New Season, New Website

This week we launch our newly redesigned website and we are excited to share some of the new features with you.

We offer numerous services so one of our goals was to make the information about each of these services as easy to navigate, and find, as possible. Another goal was to make it easy to get in touch with us through various forms located throughout the site.

One of the features we are most excited about is that a network assessment can now be requested through our site. Network assessments are available to current, or prospective clients and are of no charge or obligation to the recipient. Find out more details about the assessment here.

Once the form is submitted someone will be in touch with a few follow up questions and to discuss a time for the onsite assessment to take place.

Another feature we are proud to offer is the ability to either navigate our site by specific industry, or specific solution (service). We have broken our offerings down into three main industries: non-profit, financial and general business, and our solutions into voice, data, information security and physical security.

Additionally, we have also added a page to highlight our upcoming events. Throughout the year we offer several events such as lunch-n-learns and seminars, those events will now be posted to our Event’s page. On this page, people will also be able to register for the event without having to go to a third-party event site.

We hope that you take a minute to tour the new site and after you do, let us know what you think.

Follow us on FacebookTwitter and LinkedIn and stay up to date on Hacks, Attacks & Cybersecurity by subscribing to our email list.

Posted by Jack Gerbs in Recent Posts, 0 comments

Winter Olympic Cybersecurity Threats

2018 Winter Olympic Cybersecurity Threats

The 2018 Winter Olympic Games in Pyeongchang, South Korea are in full swing and unfortunately, so are the bad guys.

Last week the official Olympic website went down for hours as it fell victim to an attack. The malware has now been dubbed the “Olympic Destroyer” and experts are on the hunt to uncover how this destructive disturbance was launched and by whom.

The bad guy’s target isn’t always so massive, as is the case with the phishing attacks and malware circulating via email and social media.

Olympic Phishing Email

Like typical phishing emails the use social engineering to try to get the reader to do something like click on a link or download an attachment. In one case, hackers are sending emails disguised as being from the country’s National Counter Terrorism Center with a malicious Word document attached to organizations associated with the Olympic Games.

After the Word document is opened the reader is told to enable content and this is where the trouble begins. Once enabled, and PowerShell is launched, a seemingly benign image becomes the vehicle for hackers to later execute malicious script directly from memory. How? A new tool called Invoke-PSImage, which hides script in the pixels of an image.

What is worse is the script is hidden within the pixels of an image and traditional antivirus solutions can’t detect it. This example is so dangerous because it does not have to be downloaded as we have seen in the past.

Social Media Targeting

Other scams to be on the lookout for circulate via social media.

There are plenty of scams that offer free tickets or tickets to fake competitions but unless you are boarding a plane for South Korea you probably won’t fall for those.

A more likely scenario is one asking you to sign up to receive breaking news, updates and/or a behind the scenes look of the games. There is also the chance you could fall for clicking on a link shared by a connection on Twitter or Instagram.

Think before you click! This cannot be stressed enough. Be it through email or social media, the bad guys are lurking and want your personal information and data. Don’t fall victim to their schemes –  learn how to identify their tactics.

Other posts help you learn more about how to steer clear of cybercriminals:

Be aware of password best practices.

Make sure the people in your organization know how to identify potential threats.

Arm yourself with knowledge.

Figure out where to begin.

Consider a risk assessment.

If you would like to speak to someone about your organization and it’s needs, we would be happy to help. Reach out to us at 937.885.7272.

 

Follow us on FacebookTwitter and LinkedIn and stay up to date on Hacks, Attacks & Cybersecurity by subscribing to our email list.

Posted by Jack Gerbs in Cybersecurity, Recent Posts, 0 comments

5 Reasons to Attend our Lunch-n-learn

Soon we will be hosting our first event of the new year – our Nonprofits & Technology Lunch-n-learn. We have the privilege of working with dozens of Dayton area nonprofit organizations and have come to learn the pain points and challenges many of them face, as well as which solutions work best for them.

In case you need a little convincing to attend, here are five reasons you should reserve your seat today.

1)Become familiar with the threats facing nonprofit organizations

Many organizations, and companies, believe they are just too small to be targeted, or don’t have anything worth stealing – this is simply not the case. Learn how not to be the low-hanging fruit.

2)Better understand the role compliance plays within nonprofits

Nonprofit organizations are held to strict regulatory compliance requirements, are you confident you are abiding by all of them? Or do you know who’s responsible for ensuring they are all being met?

3)Gain a stronger knowledge of information security

Covering all the bases when it comes to securing a network can be overwhelming, let us clarify the best practices of keeping everything up and running securely and effectively.

4)Understand the benefits of outsourcing your IT services

Whether you are an organization of 10 or 100, we can help supplement your existing IT department, or can be your entire IT department. Learn the benefits of working with trained professionals who are available when you need them.

5)Learn from an industry expert

Our speaker, Quanexus CEO Jack Gerbs, is a highly certified industry leader who brings nearly 30 years of experience in keeping organizations compliant, secure and running.

6)BONUS: Have a chance to mingle with current Quanexus clients from nonprofits like yours.

Are you involved with an area nonprofit organization and want to learn more? Register to attend our free upcoming lunch-n-learn!

Quanexus is a locally-owned, BBB Accredited business with over 25 years of experience working with organizations like yours to help you stay up, running and providing your valuable services.

Register today by going to Quanexus.com, or by clicking here.

Posted by Jack Gerbs in Recent Posts, 0 comments

Tech News: Meltdown and Spectre, Processor Security Flaws

Two new processor security flaws have been detected.  These flaws effect nearly every computer produced within the last 20 years.  The flaws are named “Meltdown” and “Spectre”.  Meltdown only affects Intel processors.

The vulnerabilities allow the attacker to access privileged memory of the processor and gain access to key strokes, passwords, etc.  It is possible that privileged memory access can be accomplished through web browsers.

Related: Managed IT Services in Dayton, Ohio

Microsoft, Google, Mozilla and others have been busy updating their browsers.  Microsoft has also rolled out a patch for Windows 10, but it won’t install on many systems because of some technical compatibility issues with anti-virus engines.

For additional security, Intel is working on a firmware update.  Researchers are speculating that this update will cause systems to run about 33% slower to resolve the root cause.

Quanexus is closely watching these issues and we will be implementing updates and patches as they become available.  Any performance issues that a patch may create will be reviewed with our clients before being performed.

Related: How Not to Fall for a Phishing Email 

Follow us on FacebookTwitter and LinkedIn and stay up to date on Hacks, Attacks & Cybersecurity by subscribing to our email list.

Posted by Jack Gerbs in Recent Posts, 0 comments