Blog

CYBERSECURITY AND COMPLIANCE

The Seven Critical Layers of Cybersecurity

It’s no longer enough to just install a firewall and antivirus software and think you have robust cybersecurity protections. Today, you need a cybersecurity strategy that stands toe-to-toe with the bad guys’ methods, frequency, and vectors of attack. And rather than starting with solutions and working backwards, we recommend checking out this infographic to take a layered approach, then work…

FBI Issues Warning for Critical Zoho Bug

A joint effort by multiple US government agencies has discovered a security threat that exploits Zoho’s ManageEngine ADSelfService Plus, a self-service password management solution with a single sign-on solution. These agencies include the Federal Bureau of Investigation (FBI), United States Coast Guard Cyber Command (CGCYBER) and Cybersecurity and Infrastructure Security Agency (CISA). This task force has designated the vulnerability as CVE-2021-4053,…

Phishing Deep Dive: Spear Phishing

Spear phishing and classic phishing are not one and the same. Discover how spear phishing emails differ from their classic counterparts and how to protect your company from spear phishing scams. Spear phishing and classic phishing email attacks are not one and the same. From a bird’s eye view, they look remarkably similar. That’s because in both types of scams,…
Outsourced cybersecurity for business

T-Mobile Breach Exposed the Personal Data of 54 Million Customers

On August 15, 2021, the world first learned about the massive T-Mobile data breach. The disclosure came from a most unusual source — the hackers who pulled off the data heist. The cybercriminals told BleepingComputer that they hacked into T-Mobile’s production, staging, and development servers and stole the personal data of millions of T-Mobile customers. A day later, T-Mobile confirmed that its systems had…
Protect your sensitive data from a breach

The Latest Data Breach & Why It Keeps Happening

The growing value of information is increasing the incentive of hackers to obtain data from both individuals and organizations. These incidents include ransomware attacks in which the perpetrator encrypts the victim’s data or threatens to publish that data unless the victim pays a ransom. Another tactic is to simply sell the information, either to a specific party or the highest…

The Massive Costs of Ransomware Attacks

Read time: 90 seconds
Ransomware attacks have continued to increase in 2021, creating challenges for individuals and organizations throughout the world. Major victims of recent attacks include Apple, Colonial Pipeline and the Washington DC Metropolitan Police Department. Many individuals have also been victims of ransomware attacks, resulting in very high costs, both in the ransoms themselves and the disruption of services they cause. Ransomware…

Senate & House Using Bills to Combat Cyberattacks. Is it Working?

Read time: 90 seconds
The U.S. House of Representatives has recently passed multiple bills to support cybersecurity requirements for state and local governments as of July 2021. This legislation would also strengthen defenses of critical infrastructure and improve remediation measures for security measures. Analysts expect these bills to have far-reaching effects in the way managed detection and response (MDR), managed service providers (MSPs) and…

Secure Hybrid Environments Effectively

Read time: 45 seconds
Every day, BP manages the difficult business of finding, producing, marketing, and moving energy around the globe. Core to success is the modernization and digitization of the business, while being able to defend a vast digital perimeter against cyberattacks. This video shows how BP is migrating its work environment to Microsoft 365 Enterprise E5 to take advantage of a platform…

Security Beyond Microsoft Products

With Microsoft, security can be simple once again. Microsoft 365 provides an intelligent security hub that works seamlessly across platforms, going far beyond Microsoft—to Linux and Mac, to AWS and beyond, so you can manage mission critical workloads with the right tools at your fingertips. Watch the video to learn more and contact Xantrion with any questions.

Why Invest in Integrated Threat Protection?

With data growing increasingly more valuable and harder to protect, digital security has become infinitely complex. Check out our infographic below to learn why an investment in Microsoft Threat Protection provides the built-in intelligence, automation, and integration to coordinate protection, detection, response, and prevention that organizations need to stay secure. Contact us to learn how Xantrion’s managed service offerings can…

Microsoft Threat Protection is a Best-In-Class, Intelligent Security Solution

Cyber-attackers will cross multiple domains like email, identity, endpoints, and applications to find the point of least resistance. Today’s defense solutions have been designed to protect, detect, and block threats for each domain separately, allowing attackers to exploit the seams and threshold differences between solutions—leaving the business vulnerable to attack. Microsoft Threat Protection stops attack sprawl and auto-heals enterprise assets with…

New Bills on Capitol Hill After the Colonial Pipeline Attack

The recent ransomware attack against the Colonial Pipeline illustrates the need for a plan to protect the economy in the event of a major cyber-attack, according to members of the House’s Homeland Security Committee (HSC). The Colonial Pipeline shut down operations last week as a result of the attack, leaving 45 percent of the U.S. East Coast without its normal fuel supply.…

5 Lies Cybercriminals Tell to Get You to Click Malicious Links

Read time: 60 seconds
The numbers are staggering. Each day, 156 million phishing emails are sent. Spam filters catch about 90% of them, but that still means 16 million phishing emails make it through to recipients’ inboxes, where half are opened. Out of the 8 million emails opened, 800,000 of them lure recipients into clicking a link. That simple act can lead to malware being installed,…

Business Email Scams in the Year of the Pandemic

Read time: 60 seconds
In BEC attacks, cybercriminals pose as company executives, supplier reps, lawyers, and other business professionals to con organizations into sending them wire transfers and sensitive data (e.g., bank account numbers, gift card numbers). Despite the pandemonium from the coronavirus pandemic, BEC scammers stole an unprecedented $1.9 billion from their victims, according to IC3’s “2020 Internet Crime Report“.  This all-time high is continuing to…

April 13 is Identity Management Day

Read time: 45 seconds
In a world defined by our use of technology, how we are identified digitally is important. Our digital identities and the credentials that protect them define how we work, interact with each other, access technology, execute transactions, and so much more.  For organizations, Identity and Access Management (IAM) “is the discipline that enables the right individuals to access the right…

Seven Steps to Building a Strong Cybersecurity Strategy

If it seems like we’re spending a lot of time talking about cybersecurity lately, you’re not imagining things. Between the need to secure systems so employees can work effectively from home and a massive uptick in cyberattacks, security is at the top of everyone’s agenda, including our own. This step-by-step checklist for building an effective cybersecurity strategy is written for CIOs, but we think it’s useful…

Today is Data Privacy Day

Read time: 20 seconds
Data Privacy Day is Jan. 28, just like it is every year. But as with everything else, COVID-19 has forced us to reconsider a new normal for enforcing data privacy in the work-from-home (WFH) environment. Sponsored by the National Cyber Security Alliance (NCSA), Data Privacy Day is designed to “inspire dialogue and empower individuals and companies to take action” on…

Health Care Warning: Beware of Pandemic Phishing Attempts

Read time: 30 seconds
Hospitals and other health care organizations need to tighten up their email security protocols and boost their anti-phishing training to fend off growing cyberattacks that use requests for COVID-19 data to try to penetrate IT systems.  CEOs at several Massachusetts hospitals recently received requests for COVID-19 statistics in emails that appeared to come from US Department of Health and Human Services. However, the emails included external links that…

Gain a Competitive Edge with Advanced Security Solutions from Microsoft

Read time: 45 seconds
When The Walsh Group—a construction contractor—moved to the cloud, it realized it needed better ways to manage who accesses its systems. The company set up identity as the control plane—with Microsoft Azure Active Directory at the center and a zero-trust security stance to better protect access to all its resources. Now, The Walsh Group CIO says the company leads the industry…

Blog

CYBERSECURITY AND COMPLIANCE

The Seven Critical Layers of Cybersecurity

It’s no longer enough to just install a firewall and antivirus software and think you have robust cybersecurity protections. Today, you need a cybersecurity strategy that stands toe-to-toe with the bad guys’ methods, frequency, and vectors of attack. And rather than starting with solutions and working backwards, we recommend checking out this infographic to take a layered approach, then work…

FBI Issues Warning for Critical Zoho Bug

A joint effort by multiple US government agencies has discovered a security threat that exploits Zoho’s ManageEngine ADSelfService Plus, a self-service password management solution with a single sign-on solution. These agencies include the Federal Bureau of Investigation (FBI), United States Coast Guard Cyber Command (CGCYBER) and Cybersecurity and Infrastructure Security Agency (CISA). This task force has designated the vulnerability as CVE-2021-4053,…

Phishing Deep Dive: Spear Phishing

Spear phishing and classic phishing are not one and the same. Discover how spear phishing emails differ from their classic counterparts and how to protect your company from spear phishing scams. Spear phishing and classic phishing email attacks are not one and the same. From a bird’s eye view, they look remarkably similar. That’s because in both types of scams,…
Outsourced cybersecurity for business

T-Mobile Breach Exposed the Personal Data of 54 Million Customers

On August 15, 2021, the world first learned about the massive T-Mobile data breach. The disclosure came from a most unusual source — the hackers who pulled off the data heist. The cybercriminals told BleepingComputer that they hacked into T-Mobile’s production, staging, and development servers and stole the personal data of millions of T-Mobile customers. A day later, T-Mobile confirmed that its systems had…

Strategic, Reliable, and Secure. Learn more about our services.

Protect your sensitive data from a breach

The Latest Data Breach & Why It Keeps Happening

The growing value of information is increasing the incentive of hackers to obtain data from both individuals and organizations. These incidents include ransomware attacks in which the perpetrator encrypts the victim’s data or threatens to publish that data unless the victim pays a ransom. Another tactic is to simply sell the information, either to a specific party or the highest…

The Massive Costs of Ransomware Attacks

Read time: 90 seconds
Ransomware attacks have continued to increase in 2021, creating challenges for individuals and organizations throughout the world. Major victims of recent attacks include Apple, Colonial Pipeline and the Washington DC Metropolitan Police Department. Many individuals have also been victims of ransomware attacks, resulting in very high costs, both in the ransoms themselves and the disruption of services they cause. Ransomware…

Senate & House Using Bills to Combat Cyberattacks. Is it Working?

Read time: 90 seconds
The U.S. House of Representatives has recently passed multiple bills to support cybersecurity requirements for state and local governments as of July 2021. This legislation would also strengthen defenses of critical infrastructure and improve remediation measures for security measures. Analysts expect these bills to have far-reaching effects in the way managed detection and response (MDR), managed service providers (MSPs) and…

Secure Hybrid Environments Effectively

Read time: 45 seconds
Every day, BP manages the difficult business of finding, producing, marketing, and moving energy around the globe. Core to success is the modernization and digitization of the business, while being able to defend a vast digital perimeter against cyberattacks. This video shows how BP is migrating its work environment to Microsoft 365 Enterprise E5 to take advantage of a platform…

Security Beyond Microsoft Products

With Microsoft, security can be simple once again. Microsoft 365 provides an intelligent security hub that works seamlessly across platforms, going far beyond Microsoft—to Linux and Mac, to AWS and beyond, so you can manage mission critical workloads with the right tools at your fingertips. Watch the video to learn more and contact Xantrion with any questions.

Why Invest in Integrated Threat Protection?

With data growing increasingly more valuable and harder to protect, digital security has become infinitely complex. Check out our infographic below to learn why an investment in Microsoft Threat Protection provides the built-in intelligence, automation, and integration to coordinate protection, detection, response, and prevention that organizations need to stay secure. Contact us to learn how Xantrion’s managed service offerings can…

Microsoft Threat Protection is a Best-In-Class, Intelligent Security Solution

Cyber-attackers will cross multiple domains like email, identity, endpoints, and applications to find the point of least resistance. Today’s defense solutions have been designed to protect, detect, and block threats for each domain separately, allowing attackers to exploit the seams and threshold differences between solutions—leaving the business vulnerable to attack. Microsoft Threat Protection stops attack sprawl and auto-heals enterprise assets with…

New Bills on Capitol Hill After the Colonial Pipeline Attack

The recent ransomware attack against the Colonial Pipeline illustrates the need for a plan to protect the economy in the event of a major cyber-attack, according to members of the House’s Homeland Security Committee (HSC). The Colonial Pipeline shut down operations last week as a result of the attack, leaving 45 percent of the U.S. East Coast without its normal fuel supply.…

5 Lies Cybercriminals Tell to Get You to Click Malicious Links

Read time: 60 seconds
The numbers are staggering. Each day, 156 million phishing emails are sent. Spam filters catch about 90% of them, but that still means 16 million phishing emails make it through to recipients’ inboxes, where half are opened. Out of the 8 million emails opened, 800,000 of them lure recipients into clicking a link. That simple act can lead to malware being installed,…

Business Email Scams in the Year of the Pandemic

Read time: 60 seconds
In BEC attacks, cybercriminals pose as company executives, supplier reps, lawyers, and other business professionals to con organizations into sending them wire transfers and sensitive data (e.g., bank account numbers, gift card numbers). Despite the pandemonium from the coronavirus pandemic, BEC scammers stole an unprecedented $1.9 billion from their victims, according to IC3’s “2020 Internet Crime Report“.  This all-time high is continuing to…

April 13 is Identity Management Day

Read time: 45 seconds
In a world defined by our use of technology, how we are identified digitally is important. Our digital identities and the credentials that protect them define how we work, interact with each other, access technology, execute transactions, and so much more.  For organizations, Identity and Access Management (IAM) “is the discipline that enables the right individuals to access the right…

Seven Steps to Building a Strong Cybersecurity Strategy

If it seems like we’re spending a lot of time talking about cybersecurity lately, you’re not imagining things. Between the need to secure systems so employees can work effectively from home and a massive uptick in cyberattacks, security is at the top of everyone’s agenda, including our own. This step-by-step checklist for building an effective cybersecurity strategy is written for CIOs, but we think it’s useful…

Today is Data Privacy Day

Read time: 20 seconds
Data Privacy Day is Jan. 28, just like it is every year. But as with everything else, COVID-19 has forced us to reconsider a new normal for enforcing data privacy in the work-from-home (WFH) environment. Sponsored by the National Cyber Security Alliance (NCSA), Data Privacy Day is designed to “inspire dialogue and empower individuals and companies to take action” on…

Health Care Warning: Beware of Pandemic Phishing Attempts

Read time: 30 seconds
Hospitals and other health care organizations need to tighten up their email security protocols and boost their anti-phishing training to fend off growing cyberattacks that use requests for COVID-19 data to try to penetrate IT systems.  CEOs at several Massachusetts hospitals recently received requests for COVID-19 statistics in emails that appeared to come from US Department of Health and Human Services. However, the emails included external links that…

Gain a Competitive Edge with Advanced Security Solutions from Microsoft

Read time: 45 seconds
When The Walsh Group—a construction contractor—moved to the cloud, it realized it needed better ways to manage who accesses its systems. The company set up identity as the control plane—with Microsoft Azure Active Directory at the center and a zero-trust security stance to better protect access to all its resources. Now, The Walsh Group CIO says the company leads the industry…
Menu