Network

Microsoft Fighting COVID-19 Hacking

Microsoft Fighting COVID-19 HackingMicrosoft is tracking phishing and social engineering attacks and how they are adapting to the news of the world. With more users working from home and stress levels high, Microsoft says they are seeing an increase in successful phishing attacks. This increase opens more businesses up to attack and preys on our appetite for information in this uncertain time. A report out this week shows China, Russia, and the United States are being targeted the hardest by hackers. Hackers are not suddenly using new tools to attack with, but instead adapting existing tools to include COVID-19 keywords.

Below is an example of how hackers are using the same phishing methods but adapting them to Coronavirus news.

Phishing Campaign ChangesSource: Microsoft Security Blog

Microsoft says they are seeing around 18,000 malicious COVID-19 themed URLs and IP addresses per day. Hackers have always preyed on emotion, so we knew they would use the panic and thirst for information to capitalize on stealing data. This new information from Microsoft shows the adaptive tactics are working. More users are clicking on these links or attachments than they were before the pandemic.

The same tactics for avoiding phishing emails are still relevant. Think before you click. Just because the email appears to come from a reputable organization, doesn’t mean it does. Go to the source for the information instead of clicking a link. Make endpoint users aware of this new phishing tactic and reach out to Quanexus if your business has IT Security needs.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Virtualization

Annual Security Awareness Training

Security Awareness TrainingWe just completed our annual Security Awareness Training here at Quanexus. This is an important reminder for all our employees of the security standards we maintain to keep our data, and in turn, our clients’ data safe. Even though we work in this industry every day, we follow our layered security approach and conduct an annual training. Below are some high level points to think about in IT Security this year. As always, users can be your biggest asset or your biggest liability when keeping data safe.

  1. Hacking: In the small to medium sized business sector, hackers are not seeking out companies to attack. Instead, they have automated tools scanning the web looking for vulnerabilities. When a vulnerability is found by one of these tools, the hacker is notified and gets to work on stealing data. Our job is to put tools in place to not be the low hanging fruit for these hackers.
  1. Connectivity: We are experiencing many aspects of our life connected to the internet in some way. Computers in cars, wireless power meters, and in home virtual assistants like Amazon Alexa or Google Home. These tools are making it easier to access information, but they are also creating new vulnerabilities that we haven’t had to deal with before. We need to continue to be aware of the risks this new technology presents to keep our data safe.
  1. Passwords: Password management has never been more important. Passwords should be 25 characters long and contain at least one letter, one number, and one symbol. The words used in passwords should not be in the dictionary. Users should not re-use passwords for other platforms. We know password management is a pain and, in some cases, can reduce productivity in companies. There are password management tools we can advise you on to help.
  1. Phishing: This year we saw some high profile data breaches that originated from Phishing. We also saw the rise of Spear Phishing, the act of targeting a single user instead of blanketed email attacks. As always, we remind users not to click on links in emails. Instead go to the source of the email by typing the site into your web browser, call the person on the phone, or talk to them in person if they work in your office. Issues to look for in a Phishing email are bad grammar, a call to action that plays on your emotions, and the senders email address. If it is coming from a free email address, or something that looks suspect, it’s probably a Phishing email.

Security Awareness Training is one of the layers in our Q-Stack. Quanexus uses a layered security approach to protect our clients’ data. We abide by our own system and conduct training annually as we advise our clients to do. Contact us today if you have questions on how you can implement our layered security approach.

Quanexus IT Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Virtualization

Feature Newsletter

This week we are featuring our current newsletter. This newsletter has a security checklist on the back page, which is a great checklist for your business. It also has some tips on security awareness training, indicators of a hack on your infrastructure, and a simplified explanation of our layered security system.

Click here for the Newsletter

You can also subscribe to our email list and receive the newsletters when they are published. Read previous Newsletters and subscribe to our email list by clicking here.

Quanexus IT Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Jack Gerbs in Cybersecurity, Information Security, Physical Security, Recent Posts, Small Business, Telephone Systems, Virtualization, Wireless

Welcome to 2020

Looking back, 2019 was a very good year for Quanexus.  I am thankful every day, for the awesome team that I get to work with and our many wonderful clients.  As I look forward to 2020, I’d like to share a list of what I think we can expect to see in the IT landscape:

Threats

  • Significant increase in the amount of successful ransomware attacks.
  • Continued increase on the sophistication of social engineering attacks.
  • Increased attacks against small and medium size organizations.
  • Increase in banking and ATM system attacks.
  • Increase in the Internet of Things (IoT) attacks

Technology Improvements and Adoption

  • Increased use of cloud solutions.
  • Increased cloud telephone implementations.
  • Increase in use of multi-factor authentication.

Challenges

  • Increased board member liability for IT compliance within the organization.
  • Increased audit requirements for every organization. We have seen a big increase with our clients needing to be compliant with their vendor’s requirements.
  • Increased supply chain requirements.

Wishing everyone a healthy and successful 2020 from the Quanexus Team!

Quanexus IT Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Jack Gerbs in Cybersecurity, Information Security, Physical Security, Recent Posts, Small Business, Telephone Systems, Virtualization, Wireless