By -- 2022-09-26 in Blog

Did you hear? Samsung is experiencing a cybersecurity incident. Although the company has informed the public that social security numbers as well as debit card numbers were not accessed, customer’s name, contact and demographic information, date of birth and project registration information have been.

Samsung claims someone gained unauthorized access to their systems in late July. In early August, it was determined that the attacker had obtained customer data, but consumer devices were not affected. Samsung has taken action to secure its systems.

Samsung does not believe it is necessary for customers to take immediate action based on their investigation although the company does suggest that individuals use caution if they receive unsolicited emails relating to Samsung products.

If you would like more information regarding online safety, reach out to us at info@optfinITy.com.

By -- 2022-09-22 in Blog

If you’re using Google Chrome, it’s time to check for a critical security update. Google released a Chrome update to patch a significant vulnerability that is actively being exploited in ongoing cyberattacks. Google urged users to update Chrome as soon as possible.

How to update Chrome on iPhone or iPad:

  • Open the App Store app on your iPhone or iPad
  • Tap Profile Properties in the top right corner. This will open a screen labelled Account. Scroll to Available Updates
  • Search for Google Chrome. Tap Update to install the latest browser updates. (You may be asked to provide your Apple ID and password)

If Chrome isn’t listed under available updates, you can go to Google Chrome in the App Store. You may see an option to update Chrome appear, you can tap that button to begin updating.

How to update Chrome on a desktop

It doesn’t matter whether you are using MacOS or Windows, your google Chrome update process is the same.

  • Open Google Chrome and click on the More menu (it’s located in the top right corner; it looks like three dots stacked vertically)
  • Now you’ll see if an update has been recently released. A green icon means an update was released less than two days ago. An orange icon means there’s been a pending update for four days now. A red icon means an update has been available for at least a week
  • Near the bottom of the More menu, click Help and then click About Google Chrome.
  • In the new screen that opens, click the Update Google Chrome button (if you don’t see the button, it means you’re already up to date)
  • After you’ve clicked the Update Google Chrome button, click Relaunch to finish the update

Chrome will now restart, and you’ll be up to date.

If you have any questions on updating Google Chrome or protecting yourself from security bugs, please contact us at info@optfinity.com.

By -- 2022-09-8 in Blog

Let’s be honest, our phones are constantly ringing but not because friends and family miss us and want to talk. It’s the “IRS” asking for money or “credit card companies” telling us we missed a payment, or our account was hacked. It’s telemarketers and scammers attempting to steal our personal information and hack into our accounts.

Americans are expected to get over 52 billion robocalls just within this year alone. I don’t know about you, but I don’t pick up the phone unless I recognize the number, I’d rather risk missing an important call than deal with a spam call.

Although companies like Apple have taken action to warn us about the “scam likely” calls, attackers are becoming more sophisticated. Attackers have been spoofing local numbers and those of popular companies to convince you that they are authentic. Recently, these attackers have been using SMS text messages that come from your own phone number.

Regardless of how the attackers are making their move, companies are trying to make it stop but here is what you can do:

  • Don’t answer calls from blocked/unknown numbers
  • Don’t answer calls from number you don’t recognize
  • Don’t assume incoming calls are from a local number just because it looks like it
  • Don’t respond to any questions that can be answered with “Yes”
  • If someone calls claiming to be with a specific company, hang up and call that company using their official number from their website to be certain
  • If you answer the phone and hear “Hello, can you hear me?” hang up
  • If you receive a call requesting you to click a number before being connected to a representative, hang up

By interacting with a voice prompt, you’re verifying that your number is real. They can then sell your number to another company who will begin targeting your number more frequently. If you are an Apple user, Apple has an option to “Silence unknown callers.” This will add the option to route calls from numbers not found in your contacts, mail, or messages to your voicemail.

If you start receiving a lot of spam text messages, you can forward the message to number 7726 (this spells “spam”). This won’t stop the number from texting you, but it will notify your carrier to investigate it and hopefully put an end to it.

If you have any questions about receiving spam calls, please contact us at info@optfinity.com.

By -- 2022-08-30 in Blog

What do you do when you have a dumb question? You Google it, right? Just like when you’re sick and want to avoid going to the doctors, so you self-diagnose based off your Google results. I’m sure you have searched numerous odd things in Google throughout the years, I know I have. What if I told you someone could access all your Google searches? Is your face turning red yet? Don’t freak out just yet, there’s a way to keep your searches private.

So, what is Google tracking?

All the contents in your inbox from receipts to private messages including medical documents and bills are scanned by Google. There is a setting called “Smart Compose” that allows Google to scan your emails as you type them. Its purpose is to help you write faster by finishing common phrases.

Turn off Smart Compose

  • Open Gmail
  • Click on the gear icon in the upper right corner for settings
  • Select see all settings
  • Click general tab near top of page
  • Go to the smart compose section
  • Turn writing suggestions off by clicking on the circle next to it
  • Click save changes at the bottom

Please note Google will still have access to all the content in your emails unless you switch to a privacy-based email inbox.

Switch to privacy-based email

  • Click on the gear icon in top right corner of Gmail and click settings
  • Scroll down to E-mail via Google+ option
  • Click on the drop-down dialog box Anyone on Google+ set by default and change it to the degree of privacy you want
  • Click save changes once you are finished

For more information regarding online safety, reach out to us at info@optfinity.com

By -- 2022-08-23 in Blog

I know what you’re thinking, probably never right? Unless your phone started performing slower than usual, it most likely never crossed your mind. But clearing your cache does a lot more than speed up your phone while browsing the web.

Clearing your cache is kind of like clearing your digital countertop. If you don’t, it’ll become digitally cluttered. So, what does that mean? Typically, when you visit a website, it downloads information from your phone such as photos, banners, and other data. To make things easier your internet browser will store some of that data in a cache so it can be easily retrieved. Sounds great right? Not exactly, over time your browser’s cache gets outdated and the data being retrieved no longer matches the data being used on the website. This will cause slower load speeds and weird website formatting. This is equivalent to putting your mail, keys, wallet, cups and whatever else on your counter. Suddenly, you don’t have room to do anything.

Clearing your cache will give sites a fresh start in your browser and free up storage space. It will also sign you out of sites you’re currently logged into. Although resigning into your accounts is inconvenient, it will keep things moving quickly and accurately.

So how do you clear your cache?

Before you clear your cache remember all your devices signed into your iCloud account will be logged out. You’ll need to sign into everything the next time you use them. Follow the steps below.

Clear your iPhone cache in Safari:

  1. Open the Settings app on your iPhone
  2. Select the Safari from the list of apps
  3. Go to Advanced à Website Data
  4. Scroll down and select Clear History and Website Data
  5. Choose Remove Now in the pop-up

How often should you be clearing your cache?

Most people need to clear their cache once every two months. If you frequent many sites, you should clear your cache more often.

If you have any questions about clearing your cache, please contact us at info@optfinity.com.

 

By -- 2022-08-19 in Blog

Apple recently announced back-to-back updates for iOS and Safari operating systems where an attacker could take control of your iPhone or Mac devices. Both updates address major security vulnerabilities, one which allows an application to execute arbitrary code on your device, giving them control of your device while the second one is in the component that powers Safari, mail, and many other apps

Apple has developed a patch for the operating systems. Since both vulnerabilities are likely actively being exploited, Apple users should install the patches by downloading the latest software update as soon as possible.

Business users should be on a plan which has constant monitoring and updating. If you are interested in learning more about the plans OptfinITy offers, feel free to email us at info@optfinity.com or call us at 703-790-0400.

By -- 2022-08-19 in Blog

In 2017 the Chinese Government was offering to spend $100 million to build an ornate Chinese Garden at the National Arboretum in Washington DC. It would include temples, pavilions, and a 70-foot white pagoda. Sounds like a great way to attract tourists, right?

Well, the U.S. counterintelligence did some digging and found some red flags. The pagoda would have been strategically placed on one of the highest points in Washington DC, just two miles from the U.S. Capitol. This would have been a perfect spot for signals intelligence collection. In addition, the Chinese officials wanted to build the pagoda with materials shipped to the U.S. in diplomatic pouches. U.S. Customs Officials would be prohibited from examining this.

Once these red flags were brought to attention the project was quickly destroyed before construction had begun. Since 2017 federal officials have investigated Chinese land purchases near critical infrastructure. The most alarming things the FBI uncovered pertains to Chinese-made Huawei equipment atop cell towers near U.S. military bases in the Midwest. The FBI determined the equipment could capture and disrupt highly restricted Defense Department communications, including those used by U.S. Strategic Command, which overseas our nuclear weapons.

The Chinese government denies any efforts to spy on the U.S. although it is unclear whether any data was intercepted and sent back to Beijing from these towers. If the Chinese government is using this equipment to spy on the U.S., what are you doing to protect your organization?

For more information regarding online safety, feel free to reach out to us at info@optfinity.com.

By -- 2022-08-17 in Blog

Cisco Systems, the maker of some of the worlds most complex networking equipment recently suffered a hacking attack.  Except, it wasn’t done via computer.

Vishing or voice phishing is a type of cyberattack where malicious actors use phone calls in attempt to collect confidential information from their targets.

Cisco believes the attack was conducted by hackers linked to the UNC2447 cybercrime gang, Lapsus$ threat actor group and Yanluowang ransomware operators.

These same actors also recently attacked Microsoft Azure, Samsung, T-Mobile, Okta, Nvidia, and Globant.

Luckily for Cisco, no ransomware was detected and Cisco successfully blocked attempts to access the company’s network.

 

How did this happen?

On May 24, 2022, Cisco was made aware that one of their employee’s credentials were compromised. An attacker gained control of the employee’s personal Google account where credentials saved in the victim’s browser were being synchronized.

The attacker conducted multiple sophisticated voice phishing attacks disguised as various trusted organizations. The attacker convinced the victim to accept the multifactor authentication (MFA) push notification initiated by the attacker. The MFA acceptance gave the attacker access to VPN in the context of the victim.

Regardless of the incident, Cisco continues to promote MFAs such as Duo to protect your accounts.  Do you have 2FA turned on for all of your accounts?  Are you training your employees on the best practices when it comes to online safety?

For more information on online safety including security awareness training, please contact us at info@optfinITy.com.

By -- 2022-07-29 in Blog

Did you hear? Apple is coming out with a new feature that will be beneficial for all Apple users. It’s not your average Apple feature that fixes bugs or extends your battery life a little longer. It’s designed to protect your device from advanced hacking and targeted spyware.

Some of these protections include blocking attachments and link previews in messages, potentially hackable web browsing technologies, and incoming FaceTime calls from unknown numbers. Apple devices will not accept accessory connections unless the device is unlocked. The new lockdown mode will be available for iPhones, iPads, and Mac computers.

Apple plans to release the new lockdown mode later this year, it will be free to all apple users. Apple also announced their $10 million grant and up to $2 million bug bounty to encourage further research to enhance its device security. Last year Apple sent out a free software update that addressed Pegasus, to stop the company from developing or selling anymore hacker tools. Apple also began sending “threat notifications” to potential victims of these hacking tools. Although the vast amount of people will not be victims of highly targeted cyberattacks, it’s already notified people in about 150 countries since November.

Apple plans to expand Lockdown Mode over time, but for now it is designed to disable computer features that open people to potential attacks.

Apple isn’t the only company taking action to improve their security measures. Google has an idea called “Advanced Account Protection” designed for “anyone who is at an elevated risk of targeted online attacks.” Google’s plan is to add an extra layer of safety to logins and downloads.

Apple is committed to strengthening and improving their security features and will continue to research into this growing threat.

For more information regarding online safety reach out to us at info@OptfinIty.com

By -- 2022-06-30 in Blog

Could you be providing people around you with your personal information and not really know it? You probably are.

A security researcher sat outside a coffee shop and was able to read individuals’ current location; and even past locations, including but not limited to the gym they go to, their job, and even their home.

Using an online database and a wireless auditing device, any educated computer user could possibly track someone’s location. In fact, when you aren’t connected to your Wi-Fi at work or at home, your phone is sending out signals to find networks to connect to. The signal from your phone can then be cross-referenced to see where you are based on the networks you are near.

So, what can you do? First, it is highly recommended to change the name of your home Wi-Fi network at least once a year. Make sure to use a common name such as a favorite band. By adding “_NOMAP” to the end of your home Wi-Fi name, this also lets mapping companies know you don’t want your Wi-Fi network published online, although that is not a guarantee.

For more information about what else you can do including network connection safety practices, reach out to us at info@OptfinITy.com