Need tech support? : helpdesk@fifstarict.com

Talk to an Expert: : 512.693.8743 x 1

 

Tech

Windows 7: End of Support and HIPAA Compliance

We are now less than 2 weeks away from the official Windows 7: End of Support. For HIPAA compliance business, this should be a requirement for your business to update to the latest version, Windows 10. End of support means NO MORE UPDATES, SECURITY PATCHES or overall tech support from Microsoft. This means not updating to the latest version will leave your IT infrastructure vulnerable to internet attacks and more. 

Tech Travel Tips

As the holidays approach more and more people will be traveling to visit family and friends. We thought that we would provide you with some helpful tips to keep your technology safe and in good working order as you travel.

 

 

USB Charging Stations

We have all seen the USB charging stations popping up everywhere, especially at airports. While these seem to be a much appreciated convenience that rescues our dying devices, it can also be a disastrous trap.

These public USB stations can be compromised by criminals looking to steal your data, or infect your device with malware.  It is best to bring the adaptor and plug your device directly into a power outlet. 

Public WIFI

It seems that now everywhere you go offers free WIFI as a service, but should you really connect? This can be very risky, in that everyone connected to the same WIFI can see all the data going to and from your device. The good news is that if you are using https:// your data is encrypted (the content is encrypted, but sender and receiver are in clear text). 

The best precaution to take while traveling is to us a VPN when connecting your device to public WIFI. There are several VPN’s available and all are relatively easy to use and not to expensive; well worth it to protect your device and data.

 

Smart Speaker Spies

Amazon and Google both offer smart speakers that provide a variety of services based on voice activated commands. They also both allow third party developers to create voice apps utilizing the functionality of these devices. In the past there have been concerns over employees of Amazon or Google utilizing the always on microphone feature to eavesdrop on users. With third party developers being allowed to create and deploy apps for these devices the concern is multiplied by every third party app developed.

While Amazon and Google have vetting protocols in place to ensure that criminals can not publish malicious apps for these devices, recently Security Research Labs found two possible hacking scenarios that apply to Amazon Alexa and Google Home. You can see a full description of both these hacks here https://srlabs.de/bites/smart-spies/

SRL reported these hacks to Amazon and Google before they made them public, so that the companies could work to resolve these issues.  As with all connected devices criminals will attempt to use these smart speakers to gain valuable information. Keep in mind that unless you have muted or unplugged these devices the microphones are always on. These devices should never request your password, and if they do you should log into your account from another device to confirm the request. Also using 2 factor authentication for accounts linked to these devices will help to mitigate security concerns.

 

Pa$$Words

Strong passwords are extremely important to your personal cyber security. The list of accounts and passwords we are required to use is constantly growing. From your bank account to Amazon or Netflix, you have passwords for almost everything you do online.

As security concerns become more prevalent many of these accounts require minimum levels of password strength, and at the very least will inform you when you are using a weak password. Remembering all these complex passwords is very difficult. Especially if you take proper security precautions and use a different password for every account.

With the passwords we use becoming more complex many options have appeared to help you  keep track of the ever increasing list of passwords. Most of the browsers that you use offer the ability to store your passwords for you, and automatically log you in. While some of these are more secure than others, they are not usually the ideal solution from a security perspective.

There is another option, password managers are becoming increasingly popular, and are generally a more secure option. Some charge a monthly fee, but most offer free versions.

Below I have listed a few different password managers. They have free versions, but also offer paid versions with more features.

Bitwarden http://bitwarden.com

Last Pass http://lastpass.com

Dash Lane http://dashlane.com

Public Wi-Fi

One of the greatest in modern amenities, free Wi-Fi is common occurrence in shops, hotels, airports, and even places like libraries and parks.

While free Wi-Fi is amazing, and almost always better than slugging through on your mobile network, anyone connected to the network can see what your sending/receiving (email or website content for example).

You are extremely vulnerable while connected to public Wi-Fi; although if you are using certain apps, or connected using https your data is encrypted.

One way to better insure you are protected is to use a VPN or Virtual Private Network whenever you are connecting to any public network.

Fake Browser Update is Ransomware

A recent trend in cyber attacks have taken the form of browser updates. When you open your browser it informs you that it is out of date and needs to be updated, when you click on update the malware is deployed. This attack can take the form of Chrome (pictured above) , Internet Explorer, Opera, …

Continue Reading

The rise of Hacking as a Service (HaaS)

Criminal enterprises have taken note of the growth in popularity of as-a-service products, copying this tactic to create Hacking-as-a-Service (HaaS). HaaS have provide some of the same services as the legitimate as-a-service offerings such as: live chat support, 24/7 phone support, monthly payment plans, discounts for purchasing year long subscriptions, and even marketing campaigns to …

Continue Reading

Phishing; Why does it still work?

In a recent Webroot Report nearly half of employees confess to clicking links in messages from Unknown senders while at work. Phishing emails are one of the most common vehicles for attacks. With employees receiving high volumes of emails each day, and the pressure to maintain high performance and efficiency, professionals are becoming even more …

Continue Reading

Importance of a HIPAA risk assessment

For health care organizations, failing to comply with or maintain HIPAA guidelines and standards can lead to large fines. The first step to securing electronic protected health information (e-PHI) is performing a Security Risk Assesment. According to the Health & Human Services HIPAA Security Series, these are the eight steps to performing a Risk Assesment. …

Continue Reading

Cyber Attacks Rapidly Increasing

In the past year hackers have been launching cyber Attacks against SMB ports and IoT devices at record pace, more than tripling in the past year. TCP ports primarily used on IoT devices were highly targeted. Exploits like Eternal Blue which targets a flaw in SMB protocol through port 445, has been widley used for …

Continue Reading
Scroll to top