BNMC Blog

A critical, widespread vulnerability was just discovered, and this one is a very big deal. In fact, Log4j is one of the worst vulnerabilities we’ve seen, period. Your business needs to be aware of it, and you absolutely need to take measures to prevent it.

2020 has brought us a lot of news that we’d rather not hear. Just days before the end of what may be regarded as one of the worst years on record, there is more. One of the largest hacks in the history of the Internet happened earlier this year and more is being learned about it each day. Today, we will tell you what we know, who it affected, and what your business needs to do to secure itself. 

The Department of Homeland Security has issued an alert over several zero-day exploits found in the world’s most popular Internet browser, Google Chrome. Google has since patched this software and we would like to remind you that you need to do so on all of your devices that feature the Chrome browser. 

Companies around the world have or are finding the need to send their workers home to prevent the spread of the novel coronavirus. For many business owners, managing your staff remotely is a brand new paradigm. Here’s what you need to know.

COVID-19, or coronavirus, has been a major global health concern over the past couple of months. At this point, it is clear that this disease could have serious impacts on the workplace. We wanted to provide a brief rundown of good workplace and network health practices, as well as a few pointers on how you can handle health-based employee absences.

Intel recently found itself (once again) in hot water, mere months after many flaws were discovered in the firmware that enables all of their chips to do their job. This time, the issue could have potentially caused a permanent dip in the CPU’s capacity to function properly. This has come to be known as the Meltdown vulnerability.

Email scams have become a sort of punchline, often featuring Nigerian princes or wealthy, unknown relatives in need of funds to get home. However, another email scam is anything but amusing, as it uses a unique possession of the target to entice them to comply: their life.

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

Students generally love it when classes are cancelled for whatever reason, but thanks to a cybercriminal group called TheDarkOverlord Solutions, a school in Flathead Valley, Montana was disrupted for an extended period of time. This downtime resulted in a disruption of operations for over 30 schools, as well as the threat to the personal information of countless teachers, students, and administrators due to a ransomware attack.

In case you haven’t heard, the credit bureau, Equifax, has suffered a data breach that may have exposed the records of 143 million Americans.

Ransomware is a tricky piece of malware that locks down the precious files located on a victim’s computer, then (in theory) will return access to them when a ransom has been paid. Depending on the files stored on a victim’s computer, they might simply blow it off and not worry too much about losing access to a couple of pictures or videos--but what if this ransomware threatened to expose your web browsing history?

Run your Windows Updates and be very skeptical about opening unsolicited emails. Failure to do so may result in a very dangerous strain of ransomware that could infect your entire network and spread to your clients, partners, and prospects.

It’s National Clean Out Your Computer Day! To kick off this important day, we’d like to remind business owners that this is a valuable opportunity to make sure that you’re taking good care of one of your greatest assets: your company’s technology. Let’s go over some of the best ways that you can optimize the performance of your office computers.

The branch of malware known as Ghost Push now has a new component, Gooligan, and it certainly lives up to its name. Google was struck by an attack that infected over one million Android users, with over 13,000 additional devices adding to that total on a daily basis.

If you have the most recent addition to Samsung’s growing collection of smartphones, we hope you haven’t grown too attached to it. The company is recalling the Galaxy Note 7 on reports that the batteries explode. This event is largely considered one of the more high-profile recalls in the history of consumer technology.

Hackers continue to innovate and cause trouble for businesses of all industries and sizes. One of the more interesting recent tactics includes utilizing a malicious Twitter account to command a botnet of Android devices to do its bidding. Twitoor is considered to be the first real threat to actively use a social network in this manner, making this a major cause for concern.

The ransomware machine keeps moving forward, despite significant opposition. In particular, the ransomware tag-team duo of Petya and Mischa have steamrolled most attempts to block them from accessing critical systems, always finding ways to outsmart security professionals. Now, these ransomwares have adopted a Ransomware as a Service model, which has made significant changes to the way that this ransomware is distributed.

In the latest round of security patches released by Microsoft, 27 vulnerabilities were fixed. Affected software includes major titles like Windows, Microsoft Office, Internet Explorer, and the new Edge browser. It’s imperative that you apply these security patches as soon as you can, or else your system will be exposed to some serious threats.

Users of Acer’s online store between May 12th, 2015, and April 28th, 2016, may be in for a rude awakening. Acer may be attempting to contact you to relay that your credit card’s credentials have been lifted by hackers. The breach in question resulted in 34,500 customers having their credentials stolen, including the user’s name, address, credit card number, expiration date, and security code.

In light of a recent zero-day vulnerability discovered with Adobe Flash, along with the wide adoption of the alternative rich media player HTML5, Google has put into motion plans to stop supporting Flash for its popular web browser, Google Chrome. By all accounts, this move may be the final nail in the coffin for the Internet stalwart, which means that your business should cease using it.