Specific Steps for Avoiding 2022’s New Cyber Threats
While 2022 is off and running, one recent phenomenon remains true: cyber criminals are always coming up with new ways to rip you off.
To help keep you safe, below we have outlined a few of the new threats to watch out for this year, along with actions anyone can take in order to stay safe.
Be careful with QR codes!
During the height of Covid, most of us got used to scanning QR codes to view restaurant menus. In fact QR codes are everywhere and are, in general, highly secure. That is, IF the code your phone reads comes from a trusted source.
Always be thoughtful before scanning a QR code. Watch this short report below to see how cyber criminals are using them to steal your financial information:
For those who prefer to read rather than watch, here is a link to the full article.
Log4j: the problem you can’t ignore now has an easy fix
By now, hopefully all readers not only know about the Log4j vulnerability that led to a surge in December cyber crime, but have taken action to correct it. For those who haven’t yet protected themselves, we provide a list of helpful resources below.
As background, Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services maintained by the Apache Software Foundation. It was recently discovered that all Log4j versions can be exploited by an attacker to perform unauthenticated remote code execution. This creates an array of risks not just on Linux servers, but on Mac and Windows, as well.
Due to the ease of exploitation and the breadth of applicability, ransomware actors began leveraging this vulnerability immediately. Here are resources for learning how to protect yourself NOW:
If some of the suggestions in the links above seem too technical, do not hesitate to contact us for help.
Easy steps for general cyber protection
The U.K.’s National Cyber Security Centre (NCSC) recently shared a helpful list of vital cybersecurity steps all organizations should take to protect themselves. Here are a few we consider most foundational:
- Check your system patching: Ensure your users’ desktops, laptops and mobile devices are all patched
- Verify access controls: ask staff to ensure that their passwords are unique to your business systems and are not shared across other, non-business systems
- Ensure your defenses are working: check antivirus and firewalls
- Test your backups: confirm that your backups are running correctly
- Phishing response: ensure that staff knows how to report phishing emails
Are you certain your company’s network is truly up-to-date with the basic cybersecurity protections listed above?
Stay cyber safe out there…