XFER Blog

Users seem to have a bit of a blind spot when it comes to solutions put out by Google, particularly the risks associated with Gmail. It’s almost odd to say: a security threat leverages Gmail. Unfortunately, it isn’t unheard of, as a phishing scam has been leveraging Gmail and its cooperation with Google Calendar for some time now.

To the average person there are some definite blurred lines between IT security and IT compliance. In fact, these lines are so blurry to most people that they would consider them the same thing. They aren’t. How is it possible to create a fully compliant, completely secure computing environment? You start by understanding how to make both possible.

If you are concerned about your business’ ability to keep its network secure and data protected, you're not alone. More businesses than ever are utilizing modern strategies to ensure that their networks are safe, their hardware is stable, and that their data stays secure. With the continual shifts we are seeing in the threat landscape it is essential that cybersecurity continues to evolve. Today, we take a look at some of the innovations being made in cybersecurity, and what to expect out of future cybersecurity tools.

Most people know what a URL is. It’s the address of a website, typically starting with http:// or https://, and it is essentially the location of a web page or application that can be accessed through a web browser or application. Nowadays, URLs are being manipulated by actors for both positive and negative means. Let’s take a look at URL manipulation and how it could affect you.

The way a business handles network security is directly related to what problems will arise from their use of information systems. Cybersecurity has become a major part of all businesses, of all geographic locations, and all sizes. Because the better your cybersecurity is, the less problems your business will have to overcome, cybersecurity has grown into a multi-hundred-billion dollar a year industry. Cybersecurity hasn’t always been a concern for businesses. After all, the internet hasn’t been around for THAT long. However, the history of cybersecurity has a fascinating story behind it, and today we’d like to share it with you. 

Too frequently, we hear stories about cyberattacks, software vulnerabilities turned tragic, and other pretty terrible situations for businesses. In an effort to help fight this, we’ve put together a list of handy tips for you so that you can be prepared to ward off threats.

Has your business’ network been breached? If not, you will need to continue to prioritize network security to keep hackers at bay. With 446 million records compromised in 2018 alone, businesses need to understand what threats they are currently under. Let’s take a look at some of the biggest data breaches that have happened since the beginning of May. 

Passwords are hard to remember - there’s no denying that. However, there is also no denying how important it is to use different ones for each account, all sufficiently complex, and all the rest. The point is, a lot of people use bad password practices because (to be frank) good password practices are too intimidating. There has to be some kind of acceptable middle ground… right?

We’ve all caught the obvious spam email, like the message that is clearly bogus, or the offer that is definitely too good to be true.

We’re going to confidently assume none of our readers are getting tricked by Nigerian Princes or getting roped into order virility drugs from an unsolicited email. The real threat comes from the more clever phishing attacks. Let’s take a look.

In 2018, Amazon was struck by a considerable attack, with hackers taking funds from approximately 100 seller accounts, according to a Bloomberg report. Between May and October 2018, Amazon sellers were struck approximately 100 times, draining funds from the seller control platform to augment their own funds. According to the investigation, the first fraudulent transaction took place on May 16, 2018, with an undisclosed amount being stolen. The hackers utilized phishing attacks in order to scam their targets.

Microsoft Windows has been a staple of modern computing, with each title in the series offering more innovative features. When it becomes time to retire one of their OSs, it can be troublesome for businesses. This coming January, two of the most utilized versions of the Windows OS--Windows 7 and Windows Server 2008 R2 will be losing support, effectively ending their viability. Businesses that still use these titles will have to come up with a plan about how they are going to proceed once Microsoft retires that software. 

The Internet of Things is rapidly growing in popularity, which makes it all the more likely that some IoT devices will make their way into your office. Also growing: the reputation that these devices have as vulnerabilities to your organizational security. In an increasingly connected world, it is important to remember how the IoT could quickly become a hindrance to your business if not managed properly.

Software solutions don’t last forever. While patches and security updates can stave off the inevitable for quite some time, it’s impossible to maintain a specific solution forever. Support is eventually cut off, and businesses are left exposed if they haven’t taken the time to prepare. In the case of Microsoft SQL Server 2008 and 2008 R2, you are running out of time.

Do you ever think of your business as too small of a target to matter to hackers? Some organizations actually do believe this, and that notion is effectively a trap. The thing that all businesses need to keep in mind is that all organizations, regardless of which industry they fall into, as all companies have data that’s valuable to hackers. We’re here to prove it and ensure you know the best way to protect your data.

In a perfect world, keeping your antivirus updated and having a good firewall in place would be enough to protect your business from cybersecurity threats.

Blockchain technology is all the rage these days. Business owners are going to start hearing this buzzword as a bullet point in software solutions. Developers from all over the world are trying to harness the power of encrypted, distributed data, mainly due to the reputation that blockchain has regarding the “unhackable” permanence of the data stored upon it. However, it as powerful as blockchain is purported to be, it isn’t totally infallible.

Chances are, you’ve heard of “phishing” - a cybercriminal’s scam that steals data, access credentials, and other sensitive information by fooling a user into thinking they are providing this information to someone who is supposed to have access to it. However, there are a few different kinds of phishing, based on how it is carried out. Here, we’ll discuss the realities of spear phishing, and the risks it poses to your business.

If you’re like most people nowadays, your mobile phone is currently well within your reach (and that’s assuming you aren’t reading this blog on it). The fact that most people keep their phone on them at all times has greatly contributed to these devices becoming a part of any given work-related process. One major way is the implementation of two-factor authentication, which we’ll discuss as a part of this week’s tip.

With over 90 percent of people in the United States feeling as though their data is out of their hands, it should come as little surprise that many are looking towards the European Union’s General Data Protection Regulation as inspiration. However, how close is the United States to passing this kind of legislation… and how will smaller businesses fare if (or when) some is passed?

Colleges and universities are part-time homes to more than 16 million people, and employ over 1.5 million more. Most of them utilize the networks set up by the college’s bevy of IT administrators. If you consider that most people have difficulty keeping viruses and other malware off of their personal computers, opening up networks that facilitate this kind of user demand can be tricky. Today, we ask: can a campus’ network every truly be secure?