|  Password security is vital to protecting our online identity and personal information. With the increasing number of data breaches, cyber-attacks, and identity theft, having a strong and secure password has become more critical than ever. But what makes a password strong and secure? Is it length or complexity? What about Multi-Factor Authentication (MFA)? Length vs. Complexity Regarding password security, the length and complexity are two important factors. Length refers to the number of characters in a password, while complexity refers to the types of characters used. The longer and more complex a password is, the harder it is for an attacker to crack or guess. Password Length Password length is the most crucial factor in password security. The longer the password, the harder it is to crack. A long password makes it exponentially harder for attackers to use a brute-force attack, which involves trying every possible combination of characters until the correct password is cracked. For example, a password eight characters long with lowercase letters, uppercase letters, and numbers has 62 possible characters per position. This means that there are 218,340,105,584,896 possible combinations. However, if the password is 12 characters long with the same character set, there are 3.22626676 × 10¹⁷ possible combinations. As we can see, increasing the password length significantly increases the number of possible combinations, making it more difficult for attackers to crack. Password Complexity Password complexity refers to the types of characters used in a password. A complex password includes a combination of uppercase letters, lowercase letters, numbers, and symbols. Using a complex password makes it harder for attackers to use dictionary attacks, which involve using a list of commonly used passwords to try and guess a password. For example, if your password is "password123," attackers can easily guess it using dictionary attacks. However, if your password is "P@ssW0rd123!", it is much harder to guess as it contains a combination of uppercase letters, lowercase letters, numbers, and symbols. Combining Length and Complexity Ideally, passwords should be long and complex. However, the most important password factor is length because adding additional characters to the password makes it exponentially more difficult to crack. We suggest a password length of longer than 15 characters. Multi-Factor Authentication However, passwords, regardless of the complexity and length, are not good enough anymore. Hackers have developed server clusters that can guess 348 billion passwords a second. Refer to https://securityledger.com/2012/12/new-25-gpu-monster-devours-passwords-in-seconds/ for more information. This article is over ten years old. If you apply Moore's Law (compute power doubles every 24 months) to the cluster, what used to take five servers in 2012 should take only one server in 2023. As you know, MFA sends you an additional code via a text/email or an App to verify your identity. With MFA, you're effectively changing your password whenever you log in. We recommend using MFA every time you log into a computer, whether you're working locally or remotely. Conclusion In conclusion, password length and complexity are important factors in creating a strong and secure password. A long password with a complex combination of characters makes it harder for attackers to crack or guess. However, passwords are not good enough anymore. We suggest using MFA every time you log in. If you need help with your password policy or implementing MFA, send an email to info@adscon.com. |
|  Today, technology is at the heart of every business. Whether managing customer data, running critical applications, or keeping the lights on, businesses rely heavily on their IT infrastructure. That's why companies need to have a proactive IT maintenance plan in place to ensure business continuity. Proactive IT maintenance involves regularly monitoring, testing, and updating systems to prevent issues from arising. Instead of waiting for problems to occur and then fixing them, a proactive approach focuses on preventing issues from happening in the first place. Here are some reasons why proactive IT maintenance is crucial for business continuity: - Minimizes Downtime. Proactive IT maintenance can help prevent downtime by catching issues before they cause downtime. Regular system checks and updates can identify and address potential problems, ensuring business operations remain uninterrupted.
- Improves Security. Cyber threats are on the rise, and businesses are at risk of being hacked or having sensitive data stolen. Proactive IT maintenance includes proper maintenance of security measures like firewalls, antivirus software, and regular backups to protect against cyber-attacks.
- Increases Productivity. When technology fails, employees are unable to work, and productivity suffers. Proactive IT maintenance can identify and fix issues before they cause disruptions and maintain employee productivity.
- Saves Money. Fixing issues after they occur can be disruptive and costly. Proactive IT maintenance can help identify and address potential issues before they become major problems, saving businesses the expense of emergency repairs.
- Improves Customer Satisfaction. Technology failures can impact customer service, which can have long-term consequences for a business's reputation. Proactive IT maintenance can prevent disruptions to customer service, ensuring that customers are satisfied and loyal.
Proactive IT maintenance is crucial for business continuity in today's digital age. By taking a proactive approach to IT maintenance, businesses can ensure that their technology runs smoothly, minimizing downtime, improving security, increasing productivity, saving money, and improving customer satisfaction. If you need help proactively maintaining your IT Infrastructure, please email info@adscon.com. |
|
Cyber threats are always on the rise, and businesses are constantly looking for ways to protect themselves. One of the most effective ways to train your team is through gamification. Gamification is the process of using game design elements and principles in non-game contexts to engage users and solve problems. It is a powerful tool that can help organizations improve employee training and development. Gamification can be used to create immersive and interactive learning experiences that are more engaging and effective than traditional training methods. It makes learning more fun and interactive by incorporating game elements such as points, badges, levels, and leaderboards. This helps employees stay engaged and motivated to learn! We include this approach in our own cybersecurity training program for your team. This includes phishing simulations and scenarios that replicate real-world cybersecurity threats. This allows employees to experience and learn how to deal with cyber-attacks in a safe and controlled environment. This can provide immediate feedback to employees, allowing them to learn from their mistakes and improve their skills. This can help identify areas where employees need further training or support. It can also reinforce learning by incorporating repetition and feedback. This can help employees retain information and apply it in real-life situations. And finally, it’s fun. Gamification can create a sense of competition and motivation to learn among employees. This can lead to improved learning outcomes and a stronger cybersecurity culture within the organization. This effective tool for training employees and improving cybersecurity is just one component of our solution. By making learning more engaging, interactive, and effective, it can lead to a better-trained workforce and a more secure organization. As cyber threats continue to evolve, organizations must invest in employee training and development to stay ahead of the curve, and we can help your business to achieve this.
If you need help implementing this training for you and your employee, just click here to book a free 30 minutes discovery call with us!
|
|  Are you using Office 365 or Exchange for email? Business Email Compromise (BEC) is running rampant. After a hacker obtains your user name and password, they will monitor your email for any interesting activity. Your company is especially at risk if your business deals with large money transfers with wires or ACH payments. Once a hacker finds an invoice or other large transaction, the hacker will email your client from your email (masquerading as you). The hacker will instruct your client that your bank account has changed, and the client should transfer the funds to the new bank account. If payment is not made immediately, the hackers (masquerading as you) will send additional fake emails making the payment request more urgent. Often they will create a rule that will automatically mark any emails from the targeted client as read and place them in a very rarely used folder like the RSS Feeds folder. That way, they can continue communicating with the targeted client without you noticing the rogue emails. Please perform the following check to ensure there aren't any unknown routing rules in your email. - In Outlook
- Start Outlook.
- Click on File, Rules and Alerts.
- In the Email Rules tab look for any rules you weren't aware of. If unknown rules exist, take a screenshot of the rule and clear the checkbox to disable the rule or delete the rule.
- In Outlook Web Access (OWA).
- Log into OWA.
- Click on the Gear in the upper right corner.
- Options, Inbox and sweep rules.
- If any rules exist that you weren't aware of, take a screenshot of the rule and clear the On checkbox to disable the rule or delete the rule.
If you DO find a rule that you weren't aware of, contact any involved parties immediately (via your phone, NOT email) to notify them of a potential email compromise. Ask the client if they've recently received a request from you or your company to change any bank account. Please take the following measures to protect your company from this type of attack: - Change your passwords regularly.
- Don't use the same password for different accounts.
- Enable Multi-factor Authentication on all accounts, including OWA access and email access.
- Stay up to date with patches.
- Implement cybersecurity end-user training so employees can spot this type of attack.
- Alert all clients if they ever receive a bank change request from you, they MUST verify the change face to face (best) or with a phone call. Instruct them NOT to use any phone number listed on the request, but have the client contact you directly on your cell phone. Instruct them NOT to use email to verify the request.
If you need help implementing any of these protection measures, send an email to info@adscon.com. |
|  We recently ran into a tricky problem on a terminal server. The CPU utilization would spike to 100% for approximately one minute every 30 minutes. When this happened, the Terminal Server would appear to freeze and become unresponsive. Using the Task Manager, we noticed that the Webroot Core process took up most of the CPU resources during the spike. We contacted Webroot support, and they recommended a uninstall/reinstall of the Webroot Software using the instructions below: - Uninstall Webroot.
- Restart the server and press F8 in the boot screen.
- Select Safe Mode with networking.
- Start a cmd prompt
- Type in "C:\Program Files\Webroot\WRSA.exe" -uninstall or "C:\Program Files (x86)\Webroot\WRSA.exe" -uninstall for 64bit systems
- Enter the CAPTCHA.
- WRData & WRcore Removal
- Verify c:\programdata\WRData and c:\programdata\WRCore are removed. The previously sent uninstall command should remove these folders however, if it hasn't, please delete both.
- Verify that the Webroot folders have been removed from both C:\Program Files and C:\Program Files (x86). Delete them manually if they have not been removed.
- Reinstall Webroot
- After ensuring that the WRData and WRCore folders are gone, download the most current version of SecureAnywhere. Download the latest software version from the Resources tab in the Management Console.
- Do not use an installer that you have downloaded previously. Please be sure to download a new installer from the console. This ensures all recent fixes and improvements are included in the latest version.
If you have high CPU Utilization on a server running Webroot, try this fix. It worked for us! |
|  There is a major Bug on how some software stores the date/time of 1/1/2022. Some software stores the date/time as a long integer variable. The maximum value of a long integer variable is 2.147.483.647. But when the date of 2.201.010.001 is stored, systems break because this value is greater than the maximum allowed value of a long integer variable. This Bug will impact any system that stores the date/time as a long integer variable. As far as we know, it breaks mail flow on on-premise Exchange Servers and Mail Auditing and the Junk Box on the Sonicwall Email Security Appliance. For Exchange, you have to bypass malware scanning on your Exchange Server to re-establish mail flow by issuing the following PowerShell commands: - Get-ExchangeServer | % {Set-MalwareFilteringServer -BypassFiltering $true -Identity $_.Name}
- Restart Transport service
- $ExchangeServers = Get-ExchangeServer | Select -ExpandProperty Name
- $ExchangeServers | % {Get-Service -ComputerName $_ -ServiceName MSExchangeTransport | Restart-Service -Force}
- Restart the Exchange Front end Transport Service.
- Restart the Exchange Transport Service.
For SonicWall Email Security, a new version of the firmware will address this Bug – there currently is no workaround. |
|  VMware has discovered multiple issues with vSphere ESXi 7.0 Update 3, 3a, and 3b and vCenter 7.0 Update 3b. These versions are no longer available for download. If you downloaded any of these builds before VMWare pulled them, DO NOT install these updates. The ESXi updates can cause the Purple Screen of Death (PSOD) and crash the host under certain circumstances. Here are links to known issues with these updates: https://kb.vmware.com/s/article/86287 and https://kb.vmware.com/s/article/86281. One client installed vSphere 7.0 Update 3, and it changed the iSCSI Qualified Name (IQN) on the host, which caused all of the shared SAN storage to go missing. If you have any issues that are not resolved by the VMware Knowledgebase articles, open up a support case with VMware. |
| 
Both Facebook and Instgram sites are down for a lot of users today. It appears to be a problem with Domain Name Services (DNS), because both Facebook and Instragram do not resolve to an IP address. |
|  Some Phishing Emails are floating around that are particularly tricky. They typically deal with the following subjects: - Payroll Protection Program (PPP). Quite a few companies have applied for a PPP loan and forgiveness of that loan. Many fake phishing emails attempt to trick you into clicking on a link, downloading an attachment, or entering confidential information. They are typically related to the Loan Forgiveness Process or other PPP related matter. As a general rule, DO NOT open these emails. Study them carefully, hover over any link to see where they will take you (usually over a cliff), review the sender, recipient, and any other clues that the message is fake. If it didn't come from your bank or sba.gov, it's probably fake. If you're not sure, contact your bank or sba.gov directly to confirm that the message is legitimate.
- Covid Vaccines. We've seen numerous emails claiming you can get a vaccine early, pay to "jump" the line, or other methods and promises to get vaccinated early. Do NOT click on any of these emails. Instead, go to https://www.cdc.gov/vaccines/covid-19/index.html or other reputable web sites to get information about the availability of vaccinations in your area.
Hackers are aware that people are concerned, stressed, and may let their guard down during the pandemic. This is the perfect opportunity for these phishing campaigns to be more effective. Make sure to pause and review the email. If you have any doubts, delete the email and contact the resource directly. Stay safe, everyone! |
|  With the holidays fast approaching, be on the lookout for this widespread scam. This type of scam will slip through most anti-spam and anti-phishing software because most anti-phishing software only analyzes attachments or scans for suspicious links in an email. Gift Card Scam emails are dangerous because they do not have attachments or links to click — they look like emails from someone important in your organization asking for help, but are actually from a Cybercriminal. The "From:" line of an email can display any name, so a cybercriminal can write a CEO's name but send the email from a different email address. Gift Card Scam emails often appear to come from your company leader asking for a favor and mentions that they are too busy to talk on the phone. The scammer expects the employee will respond quickly to their boss' request. Here are the details and how to identify this type of attack: - Spoof Sender Email. The person will receive an email that looks like it came from the CEO/CFO/COO requesting help or a favor. This email will be malformed, so the reply will go to a different email address other than the CEO/CFO/COO. The email address may be a Gmail or other free email account. The spoofed email address will show when a user replies, but it is often overlooked. It is overlooked because users don't look at the reply address when responding to the email.
- Spoofed Reply Email Address. The person replies to the email, thinking they are responding to the CEO, but they are really responding to the Cybercriminal.
- Correspondence. The email thread goes back and forth, making the request more and more urgent. Train your users to be aware of any change of tone for email threads that request gift card purchases. If the person thinks – wow that doesn't sound like the CEO - it probably isn't. If you review the email thread, the reply address will be to a different domain – another clue of a fraudulent request.
- Purchased Gift Cards. If the scam is successful, the impersonators will ask you to take photos of the numbers on the back of the gift cards and send them back. Once you send those photos, you're never getting your money back.
Please make all users aware of these fraudulent attempts and how to spot them. Closely review how easy it is (usually VERY easy) to determine the CEO/CFO/COO/Controller emails address via your website and social media sites like LinkedIn, Twitter and Facebook. Do yourself a big favor, don't immediately respond to emails asking for a favor. Call the person and ask if they really need any extra help (they won't). Make it a habit to always check the email address when replying to a message to verify that the message is going to the intended person. Stay safe and Happy Holidays! |
Compliance Details javascript:commonShowModalDialog('{SiteUrl}'+
'/_layouts/15/itemexpiration.aspx'
+'?ID={ItemId}&List={ListId}', 'center:1;dialogHeight:500px;dialogWidth:500px;resizable:yes;status:no;location:no;menubar:no;help:no', function GotoPageAfterClose(pageid){if(pageid == 'hold') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+
'/_layouts/15/hold.aspx'
+'?ID={ItemId}&List={ListId}'); return false;} if(pageid == 'audit') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+
'/_layouts/15/Reporting.aspx'
+'?Category=Auditing&backtype=item&ID={ItemId}&List={ListId}'); return false;} if(pageid == 'config') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+
'/_layouts/15/expirationconfig.aspx'
+'?ID={ItemId}&List={ListId}'); return false;}}, null); 0x0 0x1 ContentType 0x01 898 Document Set Version History /_layouts/15/images/versions.gif?rev=23 javascript:SP.UI.ModalDialog.ShowPopupDialog('{SiteUrl}'+
'/_layouts/15/DocSetVersions.aspx'
+ '?List={ListId}&ID={ItemId}') 0x0 0x0 ContentType 0x0120D520 330 Send To other location /_layouts/15/images/sendOtherLoc.gif?rev=23 javascript:GoToPage('{SiteUrl}' +
'/_layouts/15/docsetsend.aspx'
+ '?List={ListId}&ID={ItemId}') 0x0 0x0 ContentType 0x0120D520 350
|
|
