IT News

Fresh Phish: Malicious QR Codes Are Quickly Retrieving Employee Credentials 
September 22, 2023 

We've observed an emerging trend that we believe is important to bring to your attention. It's crucial to stay informed about the latest developments. Currently, there is a concerning surge in phishing attacks that have taken many individuals by surprise. We kindly request that you share this information with your team and remain vigilant when it comes to scrutinizing the emails you receive.

To counteract these threats, various strategies are at our disposal to educate and safeguard your IT environment. Mike and I are available to discuss various options, including Two-Factor Authentication, Phishing simulation exercises, educational initiatives, and conditional access controls.

In essence, these attacks involve users receiving highly convincing emails purportedly from "Microsoft" and are urgent to complete, prompting them to scan a QR code and input their credentials. Stay alert and proactive in guarding against such attempts.

 
Its good to pickup the phone and check before paying invoices to a different client account.  
August 1, 2023 

Internet security, particularly in phishing attacks, has become an increasingly critical concern in today's digital landscape. When a client requests changing critical information such as their company or banking details, it is crucial to be vigilant. Verifying requests through other channels like cross-checking email addresses, and confirming changes via direct phone calls is highly recommended instead of assuming email legitimacy. This approach empowers phishing and bolsters defence against cyber threats.

 
Careful where you enter your data online... 
May 1, 2023 

Please exercise caution when entering data online, including when using tools such as ChatGPT, Google Translate, and other text assistance software. While these tools can be incredibly helpful, entering sensitive information such as organizational data or documents can put it at risk of being seen or shared by unintended parties.

It's important to note that ChatGPT's data policy indicates that prompts entered by users may be used to train its models unless explicitly opted out. Additionally, OpenAI, the owner of ChatGPT, advises users against sharing confidential information during conversations, as it cannot delete specific prompts from their history. If users wish to remove personally identifying information, they must delete their account, a process that can take up to four weeks. To protect sensitive information, it may be best to avoid entering it into online tools or to use secure and reputable platforms that prioritize data privacy and security.

 
Did you know about the Canadian Centre for Cyber Security (Cyber Centre)? 
February 22, 2023 

The Canadian Centre for Cyber Security (Cyber Centre) is part of the Communications Security Establishment (CSE) and opened in 2018 as a key initiative under Canada’s National Cyber Security Strategy.

"The Cyber Centre is open and collaborative. We welcome partnerships that help build a stronger, more resilient cyber space in Canada. We offer the shared use of unclassified, multi-purpose spaces, for the joint use of government, private industry, and academia."

"With Canadians: We lead the Get Cyber Safe public awareness campaign created to inform Canadians about cyber security and the simple steps they can take to protect themselves online."

 

 
Think twice before using Google to download software 
February 3, 2023 

Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries.

“Threat researchers are used to seeing a moderate flow of malvertising via Google Ads,” volunteers at Spamhaus wrote on Thursday. “However, over the past few days, researchers have witnessed a massive spike affecting numerous famous brands, with multiple malware being utilized. This is not ‘the norm.’”

LINK

 
RBS Managed IT Services Inc. has been named a FINALIST for the 2023 Vancouver Island Business Excellence Awards. 
January 6, 2023 

2023+BE+Awards+Logo_GU+1-1.png

 
AI has taking a big leap with ChatGPT 
December 14, 2022 

OpenAI released ChatGPT, its prototype AI chatbot that has gained a lot of traction among the public for its human-like, detailed answers to inquiries—like drafting a contract between an artist and producer and creating detailed code—and could revolutionize the way people use search engines by not just providing links for users to sift through, but by solving elaborate problems and answering intricate questions.

Try it yourself here. It, at the very least, gives you a fantastic base for writing documents. Always make sure to read through it before sending it out. ;)

 
Are your DMARC and DKIM records enabled? 
November 1, 2022 

Email impersonation and phishing attacks are increasing and getting more sophisticated. Ensure that your DMARC and DKIM records have been enabled. These records help authenticate that the incoming emails are true, genuine, or valid.

Unfortunately, it is not a full-proof resolution to prevent these types of emails. Another key way of reducing impersonation or phishing attacks is to recognize them. A few helpful tips to help recognize Impersonation Attacks: The message will have an urgent tone, the request may be uncommon, confidentiality will be emphasized, and the email address will be incorrect

 
Cyber Security Month! 
October 1, 2022 

For #CyberMonth2022, we’re fighting phishing to ruin a cyber criminal's day. Phishing is a cyber criminal’s attempt to get sensitive information by pretending to be a legitimate sender like a bank or a government organization. Phishing is the fourth most common scam in Canada. If you have an email address or a phone number, use social media, or browse the internet, chances are you’ve received a phishing message.

Government of Canada GetCyberSafe

 

 
Microsoft Set to Disable Basic Authentication on October 1, 2022 
August 16, 2022 

Key Points:

  • Basic authentication for Exchange (Online) will be discontinued as of October 1, 2022.
  • Security and compliance risks are increased when using Basic Authentication.
  • Microsoft recommends that you migrate to modern authentication before this date.
  • Migrating to modern authentication will help keep your data safe and secure.

Microsoft has announced that Basic Authentication will be turned off permanently for Exchange Online as of October 1, 2022. Your Exchange account hosts your email, contacts, and calendar data, so it’s important to take action now to ensure a smooth transition for your business. Any application or device that uses Basic Authentication to connect to Exchange Online will no longer be able to do so after this date.

What Is Basic Authentication?

Basic authentication, also known as proxy authentication, is an authentication scheme to identify a user. It is typically used with a password or other secret information to verify the user’s identity. The username and password are typically stored on the user’s device.

While this method was the standard in the past, it is no longer considered secure. Cybercriminals can easily access this information, making it a high-risk authentication method. When users began transitioning from on-premise to cloud-based models, Microsoft recognized that many were still using basic authentication.

Now, Microsoft has set a deadline for the use of Basic Authentication for Exchange (Online). Anyone who has not made the switch to a more secure authentication method yet should begin doing so as soon as possible.

 
Microsoft's Internet Explorer browser hits retirement after 27 years! 
June 15, 2022 

As of Today (June 15th 2022), Microsoft will no longer support the once-dominant browser that legions of web surfers loved to hate — and a few still claim to adore. The 27-year-old application now joins BlackBerry phones, dial-up modems and Palm Pilots in the dustbin of tech history.

IE's demise was not a surprise. A year ago, Microsoft said that it was putting an end to Internet Explorer on June 15, 2022, pushing users to its Edge browser, which was launched in 2015.

 
IT security is always at the top of our minds.  
April 1, 2022 

MFA (Multi-Factor Authentication) is the next step to tighten one of the most common security breaches of a network: Compromised passwords. 80% of security breaches involve compromised passwords. What is MFA? After entering your password at your workstation to log in, you get a notification on your phone with a request to acknowledge the sign-in attempt before allowing you or the user to log in to their computer. MFA prevents breached passwords from being used by verifying through a 2nd method that you are the person login into the corporate network.

RBS uses and has partnered Cisco’s DUO security for a very easy-to-use app for MFA. With a beep on your phone and a press of the confirm button, you can move on in your workday and know your network is more secure.

 
Windows update breaks VPN connection 
January 25, 2022 

VPN not working and showing error: “L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer”. 

To Fix, on your computer:

  •     Search for: Command Prompt
  •     Right click the word Command Prompt and “Run as administrator”
  •     Enter one of the commands below and it should uninstall the appropriate update breaking VPN
  •     Windows 10:  wusa /uninstall /kb:5009543
  •     Windows 11:  wusa /uninstall /kb:5009566

https://www.bleepingcomputer.com/news/microsoft/new-windows-kb5009543-kb5009566-updates-break-l2tp-vpn-connections/

 
The Latest Security Solutions 
September 8, 2021 
RBS is always looking for the latest and most advanced security solutions, so we can best serve you. Microsoft has been a leader in the Gartner Magic Quadrant for Endpoint Protection Platform for some time, and we are now recommending our clients to start considering the change to Microsoft defender (MS Defender) and Exchange Online Protection (MS EOP). The recurring cost for MS Defender and MS EOP is comparable to our previous offering. A review of your existing package and this upgrade will need to be looked at on an individual client basis - contact us today to discuss. 
Microsoft 365 Subscription Price Set to Increase 
August 30, 2021 
Microsoft has announced changes to the commercial pricing for a subscription to Microsoft 365. The price increase will take effect March 1st 2022, and had been described as "the first substantive pricing update since [they] launched Office 365 a decade ago." Microsoft had added 24 apps since launch, along with 1,400 new features. CAD Pricing was not included, but it is a $1 to $2 USD increase per user for common licenses.  
Equipment Delays 
July 16, 2021 
Due to global chip shortages we are seeing more delays and availability issues for workstations, servers and peripheral IT equipment. Please allow additional time for us to locate and order equipment. Servers are about an 8 to 16 week delay. 
Quick Tip: Clipboard History Enabling 
June 24, 2021 
Here's a cool keyboard trick for you, if you use a computer running Windows. It’s a clipboard app that allows you to view previously copied content - maybe you copied a web address earlier that day, but forgot to follow up on it and now can't remember the address. Just press Windows-V and look at your copied text history to find the site URL. You can also paste and pin frequently used items by choosing an individual item from your clipboard menu. 
RBS Partners with Perch Security 
March 2, 2021 
RBS is pleased to announce our new partnership with Perch Security. Perch is a co-managed threat detection and response platform backed by an in-house Security Operations Center (SOC). Perch SOC staff monitor network traffic and report back to RBS when a threat comes to light, so we can take action. We're teaming up to offer you the latest security solutions - stay tuned for future updates!  
Recording Meetings in Teams 
February 18, 2021 

Did you know that you can record a meeting in Microsoft Teams? Perhaps you want to document an important meeting for a missing staff member - with Teams, you can easily record the session for future playback. While in the meeting, simply click on the 3 horizontal dots at the top right of the meeting window and then press “start recording”. Recordings are stored in your personal OneDrive folder and are accessible to all of the participants of the meeting by default. Please note that there is a very evident advisory to users that the meeting is being recorded. More information about Teams recording.

 
The Benefits of Multi-Factor Authentication 
January 6, 2021 
Did you know that 80% of IT security breaches involve compromised passwords? Tighten up your security today by introducing Multi-Factor Authentication (MFA). How does it work? After entering your password on your computer, you'll get a notification on your phone with a request to confirm the sign-in attempt before logging you in. MFA prevents breached passwords from being used by verifying through a secondary method that you are who you say you are. RBS has partnered with Cisco’s DUO security, to provide our clients with an easy-to-use MFA app. With a simple phone alert and a tap of a button, you can move on with your day, secure in the knowledge that your network is one step safer from potential threats. Give us a call today to discuss your security options!