Articles of interest from the week of March 23, 2020

Organizations Need To Be Wary Of Home Worker Phishing Risks

Last week the Department of Homeland Security issued a warning that many organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19),  and consider alternate workplace options for their employees. (By Stu Sjouwerman, KnowBe4) Ingalls: Keep your employees on the lookout for signs of social engineering, particularly since fraudulent emails about the coronavirus are increasing. These emails (phishing emails) may either have infected attachments or link to malicious websites. Instruct employees to exercise special caution with coronavirus related emails. Click here for a detailed Social Engineering Red Flags PDF courtesy of KnowBe4.

FBI warns of coronavirus stimulus check fraud, other scams

Even before the federal coronavirus stimulus plan is finalized, the Federal Bureau of Investigation is warning that scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. (By Mike Gauntner, WFMJ 21) 

Microsoft reports new zero-day vulnerability in Windows that is being actively exploited

A previously undisclosed and yet to be patched critical security vulnerability is being exploited in the wild, affecting all recent versions of Windows (7/8/10) and Windows Server. Microsoft is working on a fix, but until then, it's probably best to heed Microsoft's workarounds to mitigate chances of exploitation. (By Eric Hamilton, TechSpot) Ingalls: Quantifying cybersecurity risks can be a critical step in understanding those risks and getting executive support to address them. The cybersecurity experts at Ingalls have spent years helping our clients identify their risks and implementing solutions. To help you with this task, we have created a downloadable 8-point guide that explores ways for SMBs to develop the level of cybersecurity risk management that prevents attacks from succeeding and minimizes the impact of a successful intrusion.

D-Link and Linksys routers hacked to point users to coronavirus-themed malware

For almost a week, a group of hackers has been breaking into people's routers and changing DNS settings in order to point unsuspecting device users to coronavirus-related sites pushing malware. (By Catalin Cimpanu, ZDNet) Ingalls: According to Bitdefender, hackers are using brute-force attacks to guess the admin password of targeted routers. Here are 5 Easy Steps To Create Strong Passwords, courtesy of KnowBe4.

Hackers: Fact vs. Fiction

For most of us, the image that comes to mind when we hear the word “hacker” is pretty stereotypical: probably a young guy wearing a hoodie and headphones, in a basement, surrounded by fancy displays full of unintelligible code that looks like it’s straight out of the 1999 movie the Matrix, with only nefarious intentions at heart. We have that image for a reason; that’s how many films have portrayed such characters. (By Grayson Milbourne, Webroot) Ingalls: By better understanding the true methods and motivations behind the myths, you can begin to lock down your business and protect your customers against today’s biggest threats. If you haven’t already, check out our blog, which include a variety of guides, advisories, and tips designed to help MSPs and businesses stay safe from cybercrime..