Articles

CYBERSECURITY AND COMPLIANCE

5 Things to Know About Phishing Attacks

The more you know about phishing, the better you will be able to spot phishing attacks. Here are five phishing fundamentals that can help you avoid becoming the next victim. Only 66% of working adults correctly answered the question “What is phishing” in 2019 Proofpoint survey. This means one-third of adults do not know that phishing is a form of…

Using Strong Passwords Is Not Always Enough to Stay Secure

Cybercriminals commonly use compromised passwords in cyberattacks. For example, in ransomware attacks, compromised passwords have now surpassed phishing scams as the No. 1 way to gain access to the systems in which the ransomware is planted, according to F-Secure’s “Attack Landscape H1 2019” report. And compromised passwords is No. 2 on hackers’ list of tools to use to gain access…

Mitigating the Risk of a Ransomware Attack

Xantrion’s cybersecurity program takes a risk based approach to preventing, detecting and recovering from a potential ransomware attack. We provide multilayered protections which consider the various methods criminals might use to penetrate a client’s network and protect against each of these attack vectors.  We monitor client systems so that, should compromise occur, it can be quickly detected and shut down. Even…

Watch Out for This Direct Deposit Scam

Most companies use direct deposit to pay their employees. In the United States, for example, more than 80% of workers have their paychecks deposited directly into their personal bank accounts. This practice is providing many opportunities for cybercriminals to perpetuate their latest scam — trying to get businesses to deposit employee paychecks into their accounts. Variations of the Direct Deposit…

Are your Employees Inadvertently Exposing Data?

The number is eye-opening: 83% of companies believe that employee errors have put sensitive business and customer data at risk of exposure, according to a study by Egress. More than 1,000 security professionals at US-based companies participated in this study. The study also identified the technologies that most often involved in this type of accidental data leak. Email services provided…

The 4 Riskiest Airports for WiFi

Using free WiFi at airports is convenient but potentially dangerous. According to a recent Coronet study, these four airports are the riskiest: 1. San Diego International Airport in California.  There is a 30% chance of connecting to a medium-risk network and a 11% chance of connecting to high-risk hotspot at this airport. The researchers even found an “evil twin” Wi-Fi access…

Cryptojacking: The new Ransomware and what to do About it?

Cryptojacking might not seem as dangerous as ransomware or data breaches since cybercriminals are stealing a computer’s processing power rather than money or data. However, companies that dismiss this threat might be putting their businesses at risk. Cryptojacking malware is becoming increasingly sophisticated, which could spell trouble for companies unprepared for it. The Changing Face of Cryptojacking Cryptojacking was born…

How to Develop a Vendor Risk Management Program

If you’re like most businesses, you have a variety of third-parties that you rely on to support your core business functions. And in many cases, they have the ability to connect to your network. By providing them remote access, you are effectively increasing your potential attack surface for cybercriminals to exploit. So what happens if their systems aren’t secure? They…

Shadow IT: What You Don’t See Can Hurt You

Shadow IT is any technology used by employees that your IT department doesn’t know about. That would never happen to us, you may say — but you’re probably wrong. According to Gartner, most companies hugely underestimate how much shadow IT their employees are using. And that’s a big problem, because what you don’t know about, you can’t secure. Outsourcing your…

Identity Management: The Key to Cloud and Mobile Security

When we talk about data security, we’re basically talking about two things: making sure information and applications are available to people who are authorized to use them, and keeping everyone else away. Identity management is key to our ability to do that. Identity management is the process of defining who you are and what you’re allowed to do with corporate…

How to Protect your Employees from Phishing

Phishing is one of the biggest security threats to Xantrion’s clients right now. Small and midsize businesses are low-hanging fruit for attackers because they have more worth stealing than an individual, but fewer security safeguards than a larger business. What’s more, phishing attempts, or social engineering attacks, are becoming more frequent and more sophisticated. The harder they are to spot,…

Cybersecurity and Compliance Concerns? Microsoft Office 365 Has You Covered

Over the last year or so, we’ve been encouraging our clients who want to use a cloud-based office productivity suite to choose Microsoft Office 365. We’ve already talked about its rich functionality, ease of use, availability, and cost-effectiveness. Now we’d like to talk about its security and compliance features. Microsoft is an industry leader in data compliance, so it should…

Ransomware Infections Are Through The Roof: What Should you do?

The quick money to be made in ransomware scams appears to be driving furious innovation in the cybercrime world. A recent Trend Micro report stated that some cybercriminals have begun using macros and scripts, professional-looking phishing pages, and a computer’s master boot record to get victims to activate the malware on their computer systems. As a result, ransomware infections are…

Building a Foundation for Cybersecurity Risk Management

Cybersecurity used to be primarily a concern for IT departments at large companies to tackle through technology — but that’s no longer true. Today, even small and midsized companies need to worry about the ramifications and repercussions of cybercrime. Cybercriminals are increasingly sophisticated, relentless, highly skilled, and well-funded. Their exploits are often targeted, automated, and even sponsored by nation-states with…

Help Your Employees Protect Sensitive Data

Spending on cybersecurity hit an all-time high in 2017. Unfortunately, so did the frequency of cybercrime — proof that tools alone aren’t enough to keep your sensitive information safe. In fact, employees who inadvertently give hackers access to the company computer network are one of the leading causes of data breaches. If you don’t want your employees to be the…

Cybercons are Increasingly Clever: You Have to be Too

Determined cybercriminals are constantly inventing new ways to access your company bank account. Sometimes they try to break in. Sometimes they try to steal your passwords and account information. But some of their techniques are designed to get you to simply hand over the money—and these social engineering tactics are becoming even more common.   One social engineering con we…

A Holistic Approach to IT Compliance

Few issues in the last several years have been more bewildering and frustrating for organizations than government rules regarding the security and retention of electronic data. More than one organization has probably wished there was a way to comply, in one fell swoop, with all the regulations, from the Sarbanes-Oxley Act to the Health Insurance Portability and Accessibility Act (HIPAA)…

IT Policies and Procedures: The Missing Piece of the Cybersecurity Puzzle

New technologies have emerged that allow unprecedented efficiency, freedom and functionality e.g. cloud services, mobile computing, etc. However, they also introduce new risks that are harder to control and have higher impacts when something goes wrong. Technical measures, such as data backups and virus protection, are important for maintaining cybersecurity. However, they are only a part of the puzzle. They…

New Cybersecurity Measures Required to Protect Against Online Banking Attacks

We have observed that increasingly sophisticated cyberattacks are being directed at the on-line banking systems of our clients. In particular, targeted attack mechanisms which are either new or which have been modified so they are not recognizable to antivirus software. This new cyberthreat requires changes in cybersecurity practice to ensure that you are not victimized, suddenly discovering that criminals have…

Articles

CYBERSECURITY AND COMPLIANCE

5 Things to Know About Phishing Attacks

The more you know about phishing, the better you will be able to spot phishing attacks. Here are five phishing fundamentals that can help you avoid becoming the next victim. Only 66% of working adults correctly answered the question “What is phishing” in 2019 Proofpoint survey. This means one-third of adults do not know that phishing is a form of…

Using Strong Passwords Is Not Always Enough to Stay Secure

Cybercriminals commonly use compromised passwords in cyberattacks. For example, in ransomware attacks, compromised passwords have now surpassed phishing scams as the No. 1 way to gain access to the systems in which the ransomware is planted, according to F-Secure’s “Attack Landscape H1 2019” report. And compromised passwords is No. 2 on hackers’ list of tools to use to gain access…

Mitigating the Risk of a Ransomware Attack

Xantrion’s cybersecurity program takes a risk based approach to preventing, detecting and recovering from a potential ransomware attack. We provide multilayered protections which consider the various methods criminals might use to penetrate a client’s network and protect against each of these attack vectors.  We monitor client systems so that, should compromise occur, it can be quickly detected and shut down. Even…

Watch Out for This Direct Deposit Scam

Most companies use direct deposit to pay their employees. In the United States, for example, more than 80% of workers have their paychecks deposited directly into their personal bank accounts. This practice is providing many opportunities for cybercriminals to perpetuate their latest scam — trying to get businesses to deposit employee paychecks into their accounts. Variations of the Direct Deposit…

Strategic, Reliable, and Secure. Learn more about our services.

Are your Employees Inadvertently Exposing Data?

The number is eye-opening: 83% of companies believe that employee errors have put sensitive business and customer data at risk of exposure, according to a study by Egress. More than 1,000 security professionals at US-based companies participated in this study. The study also identified the technologies that most often involved in this type of accidental data leak. Email services provided…

The 4 Riskiest Airports for WiFi

Using free WiFi at airports is convenient but potentially dangerous. According to a recent Coronet study, these four airports are the riskiest: 1. San Diego International Airport in California.  There is a 30% chance of connecting to a medium-risk network and a 11% chance of connecting to high-risk hotspot at this airport. The researchers even found an “evil twin” Wi-Fi access…

Cryptojacking: The new Ransomware and what to do About it?

Cryptojacking might not seem as dangerous as ransomware or data breaches since cybercriminals are stealing a computer’s processing power rather than money or data. However, companies that dismiss this threat might be putting their businesses at risk. Cryptojacking malware is becoming increasingly sophisticated, which could spell trouble for companies unprepared for it. The Changing Face of Cryptojacking Cryptojacking was born…

How to Develop a Vendor Risk Management Program

If you’re like most businesses, you have a variety of third-parties that you rely on to support your core business functions. And in many cases, they have the ability to connect to your network. By providing them remote access, you are effectively increasing your potential attack surface for cybercriminals to exploit. So what happens if their systems aren’t secure? They…

Shadow IT: What You Don’t See Can Hurt You

Shadow IT is any technology used by employees that your IT department doesn’t know about. That would never happen to us, you may say — but you’re probably wrong. According to Gartner, most companies hugely underestimate how much shadow IT their employees are using. And that’s a big problem, because what you don’t know about, you can’t secure. Outsourcing your…

Identity Management: The Key to Cloud and Mobile Security

When we talk about data security, we’re basically talking about two things: making sure information and applications are available to people who are authorized to use them, and keeping everyone else away. Identity management is key to our ability to do that. Identity management is the process of defining who you are and what you’re allowed to do with corporate…

How to Protect your Employees from Phishing

Phishing is one of the biggest security threats to Xantrion’s clients right now. Small and midsize businesses are low-hanging fruit for attackers because they have more worth stealing than an individual, but fewer security safeguards than a larger business. What’s more, phishing attempts, or social engineering attacks, are becoming more frequent and more sophisticated. The harder they are to spot,…

Cybersecurity and Compliance Concerns? Microsoft Office 365 Has You Covered

Over the last year or so, we’ve been encouraging our clients who want to use a cloud-based office productivity suite to choose Microsoft Office 365. We’ve already talked about its rich functionality, ease of use, availability, and cost-effectiveness. Now we’d like to talk about its security and compliance features. Microsoft is an industry leader in data compliance, so it should…

Ransomware Infections Are Through The Roof: What Should you do?

The quick money to be made in ransomware scams appears to be driving furious innovation in the cybercrime world. A recent Trend Micro report stated that some cybercriminals have begun using macros and scripts, professional-looking phishing pages, and a computer’s master boot record to get victims to activate the malware on their computer systems. As a result, ransomware infections are…

Building a Foundation for Cybersecurity Risk Management

Cybersecurity used to be primarily a concern for IT departments at large companies to tackle through technology — but that’s no longer true. Today, even small and midsized companies need to worry about the ramifications and repercussions of cybercrime. Cybercriminals are increasingly sophisticated, relentless, highly skilled, and well-funded. Their exploits are often targeted, automated, and even sponsored by nation-states with…

Help Your Employees Protect Sensitive Data

Spending on cybersecurity hit an all-time high in 2017. Unfortunately, so did the frequency of cybercrime — proof that tools alone aren’t enough to keep your sensitive information safe. In fact, employees who inadvertently give hackers access to the company computer network are one of the leading causes of data breaches. If you don’t want your employees to be the…

Cybercons are Increasingly Clever: You Have to be Too

Determined cybercriminals are constantly inventing new ways to access your company bank account. Sometimes they try to break in. Sometimes they try to steal your passwords and account information. But some of their techniques are designed to get you to simply hand over the money—and these social engineering tactics are becoming even more common.   One social engineering con we…

A Holistic Approach to IT Compliance

Few issues in the last several years have been more bewildering and frustrating for organizations than government rules regarding the security and retention of electronic data. More than one organization has probably wished there was a way to comply, in one fell swoop, with all the regulations, from the Sarbanes-Oxley Act to the Health Insurance Portability and Accessibility Act (HIPAA)…

IT Policies and Procedures: The Missing Piece of the Cybersecurity Puzzle

New technologies have emerged that allow unprecedented efficiency, freedom and functionality e.g. cloud services, mobile computing, etc. However, they also introduce new risks that are harder to control and have higher impacts when something goes wrong. Technical measures, such as data backups and virus protection, are important for maintaining cybersecurity. However, they are only a part of the puzzle. They…

New Cybersecurity Measures Required to Protect Against Online Banking Attacks

We have observed that increasingly sophisticated cyberattacks are being directed at the on-line banking systems of our clients. In particular, targeted attack mechanisms which are either new or which have been modified so they are not recognizable to antivirus software. This new cyberthreat requires changes in cybersecurity practice to ensure that you are not victimized, suddenly discovering that criminals have…
Menu