A few years back, large cloud services like Google and Facebook, began allowing other websites and services to authenticate new users through their websites. OAuth, which stands for Open Authorization allows signing in to services such as Zoom, without setting up a new account; instead, it uses Google ID or Facebook login information. Many find this…
Security
Twin State Technical Services
Tips to Identify Scams/Scammers & How to Avoid Being a Victim
Malware and ransomware attacks continue going up. In 2020, ransomware attacks increased 485%, and during the first half of 2021, they’ve risen another 151%. Cyberattacks have become one of the biggest risks to an organization. Falling victim to one can mean hundreds of thousands of dollars in remediation costs. This makes IT security defenses a…
How Not to Look Like a Spammer When Sending Emails
Have you ever sent an email to a client only to have it “lost?” Missing emails can cause delays that hurt your business and make it difficult for you to properly communicate with those outside your organization. A common occurrence is to find out that at first the recipient thought they never received your email,…
Zero-Day Exploits and How to Defend Against Them
When reading about ransomware attacks or data breaches in the news, you’ll probably run across the term “zero-day exploit.” This type of attack is often at the heart of many widespread attacks because it’s one of the most difficult for traditional cybersecurity methods to detect. A recent example was the breach of the Microsoft Exchange…
Layered Security Services
Protecting your data, your processes, and your investment Companies across the globe took a new approach in 2020 to doing business, including moving more to the cloud and using virtual workflows for the first time. This opened the door even wider to cyberattacks. Cybercriminals look to businesses of all sizes, not just big businesses. Don’t…
Demonstrating Compliance With Data Security Regulations Can Be Easy If You Are Prepared
Keep a close watch on IT system access These days, most businesses are subject to data protection laws or regulations of one kind or another. Violations often come with pretty stiff penalties. To help demonstrate you are compliant with access control requirements, you should have clear policies and procedures about who gets access to what,…
Do You Know Who Has Access to Your Systems?
When you took their keys back, did you cancel their passwords, too? The last time an employee left your business, did you revoke their access to your IT systems? Are you sure? Do you have a way to check? What kind of information could your former employees get if they still hold valid credentials?…
What is the Best Way to Change Your Passwords?
You change your clothes. You change your oil. Make sure you also change your passwords. An alert pops up on your computer: It is time to change your password again. Sigh. Fine. You will just change from password4! to password5! and― Not so fast. Regular password changes are meant to make sure that even if…
How Strong Are Your Passwords?
Strong Security Starts with Strong Passwords If you use the same password for multiple systems―online shopping, email, your company’s cloud bookkeeping solution, etc.―you are not alone. Even Facebook founder Mark Zuckerburg is guilty of this. In 2016 his LinkedIn credentials were compromised in a major breach, giving hackers access to his Twitter account, too,…
Microsoft Exchange On-Premise Server Exploit
Twin State Technical Services received notification on the morning of Wednesday, March 3, regarding four (4) unique 0-day vulnerabilities that were discovered and affecting Microsoft Exchange Server versions 2013, 2016, and 2019. The notification also disclosed that threat actors were known to be actively exploiting these vulnerabilities in the wild. The response from the Microsoft Exchange Team can be found here: https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901 Additional…