deleting API keys,… The post MailChimp, Mailgun, and Sendgrid API leak endangered over 54m users appeared first on .
By admin December 30, 2022
It seems that nearly as long as passwords have been around, they’ve been a major source of security concern. Eighty-one percent of security incidents happen due to stolen or weak passwords. Additionally,… The post What Are the Advantages of Implementing Conditional Access? appeared first on .
Show More
Share by: