BNMC Blog

A lot of people shop predominantly online nowadays, especially after the holidays (gotta use those gift cards). However, hackers anticipate this, and they will use every tool at their disposal to try and scam you out of your hard-earned cash. What can you do to stay safe?

Smart devices and other oddities that connect to the Internet—those which fall into the Internet-of-Things category of devices—are all over the place these days, be they inside our offices or our homes. Smart devices that connect to the Internet for various purposes should generally be approached with a minimum level of cautiousness, especially in today’s age of cyberattacks.

The holiday season has a variety of famous key players, including the likes of Santa, Rudolph, and the rest of the North Pole crew. Each year, they use their magic to help spread goodwill and joy to all the nice children of the world… but did you know that they are also responsible for protecting those who make the naughty list from Santa’s villainous counterpart, Krampus?

As the official managed service provider for Santa’s operation, we have been cleared to share the story about how we’ve helped defy Krampus to save Christmas.

A critical, widespread vulnerability was just discovered, and this one is a very big deal. In fact, Log4j is one of the worst vulnerabilities we’ve seen, period. Your business needs to be aware of it, and you absolutely need to take measures to prevent it.

There are many cybersecurity threats out there, but the one that has cemented itself in the minds of business owners in recent years is ransomware. Ransomware encrypts data on the victim’s devices, forcing them to pay a ransom for the decryption key. As you might imagine, this practice is quite lucrative for cybercriminals—some more than others, of course.

Cyberwarfare has continued to evolve in sophisticated ways, and while security researchers try their best to keep up, hackers are always trying to outdo them. One example of such attacks, which are often sponsored by government agencies, is a recent attack on the United States and Israeli technology sectors, which have become the target of password spraying campaigns.

The past few years have been nothing if not tumultuous for businesses of all shapes and sizes, which has only exacerbated the shifting terrain we’d expect to see in a business’ cybersecurity needs and threats. Let’s take a few moments to examine what 2022’s cybersecurity landscape is likely to look like, considering what we’ve seen recently.

You’ve no doubt seen the concept of “streaming” online at some point or another, whether it’s consuming content on Netflix or Youtube. However, content creators with an established fan base can stream their content on Twitch to make a living. If you have ever wondered how much some of these creators make, well, a recent hack has exposed this information and created a whole kerfuffle that must be addressed by Amazon.

Yet another major vulnerability has been discovered, this time in Microsoft’s MSHTML browser engine. The vulnerability, discovered and tracked by Kaspersky, is currently being exploited all over the world. As such, it is critical that you know how to avoid vulnerabilities like this so that you do not inadvertently allow a hacker onto your network.

If we told you that it is possible for others to hire hackers to launch attacks against your business, would you believe it? Well, we hope so, because it is very possible and more common than you might think. Comparitech launched an investigation into the average prices of various hacking services on the Dark Web, and you might be surprised by how affordable and accessible they are. This is just more reason to take network security seriously.

Artificial intelligence, also known as AI, is already used in certain industries, like cybersecurity and automation, but hackers have quickly found out that they too can leverage AI to their advantage. With cybercrime on the rise, it’s expected that AI will play a role in the cybersecurity landscape to come. Let’s take a closer look at some of these trends.

We know that cybersecurity isn’t the most interesting topic in the world, especially for a small business owner, this doesn’t diminish its importance. If you fail to adequately protect your business, even a low-profile SMB can fall victim to a cyber threat. It’s your job as the business owner and thought leader to make sure this doesn’t happen.

The cloud can be a huge part of any successful business, so long as you are able to keep control over it and utilize it to your business’ advantage. Centralized authority over your organization’s cloud access controls is critical to keeping it safe and functional. Let’s go over what this means and how you can achieve it.

Phishing emails have been around for quite some time, and for their entire existence they have gotten the better of even the most seasoned employees. What exactly contributes to their success? What kinds of subject lines go into creating a phishing email that users find to be convincing enough to actually want to click on and follow through on? Let’s take a look at a recent study that might glean some insights into this.

When it comes to network security, businesses need all the edges they can get, especially since cybersecurity as an industry is one which is rapidly adjusting and responding to various threats, as well as their responses to those security measures. One way in which security researchers have attempted to subvert this security rat race is through artificial intelligence measures, a trend that promises to change the way businesses protect themselves for the better.

In a zero trust network, you trust nobody, no matter how long they have been around or how invested they are in your organization’s future. Everyone’s identity on your network must be verified, a concept that has been quite helpful in limiting data breaches. Today, we are going to discuss the National Institute of Standards and Technology’s definition of zero trust and what they recommend to businesses wishing to implement it.

Authentication is one of the most important topics on the table for discussion this year, particularly in regards to how the need for secure data access has been increased considerably during the COVID-19 crisis. How can you make sure that your data is being accessed in a safe and secure manner while also verifying the identity of whoever accesses it? Voice-based authentication might be one option. 

The Internet of Things, a collective term for the countless connected devices out there that have traditionally not been connected to the Internet, is a vast and dangerous territory for businesses to cover, perhaps now more than ever before. Unfortunately, this massive group of connected devices also tends to make itself a target for hackers who want to leverage these devices to their advantage. A recent hack shows just how much hackers can stand to gain from infiltrating these connected devices.

The password has long been the first line of defense against security threats, but what would you say if we told you that the password could disappear entirely from your Microsoft account? Well, get ready, because boy do we have news for you. Let’s take a look at what it means to go “passwordless” and what it could mean for your account’s security.

It’s good to go about your business with an abundance of caution, but sometimes this abundance of caution can lead people to see threats where they simply do not exist. In cybersecurity, this is actually quite easy to see happening, as cybersecurity is such a multi-faceted topic. But how much do these false-positive security reports wind up costing organizations?