Recent Blog Posts

The vulnerability is a very serious one known as a ?zero click remote exploit.? It allows invasive spyware to infect any of these devices without any sort of end-user action. Whereas the majority of malware requires the user to download something, click on a fraudulent link, join an unsecure network, or hand over a password, this new breed of malware can infect most Apple devices without a single click. Security researchers have traced the spyware back to Israel?s NSO Group, a technology firm that develops remote surveillance spyware. The spyware, called Pegasus, can be deployed to any Apple iPhone, iPad, Apple Watch, or Mac without the user being aware of it, and can allow both governments or criminals to turn on your camera and microphone, record messages, texts, emails, and calls, even if you are using encrypted services. It?s essentially giving the cybercriminal full control over your device without you knowing it. How to Check If You?ve Been Infected by the Pegasus Zero-Click Spyware Here?s the worst part?you?ll never know if you have this on your phone or device. If the spyware is on your device, it?s virtually invisible to you. You won?t see the typical tell-tale signs of an infection, such as strange text messages, suspicious links, or any other notification. It?s simply there, possibly running at any given moment, recording what you are doing and sending everything to NSO Group and their clients. If that?s not bad enough, security researchers believe that this spyware has been around since at least March of 2021, and with more than 1.65 billion Apple products on the market today? Let’s just say we should all be taking this very seriously. Update Your Apple Devices Right Now: Here?s How to Do It Apple iPhone and iPad Before you update, back up your device using iCloud or your computer. Plug your device into power and make sure you are connected to the Internet with Wi-Fi. Go to Settings > General, then tap Software Update. Tap Install Now. If you see Download and Install instead, tap it to download the update, enter your passcode, then tap Install Now. Apple macOS on a Mac Computer Go to the Apple menu in the corner of your screen. Choose System Preferences. Click Software Update. Click Update Now or Upgrade Now. Repeat this process in case further updates are available. For more information, check out Apple?s Update documentation. Apple Watch Connect your Apple Watch to Wi-Fi. Ensure that your watch is at least 50% charged, or plug it in to power. You?ll want to make sure your iPhone is running the latest version of iOS. On your iPhone, open the Watch app and tap My Watch. Tap General > Software Update. Download the update. Wait for the progress wheel to appear on your Apple Watch. It could take several minutes to an hour for the update to finish. For more information, check out Apple?s Watch Update Guide. Update Your Apple Device NOW We can?t stress this enough. This update is incredibly important to protect your privacy, as there is no telling if you actually already have this spyware on your Apple device. It?s likely that more news will come of this over the next few days, but for now, be sure to check for updates on your iPhone, iPad, […]

Let?s dive into the authentication system, shall we? What is Windows Hello, Anyway? Windows Hello is a technology that allows Windows users to authenticate their identities via biometric identification, rather than a password. Designed to serve as a more user-friendly option than passwords without sacrificing the security that passwords offer, biometric authentication seeks proof of identity by comparing a physical attribute of the user against a previously collected record. If the scanned fingerprint, iris, or face matches the saved record closely enough, access is given to the person trying to use the device. How Windows Hello Works Here?s the thing: while passwords have been the cornerstone of computer security for about as long as computers have been around, there are definite flaws to them that need to be acknowledged. While we would never recommend that you disregard them, the best practices surrounding password use can be a lot to manage. If followed, these best practices demand that an individual remember about 100 passwords?each of them sufficiently complex and being used exclusively for a single account. It isn?t hard to see how challenging that would be for the average user to remember, and how this challenge might actually lead a user to make insecure decisions? particularly, in their choice of password. As an alternative form of authentication, Windows Hello creates a virtual model of a user?s face to reference, and even has built-in anti-spoofing technologies to prevent enterprising hackers from tricking the system. Does Windows Hello Belong in Businesses? So, is there a place for Windows Hello in the workplace? Absolutely? so long as it is supplemented with other security precautions and features. Microsoft has suggested that this will carry over into Windows 11, where passwordless access will be reinforced by the other built-in protections? but that doesn?t mean you should stop there. As we said, Windows Hello should be just one part of a business? complete security strategy. Your security needs to cover a great variety of needs, ranging from data continuity to antivirus to (to our point) user authentication. White Mountain IT Services can help you to create this strategy and deploy it in your business. Give us a call at (603) 889-0800 to get started.

Maintaining an IT Helpdesk Statistically speaking, your business is going to experience some challenges with its technology, making it essential that your team has someplace to turn to for assistance when these challenges arise. You need to have a comprehensive support system in place to ensure that this assistance is available from professionals with expertise in handling the IT issues you?re likely to encounter. This resource also needs to be very responsive, as any time an employee cannot spend being productive is detrimental to the company?s operations. Managing Your IT Architecture Your business? successful use of technology depends on the infrastructure you have supporting it. You?ll need to not only ensure that your planned infrastructure is able to do everything you need it to in the present, but you?ll also need to strategize how it will be shaped in the future. What capabilities will your business require in the future? How can you prepare for these needs in how your architecture is composed? Remaining future-focused in this way will prove to be to your benefit. Maintaining Your Applications Your team needs the software they rely on in order to function effectively throughout their workday. Whether it?s a minor glitch that pops up or a major issue that reveals itself in the applications you rely on, you need a resource available to help you avoid these issues whenever possible while also fixing any that do pop up. White Mountain IT Services is here to help fulfill these processes on your behalf, acting as your outsourced IT department to fulfill any needs that your technology presents. Whether you have IT support resources on staff and just need some additional assistance, or you need complete IT services, we can provide what you need. To discuss your needs with us, give us a call at (603) 889-0800.

Self-Healing Software Has Been Developed and Adopted ABN Amro, a major Dutch bank, and Nederlandse Organisatie voor Toegepast Natuurwetenschappelijk Onderzoek (also known as the Netherlands Organisation for Applied Scientific Research, or TNO) partnered up to design improved ways to protect the software that financial institutions rely on. The result: a system that draws on the human body for inspiration. A Brief Biology Lesson Here?s the thing about the human body: it?s constantly refreshing itself. Scientifically, your body contains none of the cells that it did 10 years ago. Not only do cells naturally die off and need to be replaced, the body will ostracize cells it suspects to be infected and replace them with healthy ones.  This periodic replacement, known as the principle of disposability, offers a pair of benefits when translated to cybersecurity: Undetected infections are protected against If there is suspicion of an infection, your protections are automatically elevated The system that was created to emulate this principle of disposability does so quite well, allowing it to repair itself and register when it needs to do so. There is Little Question That These Tools Could Be Useful to Businesses… …and fortunately, this could be a reality sooner than later. Reports have come out suggesting that this software will soon be made public? so before long, cybersecurity may become that much simpler to keep managed. In the meantime, White Mountain IT Services is here to serve the same purpose, monitoring your business? IT to ensure that all is well and working properly. Find out what we can offer you by giving us a call at (603) 889-0800.

In No Uncertain Terms, Ransomware Has Grown More Dangerous Let?s face facts for a moment: in order to be effective, a cybercriminal can take advantage of a few different challenges that small and medium-sized businesses frequently struggle with. For instance: Cybercriminals frequently rely on deception in the form of phishing. Using phishing attacks, a cybercriminal bypasses the protections a business has in place by taking advantage of their employees in order to gain access to the business? network. A lack of communication between departments makes issues even greater. A lack of communications between a business? departments can exacerbate the risks to be seen from cybercriminals. Smaller businesses don?t always have the resources needed to prepare their team members. Unlike corporations, SMBs likely don?t have a dedicated budget for cybersecurity training, and almost certainly can?t afford the salary of a dedicated security professional on-staff. On top of these opportunities, however, today?s cybercriminal has others they can exploit: Automated Threats Cybercriminals, like many of the businesses operating today, have embraced the concept of automation to their advantage. Rather than manually attacking individual targets, cybercriminals are able to wage widespread attacks with minimal effort. Even the extortion component of ransomware has become increasingly automated. One ransomware variant, Avaddon, has been using automation to its advantage. With a Dark Web site listing the companies that have been infected, a countdown is provided that ticks away the time before data is automatically publicized. Ransomware as a Service Cybercrime is now a legitimate industry (in a manner of speaking), with teams of developers and commission-based structures responsible for spreading attacks far and wide. Ransomware as a Service is just one example of this, with a packaged ransomware attack bundled up for an aspiring cybercriminal to use. These kinds of services only make cyberattacks more accessible to those who would wage them. Layered Extortion Many ransomware attacks have historically extorted money from their victims more than once. Not only are the victims charged for resumed access to their data, but they then have to pay up to keep the attackers from leaking this data out. Unfortunately for businesses, this approach has evolved. Now, this kind of extortion takes place in four parts: The victimized business is instructed to pay for their access to their encrypted data to be restored. Hackers release the data they?ve stolen if the ransom isn?t paid. Denial of Service attacks are used to take down a victim?s website. The cybercriminals responsible reach out to the targeted business? customers, partners, employees, and the media to inform them of the hack. All in all, these tactics have only made ransomware attacks more successful. You Need to Be Ready to Resist Ransomware Ransomware is a serious issue for businesses, and isn?t going away anytime soon. That?s why we?re here to help you stop it. Find out more about what we can do by calling (603) 889-0800 today.