One of the challenges in IT cyber security is vigilance. Just like traditional burglars, hackers rarely knock, let alone arrive when convenient. Most attempts are remotely executed and come from an entirely different time zone. While you’re sleeping, they’re looking for vulnerabilities. How can you hope to be alert?
Enter Huntress: Devoted 24/7 Vigilance
This cybersecurity platform enhances your IT security by identifying and addressing threats that traditional security tools might miss. Combining advanced algorithms with human oversight, Huntress operates globally, ensuring 24/7 monitoring of potential threats while providing detailed reports and actionable insights. By focusing on threat detection and response, Huntress protects your business from cyber-attacks with a three-tier alert system integrated into the RBS ticketing system. Level one threats notify RBS to take action; the serious Level three threats have additionally robust protection as they are reviewed by people empowered with the ability to isolate the infected system while alerting RBS with real-time solutions.
Printing is a necessity of business, and it’s remarkable how an entire ream of paper can be processed with the simple push of a button. However, let’s not ignore the cost of convenience: ink is expensive! More costly than the price of Dom Perignon Champagne, and when measured by the ounce, printer ink is more expensive than gold!
The feeling of guilt is the correct response when we toss warm printer paper into the recycle bin.
At RBS, we can’t help you print the correct document file, but our procurement department can alleviate some of the guilt by sourcing the best price on toner and printer ink.
We are happy to announce our new partnership with Clover Imaging, North America's largest printer cartridge manufacturer. Be it black and white or adding color to your life, we have the toner cartridges you need. With shelves stocked and ready, we’ll keep your printers churning out documents, reports, and cat memes (we won't judge).
Contact RBS Sales for more information!
Microsoft is raising rates of cloud services on average of 6% of M365 licenses. The no-commit monthly licenses prices have increased. The Yearly commit licenses will change at the renewal date. Here is news of the change.
Effective password management and 2 factor authentication is crucial for online security. Never reuse your primary email password—this account is key to password recovery for other services. Use distinct, strong passwords for each account, mixing letters, numbers, and symbols. Avoid storing passwords in unsecured files like Excel. Instead, use a trusted password manager that encrypts your credentials like Bitwarden and consider enabling multi-factor authentication to add an extra layer of defense against unauthorized access. Don't hesitate to contact RBS for help with your IT Cyber Security
We've observed an emerging trend that we believe is important to bring to your attention. It's crucial to stay informed about the latest developments. Currently, there is a concerning surge in phishing attacks that have taken many individuals by surprise. We kindly request that you share this information with your team and remain vigilant when it comes to scrutinizing the emails you receive.
To counteract these threats, various strategies are at our disposal to educate and safeguard your IT environment. Mike and I are available to discuss various options, including Two-Factor Authentication, Phishing simulation exercises, educational initiatives, and conditional access controls.
In essence, these attacks involve users receiving highly convincing emails purportedly from "Microsoft" and are urgent to complete, prompting them to scan a QR code and input their credentials. Stay alert and proactive in guarding against such attempts.
RBS is here to help with your IT Cyber Security
Internet security, particularly in phishing attacks, has become an increasingly critical concern in today's digital landscape. When a client requests changing critical information such as their company or banking details, it is crucial to be vigilant. Verifying requests through other channels like cross-checking email addresses, and confirming changes via direct phone calls is highly recommended instead of assuming email legitimacy. This approach empowers phishing and bolsters defence against cyber threats.
Please exercise caution when entering data online, including when using tools such as ChatGPT, Google Translate, and other text assistance software. While these tools can be incredibly helpful, entering sensitive information such as organizational data or documents can put it at risk of being seen or shared by unintended parties.
It's important to note that ChatGPT's data policy indicates that prompts entered by users may be used to train its models unless explicitly opted out. Additionally, OpenAI, the owner of ChatGPT, advises users against sharing confidential information during conversations, as it cannot delete specific prompts from their history. If users wish to remove personally identifying information, they must delete their account, a process that can take up to four weeks. To protect sensitive information, it may be best to avoid entering it into online tools or to use secure and reputable platforms that prioritize data privacy and security.
The Canadian Centre for Cyber Security (Cyber Centre) is part of the Communications Security Establishment (CSE) and opened in 2018 as a key initiative under Canada’s National Cyber Security Strategy.
"The Cyber Centre is open and collaborative. We welcome partnerships that help build a stronger, more resilient cyber space in Canada. We offer the shared use of unclassified, multi-purpose spaces, for the joint use of government, private industry, and academia."
"With Canadians: We lead the Get Cyber Safe public awareness campaign created to inform Canadians about cyber security and the simple steps they can take to protect themselves online."
Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries.
“Threat researchers are used to seeing a moderate flow of malvertising via Google Ads,” volunteers at Spamhaus wrote on Thursday. “However, over the past few days, researchers have witnessed a massive spike affecting numerous famous brands, with multiple malware being utilized. This is not ‘the norm.’”
OpenAI released ChatGPT, its prototype AI chatbot that has gained a lot of traction among the public for its human-like, detailed answers to inquiries—like drafting a contract between an artist and producer and creating detailed code—and could revolutionize the way people use search engines by not just providing links for users to sift through, but by solving elaborate problems and answering intricate questions.
Try it yourself here. It, at the very least, gives you a fantastic base for writing documents. Always make sure to read through it before sending it out. ;)
Email impersonation and phishing attacks are increasing and getting more sophisticated. Ensure that your DMARC and DKIM records have been enabled. These records help authenticate that the incoming emails are true, genuine, or valid.
Unfortunately, it is not a full-proof resolution to prevent these types of emails. Another key way of reducing impersonation or phishing attacks is to recognize them. A few helpful tips to help recognize Impersonation Attacks: The message will have an urgent tone, the request may be uncommon, confidentiality will be emphasized, and the email address will be incorrect
For #CyberMonth2022, we’re fighting phishing to ruin a cyber criminal's day. Phishing is a cyber criminal’s attempt to get sensitive information by pretending to be a legitimate sender like a bank or a government organization. Phishing is the fourth most common scam in Canada. If you have an email address or a phone number, use social media, or browse the internet, chances are you’ve received a phishing message.
Government of Canada GetCyberSafe
Key Points:
- Basic authentication for Exchange (Online) will be discontinued as of October 1, 2022.
- Security and compliance risks are increased when using Basic Authentication.
- Microsoft recommends that you migrate to modern authentication before this date.
- Migrating to modern authentication will help keep your data safe and secure.
Microsoft has announced that Basic Authentication will be turned off permanently for Exchange Online as of October 1, 2022. Your Exchange account hosts your email, contacts, and calendar data, so it’s important to take action now to ensure a smooth transition for your business. Any application or device that uses Basic Authentication to connect to Exchange Online will no longer be able to do so after this date.
What Is Basic Authentication?
Basic authentication, also known as proxy authentication, is an authentication scheme to identify a user. It is typically used with a password or other secret information to verify the user’s identity. The username and password are typically stored on the user’s device.
While this method was the standard in the past, it is no longer considered secure. Cybercriminals can easily access this information, making it a high-risk authentication method. When users began transitioning from on-premise to cloud-based models, Microsoft recognized that many were still using basic authentication.
Now, Microsoft has set a deadline for the use of Basic Authentication for Exchange (Online). Anyone who has not made the switch to a more secure authentication method yet should begin doing so as soon as possible.
As of Today (June 15th 2022), Microsoft will no longer support the once-dominant browser that legions of web surfers loved to hate — and a few still claim to adore. The 27-year-old application now joins BlackBerry phones, dial-up modems and Palm Pilots in the dustbin of tech history.
IE's demise was not a surprise. A year ago, Microsoft said that it was putting an end to Internet Explorer on June 15, 2022, pushing users to its Edge browser, which was launched in 2015.
MFA (Multi-Factor Authentication) is the next step to tighten one of the most common security breaches of a network: Compromised passwords. 80% of security breaches involve compromised passwords. What is MFA? After entering your password at your workstation to log in, you get a notification on your phone with a request to acknowledge the sign-in attempt before allowing you or the user to log in to their computer. MFA prevents breached passwords from being used by verifying through a 2nd method that you are the person login into the corporate network.
RBS uses and has partnered Cisco’s DUO security for a very easy-to-use app for MFA. With a beep on your phone and a press of the confirm button, you can move on in your workday and know your network is more secure.
VPN not working and showing error: “L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer”.
To Fix, on your computer:
- Search for: Command Prompt
- Right click the word Command Prompt and “Run as administrator”
- Enter one of the commands below and it should uninstall the appropriate update breaking VPN
- Windows 10: wusa /uninstall /kb:5009543
- Windows 11: wusa /uninstall /kb:5009566
https://www.bleepingcomputer.com/news/microsoft/new-windows-kb5009543-kb5009566-updates-break-l2tp-vpn-connections/