Wednesday, September 27, 2023

MOVEit over? Not just yet!

This HUGE And Recent Data Breach Practically Guarantees YOUR Personal Information Was Stolen

Back in May, the company MOVEit, a file transfer platform made by Progress Software, was compromised by a Russian ransomware operation called Cl0p. They used a vulnerability in Progress’s software that was unknown to exist at the time. Shortly after the attack was noticed, a patch was issued. However, some users continued to be attacked because they didn’t install it.

The software is used by thousands of governments and financial institutions and hundreds of other public and private companies from around the world, and it’s been estimated that at least 455 organizations and over 23 MILLION individuals who were customers of MOVEit have had their information stolen. As the days, weeks, and months pass, more affected business and government agencies have indicated that they, too, were compromised.

Some of these organizations include:

  •      The US Department of Energy
  •          New York City Department of Education
  •          UCLA
  •          Shell
  •          Ernst & Young
  •          Northwest Mutual
  •          Pacific Premier Bank
  •          TransAmerica Life Insurance
  •          Honeywell
  •          Bristol Myers Squibb
  •          Gen/Norton LifeLock
  •          Radisson Hotel
  •          BBC
  •          British Airways

The majority of those organizations (73%) are based in the US, while the rest are international, with the most heavily impacted sectors being finance, professional services and educational institutions.

Cl0p is a type of ransomware that has been used in cyber-attacks since 2019. Data stolen is published to a site on the dark web – a section of the worldwide web where cybercriminals sell and trade information without having to reveal themselves. The ransomware and website have been linked to FIN11, a financially motivated cybercrime operation that has been connected to both Russia and Ukraine and is believed to be part of a larger umbrella operation known as TA505.

What makes this attack so terrible is that many of the organizations compromised provide services to many other companies and government entities, which means it’s very likely their customers, patients, taxpayers and students were compromised by association. As more victims come into the light, the chances of the breach impacting millions more is imminent. And yes, you’re probably one of them.

The big question is, were you notified?

For some reason, this breach didn’t make mainstream headlines, often only during the late news cycle when only those of us with insomnia were watching.  The truth is, however, when a company is compromised, they are obligated to tell you if your data was stolen. This can come in the form of an e-mail or snail mail letter. However, due to spam filters, e-mail delivery is clearly not a reliable way to ensure an important message is received.  

And, how many pieces of junk mail do you receive in your home mailbox that never make it to the door, but rather wind up in the waste bin? Unless it is clearly marked from an organization you recognize there is a pretty good chance that it will not be opened in a timely manner, if at all. Let’s face it, the logistics of organizing a letter for over 36 million people can take time. Just like that proverbial check, the notification letters may still be “in the mail”.

What to do: If you suspect that your account credentials may be among those compromised (and they probably are), you need to ensure that all your passwords and PINs are changed ASAP! You must also be on the lookout for any strange activity. Don’t use the same passwords and make sure they are at least 12 or more characters long, using uppercase and lowercase letters, as well as special characters and numbers. If you do not already used one, consider a password management application like Keeper which will allow you to use longer, more challenging passwords without losing your mind.

You should also ensure that MFA, or multifactor authentication, is turned on for all critical software applications and websites you use, such as Microsoft Office, QuickBooks, banking and payroll software, your credit card processor, etc.

Want to know if your company’s information is on the dark web? Click here to request a free Dark Web Vulnerability Scan for your organization (sorry, we don’t offer this for individuals). Simply let us know your domain name and we’ll conduct the search for free and contact you to discuss what was found via a confidential review (NOT via e-mail). Questions? Call us at 413-786-9675. 
Posted by at No comments:

Wednesday, September 6, 2023

7 Quick Fixes To Fix SLOW Home Wi-Fi


7 Quick Fixes To Fix SLOW Home Wi-Fi
(or.. How to claw your way out of the pit of frustration)

Nothing is more aggravating than attempting to watch a video or use your PC when the Internet is operating slower than molasses flowing uphill in winter. Well.. maybe getting disconnected from your big sales pitch video conference when working from home might trump binge watching the latest hit shows just a little bit..

For our clients, we have many solutions to make your Internet connection faster, more reliable and secure. But what about at your home? Spotty, unreliable Wi-Fi is almost certain to happen at the most inconvenient time, like when you’re about to watch a great movie on a Friday night.

Here are our top 7 fixes for slow home WiFi signals.

Step 1: Make sure your Internet Service Provider (ISP) isn’t having issues. Most ISPs will have outages published on their website. It is best to check this using your phone’s mobile network instead of your home Wi-Fi. If there are no outages or known problems, you can move on to the next steps.

Side Note: If you haven’t talked to your ISP in over a year, you should call and see if they have new plans that will give you more bandwidth for less money. You might also shop other providers to see if they have recently upgraded their network and can offer better, faster service than your current ISP.

Step 2: Update your router, especially if you haven’t done so in the last 2 to 3 months. This will not only reset your router with the latest (and fastest) connection speeds but also ensure you’re up-to-date with security patches and other preventative programs. You might just reboot it as well, powering it off and on again. Sometimes that’s enough to fix the problem.

I would also suggest you get a new router if yours is over 3 years old. Aim for one with Wi-Fi 6 and dual or triple band capabilities, which allows your router to connect with multiple devices without sacrificing any speed or bandwidth.

Step 3: Change the channel. Download the app Network Analyzer to help find the most appropriate channel for your connection. If you’re using the 2.4 GHz frequency, change to another less “noisy” channel. How you do this depends on the brand and model of your router, so refer to your router’s manufacturer for details. 2.4G signals can be impacted by other devices in that wireless range. With more home appliances connected to the net (and most often on 2.4G bands), your network can quickly become saturated. Also, some home appliances like microwave ovens when in use can disrupt a 2.4G WiFi signal.

Step 4: Upgrade to a mesh Wi-Fi router. When too many devices connect, Internet speeds decline. One option is to get a mesh router like NETGEAR’s Orbi Mesh, Asus ZenWiFi AX (XT8), or Eero Pro 6E Mesh from Amazon.  Unlike a traditional router which broadcasts it’s signal from a single device, a mesh system uses multiple devices to balance loads among many points of entry. In smaller homes, upgrading to a single, more expensive router like a Nighthawk could help. One downside of mesh systems: they struggle in old homes such as Victorian era construction due to the density of the building materials used.

Step 5: Turn on QoS, or Quality of Service. This is a router feature that lets you prioritize traffic and apps, such as Zoom or gaming programs. Essentially, your router will prioritize certain uses over others. Of course, how this is done varies by router, so you’ll have to check your router’s manual for details.

Step 6: Check that you haven’t been compromised. If your Wi-Fi network is open without security or is using WEP, WPA or WPA2, change your settings immediately. Go with WPA3 encryption (which is the most secure) and disable any remote management options on your router. Viruses and hacks can suck up resources and may be the reason for your network grinding to a halt. Also, make sure your devices firmware is up to date and you have changed the default password to a complex password with more than 12 characters (we recommend 20 or more characters).

Step 7: Change your router’s location. The basement might not be the best place to store your router. Try placing it up high and as close to the center of your home as possible, free from obstructions and appliances, mirrors, concrete walls and metal materials that can cause signals to bounce or be blocked. If you put your router on a wall of your house, your signal is only impacting half of your home. If you have a large house, you will probably need to invest in Wi-Fi extenders around the house to boost the signal.

If your business Wi-Fi is slow, spotty and problematic, click here to request a free diagnostic of your office Internet connection to see what’s causing the problems you’re experiencing. Obviously, business Wi-Fi is more important than home Wi-Fi and can cost you in untold frustration and low productivity if not fixed. Contact us today at 413-786-9675!


Posted by at No comments:
Subscribe to: Posts (Atom)