By -- 2022-08-19 in Blog

Apple recently announced back-to-back updates for iOS and Safari operating systems where an attacker could take control of your iPhone or Mac devices. Both updates address major security vulnerabilities, one which allows an application to execute arbitrary code on your device, giving them control of your device while the second one is in the component that powers Safari, mail, and many other apps

Apple has developed a patch for the operating systems. Since both vulnerabilities are likely actively being exploited, Apple users should install the patches by downloading the latest software update as soon as possible.

Business users should be on a plan which has constant monitoring and updating. If you are interested in learning more about the plans OptfinITy offers, feel free to email us at info@optfinity.com or call us at 703-790-0400.

By -- 2022-08-19 in Blog

In 2017 the Chinese Government was offering to spend $100 million to build an ornate Chinese Garden at the National Arboretum in Washington DC. It would include temples, pavilions, and a 70-foot white pagoda. Sounds like a great way to attract tourists, right?

Well, the U.S. counterintelligence did some digging and found some red flags. The pagoda would have been strategically placed on one of the highest points in Washington DC, just two miles from the U.S. Capitol. This would have been a perfect spot for signals intelligence collection. In addition, the Chinese officials wanted to build the pagoda with materials shipped to the U.S. in diplomatic pouches. U.S. Customs Officials would be prohibited from examining this.

Once these red flags were brought to attention the project was quickly destroyed before construction had begun. Since 2017 federal officials have investigated Chinese land purchases near critical infrastructure. The most alarming things the FBI uncovered pertains to Chinese-made Huawei equipment atop cell towers near U.S. military bases in the Midwest. The FBI determined the equipment could capture and disrupt highly restricted Defense Department communications, including those used by U.S. Strategic Command, which overseas our nuclear weapons.

The Chinese government denies any efforts to spy on the U.S. although it is unclear whether any data was intercepted and sent back to Beijing from these towers. If the Chinese government is using this equipment to spy on the U.S., what are you doing to protect your organization?

For more information regarding online safety, feel free to reach out to us at info@optfinity.com.

By -- 2022-08-17 in Blog

Cisco Systems, the maker of some of the worlds most complex networking equipment recently suffered a hacking attack.  Except, it wasn’t done via computer.

Vishing or voice phishing is a type of cyberattack where malicious actors use phone calls in attempt to collect confidential information from their targets.

Cisco believes the attack was conducted by hackers linked to the UNC2447 cybercrime gang, Lapsus$ threat actor group and Yanluowang ransomware operators.

These same actors also recently attacked Microsoft Azure, Samsung, T-Mobile, Okta, Nvidia, and Globant.

Luckily for Cisco, no ransomware was detected and Cisco successfully blocked attempts to access the company’s network.

 

How did this happen?

On May 24, 2022, Cisco was made aware that one of their employee’s credentials were compromised. An attacker gained control of the employee’s personal Google account where credentials saved in the victim’s browser were being synchronized.

The attacker conducted multiple sophisticated voice phishing attacks disguised as various trusted organizations. The attacker convinced the victim to accept the multifactor authentication (MFA) push notification initiated by the attacker. The MFA acceptance gave the attacker access to VPN in the context of the victim.

Regardless of the incident, Cisco continues to promote MFAs such as Duo to protect your accounts.  Do you have 2FA turned on for all of your accounts?  Are you training your employees on the best practices when it comes to online safety?

For more information on online safety including security awareness training, please contact us at info@optfinITy.com.

By -- 2022-07-29 in Blog

Did you hear? Apple is coming out with a new feature that will be beneficial for all Apple users. It’s not your average Apple feature that fixes bugs or extends your battery life a little longer. It’s designed to protect your device from advanced hacking and targeted spyware.

Some of these protections include blocking attachments and link previews in messages, potentially hackable web browsing technologies, and incoming FaceTime calls from unknown numbers. Apple devices will not accept accessory connections unless the device is unlocked. The new lockdown mode will be available for iPhones, iPads, and Mac computers.

Apple plans to release the new lockdown mode later this year, it will be free to all apple users. Apple also announced their $10 million grant and up to $2 million bug bounty to encourage further research to enhance its device security. Last year Apple sent out a free software update that addressed Pegasus, to stop the company from developing or selling anymore hacker tools. Apple also began sending “threat notifications” to potential victims of these hacking tools. Although the vast amount of people will not be victims of highly targeted cyberattacks, it’s already notified people in about 150 countries since November.

Apple plans to expand Lockdown Mode over time, but for now it is designed to disable computer features that open people to potential attacks.

Apple isn’t the only company taking action to improve their security measures. Google has an idea called “Advanced Account Protection” designed for “anyone who is at an elevated risk of targeted online attacks.” Google’s plan is to add an extra layer of safety to logins and downloads.

Apple is committed to strengthening and improving their security features and will continue to research into this growing threat.

For more information regarding online safety reach out to us at info@OptfinIty.com

By -- 2022-06-30 in Blog

Could you be providing people around you with your personal information and not really know it? You probably are.

A security researcher sat outside a coffee shop and was able to read individuals’ current location; and even past locations, including but not limited to the gym they go to, their job, and even their home.

Using an online database and a wireless auditing device, any educated computer user could possibly track someone’s location. In fact, when you aren’t connected to your Wi-Fi at work or at home, your phone is sending out signals to find networks to connect to. The signal from your phone can then be cross-referenced to see where you are based on the networks you are near.

So, what can you do? First, it is highly recommended to change the name of your home Wi-Fi network at least once a year. Make sure to use a common name such as a favorite band. By adding “_NOMAP” to the end of your home Wi-Fi name, this also lets mapping companies know you don’t want your Wi-Fi network published online, although that is not a guarantee.

For more information about what else you can do including network connection safety practices, reach out to us at info@OptfinITy.com

By -- 2022-05-4 in Blog

Have you received an email from a payment service that looks like this?

At a glance, it looks like a legitimate email containing an invoice. However, a closer look will uncover a host of discrepancies that reveal this email to be a real phishing attempt received by someone here at OptfinITy.

These discrepancies are not ones that a legitimate and trusted payment service like PayPal would include on an email invoice. Here are some of the red flags within this email and things you should look out for before clicking on any email containing financial information:

Red Flags to Watch Out For

  1. Check if it was sent to right account
    • Though the person who received this email has been anonymized, that person received this invoice on an email account different than the one linked to their PayPal account.
  2. Check names
    • This invoice lists the recipient as Patric Smith, even though Mike Duncombe is initially listed as the invoice sender. Neither of these names are the name of the account holder that received this invoice.
  3. Check for spelling and formatting errors
  4. The phone number listed is incorrect
    • A quick Google search will reveal that PayPal’s customer service number is not the one listed within the email, but rather +1 (888) 221-1161

What Are Next Steps?

Most reputable payment processors have channels through which you can report phishing emails. If you believe you’ve received a phishing email from an entity claiming to be PayPal, forward the entire email to spoof@paypal.com, and do not alter the subject line or forward the message as an attachment. After that, delete the suspicious email. PayPal will investigate the email and let you know their findings.

Did you know that we provide phishing test services? If you’d like to test yourself and your employees and gage how susceptible your organization is to fraudulent messages, you can reach out to us at info@OptfinITy.com.

By -- 2022-05-2 in OptfinITy News

Springfield, VA Release Date: May 2, 2022

 

OptfinITy is proud to announce its 20th anniversary as the DC Area’s leading managed service provider.

 

On May 2, 2002, OptfinITy was incorporated in Falls Church, VA.  “My vision was to deliver enterprise IT solutions to small to medium size organizations,” said Michael Drobnis, CEO of OptfinITy.  “Today, OptfinITy is much more than an IT provider; we are a company that delivers full range solutions to various industries throughout the world”.

 

OptfinITy has received numerous awards and recognition over the years, including the MSP501 ranking of the top Global IT providers and the CRN MSP500 List.

For more information OptfinITy and their services please visit https://optfinity.com/

 

Contact Info:

Michael Drobnis

OptfinITy
7405 Alban Station court, Suite B205

Springfield, VA 22150
(703) 750-0400

By -- 2022-04-26 in Blog

Do you have an old Android phone and you don’t know what to do with it? Maybe you’re thinking about storing it in a drawer, selling it, or trading it in. Whether your phone is too old to warrant a high trade-in value, or if you’re just interested in trade-in alternatives, continue reading to learn the top 5 ways to repurpose your old Android.

  1. Store your photos: Pictures can take up a significant amount of storage, so store them on your old phone to save room on your new one! You can send photos taken on your new device to the old one, or use your old device as a camera and take it places you’d usually be hesitant to take a new phone, like the beach or lake.
  2. Turn it into a Google Home: This process is simple and requires no downloads and no $130 Google Home purchase. First, make sure the phone is updated to the latest Android OS. Next, pair your phone to a Bluetooth speaker and keep both plugged in at all times. Now, you’ll be able to give it Google commands whenever you want!
  3. Convert it into a Game Boy: Did you know that you can convert your old Android into a Nintendo Game Boy? All you need is a compatible Android and a $50 Hyperkin Smartboy Mobile Device. To play, you’ll still need to own or buy Game Boy cartridges. Alternatively, you can also play Game Boy advance apps if you don’t have the cartridges.
  4. Use as a universal remote: If you’re not sure what to do with an old Android- turn it into a remote! Downloading a remote control app and syncing your phone to your devices will allow you to control things like Rokus, Apple TVs, Xboxes, and even smart light bulbs.
  5. Turn it into a home security camera: This is a simple but effective way to keep your eyes on your home while you’re away. Simply download a security camera app and place it in a main room of the house in a place where you have a good view. Additionally, you can set it up outside when you’re home to see who’s knocking on your door.

If you’re interested in discussing phasing our and purchasing new devices for your office space, feel free to reach to to us at info@OptfinITy.com or call us at (703) 790-0400.

By -- 2022-04-22 in Blog

Happy Earth Day!

Earth Day marks a time where people reflect on what they’re doing to keep our planet clean and thriving. Whether you compost, recycle, take short showers, or drive electric, take the day to reflect on what you’ve done to help the environment, as well as other ways you can make a difference. Below are 3 technology tips that are good for the planet and your bottom line.

  1. Reduce your paper usage: Unless a business document needs to be on paper for legal purposes, avoid printing out things like emails, online forms, and business manuals. Going as paperless as possible saves trees, but also saves you money by reducing the amount you spend on paper and ink. Paper-form documents can also be fairly inefficient for business purposes, as they can’t be integrated, automated, or accessed remotely. The manual nature of dealing with paper documents slows down your business and racks up manual label hours.
  2. Implement electronic and cloud storage: So, if you decide to switch to dealing with documents digitally, where do you store them? In the cloud! Physically storing documents necessitates the use of physical space, air conditioning, and other environmental (and financial) burdens. In fact, the paperless Project estimates that to maintain just one file cabinet, it can cost as much as $1,500 and one employee annually. Dealing with file cabinets can also make organization a headache, and the threat of natural disasters wiping out important information is a concern as well. Consider storing vital documents within your electronic business management system, for the sake of the planet and your pockets.
  3. Leverage remote work: If you’re in an industry that can allow employees to work remotely, consider implementing a remote or hybrid work plan Working remotely instead of commuting to an office results in less air pollution from vehicle emissions. Additionally, recent studies suggest that as many as 68% of US employees prefer remote work over in-person work. Why is this important for your business? Because happier employees are correlated with higher levels of productivity. This isn’t too surprising when you take into consideration that 77% of remote workers claim that they’re more productive when they work from home.

If you’re looking to move your documents to the cloud (the digital one) or are interested in discussing the logistics of remote employees, you can always reach us at (703) 790-0400 or email us at info@OptfinITy.com.

By -- 2022-04-18 in Blog

An astounding number of people use Gmail to send and receive emails. In fact, Gmail accounts for 1.8 billion active email accounts. If you’re part of that 1.8 billon, you may not be familiar with all the platform has to offer. To learn how to best customize and optimize your Gmail experience, read below to uncover the 7 best Gmail tricks you can implement today.

  1. Color-Code Important Messages: You probably already know that starring messages puts your most important emails in a separate folder for easy access. However, did you know that you can color-code your messages too? To further organize your emails with color-coded stars, go to settings, scroll down to the General tab, and drag More Color Options to the “In Use” section.
  2. Smart Compose: If you write with traditional office lingo, then this tool is a must for you. Just by typing the beginning of a sentence, Google will suggest the remainder of it, saving you time and typing. Smart Compose can be turned on and off under settings, and is even accepting feedback on the quality and relevance of suggested phrases.
  3. Unsend an Email: After you send an email, you may notice a small box containing the word “Undo” will appear in the lower right corner of the window. Directly clicking on this will allow you to unsend a message.
  4. Advanced Search: This is a useful tool that can help you find pieces of information buried in your inbox. It allows you to search by date, words, sender, receiver, or even by words an email doesn’t To access this tool, simply click the icon with 3 slider bars in the search box at the top of your inbox.
  5. Mute Conversation: To mute a thread that gets an excess of replies, first check the box on the left of an email in the thread. On the options bar that appears at the top, select the 3 dots to bring in the dropdown menu. From there, select Mute and enjoy the silence.
  6. Customized Inbox: If you wish to prioritize your inbox, first click the Quick Settings gear icon. Next, select a custom inbox based on what you’d like to see first: unread, important, or starred.
  7. Confidential Mode: Did you know that you can set an expiration date on a private email? To make an email disappear after a certain amount of elapsed time, click the lock icon near the send button prior to sending an email.

If you have any questions about email deliverability and security, feel free to contact us at info@optfinITy.com.