Prevent Social Engineering in the Workplace!!

Prevent Social Engineering in the Workplace!!

Back on August 15th 2022, UBER was hacked again. It was compromised as a hacker gained access to an inter-departmental chat service called “SLACK” …and used that to spoof an administrative appearing message to gain an employee’s password and used that to access the rest of the network. Here is a link to the Tech Republic Article from the internet:  Uber Social Engineering Leak August 15, 2022
 
How does this happen? How do you KEEP THIS FROM HAPPENING AT YOUR COMPANY???
 
By LEARNING YOURSELF, THEN TRAINING YOUR EMPLOYEES!!
 
Here is a document that can help you do just that. I didn’t write it, I’m just sharing it so that the information can get out there, because obviously it’s not getting out there or these breaches would not continue to occur in late 2022.

 

Hackers Are Not That Smart…

Hackers Are Not That Smart…

Don’t Fear Hackers, Just Protect, and Sleep At Night

I just wanted to write a brief post, in light of all the internet hacking and malware that is going on lately. There are some pretty nasty infections going around the web at the moment. But people shouldn’t fear them. If you have your security up tight, if you have done all the basics, and follow all the rules, life will go on, and everything will be ok. Most hackers are not actually that intelligent. Granted, there is a handful of extremely bright coders/programmers out there. But you need to know that this is NOT the majority of the crowd out there. The majority of the crowd falls into the category of what we like to call “script kiddies” …people with zero skills, who download malicious programs from the internet and the darkweb (if they actually survive without getting hacked themselves) and attempt to put them to work. (more…)

Give the Gift of I.T.

Give the Gift of I.T.

Everything I.T.’s gift certificates make the perfect Christmas (or other occassion) gift for the person that is difficult to buy for, because they can be used for so many different things. If the recipient is non-technical, they can be used to set up email, for computer tutoring or training, or for remote technical assistance if they get in a jam they just can’t resolve on their own. It can be used for a computer repair, for home or business. For the more technical person, it can be used for computer hardware upgrades (for your favorite gamer) like graphic cards, hard drives, extra memory, or whatever. It can use used to help them get that website going that they know they need but haven’t been able to afford, or if they already have one, they can get upgrades to it, or even an annual maintenance contract. The best part is, …you don’t have to choose. You just chip in, purchase the gift certificate, and let them use it however they want! It’s perfect really…There are very few people who can’t find some use for it. You can purchase the gift certificate for any amount you choose, from $35 and up. ($35.00 is still the minimum 1 hour rate for any job) It’s perfect for young and old alike. I tutor students, and work with seniors, I’m very patient, and can help anyone who needs it to adapt to the technical era. Get one today!


AMOUNT (add quantity later)
Name of recipient
Recipient Mailing Address



WordPress 4.9 Released

WORDPRESS VERSION 4.9 UPDATE RELEASED

Be sure to update your WordPress sites and keep them secure. (and get all the wonderful additional features they add in major version releases). Today version 4.9, nick-named “Tipton” was released. It has a lot of new features, new widgets, a lot of customizer improvements, coding enhancements, and much more, GO READ ABOUT IT if you are interested. It is sitting there on your dashboard, waiting for you to run the update, so take the 5 minutes and go do it. Don’t forget to backup both the files and the database first, so if something on your site for some reason is not compatible, you can restore it to the prior configuration.

GET HELP

If you need any help, Everything I.T. has wonderfully affordable WordPress annual maintenance packages that cover updating and backups, and in some cases restoration from a successful hack. (If someone hacks your site, we’ll put it back for you, a feature of the advanced maintenance package) We can also install SSL on your site for around $75, and we also have a full security configuration as well that covers putting a firewall, setting blocking of known blacklists, and about 30 other deterrent features that are wonderful, and entirely worth the price. CALL TODAY!

WordPress Plugin Removed From Repository for Crypto Mining Script

So I haven’t posted in a while. And I’m not sure how this type of formatted post will display on Facebook, so it’s kind of test.

Anyway, today I found some information that is kind of different, and I think you will find it very interesting. Today, WordFence (a security plugin authoring company) blogger wrote about a plugin that was taken down from the WordPress repository. It was a plugin called “Animated Weather Widget by weatherfor.us ” and what it did on the website frontend where it was installed, I don’t really know. But it’s what it did in the background/backend that is very interesting. Apparently this plugin ran a script that installed an iframe script that basically turned the whole PC into a crypto currency mining computer, using ALL the resources of any client computer that visited a website that had the plugin installed. Now you should understand that the website owners themselves had no knowledge of this, so you can’t really fault them. Eventually they will discover (hopefully) that the plugin no longer exists (or hopefully they will test their own site) and will remove it from their site, but if you ever go a website, and your computer fan starts running like crazy, then you are going to want to leave that website immediately.

If you want to go read the whole amazing story, you can go here and read it on the WordFence website, but I downloaded the amazing story on video for you : WordPress Plugin Banned for Crypto Mining

Everything I.T. is concerned about your safety on the internet, and we post discoveries like this often on our blog. Please register, please comment, and/or please share.

 

Black Monday for Wifi

Today is BLACK MONDAY: WiFi is No Longer Secure”

Today is being called “Black Monday” in many information security circles. We have had a major Wi-Fi vulnerability announced that affects absolutely every device that supports Wi-Fi. The vulnerability allows attackers to decrypt WPA2 connections. A second vulnerability has also emerged today. This is a bad day for security. 

There is a lot of very technical information, which most of you won’t understand, but if you techies want to read the full article, WordFence wrote it much better than I ever could. You can catch that post here: WORDFENCE WPA2 ENCRYPTION CRACKED!  

Just to show you how quickly a hacker can now get onto a wifi network, and get passwords, and much, much more, I’ll add the Video here so you don’t have to click to watch the video. 

 I will follow up this post, as soon as I learn how to secure wifi again. As it is, everyone is using WPA2, it was supposed to be the unbreakable security method. But I’m sure they will tell us quickly how to block these kind of attacks, and I will pass it on to you as soon as I find out myself. (because information should be shared)