2-Step Verification Process A Must!

Sep 14, 2018 | Security Tips

Was your Corporate Data Meeting-up with people in the cloud last night?

Rachelle
BlackBox Connections

Protect Your

Corporate Data

arrow pointing to phone number for how to protect your corporate data

587-355-1566

Contact Us
2-step verification - Security from Office 365

Was your Corporate Information meeting up with someone

YOU DON’T KNOW in the Cloud last night?

 

Accessing your information has never been easier – if you are not using two-step verification.  Everyone has access to two of three requirements to access your information.  One, a browser and internet connection; and Two, your email address. The Third requirement is your password.  Your password may have been left in a browser cache, written a sticky note, shared with others, know on the dark webs, etcetera.

Generally people do not respect a password as much as it should be.  Use a password management tool and/or add another requirement to access information – two-step verification.

Two-step verification requires proving two things – a thing you know, and a thing you have.  The thing you know is your password.  The thing you have is your phone.  Therefore, having the phone and approving the request meets the criteria for the second factor of authentication.

So now what?  EASY!  Get your business set up with a two-step verification process so that ALL INFORMATION that is accessed in the cloud is protected!

To get protection give us a call at 587-355-1566.

hacker breaking in
“For every lock, there is someone trying to pick it or break in.”
DAVID BERNSTEIN
2-step verification process
hacker image
“I love it when you use the same password for everything!”
Your Hacker
Want to Subscribe to our Awesome Tips?
[zohoForms src=https://forms.zohopublic.com/virtualoffice12581/form/SubscribetoTips/formperma/AKC4c6mmGmRxGmADKB8BWiARRlqk_MbH1sgb2cYHI78 width=90% height=400px/]

Anti-Spoofing Protection

Aug 20, 2018 | Security Tips

BlackBox connections - Blog - Office 365 anti-spoofing protection to all exchange online organizations

Is your’s Enabled?

Great news if you are currently with Office 365…as they have opened the doors of their security to help many more people!  If you have been using them thus far then great, all you need to do is make sure it is enabled!

If you don’t know how to do this…not to worry, we can help!  Give us a call at 587-355-1566.

Now if you are not a Office 365 user at the moment but KNOW THIS will make a HUGE difference in the security of your company…then give us a call and we can get you signed up and enabled!

Why do you NEED THIS?  To stay safe of course!  I am sure you have received those annoying emails that “look” like they are from a “safe” sender…but end up NOT BEING!  Something like this below:

spoofing example email

Basically these hackers are attempting to trick the user into clicking the link within the message….which in turn does some nasty things to their computer such as downloading malware or  obtaining your credentials and more! In addition Microsoft has also added more security to anti-phishing as well!  Again this feature must be enabled…so if you’re not too sure if you are…give us a call at 587-355-1566 or send us an email at [email protected].

Contact Us
Continue Reading

Mileage Tracker Now Included!

Jul 17, 2018 | Security Tips

BlackBox connections - Blog - ipad-mileage tracking

Need to track mileage for employees who are offsite…or possibly yourself?

 

Now you can!  With Microsoft 365 Business and Office 365 Business Premium subscriptions you can easily track mileage!  And best of all…it’s FREE!

MileIQ is ready for you to sign up today!  Take advantage of automatic tracking that will generate a comprehensive record of your drives.  You and your Team can have access to a seamless tracking tool to save you time and money!

A great feature included is that you can even differentiate which is for personal and which is for business!  All you need to do is swipe to the left for personal or to the right for business drives!  With ease, you can also add details like parking prices or other expenses incurred while on your drive.

Not only that however, you will receive weekly reports on your mileage…and those can be customized as well!  If you need to send in a report, you can do it simply by creating a report and emailing it in.  No paperwork, just clicking a few buttons and done!  Access your MileIQ dashboard from all devices such as your smartphone, ipad, etc., since everything is stored securely in the cloud!

Connect with us so we can get you started today!

by BlackBox Connections

Topic: Track Mileage Easily for FREE

Contact Us
Continue Reading

Getting clicks on your website?

Mar 23, 2018 | Security Tips

BlackBox connections - Blog - Why SEO should matter to you

If your getting clicks on your website then your probably doing a descent job on your SEO.

Now if you just can’t seem to figure out why you’re not getting clicks or getting traffic to your website, then you may need to re-evaluate your SEO Strategy.  And if you are someone that is lost as to if you have a SEO plan to begin with….and have no idea where to start, then we’re glad you are here.  We want you to get more clicks!

What is SEO?  Basically SEO is short for Search Engine Optimization.  This is the method used to improve traffic and ranking of a website.

Why is SEO important?  Well let me ask…..does your website show up on the first page of Google when you search for your business?  If the answer is NO, then we need to chat!

SEO or Search Engine Optimization is an ABSOLUTE must if you want people to find you.  If a person does a Google search for a service they are looking for and you aren’t WORKING YOUR SEO….they WILL FIND YOUR COMPETITOR INSTEAD!

So what can SEO do for you?

You will be found! I know pretty basic…but we are thinking that is what you want, right?!  With our SEO techniques, we will help prospects find your website and local listings when they conduct local searches. We review your business and website to determine the SEO keywords and tactics that are right for you.

Connect with us so we can show you why & how we make YOUR website on THE TOP PAGE OF GOOGLE!

by BlackBox Connections

Topic: Getting clicks On Your Website?

Contact Us
Continue Reading

Latest Data Breach List

Feb 22, 2018 | Security Tips

BlackBox Connections Logo

Location

Unit 203
70 Country Hills Landing
NW Calgary, AB T3K 2L2

Office Hours

Mon – Fri
8:00 – 5:00
Support 24hrs

Call us Today

587 355 1566

[email protected]

BlackBox Connections Logo Image

Call us Today

587 355 1566

Latest Data Breach List

Data Breach!  We hear it more and more….and is up by 40%!

Do you know if you have given your personal information to any of the companies listed below? What about any of your employees?  Being aware of the latest data breach is of the utmost importance! Everyday we are being asked for our email address or other personal information and it can be difficult to know for sure where your information is going and if it is still safe! Below is a list of the latest data breaches we have had in the past year:

Yahoo! (Update)

Back in December of 2016, there was word that more than 1 Billion users were impacted by the 2013 Yahoo data breach, but unfortunately that number was way off.  It was more like 3 Billion accounts were indeed stolen.  Four months after Verizon acquired Yahoo’s core internet assets, it revealed that every single customer account had been breached including email, Tumblr, Fantasy and Flickr.

Gmail

Google put a stop to this one in about an hour, but even during that time, they estimated that 1 million users may have been affected.  Gmail users were targeted in a sophisticated phishing scam that were trying to get access to accounts through a 3rd party app.

DocuSign

Hackers recently targeted both customers and users with a malware phishing attack.  Only one of the systems were breached, but they were still able to obtain email addresses.  This led to a malicious email campaign that prompted recipients to click and download a Microsoft Word document that contained malware.   If you have received a suspicious DocuSign Email, forward it to [email protected]Remember to ONLY access documents directly through the DocuSign website and not by clicking email links.

Verifone

Known as the largest maker of point-of-sale credit card terminals, this company discovered a data breach of its internal network back in January 2017.  The breach did not affect the payment services network, but did affect the corporate network.  The data breach was immediately handled but sources say there is evidence that a Russian hacking group is responsible.  The hackers may have been inside Varifone’s network since the mid 2016, but this has yet to be confirmed.

OneLogin

A data breach attack that started at 2 am PST on May 31, was shut down by 9 am, OneLogin reports.  OneLogin allows users to manage logins to multiple sites and apps through a cloud-based platform.  While this company provides services for about 2,000 companies in 44 countries, over 300 app vendors and more than 70 software-as-a-service providers, they are not too sure of the full extent of this data breach.  They do know, that customer data was compromised, including the ability to decrypt encrypted data and the investigation is ongoing.

River City Media

Thanks to Chris Vickery, a security researcher for MacKeeper, a leak called “Spammergate” was found and reported to the authorities right away.  A group of spammers that operate under the name of River City Media, unknowingly released their private data into cyberspace after they failed to properly configure their backups.  The “bad guys” leaded information including:  HipChat logs, domain registration records, accounting details, infrastructure planning, production notes, scripts, business affiliations….not to mention 1.4 billion email accounts, IP addresses, full names and some physical addresses. Law enforcement is involved, but it is unclear as to what will happen with River City Media.

Deep Root Analytics

Chris Vickery, a cyber risk analyst, who has discovered other well known data breaches…including ones in this article, has discovered that the sensitive information collected by Deep Root Analytics, has exposed important personal information of U.S. voters.  The Republican National Committee had hired Deep Root Analytics to gather political information last year, which has now affected roughly 198 million American citizens.  Their personal information was stored on an Amazon cloud server without a password protection for almost two weeks.  Compromised informatino included names, dates of birth, home addresses, phone numbers, and voter registration details.  Since that time, they have updated the access settings and have put protocols in place to prevent further issues.

Online Spambot

Just like the River City Media breach we mentioned just above, where the “bad guys” had information stolen….well it happened again to an online spambot.  The data breach this time however is larger.  This one involves 711 million records, including email addresses and some passwords, with the goal of sending spam emails.  They had forgotten to secure the server the data was kept on.  It is currently unknown as to how many other people have found this database and are using it for their own negative purposes.

Verizon

This was another discovery by Chris Vickery, of UpGuard.  We have mentioned him in this post a few times as being the founder of some horrible data breaches!  If you have contacted Verizon’s customer service in the past 6 months, you may have been one of the 14 million subscribers that were affected by this data breach.  Apparently records taken were held on a server controlled by Israel based Nice Systems.  Although Chris reported this data breach to Verizon in late-June, it took more than a week to secure this breached data.  The data that had been obtained were log files that had been generated once a customer contacted Verizon via phone.

SVR Tracking

More than half a million customer records were leaked during this data breach.  SVR Tracking, a company out of San-Diego, provides a service for auto dealerships and lot owners to be able to locate and recover vehicles.  On September 20, Kromtech Security Center informed SVR Tracking of its findings in regards to 540,642 records that were unsecured in an Amazon S3 bucket.  The bucket was secured within 3 hours, but they are unsure as to how long the information was publicly available online.  The sensitive information that was leaked included:  email addresses, passwords, licence plate numbers, VINs, as well as the ability to see every single place a vehicle has been in the last 120 days.

Deloitte

Once named the “best cybersecurity consultant in the world” by Gartner, has been a target of the latest data breach.  This multinational professional services firm, failed to employ a two-factor authentication, and when hackers acquired a single password from an administrator of the firm’s email account, they were then able to access all areas of the email system.  Deloitte insists that only a small fraction of its clients were affected, but this was indeed an embarrassing situation for the company.

Saks Fifth Avenue

The Canadian company Hudson Bay, who owns Saks Fifth Avenue had their own data breach in which tens of thousands of customers information was visible on a page through their website.  The page was where customers could join a wait list for products they may be interested in, but it was possible to see email addresses, phone numbers, products codes and IP addresses.  BuzzFeed was the company that broke the news and once Saks Fifth Avenue were informed, they removed the page immediately.  They are still unclear as to how this happened, who did it or which customers may have been effected.

Equifax

As one of the three largest credit agencies in the U.S., it was alarming to hear of this data breach.  It has been called one of the worst in history, with it affecting 143 million consumers and their extremely sensitive information.  From Mid May to July of this year, hackers had access to the company’s system, by exploiting a weak point in the website software.   Information leaked included: Full names, addresses, dates of birth, Social Security numbers, driver’s license numbers, credit card numbers and other personal information.

E-Sports Entertainment Association (ESEA)

Roughly 1,503,707 records were stolen from one of the largest video gaming communities in December 2016.  Unfortunately, how many people were affected is still unclear.  Some of the information they believe was leaked included:  registration date, city, state, last login, username, first and last name, bcrypt hash, email address, date of birth, zip code, phone number, website URL, Steam ID, Xbox ID, and PSN ID.

Xbox 360 ISO and PSP ISO

Back in September 2015, it was revealed that Xbox 360 ISO and PSP ISO had been hacked.  The sensitive user information was taken from roughly 1.2 million Xbox 360 ISO users and 1.3 million PSP ISO users.  The information that may have been taken was:  e-mail addresses, IP addresses, username and passwords.

Arby’s

Between October 25, 2016 and January 19, 2017, malware was placed on a payment system inside certain Arby’s restaurants.  The malware was removed the but scope of the breach is not yet known.

Chipotle

Between March 24, 2017 and April 18, 2017, payment card transactions were affected.  The company did post a notification on their website to inform their customers, but as of yet they are unsure as to who and what may have been taken.  They believe they have stopped the unauthorized activity, but it is too early to give any more information.

InterContinental Hotels Group (IHG)

If you have ever stayed at any of these popular chains like Crown Plaza, Holiday Inn, Candlewood Suites, and Kimpton Hotel, you may have had your card information stolen.  Malware was found on servers which process payments made at on-site restaurants and bars.  Any cards used at the front desks however, were fine.  From August 2016 – December 2016 is when the malware was active.  It would have stolen cardholder names, card numbers, expiration dates, and internal verification codes.  Some of the targeted locations include:  Sevens Bar & Grill – Crowne Plaza, San Jose-Silicone Valley, the Bristol Bar & grille – Holiday Inn, San Francisco’s Fisherman’s Warf, InterContinental San Fransico, Aruba’s Holiday Inn Resort, and InterContintental Los Angeles Century City.

Dun & Bradstreet

33 Million corporate contacts from Dun & Bradstreet, a large business services company, had its marketing database shared across the web, back in March of this year.  According to the company, they were not breached but had actually sold the 52GB contact database to thousands of companies across the country.  Which of those businesses that may have suffered this data breach is still unclear.  Millions of employees from organizations like the U.S Department of Defense, the U.S. Postal Service, AT&T, Wal-Mart and CVS Health had their information leaked.  Information such as full names, work email addresses, phone numbers and other business related data was taken.

 

UNC Health Care

Between 2014 and 2017, women who had completed pregnancy home risk screening forms at prenatal appointments in either the Women’s Clinic at N.C. Women’s Hospital or the UNC Maternal-Fetal Medicine at Rex, may have mistakenly had their personal information shared to local county health departments.  1,300 letters were sent to patients who may have been affected by this data breach.  Information that was shared included full names, addresses, races, ethnicities, Social Security numbers, and a variety of health-related information.

Bronx Lebanon Hospital Center

Due to a misconfigured Rsync backup, hosted by a third party iHealth, thousands of medical records were exposed from the Bronx Lebanon Hospital Center in New York.  Patients that visited the hospital between 2014 and 2017 may have had extremely personal information leaked.   This data breach had included details such as names, home addresses, religious affiliations, addiction histories, mental health and medical diagnoses, HIV statuses, and sexual assault and domestic violence reports.   Immediate steps were taken from iHealth to protect the exposed information.

Brooks Brothers

Exact locations of this data breach are not yet known, but if you shopped at a Brooks Brothers retail stores or outlets between April 4, 2016 and March 1, 2017, you may have had your credit card information stolen.  Apparently an unauthorized individual installed malicious software onto some of the payment systems, which collected the card information.  The issue has been resolved but no other details have been given.

Kmart

The parent company for Kmart, Sears Holdings, has reported another data breach similar to the one they had back in 2014.  Kmart’s store payment systems were infected with malware.  Kmart.com and Sears shoppers were not impacted by the breach and it has been removed, but they are still unsure as to how long the system was under attack and how many stores would have been affected.  Certain credit card numbers may been leaked but no personal information was compromised.

University of Oklahoma

Education records dating back to at least 2002, were unintentionally exposed through privacy setting at the University of Oklahoma.  The student-run newspaper, The Oklahoma Daily was the first to reveal this data breach.  The newspaper reported that there were more than 29,000 instances in which students’ private information was made public to users within the University’s email system.  Information such as Social Security numbers, financial aid information and grades were compromised.  Until further notice the University has shut down the file sharing program.

Blue Cross Blue Shield / Anthem

80 million customers were affected by this 2015 data breach from Health Insurance company, Anthem.  While the settlement still needs to be approved by the courts, they have agreed upon $115 million.  Customers using Anthem Blue Cross & Blue Shield, Blue Cross & Blue Shield of Georgia, Empire Blue Cross & Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and deCare brands may have been affected.  The company had agreed to provide the impacted customers with 2 years of credit monitoring services, but have now extended that offer to an additional 2 years, as part of this settlement.

California Association of Realtors

A data breach was reported between March 13, 2017 and May 15, 2017, in which a malware was active on the organization’s online payment system called store.car.org.  Real Estate Business Services (REBS), a subsidiary of the California Association of Realtors has been dealing with this latest data breach and has removed the malware, as well as started using PayPal for their payments.  Payments made from a user on the website, personal information may have been copied by the malware and shared to an unknown 3rd party.  The sensitive information transmitted, would have been:  user’s name, address, credit card number, credit card expiration date and verification codes.

TalentPen and TigerSwan

Personal information for Job seekers with Top Secret clearance were publicly available and unsecured for just over 6 months according to UpGuard a cybersecurity firm.  Roughly 9,000 documents were affected during this data breach.  The documents were found in a folder labelled “resumes”.  TigerSwan, had ended a contract with TalentPen, a 3rd party vendor, who had failed to take down the files after they had been transferred to TigerSwan back in February.  The files were left in a bucket site on Amazon Web Services by TalentPen, without a password or any type of security until August 24, 2017.  Once Amazon had been contacted, the files were taken down.

U.S. Securities and Exchange Commission (SEC)

In 2016, Jay Clayton, Chairman of the SEC, issued a statement in regards to cybersecurity.  A software vulnerability in the test filing component of the SEC’s EDGAR system was discovered, but was fixed promptly.  In August of this year however, the SEC learned that the data breach may have provided the basis for illicit gain through the trading.  This vulnerability allowed access to nonpublic information, but they do not believe that there was access to personally identifiable information.

Sonic

Sonic,the fast food chain with almost 3,600 stores in 45 states, were informed of their data breach in which unusual activity was noticed on customer payment cards.  It is not immediately known which locations were affected.  The company is working with law enforcement and investigators to determine more.  KrebsOnSecurity was first to report this data breach after discovering a “fire sale” of millions of stolen credit and debit cards on the Dark Web.

Whole Foods Market

Recently acquired by Amazon, Whole Foods Market made an announcement about a recent data breach of its payment system.  They do not believe that individuals who shopped at the store were affected, but those who used the taprooms or full table-service restaurants may have. The investigation is still ongoing and updates will be provided.  The company also mentioned that Amazon’s payment systems were not connected to Whole Foods Market, so no Amazon transactions were impacted.

Disqus

Back in 2012, was when Disqus, a blog comment hosting service had their own issue with a data breach.  Unfortunately, the company had no idea they were a victim of this until the website, Have I been Pwned? reached out to them about exposed user information they had found.  After verifying the authenticity of the data, it was found that is was information taken from their 2012 user database, which had information dating back to 2007.  The information taken included:  user email addresses, user names, sign-up dates, and last-login dates.  Evidence of unauthorized logins has not been shown, but they have reset the passwords of all affected users.

by BlackBox Connections

Topic: Latest Data Breach List

Contact Us
Read More

Millions paid in Ransomware according to Google

Feb 22, 2018 | Security Tips

BlackBox Connections Logo

Location

Unit 203
70 Country Hills Landing
NW Calgary, AB T3K 2L2

Office Hours

Mon – Fri
8:00 – 5:00
Support 24hrs

Call us Today

587 355 1566

[email protected]

BlackBox Connections Logo Image

Call us Today

587 355 1566

Millions paid in Ransomware according to Google

Ransomware increasing at an alarming rate!  Are you backed up?

 

Are you at risk for a ransomware attack?  It may be worth looking into, as it seems it is only getting worse!  Everyday the search term “ransomware” is being googled.  With an increase of 877% over the past year, it seems hopeful that people are taking action in regards to educating themselves on how to properly maintain their security and to find out what is ransomware.

Research led by a Google Team, publicly presented its findings at the Black Hat USA security conference in Las Vegas on July 26th of this year.  The session was titled “Tracking Ransomware End to End”.  Because this search query has seen such an increase, the research team lead by Google, worked with Chainalysis, the University of California at San Diego and New York University to gain a better understanding of ransomware.

According to Google data, only 37% of users are backing up their data on a regular basis, which is why hackers are able to have such devastating effects on their victims.  A large percentage of victims will choose to pay the ransom in order to get their data back.  Almost all ransomware relies on Bitcoin cryptocurrency as their payment model, as it is easy for hackers to set up and can easily be converted to cash.

Bitcoins are held in what is called a Bitcoin wallet, which is also the address where the victim’s make their ransom payment to.  The attackers will then move these Bitcoins from multiple wallets to a single account, explained Luca Invernizzi, a research scientist at Google. Finding the accumulation wallet is critical in order to go through the transaction ledger and discover any victims of these attacks.

The research partners along with Google used a multistage process to find these accumulation wallets.  First they scanned the internet and social media for any kind of ransomware reports in order to find Bitcoin addresses.  Next, Invernizzi said that Google infected its own isolated virtual machines with ransomware to get some ransomware payment addresses.   “We made micro-transactions to the different Bitcoin wallets that we discovered to uncover more of the ransomware payment network,” he said.

In order to gain a broader view of the ransomware ecosystem, Google’s research team collected 154,000 ransomware binary files from 34 different ransomware families.  From there, google then applied machine learning techniques to scale and automate the ransomware Bitcoin wallet discovery process.

From the analysis, Google was able to find an estimate of how much money had been paid by ransomware victims from the beginning of 2014 to the end of the second quarter of 2017.  There were likely some payments that were missed by Google, but they estimated that the total was at least $25 million paid out to attackers.

According to FBI’s Internet Crime Center’s 2016 report however, the google estimation is much larger then their 2,673 ransomware complaints for that year.  Victims paid out roughly $2.4 million for ransomware according to them.

Google’s data prior to 2016 shows minimal payments were made to ransomware wallets.  This was the turning point however, as ransomware is now a multi-million dollar business.  Based on the numbers, it seems as though ransomware is here to stay…….so make sure you are protected!

 

by BlackBox Connections

Topic: Millions have been paid in Ransomware according to Google

Contact Us
Read More