<img height="1" width="1" style="display:none;" alt="LinkedIn" src="https://dc.ads.linkedin.com/collect/?pid=239833&amp;fmt=gif">
  •  
  •  
 

Recent Posts

Flaws in Apple sign-in, Upgrading to Android 10, and Core Web Vitals

Posted by Griffin Ball on Jun 5, 2020 10:59:49 AM

The Lighthouse IT Podcast - June 5th, 2020

Matt and Griffin are back as they discuss how Sign-in with Apple was much easier than we all thought, why it may be a good reason to upgrade to the dreaded Android 10,  and what updates Google has been making to the world of SEO.

Listen here!

Security News  

Apple Security News 

We’ve all used the log-in service on a website or app by supplying our Facebook or Google credentials. Just like these providers, the sign-in with Apple allows site visitors to use their Apple ID credentials to sign-in to other websites. 

A security research from Delhi, India has discovered an account takeover flaw in Apple's Sign-in with Apple system. These systems work by allowing you to login to a popular service and receiving a "token" that authorizes you access to the websites that use the login service. 

The security researcher discovered if he could identify a valid email address of an Apple ID (which was openly contained in an initial login request), he could pass the email address to a publicly accessible web service and retrieve a valid token. No password was required to do this. 

Luckily, because of the bug report being completed properly, Apple was able to very quickly patch the open flaw and states that its investigations did not show any misuse or compromise. Which is good news for services such as Adobe, Airbnb, Dropbox, eBay, Grindr, Medium, Strava, Tik Tok, and even WordPress that utilize this log-in method. 

READ MORE

Read More

Topics: Managed Service Provider, Internet Safety, SEO, Cybersecurity, Multi-factor Authentication, Malware, Podcast

Introducing a Revolutionary Solution for Better Cyber Security

Posted by Mark Nash on Mar 6, 2020 11:00:00 AM

Cyber security is a vital component of any company, no matter the size or what products/services they provide. Cyber security is important for every business and individual. While antivirus and firewalls are a good start, they cannot protect a business from all the digital threats it will face. As the already massive and turbulent nature of the digital space continues to expand, cyber security needs to keep up with it. In order to provide a greater presence Lighthouse IT Solutions is happy to announce that it has partnered with Defendify to make Cyber Security easy to understand and implement.

Defendify is an all-in-one cyber security platform that has been specifically designed for small businesses. It focuses on creating a strong foundation to foster a culture of security within a company and uses its own technologies to expand a company’s existing cyber security setup.

To ensure that businesses have supporting infrastructure, Defendify:

  • helps create policies and rules to regulate the use of technology and data with cyber security in mind
  • helps create response plans that can be quickly deployed to protect the business as much as possible in the event of a cyber-attack
  • provides regular cyber security health checkups informing businesses of the vulnerability of their cyber security measures and where they can improve
  • employs the use of ethical hackers to simulate cyber-attacks and identify any weaknesses so that they can be strengthened
Read More

Topics: Navigate Training, Internet Safety, Ransomware, Cybersecurity, Multi-factor Authentication, Malware

What is a Rootkit?

Posted by Mark Nash on Jun 15, 2018 9:14:00 AM

A Rootkit is a piece of malicious software that hides itself on your computer and gives an unauthorized person control of the machine and access to the information on it. It goes without saying that this is not a good thing, as it means that someone could get a hold of your personal information, cause performance issues, and break your computer.

HOW DOES THIS HAPPEN?

Rootkits can spread through several means but they all require some form of user interaction, usually clicking a malicious link. Once the link is clicked, they can begin to download themselves onto your system and go into hiding while having control. Their ability to cover their tracks and control what your systems do makes them difficult to detect and remove.

Read More

Topics: Harmony, IT services, Internet Safety, Malware