KT Connections Blog

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

Look, we get it… it’s one thing to hear it from “those IT guys” about how important software updates are. We’re into this stuff, after all, so we worry about things like that more. However, we’re hoping that a warning from Homeland Security to update Google Chrome will have a little more weight.

The Cybersecurity and Infrastructure Security Agency (CISA) has released an emergency directive concerning a critical exploit known as Zerologon, that affects servers running Windows Server operating systems that needs to get patched as soon as possible.

Cybersecurity is challenging enough… you don’t need issues coming from one of your key applications. However, since a bug was found in some of the most popular Internet browsers today—potentially risking billions of people’s data security—you could very well see these kinds of issues. Let’s go over this vulnerability, and what you can do to address it.

When talking to smaller Rapid City business owners about their IT security, we often get asked a question like this “My business is only operating on a local scale - I cover Rapid City, Hot Springs, and Spearfish, but I’m such a small blip on the radar...why would hackers target my business?”

I get variations of this question pretty often - are hackers really looking for targets like me, or why not a bigger firm out of Minneapolis? The truth is, small businesses can be easy targets, especially for this new attack.

COVID-19, or coronavirus, has been a major global health concern over the past couple of months. At this point, it is clear that this disease could have serious impacts on the workplace. We wanted to provide a brief rundown of good workplace and network health practices, as well as a few pointers on how you can handle health-based employee absences.

Capital One is one of the largest credit card issuers in the world. On July 29th 2019, Capital One made an announcement, confirming it is the victim of one of the largest data breaches in financial sector history, as a former software engineer for Amazon has been indicted on charges related to the hacking.

It’s nearly October, and once again it’s time to make cybersecurity top of mind. While we are always thinking about best practices to keep your business safe and secure from cyber criminals, October is the time of year in which the Department of Homeland Security (DHS) bring extra attention to the issue of security. This year there is a focus on the personal and professional connections and how they intersect, increasing the possibility of a hacker gaining access to one or both worlds.

Twitter is recommending that all 336 million users change their passwords as soon as possible due to the discovery of an internal security flaw. While the issue has been fixed and no data breach seems to have taken place, Twitter is clearly taking this situation seriously.

You’d think that Intel would make sure their firmware is of sound integrity, but unfortunately, a recently discovered vulnerability has revealed that it’s not as secure as previously thought. The issue involving Intel’s chips could potentially lead to a permanent nosedive for your CPU’s capacity to perform as intended, which could have disastrous implications for your business.

There is no shortage of threats on the Internet, from situational issues to deliberate attacks meant to damage your company or steal your valuable data. While new threats pop up almost every day, some have been around for some time--so long, that many seem to not consider them as viable threats.

A major vulnerability has been discovered that affects everyone that uses Wi-Fi. Key Reinstallation Attack, or KRACK, affects the core encryption protocol that most Wi-Fi users depend upon to shield their browsing from others, Wi-Fi Protected Access 2 (WPA2).

In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.

Run your Windows Updates and be very skeptical about opening unsolicited emails. Failure to do so may result in a very dangerous strain of ransomware that could infect your entire network and spread to your clients, partners, and prospects.

It’s a tough lesson to learn, but almost any company is susceptible to cyber-attacks that take advantage of any security setup’s weakest link: the people involved. This lesson was most recently learned the hard way by two unnamed tech companies that fell victim to a phishing campaign that was allegedly run by Evaldas Rimasauskas, a Lithuanian man accused of stealing $100 million from them.

Imagine that, despite the extreme care you took to avoid threats from infecting your devices, they turned out to be infected anyway. However, what if the device had been infected before you had even gotten your hands on it?

Did you know? Today is National Clean Out Your Computer Day! As technology buffs ourselves, we want to spread the word about this annual opportunity to clean out the technology that your business uses on a daily basis. Here are five great ways to make sure that your computers are being properly maintained.

A previously known malware called Ghost Push now has a component that has caused countless problems for over a million Android users. This component, called Gooligan, is the source of the trouble, and it adds to this chaos by infecting over 13,000 new devices every day.

Samsung has put out a global recall on their Galaxy Note 7 devices and a moratorium on any being sold after reports of exploding batteries came in. This recall--which is being considered the highest-profile recall in the history of consumer technology--comes at one of the worst possible times for the company, as they had just managed to gain some momentum after a run of mediocre mobile growth.

There are countless threats out there that can mean danger for your business, but one of the most innovative to date utilizes a malicious Twitter account to administer commands to a botnet made up of infected Android devices. In fact, this is widely considered the first threat to actively use a social network in this manner, making it a wake-up call for security professionals and social media users alike.