Recent Blog Posts

That?s right; some hackers have the gall to fool users into believing that their systems have been infected by ransomware. They then use the ensuing fear to their advantage in a plethora of ways. Just think about how you might react the second you see that there?s a message on your computer claiming that your device has been infected by ransomware. What would your knee-jerk reaction be? Would you panic and fall into their hands, or would you follow the established policies? It?s a tough question to answer because it is difficult to know just how we might respond in the event of a stressful situation like a ransomware attack, but the general consensus is that it?s of paramount importance to not panic and report the supposed attack to your trusted IT resource, be it someone within your organization or us, if we handle your network. The reasoning for this is simple: there is no way to know the scale or scope of the attack unless you get a professional involved, if there is even a breach at all. In some cases, hackers might use the panic and fear of a ransomware attack to scam someone out of hundreds or thousands of dollars. They might use language indicating that they must pay a ransom in advance, otherwise, their computer will be locked down in the near future. Think about it this way; let?s say you get an email saying that someone has caught you on camera doing something incriminating or embarrassing. There is an attachment to this email of a picture, but you know how these threats operate?after all, what if the picture itself is infected? Then again, what if they actually do have dirt on you in some way? In a panic and fearing the worst, you pay their fee. Then, after the fact, you get IT involved and they discover that, as expected, the picture is not even of you. Now you are both embarrassed and out of some cash. These fake ransomware attacks work in much the same way, and they are most effective when the fees are low compared to the massive price tags that some hackers are able to demand for their ransoms. Other times, hackers might send an email with an attachment for the ?decryption key,? but it?s really just a different threat that can then install on the device. In other words, these fake ransomware attacks have a solid chance of either a) Not being a threat at all or b) A different threat in disguise. Again, we want to reiterate that you should consult with a professional before jumping to conclusions, especially in the realm of ransomware and cybersecurity. If you do not have a professional to consult, White Mountain IT Services would be happy to take that place amongst your ranks. We can not only protect your business from ransomware, but also assist with responding to threats as they unfold. To learn more about our services, reach out to us at (603) 889-0800.

To begin, let?s discuss what makes it so important to establish a healthy company culture in the first place. Company Culture is Key to Your Continued Productivity The whole point behind having a healthy company culture is to help keep your employees engaged with the overall goals that the company has established, as well as to attract additional talent to the business. Interconnectivity is crucial to developing these kinds of relationships, with visibility into the progress made by the entire team. Naturally, remote work has made this kind of connection a lot more challenging to sustain. In fact, a global survey found that 51 percent of respondents had experienced a loss of connection to their company culture after the COVID-19 pandemic forced them into remote work. Out of the interactions with their coworkers, in-person collaboration, or having a definite line between work and home, these respondents actually indicated that they most miss spending time with their fellow employees. On top of this, company culture is very high on the average prospect?s list of considerations. Another study found that 57 percent of job seekers consider it equally as important as pay, while 75 percent of recruiters rank how well an applicant fits into the culture a company has established more highly than the prospect?s experience. On top of this, 73 percent of this survey?s respondents closely associated a company?s culture with its reputation as a whole. iCIMS chief people officer Jewell Parkinson credits a company?s culture for spurring on a list of common business priorities: Engagement Productivity Profitability Customer Satisfaction Customer Retention All of which would presumably suffer if there were to be any drop in culture as a result of remote work (as the first survey we mentioned suggests indeed did indeed happen for many). This means that there needs to be direct activities to remedy these impacts amongst your remote workers. Let?s go into a few such activities for your consideration: How to Keep a Remote Team Engaged See to Your Remote Workers? Needs This one may be a little boring and predictable, but it is invariably important for any business utilizing a remote workforce to see to. If your team members are able to work from home, you should be doing everything that you can to facilitate their efforts. This may range from providing them with the equipment they?ll need to do so effectively to subsidizing their Internet costs. Tying into this, your workers will also need to know what your expectations of them will be. You?ll need to have policies and expectations developed and dispersed to your team members that cover matters like: If remote workers are expected to stick to regular office hours, or if their work schedule can be more flexible. Which tools remote team members should use to collaborate with the rest of their team. Whether remote employees are able to work remotely while traveling, and how remote time-off requests are to be handled. Establish Company Culture and Create Reasons to Socialize It?s a simple equation: the less time your employees spend around one another, the fewer opportunities they?ll have to form the bonds that encourage teamwork and loyalty. For all its benefits, this is one of the biggest drawbacks that remote work brings with it. Therefore, you need to do what you can […]

ZDNet reports that, ?A hacker leaked the entirety of Twitch’s source code alongside a 128GB trove of data that included creator payouts going back to 2019, proprietary SDKs and internal AWS services used by Twitch, as well as all of the company’s internal cybersecurity red teaming tools.? Most users simply focused on the earnings of high-profile streamers, but as time has passed, more folks are looking at the event as something that can be learned from, particularly in regards to data privacy and security. Twitch?s official response was that users should protect their bank accounts and other affected credentials, resetting the stream keys that are used to connect Twitch to various streaming platforms and broadcasting systems. At this time of writing, there has been no indication that credit card information or login credentials were exposed, but when it comes to network security, one can never be too careful. This issue stems from a configuration error that left certain information exposed to the Internet. Several of these errors have popped up for various software developers, whether they are actual errors or negligence on the service side of things, and these errors have led to data breaches for other services. In any case, there isn?t much to be done besides taking the appropriate precautions yourself. The biggest issue that comes from this event is that the Twitch application?s source code was leaked online, meaning that hackers can now use this information to discover more flaws in the source code and release it online. Plus, considering that Twitch is far from the only video streaming service out there, imagine the intellectual property complications of other streaming services getting their hands on this source code. Ultimately, you must always remain vigilant; even if you do everything right, one muck-up on the service provider?s end, like a configuration issue, could spell trouble for your organization. You should only work with providers whom you know you can trust. White Mountain IT Services wants to be one such provider for your technology management needs. You can count on us to honor your security expectations. To learn more, reach out to us at (603) 889-0800.

Cybersecurity company BitDefender discovered MosaicLoader, a malware that is capable of stealing passwords, mining cryptocurrency, and installing trojan malware on infected computers. This malware specifically targets the Windows operating system. MosaicLoader is somewhat of an oddity among malware, as it is distributed in a much different way from other types of malware. Most forms are distributed through phishing attacks or unpatched software vulnerabilities, while MosaicLoader spreads through advertisements. These advertisements appear when users search for cracked versions of software. When we talk about cracked software, what we mean are versions of software where a license is not needed. Typically whenever you purchase a copy of a software, you are also purchasing a license that gives you permission to use it. Without that license, the software may not operate, leading to operational issues. Sometimes employees might choose to download cracked software, particularly if they do not want to pay for the license or if the license has expired on their copy of the software. MosaicLoader works by infecting machines that download these cracked versions of software. The malware then starts to steal passwords, mine cryptocurrency, and install trojan backdoors on the devices to allow hackers to remotely access the machine. The ultimate goal of MosaicLoader seems to be to sell compromised Windows machines to the highest bidder. Since the goal seems to be to install on as many devices as possible, these hackers? plans should in theory be foiled if the malware fails to install on enough devices. Therefore, it?s your responsibility as a business owner to protect this fate from befalling your own organization?for both yourself and your employees, as well as others. Due to the unique way that this malware spreads, you can do two things to keep your company safe. The first is to make sure that all of your employees have access to the tools they need to be productive throughout the workday. Since this malware spreads through advertisements for cracked software, ensuring that your workers have properly licensed software will keep them from searching for new software. The second is through comprehensive security solutions and thorough network monitoring. By keeping your defenses shored up and a close watch on your network traffic, you can be sure to prevent the majority of threats and identify when anything suspicious has manifested on your infrastructure. White Mountain IT Services can most certainly help in this regard. To learn how we can help you keep your business safe, reach out to us at (603) 889-0800.

What is MSHTML? MSHTML is the browser engine that is found within the personal computer and server unit versions of Windows. The vulnerability itself can be found in just about any device that runs most versions of the Windows operating system. Industries most impacted by this vulnerability include telecommunications, medical technology, industry, energy, banking, and research and development. How Does the Exploit Work? The vulnerability itself is easy to exploit, as all it needs is for someone to send an infected Office file to a user. Once the file is downloaded, it runs code and executes the payload, infecting the target machine. Kaspersky claims that attackers can then use ActiveX to perform even more attacks, like downloading backdoors onto the infected system. This is particularly devastating if the hacker can gain administrative privileges by attacking, say, the network or system administrator for your systems. What Can Be Done About It? MSHTML has been patched by Microsoft, but if you have yet to download the patch, you can simply not download the infected Microsoft Office document. Plus, you should never download a suspicious or unknown file in the first place. Now, applying patches and not downloading suspicious files might sound like best practices?and they are?so make sure that you are following them and not putting your company at unnecessary risk. By working with White Mountain IT Services, you can ensure that patches get applied in a timely manner. Furthermore, you can get all of the security solutions and training needed to maximize network security. To learn more, reach out to us at (603) 889-0800.