Online Safety
Increase in Emotet Malware Attacks via Email
This is just a quick note to remind customers to be vigilant when reading email.
In recent days there has been an increase in malware attacks by a family of malware, and cybercrime operation, known as Emotet. [1] The Cybersecurity and Infrastructure Security Agency (CISA) recently posted an update regarding Increased Emotet Malware Activity. [2]
Some main points, to be aware of, include…
FBI Releases Article on Defending Against Phishing and Spearphishing Attacks
In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the FBI article and CISA’s Tip on Avoiding Social Engineering and Phishing Attacks. For more information on NCSAM, see the NCSAM 2019 webpage and the NCSAM 2019 Toolkit. Users can report suspected attacks to their local FBI office or to the FBI’s Internet Crime Complaint Center at www.ic3.gov.
Small Business Cybersecurity Guide
The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide for small businesses. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has redistributed the guide and encourages small business owners and administrators to review the guide, which provides checklists to help small businesses protect themselves against common cybersecurity incidents.
Would you like help completing the cybersecurity checklist for small businesses at the end of the guide? Contact Widomaker to set up a time we, or a local partner, can review the guide with you and determine how to implement the recommendations in your small business environment.
Click the button, below, to review the guide…
Another Reminder About Phishing E-mail Messages
Reminder… Widomaker will never ask for your password, credit card, or other personal information via e-mail! Make sure to never provide that type of information in response to an unsolicited e-mail message.
A Reminder About Phishing E-mail Messages
Reminder… Widomaker will never ask for your password, credit card, or other personal information via e-mail! Make sure to never provide that type of information in response to an unsolicited e-mail message.
KRACK Wi-Fi Vulnerability
On Oct 16 2017 US-CERT released Vulnerability Note VU#228519 after researchers disclosed “serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks.” They have named the proof-of-concept exploits, KRACK (key reinstallation attacks)…
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. […] To prevent the attack, users must update affected products as soon as security updates become available.
[Updated 11/16/17] Router and IoT Vulnerabilities (Dnsmasq)
On, October 2, 2017, vulnerabilities (US-CERT VU#973527) were made public, by Google’s security team, in Dnsmasq, a widely used software package included in many Internet-connected devices, such as routers, IoT devices, and Android devices. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
Windows Vista Support Ends Today 4/11/2017
Microsoft ends support for Windows Vista, today, April 11, 2017. Please review the announcement from Microsoft, for more information…
Multiple Netgear Routers are Vulnerable (VU#582384)
According to US-CERT (part of the Department of Homeland Security), Netgear R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 routers, and possibly other models, are vulnerable to arbitrary command injection. If you use one of the vulnerable Netgear routers, we recommend that you apply an update provided by Netgear, or discontinue use and replace the vulnerable device.
How to Pick a Proper Password (Video)
Picking good passwords, and not reusing them, is one of the most important steps to stay secure, online…