<img height="1" width="1" style="display:none;" alt="LinkedIn" src="https://dc.ads.linkedin.com/collect/?pid=239833&amp;fmt=gif">
  •  
  •  
 

Resource Archive Search

      Subscribe for Email Updates

      Recent Posts

      Posts by Topic

      see all

      Check out our partner's blog at Sophos!

      Do stats like these give you the willies?

      APPLY FOR THE RISK ASSESSMENT

      and never worry about your network again.

      Griffin Ball

      Picture of
      Griffin is in charge of Lighthouse IT's marketing, working to assist with the needed expansion of its many products/services and how everyone can hear about them. As a recent graduate of Bowling Green State University, he completed his degree in Visual Communications Technology with a minor in Computer Wizardry.
      Find me on:
       

      Recent Posts

      Malicious Wallpapers, Phishing Trends, Zoom Backgrounds & more!

      Posted by Griffin Ball on Sep 18, 2020 11:05:00 AM

      The Lighthouse IT Podcast - 18th, 2020

      Matt and Griffin discuss Malicious Wallpapers, Phishing Trends, Coors wanting to send you to your Zoom background, Labor Day deals actually focusing on jobs, and the fabled TikTok deal coming to a close!

      Listen here! Want to get straight to the news? Go to the 5:05 minute mark.

      Security News

      Could your wallpaper be trying to steal your credentials?

      Well it turns out that new rubber-ducky theme you downloaded for your Windows 10 computer might just be an attempt to steal your credentials. Our friends over at Bleeping Computer and Sophos have both published similar findings that the Windows 10 theme files can be used to pass credentials to a third party. In the Sophos study, they setup a server to spoof or "phish" credentials by requesting files (such as the wallpaper background) from a remote resource and using an authentication prompt to look similar to a normal Windows credential prompt. By trying to convince you that you need to enter your local credentials to continue, the remote server stores and serves the files appropriately - but now your account has been compromised.

      In the Bleeping Computer study, they stepped it up another notch and were able to use a Pass-the-Hash attack using an remote SMB server. SMB is used by Windows for sharing files between computers and is largely trusted. When your computer attempts to access an SMB share, it will automatically pass a hash of your credentials to the other computer to attempt to login. In normal circumstances, this makes connecting to SMB shares painless, but in this example, the hash is stored by the remote server and can be used later by de-hashing tools to attempt to determine your username and password.

      While right now these both show great ways to determine your username and password, image files have also had some history in the past of remote code execution issues - meaning it could be possible that if another vulnerability is found in an image library, it could be a one stop shop for installing a malicious payload AND getting your account information to install itself.

      READ MORE HERE FROM BLEEPING COMPUTER AND HERE FROM SOPHOS

      Read More

      Topics: Cybersecurity, Podcast

      More Apple Store Drama, Ransomware Wins and the New Facebook

      Posted by Griffin Ball on Sep 4, 2020 10:09:33 AM

      The Lighthouse IT Podcast - September 4th, 2020

      Matt and Griffin discuss self-destructing DVDs, more Apple store drama, another win against ransomware, Walmart joining in on the TikTok deal, and the New Facebook.

      Listen here! Go to the 3:00min mark to skip the intro.

      Security News

      Apple "Tax" drama continues - but with an additional contender

      In a bid to help small businesses cope with financial loss, Facebook announced a new feature allowing "paid for" events on the platform, making it easy for small businesses to host virtual meetings to stay engaged with customers. To further its value, Facebook stated that it would not be taking a cut of any payment made to those businesses as way to support them during this time.

      Read More

      Topics: Internet Safety, Ransomware, Cybersecurity, Podcast, Digital Marketing

      Apple Gave Epic a fortnight, Influencer Resilience & Reeling in TikTok

      Posted by Griffin Ball on Aug 21, 2020 11:00:00 AM

      The Lighthouse IT Podcast - August 21st, 2020

      Matt and Griffin discuss "Proof" that criminals have no boundaries, how Apple gave Epic Games a fortnight before getting kicked off the app store, the launch of Instagram's TikTok competitor (Reels), the uphill battle that TV Ads have had to face, and finally two of the largest influencer ad agencies merging.

      Listen here! Want to skip the intro? Go to the 1:45min mark.

      Security News

      "Proof" that criminals have no boundaries

      Brown-Forman, headquartered in Louisville, Kentucky is a multi-million dollar business that is the latest high profile company to fall victim to "new wave" ransomware operators. The company, better known for its properties of Finlandia vodka and Jack Daniels, among other major global brands, was the target by the REvil crew.

       
      In new wave ransomware, the group operates on a 3 stage attack, an additional tactic over the normal 2 stage.
      • In the first stage, they scope out the network to see if it is worth their time. Checking out backups, administrative tools, and more.
      • In the second stage (the new stage), they steal the data - called exfiltration.
      • Finally, the attempt to encrypt network files.
      The idea is that even if you do have backups, the stolen data can be used for blackmail.
      Read More

      Topics: Internet Safety, SEO, Ransomware, Cybersecurity, Podcast, Digital Marketing

      TikTok Ban, Chex Quest Revamp and Unilever Experiments

      Posted by Griffin Ball on Aug 7, 2020 11:00:00 AM

      The Lighthouse IT Podcast - August 7th, 2020

      Matt and Griffin discuss the possible TikTok ban, what we currently know about it, and what it could mean for marketers. They touch on the huge rise in mobile game downloads that came from COVID, and they also go over some of the interesting experimental marketing efforts many companies, like Unilever, are pushing to get ahead.

      Listen here!

      Security & Marketing News

      What a TikTok Ban Would Mean for Marketers 

      TikTok has gained a reputation for being the least secure social media platform. That being said, it’s also one of the most popular as of right now. TikTok is used to share short video clips that are usually related to a music dance challenge or even just eating a spoonful of cinnamon. This app is owned and originated from overseas, China, in 2017. Now that it has become widely used in the US, the security risks are becoming a concern. Since it is owned by the Chinese company ByteDance, they can request the data collected by TikTok at any time and even the US branch of TikTok must comply. The concern comes in when comparing the security regulations of both nations.  

      President Trump is taking action to ban the platform. With that in mind, Microsoft’s interest in the platform could change the outcome of his decision. Trump had agreed that if the company’s ownership is transferred to America, it could potentially be safe to stay.

      READ MORE

      Read More

      Topics: Internet Safety, Cybersecurity, Malware, COVID19, Podcast

      ABOUT

      Founded in 2011, Lighthouse IT Solutions provides end-to-end solutions and management of our clients' network-based processes. From desktop management, to implementing an ERP system, we're here to help whenever you need it. For us, it's more than just using buzzwords, it's about becoming an indispensable partner to you and your business--because your success means our success. It's time to stop dreaming IT. Let's start doing IT.

      REGULAR HOURS

      Monday–Friday:

      8:30AM – 5:00PM

       

      Emergency support 24/7. 365

      GET IN TOUCH

      • 349 1/2 Rice St
        Elmore, OH 43416

      • Phone:

      MONTHLY BLOG UPDATES

      © Copyright 2019 by Lighthouse IT Solutions, LLC. All Rights Reserved. Privacy Policy | Terms and Conditions | Powered by Momentum Growth
      ASCII_Logo_Small_cropped