New phishing scam targets Office 365 users

With more than 100 million monthly active subscribers, Office 365 has attracted the attention of hackers who've revamped an age-old trick. This time, they come up with a highly targeted, well-crafted spear-phishing scam that's even more difficult to identify. Here's everything you need to know.

What makes it different from other scams?

The new threat comes in the form of spear phishing, an old familiar method in which hackers send emails that purport to be from trusted sources and dupe you into disclosing sensitive information. In this particular attack, the email messages are admirably well-crafted, making them even harder to spot.

The emails are also rid of the usual telltale signs such as misspelled words, suspicious attachments, and dubious requests. You might have to recalibrate what you know about phishing scams, because this new threat ticks all the boxes that make it look legitimate.

Read More


5 Simple ways to cut your printing costs

It may not seem as though your printing infrastructure is costing your business a great deal. But if left unmanaged, you could end up with an overinflated IT budget dominated by equipment maintenance and hardware and supplies purchases. Here are some ways to avoid that.

Replace outdated printers

Outdated and cheap printers may be functional, but they are putting a huge dent in your IT budget.

Any piece of equipment that is seven years old (or older) requires frequent repairs and causes more trouble than it's worth. Because old printers are no longer under warranty, fixing them is more costly and challenging. It's also difficult to replace parts for old printers because manufacturers have stopped carrying them for models that have been phased out.

Read More


Watch out! More ransomware attacks incoming

Ever since the WannaCry and Petya ransomware outbreaks, healthcare organizations have been on their toes. But just when they thought they could relax, a new strain of ransomware has come along. A “Locky-variant” ransomware campaign is currently underway, and it's every bit as dangerous as previous ransomware attacks.

Using old tricks

The new ransomware strain, known as 'IKARUSdilapidated,' behaves the same way as other Locky variants. Hackers use carefully crafted emails to trick users into downloading and opening a ransomware-infused docx, pdf, jpg, or zip file that has the power to encrypt all local files. Even filenames are converted into a random 16-character combination followed by a “.lukitus” file extension. Once everything is locked down, the ransomware demands a payment made in Bitcoin to release the files.

Read More



Critical Windows security updates from Microsoft

Earlier this month, Microsoft released a patch that includes several security enhancements and addresses 48 vulnerabilities for all supported versions of Windows. If you're not in the habit of installing security patches when they come out, now's a good time to start. Let's take a look at August's updates and the issues they address.

Windows Search

Microsoft discovered a flaw that hackers could remotely exploit to take full control over an affected computer. The hacker could then install programs, view, change or delete data, and create new accounts with full user rights. The August security updates address the vulnerability by fixing how your computer's memory interacts with Windows Search objects.

Windows Hyper-V

Another critical vulnerability is tied to Windows Hyper-V, a virtualization program. This flaw can be exploited when a server fails to properly verify an authenticated user from a virtual desktop.

Read More



How to protect your VoIP system from phishing

Your business may be well-armed against email-based phishing scams, but you shouldn't neglect your VoIP (Voice over Internet Protocol) systems. Through 'vishing scams,' hackers can disguise themselves as a bank representative and convince your employees to provide confidential financial details via a seemingly harmless VoIP call. Your business will be well-served by guarding itself from this new breed of phishing scam.

VoIP makes it easy to create fake numbers

One of the main reasons why vishing scams are on the rise is the ease by which cyber criminals can hide their tracks and pull off scams with minimal risk of detection.

Using a fake number, they can call one of your employees, pretend to be a bank or government representative, ask for critical business information -- like employee data, bank details, and company intellectual property -- and get away with it. Scammers can also manipulate local numbers to emulate multinational banks, which they will then use for various VoIP scams.

Read More


Three Steps to Help Prevent Workplace Crime

Protecting your business from crime – both internal and external – takes effort. But with criminals looking to take advantage of you on every front, it's an effort you need to make. But where do you start? To non-security professionals, knowing what to do can be difficult. To make your challenge a little easier, we've boiled down business security to three basic, more manageable steps.

CLICK HERE FOR FULL VERSION



Heritage specializes in the convergence of the four key pillars of technology - the integration of IT, security, communications and print solutions - giving our clients one complete source and a trusted business partner for all their needs.

Heritage – the latest technology solutions with a tradition of quality craftsmanship and values