Criminals Attack On A Global Scale

As you’ve undoubtedly heard, a second global ransomware attack is underway affecting the countries of Russia, Ukraine, Europe and the United States so far. Here are some facts about the latest attack: Attackers are using multiple attack vectors to spread the virus, such as: ETERNALBLUE, ETERNALROMANCE, and the PsExec command line utility. The ransomware, known […]

Security Through Reading Links

As I stated before, bad guys are very smart. One way that they fool millions of people is by using links that appear legitimate but will take you to fraudulent sites (often replicas of legitimate websites) where they’ll steal your info, money, credentials and so on. To protect yourself, learn to distinguish good site addresses […]

Malware Evolves To Dangerous Levels

Criminals are an adaptable bunch. Now that most people know not to enable macros and avoid Microsoft Word attachments, hackers came up with new ways that don’t require macros to execute downloads. The first is a malware called “Zusy” that is infecting users with compromised PowerPoint attachments that automatically downloads an executable banking trojan using […]

Sometimes Low-Tech is the way to go

I’ve spoken about this at meetings and written about it in blog posts, but hacking into cameras and spying on people can and does happen. There are high-tech solutions you can use to protect yourself that will make it harder for a hacker to penetrate your security, but if they’re determined enough they’ll eventually find […]

Anatomy Of A CEO-Wire Fraud Attack

CEO-Wire Fraud is a dangerous Social Engineering attack that cost businesses billions in losses. A good Social Engineer will study potential victims sometimes for months before attacking and craft convincing spoofed emails, targeting accounting personnel with wire transfer responsibilities. Recently, one of our best clients experienced such an attack and they graciously allowed us to use […]

Security Alert: NYS DMV Email Scam Going Around

News reports on local stations here in Rockland County, NY plus notifications on various security blogs I follow announced that an email scam pretending to be from the New York Department of Motor Vehicles is going around notifying people that they have outstanding tickets that must be paid within 48 hours or their license will be revoked. If […]

9 Online Shopping Security Tips To Keep You Safe

  Statistics show that 51% of Americans prefer to shop online and that percentage is growing rapidly. Cyber-thieves are just waiting to steal your money, information and identity. But, taking common-sense precautions will go a long way to keeping you safe:   Never use a debit card. If a hacker gets your information, they’ll be […]

Security Alert: DocuSign Breach Leads To Phishing Attacks

A recent breach at DocuSign has led to phishing campaigns designed to infect recipients with credential stealing and banking trojans: Pony, EvilPony and ZLoader. DocuSign is one of the most widely used electronic signature applications with 200+ million users. As an immediate measure, DocuSign recommends that you delete any email that appears to come from […]

How To Identify A Phishing Email—An Example

One of our good clients sent us a phishing email supposedly from Microsoft. It fooled a very experienced user and so would be a good example to use to show our readers how to identify Phishing emails. Fortunately, the bogus link did not forward to an infected website where ransomware could have been instantaneously downloaded, […]

Hackers Step Up Phishing Attacks

  It seems that phishing attacks have increased exponentially during the last few months and businesses and individuals must always be on their guard.     Recently, an employee of one of our very good clients forwarded an email to me saying that it looked suspicious. It invited my client to click a button to […]

WanaCry Ransomware Hackers Threaten More Chaos

A KnowBe4’s blog post yesterday disclosed that the hacking group called Shadow Brokers, responsible for leaking the NSA’s zero-day exploit resulting in the infamous WanaCry Ransomware global attack, threatened to release even more NSA exploits that could potentially cause more damage. Shadow Brokers announced that starting next month, they will make more stolen NSA-weaponized bugs available on […]

Ransomware – Information Held Hostage

On  May 12, 2017, I attended a great seminar, “Information Held Hostage: Protecting Your data From Ransomware and Phishing”, held by the Connecticut Technology Council and hosted by Datto, the world leader in Business Continuity solutions. The featured speaker was Arthur House, Connecticut’s Chief Cybersecurity Officer. Arthur was joined by panelists: Jane Domboski, FBI Supervisory […]

Security Alert: Massive Google Docs Phishing Campaign

A very convincing and deceptive Google Docs phishing scheme hit the internet yesterday ensnaring thousands. The email is very short and looks like it came from someone you know saying that a document in Google Docs has been shared with you and inviting you to view it. After the user clicks the link or button, […]

Think it can’t happen to you?

Many individuals simply operate on the assumption that no one is interested in what they have or their company is too small for criminals to bother with. This is called security through obscurity. If you operate under this assumption—you are wrong. You are vulnerable if you: Keep logins (user names & passwords), documents, emails, personal […]

Security Alert! Locky Reemerges—Dangerous As Ever

Most of us breathed a sigh of relief thinking that the notorious Locky ransomware virus, which first made its debut in February 2016,  had run its course. Not so! This past week, Locky reemerged with a slight but devious twist—the same nasty virus but with a different delivery mechanism. Previously, Locky was sent to victims via […]

ALERT: New Malware Campaign With A 90% Success Rate

Researchers have discovered a brand new, sophisticated spear phishing campaign that fools 90% of their targets into opening infected attachments or visiting spoofed websites. Once a target takes action, the malware either steals data, credentials or both. These hackers are very savvy—diligently researching targets, tailoring messages specifically to them and adding personalized information to fool […]

ALERT: NYS Department of Finance Issues A Warning

The New York State Department of Finance recently sent an alert warning companies that scammers, posing as company executives are contacting the Payroll and/or HR departments of targeted companies requesting lists of employees and their personal information. This is not a new scam but apparently it is an effective one and Government officials have seen a resurgence recently. […]

XSolutions Featured In Groundbreaking Book, “The Essence of Lean” by David Hinds

Dr. David Hinds: educator, business executive and entrepreneur with over 30 years of business experience has written a groundbreaking book that fully explains what Lean is and shows the reader how to take advantage of this superior form of management. There have been many books on Lean but most are geared toward the manufacturing sector […]

Security Alert: Karma Ransomware Hides In SW Downloads

  Security blog, Graham Cluley posted yesterday that researchers discovered that Karma ransomware is piggybacking on free internet downloads. Once downloaded onto your PC, Karma checks to see if it is running on a virtual machine. If it is, it terminates itself but if it detects that it is running on a physical machine it […]

How To Protect Your Company From Data Loss

Data loss can happen at anytime—suddenly and without warning. If you cannot recover quickly, you can literally be put out of business as your clients go to your better-prepared competitors. That is why businesses, of all sizes, must think beyond just backing up data and embrace Business Continuity as a central business objective. On the Slideshare […]