Category

thinkCSC Security Alert

password spraying

Citrix Data Breach – What You Need to Know

By | Data Security, thinkCSC Security Alert | No Comments

Recently, Citrix, a U.S.-based software firm, confirmed that the “international cyber criminals gained access to the internal Citrix network” and downloaded business documents and other files. The hackers gained access using a method called “password spraying.”

What Is Password Spraying?

Password spraying occurs when hackers use a list of common passwords to try to breach the system. They sometimes use passwords leaked from other breaches, according to Dark Reading, hoping that employee reuse their passwords at work.

How Do You Protect Your Organization from Password Spraying?

Nothing makes a stronger argument for more stringent password requirements for your employees than the results of this study conducted by the National Cyber Security Centre, UK’s independent authority on cybersecurity:

  • 75% of the participants’ organizations had accounts with passwords that featured in the top 1,000 passwords
  • 87% had accounts with passwords that featured in the top 10,000

Allowing your employees to set their own passwords puts your organization at risk.

Most people don’t want to remember numerous usernames and passwords for multiple accounts and programs, and many don’t feel confident in their ability to accurately recall that information. More so, they dislike having to regularly change passwords on individual accounts and being forced to forget previous passwords in exchange for new ones. To deal with this frustration, they tend to do one of two things (or both):

  • Re-use the same usernames and passwords across multiple accounts
  • Write down their usernames and passwords, and store them in their workspace (usually in a place that is easy to find, often on their desk or in a top drawer)

Learn a Lesson from Citrix

If you do not have strong password security and password policies, today is the day to change that practice. Passwords should be long, randomly generated, changed often, and only one layer in many of your overall security effort. You should also be monitoring the Dark Web. thinkCSC is here to help ensure your cybersecurity systems are strong and vibrant, to assist you in your preparation for and response to cyberattacks. Together, we can avoid the mistakes that are common among so many businesses and organizations, in the end becoming as secure as possible in today’s technological world.

thinkCSC provides Dark Web monitoring services provided through a strategic partnership with ID Agent, provider of Dark Web monitoring and identity theft protection solutions. With Dark Web ID, thinkCSC can now offer 24/7 monitoring of millions of sources, including botnets, criminal chat rooms, peer-to-peer networks, malicious websites, bulletin boards, and illegal black-market sites, to alert you of stolen or compromised data and passwords.

While thinkCSC believes that employees will always be the first line of defense against ransomware attacks, the only real solution is for leaders of all –organizations – businesses of all sizes, government entities, schools, hospitals, and –others – to invest in stronger IT security that includes offsite backup and recovery and managed security. These protections, combined with ongoing staff training, strict policies, and constant vigilance, are an absolute necessity in today’s cyber environment.

For new customers interested in information on obtaining our services, please contact us at sales@thinkcsc.com.

Security Alert: Xerox WorkCentre

By | thinkCSC Security Alert | No Comments

We have received several reports from clients who are receiving suspicious emails from Xerox WorkCentre, whether or not they actually use the device.

If you receive a message with “Scanned Image from a Xerox WorkCentre” as a subject and a zip file as an attachment, DO NOT OPEN IT FOR ANY REASON.

As a general practice, no company or device (copier, fax machine, scanner) will ever send you a zip file. You may receive zip files from individuals, but companies and services will not typically send zip files; always proceed with caution.

The Service Desk is always available to answer questions if someone is unsure of a file or attachment. Please contact us if you have opened the email or receive suspicious emails in the future.

Security Alert: VoIP Users Targeted in Email Message Attack

By | thinkCSC Security Alert | No Comments

thinkCSC is urging all VoIP users to take precautions when receiving voicemail to email services, as thinkCSC has identified a new security risk targeting VoIP users. The attack sends a voicemail to email with a .zip or .exe attachment that, when opened, can infect the user’s system and network.

The voicemail to email message will look like it comes from your messaging system but will be from an unknown number. thinkCSC urges VoIP users to proceed with caution when receiving a message from an unknown number. Do not open any .zip or .exe files. Legitimate voicemail to email message formats are .wav or ,mp3 files; if you receive any other type of file, you should assume it is a fake voicemail to email message.

These harmful messages are typically from numbers using non-existent area codes. A listing of all U.S. and Canadian area codes can be found here.

What To Do If You Have Received a Fake Voicemail to Email Message on Your VoIP Service:

  • Do not open any message that is not in .wav or .mp3 format
  • If you receive a message with a .exe or .zip file attached, DO NOT open it
  • If you believe your system has already been compromised, or if you have already opened the file, contact thinkCSC right away.

If you have any questions or believe you have been a target of this threat, please contact our team at your earliest convenience.

Security Alert: Do Not Open .TIFF Files from Unrecognized Sources

By | thinkCSC Security Alert | No Comments

Zero-Day attacks targeting Windows users has been detected by Microsoft and is already affecting people in Asia an the Middle East. It is expected to spread to the U.S. and Europe very quickly. This vulnerability enters your system when you open a .TIFF file and allows the attacker (potentially on a remotely hosted computer) to gain administrative access to your system and network.

It is imperative that you refrain from opening any questionable .TIFF file, as the messages are often constructed to make the user believe they are coming from a trusted choice.

While Microsoft is working to develop a patch to protect users, at this time, current antivirus and firewall solutions are unable to prevent infection. Most vulnerable are Microsoft Office users who are running Windows Vista or Windows Server 2008. Microsoft Office 2003 through Office 2010 are impacted in this zero-day attack.

If you have any questions or believe you have been a target of this threat, please contact our team at your earliest convenience.

Security Alert – Installing OS X Mavericks

By | thinkCSC Security Alert | No Comments

We are receiving a number of reports from clients that the latest OS X Mavericks updates are creating major compatibility, hardware driver, file sharing and printing compatibility issues, as well as other problems. We recommend that you refrain from installing OS X Mavericks until you check with us in order to avoid downtime. Apple is providing OS X Mavericks under the normal updates section with no cost associated with the update.

Because of the issues we’re seeing, we believe the wisest approach is to contact our tech team first and make sure you will not experience any of the compatibility issues being reported. If you have already run the update and you’re experiencing problems, please let us know. If you have any questions or need assistance with your OS X Mavericks update, please contact our team at your earliest convenience.