Microsoft recently reported the Windows Print Spooler PrintNightmare vulnerability that enables attackers to take over affected servers via remote code execution with system privileges. 

Topics: Alerts, cybersecurity, Microsoft, Information Security, Patching

Updated with recording on 7 July 2021:

 

Join Innovative Computing Systems and cybersecurity partner Sophos for a free webinar to learn how Managed Threat Response enhances your firm's information security. 

Topics: Webinars, cybersecurity, Information Security, Sophos MTR

Just about anywhere you look these days, there are articles about a company getting hacked or a breach gets reported. As you read through the news story, the author throws around terms and jargon that can get confusing. Let’s go through some of the common terms and how they interact.

Topics: cybersecurity, Information Security

You've heard patching your systems is important, but what does that really mean? In the following, Innovative RMM Administrator Tallon DeHart explains Microsoft's patching schedule and why your firm needs to regularly apply manufacturer updates. 

 

Topics: cybersecurity, Infographic, Cybersecurity Infographic, Information Security, Patching

The ongoing breach affecting thousands of organizations that relied on hacked products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo from the Administrative Office (AO) of the U.S. Courts.

Topics: cybersecurity, Hacking, Information Security

 

Topics: Security, cybersecurity, Ransomware, Information Security, Privacy

It happens so innocently: an employee logs into email, sees a message that his password needs to be updated in Outlook and clicks on the link provided. But the email wasn’t generated by Microsoft, it was sent from a cybercriminal who had an email address that looked legitimate. Suddenly, an attack has been launched on your employee and your firm.

The time is now to better understand your firm’s weaknesses. What systems are vulnerable? How can you best secure the environment? How can you best secure data stored in the cloud? How can you best secure on-premises infrastructure? How do you secure your firm’s general computing environment?

Our article “The Top 6 Penetration Testing Fails” will help you answer these extremely tough questions.

We'd love to share advice on enhancing your firm's cybersecurity. Call us at 1-800-541-0450 or email us at sales@innovativecomp.com to get started. 

 

Topics: cybersecurity, Cybercrime, Articles, Information Security, Penetration Testing

Everyone needs to know what to do in the event of a successful cyberattack.

Topics: Security, Training, Technology Consulting, cybersecurity, Ransomware, FBI Internet Crime Complaint Center, US-CERT, IC3, Secret Service, PII, Federal Trade Commission, Cybercrime, Publications, Articles, Information Security

Law firm cybersecurity continues to evolve. This is more than just a technology issue or an added clause in the retainer agreement—it’s one of the biggest risks that law firms will face in 2019. Cybersecurity is part of doing business, and pressure from clients is causing firms to invest and focus more on cybersecurity and its concomitant risk management.

Cyberattacks have become so frequent that it is no longer a matter of whether firms will be the victim of a cyberattack, but a question of when and to what extent. This is a result of easily accessible malware and increasingly sophisticated cybercriminals. It is no longer enough to relegate cyber-risk management to the IT department and it requires more than a general guideline on computer use. These prevalent threats are changing the entire IT ecosystem, including documents, websites, emails, servers, cloud applications and mobile devices.

In this webinar, attendees will hear from a panel of law firm professionals, information security experts and IT professionals who will discuss the current security landscape at law firms. The discussion will cover law firms' responsibility to manage cybersecurity, including risk management, potential future threats and steps firms should take today to ensure the security of their firms' and clients' data. The panel will also briefly highlight current security legislation and regulation highlights.

During this moderated discussion, attendees will learn:

• The state of law firm data security today
• The biggest cybersecurity risks for law firms
• What to do to manage cyber risk
• How to recognize a cyberthreat 
• The lawyer’s cyber standard of care
• Increasing client requirements of law firms 
• How to avoid cybersecurity legal malpractice claims

Topics: Webinars, cybersecurity, Cybercrime, Information Security, David Lam, Michael Kemps, Citadel Information Group

The only thing to be afraid of when it comes to cybersecurity is not having a plan.

 

Topics: Security, Technology Consulting, Managed Services, cybersecurity, Two Factor Authentication, 2FA, Information Security

Recent research has shown changes in the effectiveness of various phishing attacks.

Cofense, previously PhishMe, issued a report based on 1,400 clients in 23 industries in more than 50 countries that notes that 7.5 million phishing emails were reported in 2017 alone. But the effectiveness of phishing campaigns has shifted.

In prior research, users were most emotionally motivated to open emails that made them feel a sense of urgency, fear or opportunity. Those three emotional motivators have now been replaced with entertainment, social and reward/recognition.

Topics: Security, Training, cybersecurity, Ransomware, Hacking, phishing, Cybercrime, Email Security, Information Security

A recent ransomware attack against the city of Atlanta took its computers offline for over a week while city officials, along with the FBI, attempted to remedy the situation without paying the hackers $51,000 in Bitcoin. 

Topics: cybersecurity, Ransomware, Cybercrime, Email Security, Information Security

Topics: Security, Training, Malware, Information Governance, Email Management, Network, Access Control, Mimecast, Dual Factor Authentication, whaling, cybersecurity, Passwords, Biometric Authentication, Two Factor Authentication, Ransomware, Hacking, Advanced Persistent Threats, phishing, Antivirus, Cybercrime, Enterprise Mobility Management, Mobile, Email Security, 2FA, Information Security, Penetration Testing, Vulnerability Testing, firewall

We have recently been made aware of a sophisticated email phishing campaign targeting law firms and other businesses. 

Topics: Security, Alerts, Email Management, cybersecurity, Hacking, phishing, Cybercrime, Email Security, Information Security, Identity Theft

 

Just after the school year commenced, Steve Bradshaw, superintendent of the Columbia Falls, Montana, schools got a menacing text from a number he didn’t recognize. The cyber thug behind the message made a myriad of threats – including physical harm to district students and staff and releasing their personal information – unless a ransom was paid in Bitcoin. The community was thrust into a panic, and the district closed its 30 schools for three days.  Was this response warranted or appropriate?

 

Topics: Information Governance, cybersecurity, Ransomware, Cybercrime, Information Security