Cyber Security for Small Business Seminar

Join Avasek for a cyber security seminar aimed at small business.

Sixty-six percent of companies and professional firms that suffer a data breach are out of business within six months. The trend among hackers: target small businesses. Avasek Security demonstrates how easy it is for hackers to access your data and how to protect your company.

This highly-engaging training includes live demonstrations of hackers’ tactics and teaches how to:

How to identify phishing emails, dangerous attachments, and other email scams
Steps to take to minimize the risk associated with ransomware
What risky behavior and common traps to avoid to keep you and your employees safe on the internet

WHEN: September 30, 2016 @ 8:00 am – 11:00 am

WHERE:
MIDJersey Chamber of Commerce
423 Riverview Plaza
Trenton, NJ 08611

COST: Free for Clear Members, $35 Chamber Members, $45 Future Members

BUY TICKETS ONLINE

Vector ticket icon

US-Computer Emergency Readiness Team recommends uninstall of QuickTime for Windows

Description

QuickTime for Windows has two critical flaws and Apple is ending support and not going to patch them. If a user visits a malicious web page or opens a malicious file, the vulnerabilities could execute code in the security context of the QuickTime player. Using unsupported software may increase the risks from viruses and other security threats such as lost of confidentiality, integrity, or availability of data.

Affected Systems

All Microsoft Windows with Apple QuickTime installed. If you have iTunes installed on your computer then chances are QuickTime is installed.

Impact

Software will continue to work, however, unsupported software increases the risk of malicious attacks or electronic data loss. The two know vulnerabilities could allow remote attackers to take control of the affected systems.

Solution

The only mitigation available is to uninstall QuickTime for Windows. Users can find instructions for uninstalling QuickTime for Windows on the Apple Uninstall QuickTime page.

If you would like assistance in removing the software from your network contact us

Tech Support Scam: Dell Customer Data Breached

A new phone scam is on the rise and it involves Dell PCs’ owners. Scammers call people who use Dell PCs, and claim to be Dell Tech Support Representatives. They trick users by offering to fix “existing” computer problems by installing remote access software on the victim’s computer. But instead of fixing a problem, scammers install ransomware, software that makes PC completely unusable until a victim pays up. In addition, end-users have hundreds of dollars placed on their credit cards for the bogus service that never been performed.

It is possible that one or more of Dell’s databases got compromised. According to victims, scammers know Dell PC’s owner’s information, such as phone number, unique Dell Tech Support Customer Tag printed on each individual Dell computer, and details of any previous support request made by the victim through official Dell channels.

You can protect your business from this Dell phone scam and its costly complications:

  • educate your staff with cybersecurity training;
  • ensure that your workstations have secure data backups;
  • if anyone calls to help with computer issues, hang up and call the company back.

Avasek, a leading IT security consulting firm, will ensure that all your computers are protected against ransomware and will help you resolve the locked computer issue in 24 hours and without having to pay thousands of dollars in payoff.

Massive WordPress Hack Redirects Thousands of Users

Thousands of WordPress websites have been hacked with malicious code and are delivering TeslaCrypt Ransomware to their unsuspecting visitors. Antivirus is not catching this yet. In the last few days, a massive number of legit WordPress sites have been reported as compromised and been redirecting visitors to what appears as malvertising websites. In reality, end-users are redirected to the Nuclear Exploit Kit, a malicious tool that delivers ransomware threats.

“WordPress sites are injected with huge blurbs of rogue code that perform a silent redirection to domains appearing to be hosting ads,” says Malwarebytes Senior Security Researcher Jérôme Segura. “This is a distraction (and fraud) as the ad is stuffed with more code that sends visitors to the Nuclear Exploit Kit.”

Since it’s not yet clear how WordPress sites are getting infected, the threat is severe. It is highly likely that the hack exploits vulnerability in either WordPress or a very popular WP plugin. This vulnerability allowed hackers to infect all accessible JavaScript files and to install multiple backdoors on WP server that gives them a remote access to the system.

5 Things To Do If You Run WordPress Sites:

  1. Update server operating systems’ software.
  2. Update WordPress to the latest version.
  3. Update all WordPress Plugins to the latest version and remove (uninstall) the plugins you don’t use anymore.
  4. Prevent cross-infections and update all your WP properties at the same time.
  5. Enforce use of a very strong password with the WP two-factor authentication for all WordPress users.

5 Things To Do To Protect Your Business:

  1. Update operating systems and third-party apps immediately.
  2. Backup your data regularly and keep off-site backups.
  3. Use the latest Google Chrome version only, if possible.
  4. Run the latest version EMET on all workstations to block against exploitation.
  5. Provide effective security awareness training for all users.