Cybersecurity

How to Add Authentication Security and Maintain User Convenience

Multi-Factor Authentication (MFA) is one of the most powerful data breach prevention tools. MFA is extremely effective at eliminating fake sign-in attempts to resources such as applications, online accounts, and Virtual Private Networks (remote access VPNs). Despite this, almost half of companies are not using it. Why are so many companies not using multi-factor authentication?

How to Add Authentication Security and Maintain User Convenience read more »

Microsoft Exchange Server CVE Vulnerabilities Announcement

On September 30, 2022, Microsoft released guidance regarding Zero-Day Vulnerability CVE exploits discovered in Microsoft Exchange Server in August of 2022.  This guidance appeared in various industry alerts – including the  New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), where the alert has been provided to assist organizations in guarding against the persistent malicious actions

Microsoft Exchange Server CVE Vulnerabilities Announcement read more »

What is MFA? Best Methods for Multi-Factor Authentication

With cybersecurity on the rise, Multi-factor Authentication is a go-to for an additional security measure for your devices and data points. Question: What is Multi-factor Authentication … and Which Method is Best? Answer: Multi-factor authentication is a method of securing data and applications after a user presents two or more credentials to verify the user’s

What is MFA? Best Methods for Multi-Factor Authentication read more »

The 5 Benefits of Cyber Awareness Training for Your Business

Maintaining a strong cybersecurity posture is more important than ever. With so many businesses investing in digital transformation technologies, the ramifications of a cyber attack would be devastating.  Combine this with the fact that many organizations have standardized the work-from-home model and you’ve got a recipe for serious disruption. But it’s not all doom and

The 5 Benefits of Cyber Awareness Training for Your Business read more »

Common Goals and Objectives of an Information Security Risk Assessment

The Internet of Things (IoT) devices are outnumbering the population of our planet. It is estimated that the planet has over 20 billion devices. The cybercrime results in business-related economic losses in the astounding amount of approximately $8 trillion – EIGHT TRILLION! Beyond its financial cost, the cybercrime disrupts critical and strategic infrastructure of the

Common Goals and Objectives of an Information Security Risk Assessment read more »

Watch out for Follina – a new zero-day Microsoft Office Suite vulnerability

A new vulnerability has been discovered for the Microsoft Office Suite named “Follina”.  It is triggered by opening malicious MS Office documents. Follina is a zero-day discovery. It does not appear that there are any exploits just yet, but due to the nature of this exploit, attackers will start to utilize it.   “Zero-day” is

Watch out for Follina – a new zero-day Microsoft Office Suite vulnerability read more »

Cyberthreats in New Jersey – from Russia, Ukraine, and Cuba

This week, the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) released its Garden State Cyber Threat Highlights, providing insights into the threats and malicious activity directly targeting New Jersey networks. These threat warnings included ones related to Russia/Ukraine and Cuba. The NJCCIC is the State of New Jersey’s center for cybersecurity information sharing, threat

Cyberthreats in New Jersey – from Russia, Ukraine, and Cuba read more »

How New Jersey Small Businesses Can Protect Against Russia/Ukraine and other Cyber Threats

Last week, the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) released an advisory stating that it did not see any specific or imminent cyber threat to New Jersey related to the Russia/Ukraine crisis.  However, it went on to say that it is likely that Russia’s aggressive cyber activity will increase and spread.  Therefore, it

How New Jersey Small Businesses Can Protect Against Russia/Ukraine and other Cyber Threats read more »

How To Choose a VPN To Improve Protection Against Cyberattacks

Public networks expose your business to security threats. Switching to a virtual private network (VPN) can greatly help in reducing those threats. Many companies rely on public networks for communication and data sharing. It allows them to cut costs and allocate their funds elsewhere. However, reliance on public networks also raises several security issues.  

How To Choose a VPN To Improve Protection Against Cyberattacks read more »

Why Outsource your IT Security and Support

As you know, for an organization to enjoy continued success and growth, it needs a management that can effectively oversee key areas of daily business operations such as administration, finances, and marketing. But what about technology? Constantly changing and increasingly complicated, it makes sense to outsource technology to our team of skilled professionals. You need

Why Outsource your IT Security and Support read more »

The Money Pit for SMBs: what you need to know about rising costs of ransomware

A recent CSO publication highlights various possible ransomware costs that might be unexpected. CSO (“Chief Security Officer”) is an organization that provides critical information to enterprises related to defending against criminal attacks. It addresses topics such as risk management, network defense, fraud, and data loss prevention. The following discusses some of the key points presented

The Money Pit for SMBs: what you need to know about rising costs of ransomware read more »

Cybersecurity alert: Fake Windows 11 install infects PCs

It has come to powersolution’s attention that FAKE notice for Microsoft Windows 11 installer is being distributed online.   How this fraudulent Windows 11 installer malware works. A legitimate-looking alert message gives the end-user an illusion of interacting with an official Windows 11 installation tool. Instead, it is malware designed to infect unsuspecting users’ systems.

Cybersecurity alert: Fake Windows 11 install infects PCs read more »

New Ransomware Attackers Appear

A new version of the LockBit ransomware offering recently appeared and is experiencing rapid growth.  This growth is occurring to a great extent due to the July 2021 disappearance of REvil (“Ransomware Evil”), a private ransomware-as-a-service (RaaS) known for its major attacks on JBS and Kaseya, impacting the operations of over 1,500 companies. LockBit is

New Ransomware Attackers Appear read more »

Phishing scam targeting accounting professionals and members of the public in the midst of a tax season.

The Internal Revenue Service (IRS) and state tax agencies are warning  of a phishing scam targeting tax professionals and members of the public in the midst of a tax season. The scammers impersonate the IRS in an attempt to collect SSN numbers, e-file identification numbers (EFINs), driver’s license images, and other credentials. These phishing emails

Phishing scam targeting accounting professionals and members of the public in the midst of a tax season. read more »

6 Tips to Secure Your Home WiFi

To accommodate working from home and, now with schools starting, remote learning, both parents and students will use various devices that require an internet connection. These devices will likely use a home wireless (Wi-Fi) network; however, the Wi-Fi router may not be set up securely. If a Wi-Fi network is left unsecured, a threat actor

6 Tips to Secure Your Home WiFi read more »

Increase in Emotet Infected Emails

The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) has issued an alert after increased reports of a new round of emails containing Emotet infected attachments. Emails containing the Emtot infected attachments slowed during the summer, the threat actors behind the Emotet trojan continue to increase their activity, with a large uptick occurring starting in

Increase in Emotet Infected Emails read more »

How Businesses Can Securely Work From Home (VPN Guidance)

As the novel coronavirus (COVID-19) continues to spread, many businesses are assessing how they can prioritize their employee safety and still maintain regular business operations. One solution many businesses are turning to is recommending employees to work from home to avoid potential illnesses. To help ease the burden on businesses, Microsoft, Google, LogMeIn, Cisco Webex,

How Businesses Can Securely Work From Home (VPN Guidance) read more »

Twitter Hacked in Coordinated Social Engineering Attack

Twitter stated that the company detected what they believed to be “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”  Twitter CEO Jack Dorsey tweeted several hours later that it was a “tough day for us at Twitter.” Twitter acknowledged that some users’ features

Twitter Hacked in Coordinated Social Engineering Attack read more »

Did you know? Tax preparers must develop a written Information Security plan

Every tax professional in the US is a potential target for well-funded and technologically sophisticated cybercriminals who aim to steal your clients’ data. Often their goal is to steal data to steal your EFINs or CAF numbers and impersonate their victims and to file fraudulent tax returns. Cybercriminals use several avenues, including email, fax and

Did you know? Tax preparers must develop a written Information Security plan read more »

Cybersecurity Alert: COVID-19 Themed Phishing Emails

Through powersolution’s membership of the Cyber Health Working Group (CHWG)*, a new phishing campaign has been detected and reported on. This phishing campaign is designed around COVID-19 themed emails that contain a link to a phishing page that attempts to collect credentials for multiple banks. The attackers then use the information collected to extort funds

Cybersecurity Alert: COVID-19 Themed Phishing Emails read more »

Vulnerabilities Fallout: Not all fixed by Recent Microsoft Patch Releases

In a past month, Microsoft  has released patches for over 70 vulnerabilities in its products. The company has been under the fire from users and system administrators for quite some time. The pressure was following the stream of vulnerabilities, including two of a zero-day type flaws. The zero-day vulnerabilities are still being actively exploited in

Vulnerabilities Fallout: Not all fixed by Recent Microsoft Patch Releases read more »

Advanced Phishing Threat: malicious emails posing as Adobe Acrobat or Microsoft Office365 message

We have received numerous reports and examples today of an advanced phishing email being used to harvest Office365 credentials. The email is sent through a compromised account of an individual that is familiar, such as a colleague, business partner, vendor, etc. The attacker gets your email address from the compromised mailbox and then sends you

Advanced Phishing Threat: malicious emails posing as Adobe Acrobat or Microsoft Office365 message read more »

58% of cyber attack victims were small businesses – you could be next

Cybercrime is a big and nasty business. According to Cybersecurity Ventures, small business (organizations with fewer than 250 employees) becomes a prevalent and profitable target: 58% of them were cyberattack victims in the recent year, and the astounding amount of $6 trillion is expected to be the cost of cybercrime the by the year 2021.

58% of cyber attack victims were small businesses – you could be next read more »

773 million records of email addresses were breached – Have you been pwned?

Today, one of the largest data breach data sets was released containing roughly 773 million unique records of email addresses and passwords. Microsoft Regional Director and MVP Troy Hunt obtained the original data set, titled ‘Collection #1’ from a hacker forum. The original data set contained 2,692,818,238 rows of email addresses and passwords. That’s right,

773 million records of email addresses were breached – Have you been pwned? read more »

Important Alert: NEW Office 365 Phishing Threat

A new phishing attack is using fake non-delivery notification in an attempt to steal users’ Microsoft Office 365 credentials. These credentials will then be used to send messages from the users account, further spreading malicious emails and software. In this case, the attack begins when a user receives a fake non-delivery notification email from ‘Microsoft.’

Important Alert: NEW Office 365 Phishing Threat read more »

10% of you are compromised by at least one of the passwords from the Top 100 List of 2018

Each year, SplashData., Inc, a leader in password management, analyses leaked passwords to find the top commonly used passwords. In 2018, SplashData, Inc. had five million passwords to work from, most of them from hacks in the US and Europe. According to the statistics, almost 10% of people have used at least one common password

10% of you are compromised by at least one of the passwords from the Top 100 List of 2018 read more »

IT Security & Support Quiz

IT Security & Support Quiz

October Is Cybersecurity Awareness Month

Cyber threats evolve fast.

The question is—has your protection kept up? 

Take our short quiz to see where your business stands.