Have you ever wanted a little more background information on an image you’ve seen online? Have you ever found an image and wished you could find others similar to it? Well, Google Images has a feature that allows just that, and it does its job quite well! Their engine allows users to reverse image search, letting users find the original image and ones similar! For instance, let’s say you stumble across this image of a mountain. You find the particular image quite stunning, but the website or post you found it on does not provide any information about its location or name! Here is where Google’s reverse image search engine comes in handy! To access Google’s reverse image search engine, first, you must navigate to Google Images. Once there, click on the little camera icon found within the search bar. From there, you get two options: You could paste an image’s URL, or you could upload an image from your computer. I find that downloading the image to my computer and then uploading it is much more convenient. Once completed, Google scours the internet in search of images similar to the one you upload, as well as attempt to locate its name for you! As you can see from our search results, the picture in question was Mount Everest! Now I know the name of this mysterious mountain as well as have the ability to view images that are similar to the one I uploaded! It is important to note that Google’s reverse image search is not perfect. When someone posts a picture online, any slight changes made to the picture could throw off the engine’s ability to accurately detect what the image is conveying. However, I find it quite useful from time to time and recommend that the next time you want to find a little more information about a picture, you give it a try!
Thunderbolt ports are commonplace on many laptops today. They allow for high-speed connections for data transfer, video display, charging phones, and even the computer itself. However, as useful as Thunderbolt ports are, they also leave one’s computer vulnerable to hackers. Theft and laptops go hand in hand. They are expensive, can hold sensitive information, and are relatively easy to carry around and conceal. However, to counter this, laptops come equipped with encryption techniques for data and passwords. However, these safety measures will prove futile against Thunderspy. What is Thunderspy Thunderspy is a technique requiring physical access to a computer and utilizes the thunderbolt port on one’s machine. Using this technique, individuals can access a computer’s information regardless if the computer is sleeping, locked, or encrypted. Even if one’s system comes equipped with Kernel DMA protection for Thunderbolt 3, a countermeasure that protects one’s machine from Direct Memory Attacks (DMA), you are still not entirely protected from this attack. Kernel DMA protection will only protect your computer from a few vulnerabilities that Thunderspy exploits. Intel has made a statement regarding Thunderspy, stating that with Kernel DMA protection active, they were unable to hack into a machine’s data successfully. Staying Safe If you wish to find out if your system is vulnerable, the security researcher (Ruytenberg) who discovered the vulnerability has released a tool that allows Windows and Linux users to check their systems. Although, the only real way to make sure that your system is safe from this type of attack is to make sure that Thunderbolt is disabled or make sure that no unauthorized access to your machine takes place. Are you worried that your data is unprotected and vulnerable to attacks? Worried your sensitive information may leak onto the internet? Hammett Technologies will make sure that all your personal and business information is encrypted and secured. By monitoring all corners of the internet, including the Dark Web, we make sure that even if your data does leak, it becomes unavailable as quickly as it appeared. Call us today and find out how we can help your business’s online data stay out of the hands of criminals!
When it comes to saving money, it is vital that you have an overview of all your company’s expenses. While this may seem obvious to some, there are many who believe they already have a good idea of their company’s expenses. We cannot stress enough, no matter how much of an idea you believe to have of your organization’s expenses, consult with your financial partner. You may be surprised with how much money your organization actually spends. Consulting with Your Financial Partner Even though you may feel certain that you have a good idea of how much money your organization is spending, it is important to ensure that you are accurate in your estimates. By consulting with your business’s financial partner, you can ensure that your company’s funds are being spent accordingly and efficiently, without leaving anything up in the air. When getting the big picture of your company’s expenses, leave no stone unturned. Review all expenses, making sure you know exactly how much money is being spent and which areas need to be focused on the most in order to save the most money. By doing this, you can ensure your company can remain in good financial standing, without the worry of unnecessary expenses. Hammett Technologies is Your Company’s IT Department As we have stated multiple times before, when it comes to understanding cybersecurity and technology, Hammett Technologies is the expert. Our team has worked with numerous organizations, from government contracts to small, family-owned, businesses. We understand how important it is to balance the budget to ensure that a company, regardless of size, is able to operate efficiently and securely. Therefore, by choosing Hammett Technologies, you not only gain a powerful cybersecurity team and IT support, but you also gain a partner who is conscious of your business budget and will work with you to obtain the best materials that are within your price range.
Earlier this week, a massive Twitter hack occurred, involving famous individuals and high-profile politicians. These hacked accounts asked for bitcoins and offered to “double the amount” to “give back to the community.” Twitter, while conducting its investigation, has commented on the situation, stating that the hackers had specifically targeted employees who had access to internal systems and tools. Twitter is calling this attack a “coordinated social engineering attack.” Furthermore, Twitter has also stated that they are investigating other potential “malicious activities” that may have taken place during the attack. However, these have not done much to help calm down the victims of the hack. US Sen. Edward Markey commented on the situation and stated that this kind of attack is “extremely troubling.” “While this scheme appears financially motivated and, as a result, presents a threat to Twitter users, imagine if these bad actors had a different intent to use powerful voices to spread disinformation to interfere without elections potentially, disrupts the stock market, or upset our international relations.” Twitter has confirmed that the hackers while targeting 130 accounts, were only able to access a small portion of them. This “small portion” was then used to create cryptocurrency fraud, stated the FBI. The FBI went on to mention the importance of practice cybersecurity and becoming knowledgable in common internet scams and schemes. Bitcoin, while the cryptocurrency itself is not malicious, is often used by cybercriminals for transactions and scams. The Twitter hack furthers the point we try to make towards business. Cybersecurity is critical, and if a multibillion-dollar company (Twitter) can be breached, then so can your company. We understand that this truth can be scary, but it is a truth many companies refuse to face, and many companies do not want to face it. Many choose to cut corners to save many, leading to a poorly designed cybersecurity team and system. We urge you to think carefully about your company’s cybersecurity. Hammett Technologies offers cybersecurity support for companies of all sizes to ensure that your business stays out of the hands of criminals. We help install firewalls, set up Virtual Private Networks (VPNs), and much more for a fraction of the cost of other companies. At Hammett Technologies, we want to work with you, as partners, to ensure your company is as safe as possible. Wanna find out more about how Hammett Technologies can help your business? Find out how we can help your business stay safe!
“Mass Logger,” a new keylogger on the market, has the potential to become extremely dangerous for businesses and individuals. Keyloggers are a type of malware, usually found within phishing campaigns, that store all information you type into your computer. These malicious programs can lead to many of your passwords becoming compromised. Why is This Key Logger so Dangerous? Mass Logger is different from other key loggers. The developer of Mass Logger is frequently updating this key logger to help it remain undetected through automated antivirus solutions. Furthermore, support from the developer allows other cybercriminals to assist with and make requests for the malware. Cofense Intelligence has already identified a phishing campaign hiding Mass Logger. Emails loaded with GuLoader, a popular malware delivery mechanism that downloads encrypted payloads hosted on legitimate file-sharing platforms is also being used to deliver Mass Logger. A New Kind of Keylogger Additions and features, such as the ability to spread itself through USB ports, set Mass Logger apart from other key loggers. Mass Logger is also able to search for specific file extensions and exfiltrate them. These “features,” and the key loggers continued support from its developer, could see Mass Logger being adopted by a large portion of cybercriminals. Defending Yourself from Mass Logger Defending yourself from malware is tiresome but a necessary task when online. Ensure that you are watching out for suspicious emails from unknown senders. Never open attachments from people you are unfamiliar with or do not know. Merely opening an infected attachment is all malicious programs need to begin infecting your system. Ensure that you trust the sites you are downloading programs from and that they are reputable. If you are worried about your company and want your employees to understand the importance of practicing cybersecurity daily, call Hammett Technologies. We are certified experts and will ensure your business runs at top speed without cutting corners on cybersecurity.
What should not come as much of a surprise to anyone, criminals are using COVID-19 as a jumping point for new scam call campaigns and phishing email attacks. These attacks have become so prevalent that the CDC has released a statement and some helpful tips on how to make sure your sensitive information stays safe. Phone Scams There are many apps and websites that allow people to disguise their phone number and identity. Phone scammers are using these apps and websites to make it appears as if their phone call is originating from within the CDC. Either through direct conversation or by leaving a voicemail, these scammers attempt to have you reveal sensitive information about yourself (credit card information, social security, etc.). These kinds of acts are considered “impersonation fraud” but are challenging to track down and pursue due to how they originate. To keep yourself safe, avoid picking up the phone when you do not recognize the number. If you do happen to pick up, do not reveal any sensitive information over the phone to someone you do not know, regardless of who they claim to be affiliated with. If you find yourself on the phone with someone to suspect to be a scammer, hang up on them immediately, block the number they called from, and report them to the Federal Communications Commission (FCC). Phishing Attacks Phishing emails are malicious emails created by cybercriminals in an attempt to steal your sensitive information. Phishing attacks have always been around, but with COVID-19, cybercriminals have a convincing means of scaring and persuading some people to either give out confidential information or access their machine by clicking malicious links. Phishing emails, similar to the scam phone calls, are disguising themselves as emails sent from the CDC. These emails contain attachments regarding infection-prevention measures. These attachments are usually embedded with viruses that can steal your information and track your online browsing. Protecting yourself from phishing attacks in simple but must be continuously practiced when online. Here are a few safety tips: Never open emails from someone you do not know Be careful when obtaining information regarding COVID-19 from third parties. Go directly to the government website for official updates and safety tips. If links are embedding within the email, hover over them before clicking on them to see where they will take you. If the email comes from someone you do not know, do not open attachments. Never provide sensitive information over email, to anyone. Staying Safe; Online and Offline Coronavirus has caused Americans many issues regarding work and general health safety. Unfortunately, people out there have sought to take advantage of this situation and cause more havoc. We hope that this information finds you and your data safe and well during these trying times. If you have any questions or concerns, give us a call! We are happy to assist!
Windows and Linux users are once again the targets of a new string of ransomware: Tycoon. First discovered in 2019, the new strain of ransomware was created to attack educational institutes and software industries. Once inside, Tycoon proceeds to encrypt file servers, demanding a ransom for decryption. What makes this ransomware different from its predecessors is its use of code to help disguise its presence on networks. Uncovering Tycoon Ransomware Discovered by researchers and security analysts at Blackberry and KPMG, Tycoon is quite unusual compared to other ransomware. Utilizing Java, Tycoon deploys using Java Runtime Environment (JRE) and compiles itself into a Java image file (Jimage) to hide its malicious payload. What Tycoon Does The ransomware infiltrates a network using unsecured internet-facing remote desktop protocol (RDP) servers. When the system is compromised, antivirus solutions are rendered useless due to Tycoon’s ability to elevate its privileges and disable them. Once executed, Tycoon ransomware encrypts all files connected with the network, adding filename extensions such as .redrum, .grinch, and .thanos. Like other ransomware, once all files are encrypted, users are prompted to pay a ransom (in the form of bitcoin) to obtain their data back safely. Staying Safe RDP is a common way for many malicious attack campaigns to infiltrate networks. Ports should only face outward towards the internet for extreme cases, and users accessing these ports should have strong, unique passwords. Regularly updating your system’s security is another good way to ensure your network remains safe. Regularly backing up your network and storing those backups offsite or off the network is another crucial step to take. Should the worst case scenario happen, a backup will save you time and money. Worried your network may be compromised or at risk to attackers? Wondering when the last time you backed up your network was? Hammett Technologies can take care of all your business’s technological needs without the headache. Give us a call and secure your data today!
When you get a bill in the mail, many of us think little of it and pay the amount due without reading too much into it. However, scammers do not only exist virtually, but they also claim victims in reality. Whenever you are asked to send money or pay something, you must read carefully, and if anything suspicious sticks out, you must use extreme caution. Consider calling the company that is listed on the letter or email to confirm the bill is legitimate and avoid being scammed. For example, take this fake I.R.S bill: Scammers will attempt to steal your money any way they can, but there are usually ways to tell the real letters from the fakes. Pay close attention to the wording used and if something causes concerns, call the company who issues you the mail immediately. It has been said that the I.R.S will never call or email to obtain money, but it will send letters. Until recently, this method has worked to avoid scammers for the most part. Obviously this has now changed, and scammers have begun sending fake correspondence demanding money from people. It is easy for I.R.S employees to spot the differences in the letters being sent, but for the average individual, it is not. Therefore, consider reading the I.R.S’s post about how to avoid scams! They outline several helpful tips that will help prevent you from becoming a victim!
After the death of Iran’s General Qassem Solelmani, the United States may end up dealing with some serious cyber-attacks. Since 1984, the United States has recognized Iran as a nation that supports terrorism and terrorist organizations, which has led to previous conflicts between the two nations. However, after the recent assassination of General Qassem Solelmani, the United States may face fierce retaliation. We have already seen government sites become hacked and defaced with Pro-Iran propaganda. Therefore, while we are unsure which shape their “revenge” will take, it is important that all US citizens prepare for all aspects, especially cyber. The Department of Homeland Security has issued the following statement urging US citizens to be cautious when browsing online over the next couple of weeks. Many of us are aware of the basics when it comes to browsing online safely, but it is important to review. Be cautious of suspicious emails It is better to be safe than sorry. Do not download any attachments, or click any links, from emails unless you are 100% certain the email originated from a trusted sender. Be aware of suspicious websites If a website seems off or is asking for your credentials where it has not before, close the browser and attempt to navigate to the proper website. Fraudulent banking websites are extremely common and usually appear due to simple typos. For businesses, make sure your cybersecurity team has your network locked down and protected against cyber-attacks. It is extremely important that one’s network is protected at all times. This is especially important if you are a business that transports customer confidential data or uses credit card transactions. If you are worried that your business’s network may be easily accessible by criminals, do not hesitate to reach out to Hammett Technologies. With over 20 years of IT and Cybersecurity experience we will help identify flaws that allow attackers to enter your network ensuring your network is protected. Our team will ensure your company’s and customer’s data is secure and encrypted, without interrupting the day to day processes. Contact us today and figure out why we are the #1 growing MSP in Maryland!
User’s of Facebook have had the contact information exposed after a major data breach occurred. For two weeks, Facebook left the user’s information unsecured on the web, leading to a massive data breach that security researchers believe has affected nearly 267 million Facebook users. Bob Diachenko, along with Comparitech, worked together to uncover the leaked database. Upon its discovery on a hacker forum, Diachenko informed the Internet Service Provider (ISP) managing the IP address of the server. However, user information such as phone numbers and names were left online, at the latest, until December 19th of this year. From what was found on the database, most of the users are from the United States, and it is believed that the information will be used for a mass phishing campaign vis SMS. Staying Safe If you receive an unsolicited text message, the best course of action is to not respond, even if the sender knows some information about you. If you want to minimize the risk of your information being exposed to the public, Facebook does allow users to opt-out via privacy settings. After logging into Facebook: Navigate to Settings Select Privacy Set all fields to “Only Me” or “Friends” Set “Do you want search engines outside of Facebook to link to your profile” to “No” While this will not protect against data breaches, but it will add some extra protection to your Facebook account, making it more difficult for criminals to gain access to your personal information. Although, the only way to be completely sure you are unaffected by Facebook data breaches is to completely delete your Facebook account. If you have any questions on concerns, please do not hesitate to reach out to us! We are experts in cybersecurity and understand how important it is to make sure that all personal and business-related information is secure. To learn more about what Hammett Technologies can do to support your business, visit the What We Do page!