Macro Systems Blog

We’re still getting more information on this, but at the time of writing this, every American can assume that their social security number has been stolen. Listed below is what we know so far.

The world’s largest ticket retailer is in the headlines for the wrong reasons after their parent company, Live Nation Entertainment, filed an 8-K filing with the Security and Exchange commission admitting that they had been hacked to the tune of 1.3 terabytes of information. That amounts to 560 million customers’ personal information that has been stolen from the company’s servers. Listed below is a look at the hack and what it means for consumers.

A vulnerability was recently discovered that is effectively guaranteed to impact all computer users, from private users to businesses. While this situation will take some time to resolve fully, we want to make sure you know everything that needs to be done to protect yourself from Log4j.

The recent discovery of four defects in Microsoft’s Exchange Server software came too late to prevent a rash of stolen emails, but that doesn’t mean you need to remain vulnerable to this attack. Below is the story so far, and how you can help protect your business.

2020 gave us a final parting gift: the news that the United States was targeted this year by the biggest cyberespionage attack ever. What were the ramifications of this attack, and what it should teach us going forward?

The Cybersecurity and Infrastructure Security Agency (CISA) have released an emergency directive concerning a critical exploit known as Zerologon, which affects servers running Windows Server operating systems that needs to get patched as soon as possible.

COVID-19, or coronavirus, has become a serious global health concern over the past couple of months. At this point, it is clear that this disease could have major impacts on the workplace. We wanted to offer a brief rundown of good workplace and network health practices, as well as a few pointers on how you can handle health-based employee absences.

Capital One is one of the biggest credit card companies in the world. On July 29th 2019, Capital One made an announcement: it was the victim of one of the largest data breaches in financial sector history. A former software engineer for Amazon has been indicted on charges related to the hacking.

If you have an Asus laptop, there is a possibility that a recent update could have installed malware. We are strongly recommending anyone who owns an Asus device reach out to us to have it looked at.

With Hurricanes Florence, Helene and Isaac causing problems around the globe this month, it seems as good a time as any to discuss preparing your business for hurricane season Preparing your organization for events like these is vital to its survival, making it crucial that you know what your responsibilities are when awaiting a potentially devastating event such as a hurricane.

Like every other piece of equipment on your network, printers require careful configuration and regular maintenance to ensure that they aren’t placing your data and users at risk. Security researchers recently discovered two enormous vulnerabilities in HP Officejet All-in-One printers that make it very, very easy for hackers to spread malware and gain acquire to an organization’s network.

Cybercriminals and hackers, like most people, have a tendency to gravitate towards high-reward activities. In this instance, that means that focus is turning to developing malware that attacks the router, potentially infecting the users that leverage it to connect wirelessly to the Internet. Researchers at Kaspersky Lab discovered an example of such a malware; let's examine this threat and how to best protect your network.

Twitter is strongly recommending that all 336 million users change their passwords as soon as possible; this is a result of the discovery of an internal security flaw. While the problem has been fixed and no data breach seems to have occurred, Twitter is clearly taking this situation seriously.

On Wednesday, several users found themselves the victim of a convincing phishing attack. The attack was designed to look like an invitation to view and edit a Google Doc, and is designed to steal your Google credentials and spread through your contacts.

Virtual private networks are susceptible to an exploit that was recently revealed. Cisco has declared that this exploit undermines its Adaptive Security Appliance (ASA) tool. If this issue isn’t patched instantly, you could find your business vulnerable via remote code exploitation.

In a statement issued by Tom Bossert, the Homeland Security Adviser to the White House, responsibility for the WannaCry attacks from May 12th to the 15th in 2017 was attributed to the Democratic People’s Republic of Korea. This claim fits with the conclusions that New Zealand, Australia, Canada, and Japan have come to, according to Bossert.

A significant weakness has been discovered that affects all Wi-Fi users. Key Reinstallation Attack, or KRACK, affects the core encryption protocol that most Wi-Fi users depend upon to shield their browsing from others, Wi-Fi Protected Access 2 (WPA2).

Using the most up-to-date versions of your technology’s operating systems is one of the best ways to stay secure. Yet, some organizations forego the jump to more recent operating systems due to the immense up-front expense represented by upgrading multiple servers or workstations at once. Unfortunately, this can be detrimental to your organization’s security, and potentially even put your business’s future at risk.

On June 12th, the U.S. Department of Homeland Security issued a warning to power grid operators and electric utilities concerning a newly surfaced malware called CrashOverride (aka Industroyer). Only, it’s not entirely new. The world has seen this before and the fallout from it is concerning.

A new malware swept across the globe Tuesday, incorporating facets of many ransomwares that have made headlines recently. While it originally appeared to be a variant of the Petya ransomware, it has been determined that it shares more in common with WannaCry. However, “NotPetya,” as it has been named, has a few additional features that experts say make it worse than either of its predecessors.