<img height="1" width="1" style="display:none;" alt="LinkedIn" src="https://dc.ads.linkedin.com/collect/?pid=239833&amp;fmt=gif">
  •  
  •  
 

Recent Posts

Preparedness and Business Continuity - NCSAM 2020

Posted by Griffin Ball on Oct 16, 2020 11:00:00 AM

The Lighthouse IT Podcast - October 16th, 2020

Being National Cyber Security Awareness Month, the podcasts this month will be a bit different! We are covering Preparedness and Business Continuity this week! We go over what it means to #BeCyberSmart and how you can help your business/peers stay safe from cyber criminals. Join us this week by filling out your own Cyber Smart Assessment! We will go through it together this month and at the end, you can submit your assessment to us, and we can review it together! This means you get to understand your network's position and obtain an action plan of how to make it ever more secure. Because after all, your network is only as strong as its weakest link. Still need to download it? Head on over to the download page.

Do Your Part. #BeCyberSmart

Listen here!

Read More

Topics: Network Risk Assessment, Internet Safety, Inside Secure-IT, NCSAM, Ransomware, Cybersecurity, Podcast

Technology is Your Last Line of Defense - NCSAM 2020

Posted by Griffin Ball on Oct 3, 2020 10:45:00 AM

The Lighthouse IT Podcast - October 2nd, 2020

The podcasts this month will be a bit different since it's National Cyber Security Awareness Month! We go over what it means to #BeCyberSmart and how you can help your business/peers stay safe from cyber criminals. Join us this week by filling out your own Cyber Smart Assessment! We will go through it together this month and at the end, you can submit your assessment to us, and we can review it together! This means you get to understand your network's position and obtain an action plan of how to make it ever more secure. Because after all, your network is only as strong as its weakest link. Still need to download the Secure-IT Cyber Smart Assessment? Head on over to the download page.

Do Your Part. #BeCyberSmart

Read More

Topics: Network Risk Assessment, Internet Safety, Inside Secure-IT, NCSAM, Ransomware, Cybersecurity, Podcast

Malicious Wallpapers, Phishing Trends, Zoom Backgrounds & more!

Posted by Griffin Ball on Sep 18, 2020 11:05:00 AM

The Lighthouse IT Podcast - 18th, 2020

Matt and Griffin discuss Malicious Wallpapers, Phishing Trends, Coors wanting to send you to your Zoom background, Labor Day deals actually focusing on jobs, and the fabled TikTok deal coming to a close!

Listen here! Want to get straight to the news? Go to the 5:05 minute mark.

Security News

Could your wallpaper be trying to steal your credentials?

Well it turns out that new rubber-ducky theme you downloaded for your Windows 10 computer might just be an attempt to steal your credentials. Our friends over at Bleeping Computer and Sophos have both published similar findings that the Windows 10 theme files can be used to pass credentials to a third party. In the Sophos study, they setup a server to spoof or "phish" credentials by requesting files (such as the wallpaper background) from a remote resource and using an authentication prompt to look similar to a normal Windows credential prompt. By trying to convince you that you need to enter your local credentials to continue, the remote server stores and serves the files appropriately - but now your account has been compromised.

In the Bleeping Computer study, they stepped it up another notch and were able to use a Pass-the-Hash attack using an remote SMB server. SMB is used by Windows for sharing files between computers and is largely trusted. When your computer attempts to access an SMB share, it will automatically pass a hash of your credentials to the other computer to attempt to login. In normal circumstances, this makes connecting to SMB shares painless, but in this example, the hash is stored by the remote server and can be used later by de-hashing tools to attempt to determine your username and password.

While right now these both show great ways to determine your username and password, image files have also had some history in the past of remote code execution issues - meaning it could be possible that if another vulnerability is found in an image library, it could be a one stop shop for installing a malicious payload AND getting your account information to install itself.

READ MORE HERE FROM BLEEPING COMPUTER AND HERE FROM SOPHOS

Read More

Topics: Cybersecurity, Podcast

More Apple Store Drama, Ransomware Wins and the New Facebook

Posted by Griffin Ball on Sep 4, 2020 10:09:33 AM

The Lighthouse IT Podcast - September 4th, 2020

Matt and Griffin discuss self-destructing DVDs, more Apple store drama, another win against ransomware, Walmart joining in on the TikTok deal, and the New Facebook.

Listen here! Go to the 3:00min mark to skip the intro.

Security News

Apple "Tax" drama continues - but with an additional contender

In a bid to help small businesses cope with financial loss, Facebook announced a new feature allowing "paid for" events on the platform, making it easy for small businesses to host virtual meetings to stay engaged with customers. To further its value, Facebook stated that it would not be taking a cut of any payment made to those businesses as way to support them during this time.

Read More

Topics: Internet Safety, Ransomware, Cybersecurity, Podcast, Digital Marketing