The Ping: Holiday Security

As of November 10th PayPal has suspended the operations of bill payment processing company – TIO Networks – until further notice, due to a data breach that could include information such as names, addresses, Social Security numbers, and login credentials.

TIO Networks has nearly 14 million customers, up to 1.6 million of which were compromised. TIO has begun working with the utility companies to inform customers who have been affected. Currently there is no timeline for restoring services. PayPal is working with Experian, the credit reporting agency, to provide a year of free credit monitoring to the affected TIO users. However, the remaining PayPal users can rest easy for their information is still secure, according to a PayPal statement.

Read More

8 Ways to Fight Your Company’s Cyber Insecurities

With Black Friday and Cyber Monday just around the corner, we wanted to give you a few tips on how to keep yourself safe in this holiday season.

According to the Carbon Black Threat Analysis Unit (TAU), organizations saw a +20.5% increase in attempted cyberattacks between November and December of 2016. If this trend continues in 2017, organizations should be extra vigilant as these attacks often begin around the Thanksgiving holiday.

What does insecure mean? Insecure means that your network and the data contained on it can be easily accessed without your knowledge by unauthorized people.

What’s your liability? If you’re a business, at a minimum, you have your employee social security numbers on file probably in QuickBooks or some other accounting application. You may also have trade secrets, plans, or account information. This is what the hackers want.

What should I do? There are a few things you can do to make yourself more secure. These things are not complex but they will require some time from you or a member of your staff.

Read More

The Ping: DDE Vulnerability

Downloading or receiving emails from unknown sources is a risk that we all know can have dire consequences, but that seemingly innocent Word document is now more of a security risk than ever before. 

It was recently discovered that hackers are starting to take advantage of a unique security flaw to gain access to your computer. Previously they would do this by sending you Word documents that contain what are known as “macros.” When enabled, malicious macros can download viruses directly to your machine. Since Microsoft began issuing security warnings for macros, hackers have now found ways to abuse DDE, or Dynamic Data Exchange. DDE is a process that Microsoft uses to share data between applications. For example, Mail Merge can take data from an Excel document and insert it into a Word document. However, it also turns out that hackers can use DDE to send silent download commands in the background of your computer.

Read More