Ready to get started? Give us a call! 855-290-5483

Dillon Fornaro

Zero-Day Vulnerabilities – What They Are and How to Protect Yourself

Before discussing how you can protect yourself and your organization from Zero-Day vulnerabilities, it’s helpful to understand the term vulnerability as used in the cybersecurity industry. The National Institute of Standards and Technology, commonly referred to as NIST, defines vulnerability as “Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.” So, anything that threat actors can exploit in your environment is considered a vulnerability, even employees. 

What is a Zero-Day Vulnerability?

Zero-Day vulnerabilities are vulnerabilities in software actively being exploited in the wild but have not yet been disclosed to the software developer, or a patch has not yet been provided to fix the issue. These vulnerabilities are usually kept secret by threat actors and sold on the Dark web for a hefty price. Depending on how much damage this exploit would cause, they can be sold for thousands and even millions of dollars. 

If, at first, Zero Day vulnerabilities are widely undiscovered, how are they initially found? That’s a great question! There are many different ways that Zero Day vulnerabilities are uncovered, but some of the more common tactics are Threat Research and Vulnerability Disclosure Programs (VDPs). Not all Zero-Day vulnerabilities are found by malicious actors. There are legitimate organizations whose sole purpose is to research threat indicators in the wild and correlate them to potential vulnerabilities in the software being exploited. After confirming or even potentially confirming that a vulnerability exists, they would then reach out to the software vendor in question and disclose this information. This is usually done by following the organization’s Vulnerability Disclosure Program (VDP). These programs are designed to encourage Threat Researchers to come forth as well as anyone else who may have information regarding vulnerabilities in a software product. Most of these programs offer a monetary reward, and just like selling on the Dark web, the amount paid is substantial. These programs aren’t always available, but more organizations are adopting this tactic to fight back against the cybercrime industry. There has even been legislation adopted to push companies toward creating their own VDP. If you ever notice a software bug that you can replicate, it’s worth reporting it. You may just end up with some money in your pocket!

Protecting Your Business From Zero-Day Vulnerabilities

Unfortunately, due to the nature of the threat, we can only mitigate the risk, not completely eliminate it. But don’t worry; implementing the proper controls, processes, and procedures can significantly reduce the risk of compromise. The first step in protecting your business from Zero-Day vulnerabilities and attacks is simple patch management. Your company’s IT provider should be on top of issuing the latest updates to all of your software. Whether it’s your line of business application(s) or your computers’ operating systems, applying the latest security patches is crucial. The process for managing these updates to your company’s software should be written down in its own policy and, if possible, automated. 

Another way to protect yourself against these threats is even easier than patch management – you need to be aware of what’s going on. Researching the latest threat trends and keeping yourself up to date about active exploits will provide you with the information needed to proactively patch your systems or isolate that specific software inside your network. I recommend subscribing to a security newsletter if you aren’t actively working in the Cybersecurity industry where threat research is a part of your job. On another note, while vulnerability scanning won’t necessarily provide you with insight on Zero-Day vulnerabilities affecting your network, it does give you a clearer picture of the threat landscape of your environment. More visibility offers you greater control, and greater control gives you better protection. 

Last but not least, start depreciating your legacy software. Any applications that are no longer supported by the vendor won’t be receiving further security updates. It is extremely risky to continue utilizing end-of-life (EOL) software inside your environment, so it’s crucial to move away from these solutions as soon as possible. If your business is dependent on a product that’s in EOL and depreciating in a timely manner is not feasible, be sure to isolate any devices that contain the software from other areas of your network. Doing this will aid in preventing either malware or threat actors from moving laterally across your network in the event of a compromise. 

Vulnerabilities can be scary, especially when Zero-Days are thrown into the mix. However, with the proper security controls, processes, and procedures, you can significantly mitigate the risk to your business. If you would like to learn more about how Kite Technology’s Managed IT and Security Services can better secure your organization, please reach out to schedule a conversation. We would welcome the opportunity to discuss your company’s IT and security needs and help you develop a plan to improve your performance and security posture. 

Dillon Fornaro

Dillon Fornaro

Security Engineer
Kite Technology Group

Steps to Improve Your Security in Light of Russian Cyber Threats

As news of Russian forces launching an attack on Ukraine hit the headlines on February 24th, it is vital that you keep security top-of-mind as the risk of cyber attacks and state-sponsored advanced persistent threats (APTs) is increasing substantially. We urge everyone to take steps to improve their security posture and stay extra vigilant.

Here at KiteTech, we persistently monitor new and ongoing cyber security risks like this and develop a plan of action to ensure that our clients’ resources and data are fully protected. Below is a list of recommendations for security services that are vital in protecting your business from cyber threats. 

Security Services That Protect Your Business

Multi-Factor Authentication

If we had to make a single recommendation for protecting your online accounts, it would be multi-factor authentication (MFA). Not only confirming this is turned on for your business, but ensuring your personal accounts are protected behind MFA as well.

Security Awareness Training

While industry standard security products are critical to protecting your organization, end users will always be your greatest risk. It’s crucial that you require employees to complete their annual security awareness training.

Antivirus/Endpoint Detection and Response (EDR)

Keeping antivirus signatures up to date is essential to protecting against known malware. Automatic updates should always be enabled for these products.

Geo-IP/Geolocation Filtering

Restricting access to accounts based on location has proven to be a very successful way of mitigating threats. While there are ways to circumvent these restrictions, its use in protecting against automated attacks is considerable. We encourage adopting this when available.

Cybersecurity Tips for End-Users

Now is the time to build a stronger line of defense against increasingly sophisticated cyber threats. Below are steps that end-users can take to ramp up their security practices.

  • Make sure MFA is turned on for all eligible accounts and working properly (can’t emphasize this one enough).
  • Keep an eye on your finances. Check for suspicious transactions and set up credit monitoring alerts.
  • If you have any backup emails or phone numbers tied to an account for recovery purposes, make sure they are updated with relevant information and MFA if applicable.
  • Utilize websites such as haveibeenpwned.com to check for compromised passwords. We have a subscription to ID Agent’s DarkwebID which features a live search function to check for password compromise tied to an email address. If you would like access to that, let me know.
  • If you aren’t using a password manager, I highly recommend moving towards the migration. It can be a lot of work, and some may be skeptical having all your passwords in once place, but the security features outweigh the risk. Some examples of password managers are LastPass and Dashlane.
  • Be wary of approving logins on the Microsoft Authenticator app. If you didn’t initialize authentication, deny the approval.
  • Take your time when reviewing emails with urgent or suspicious requests. Reach out to that person directly to validate. To those who may not be as tech savvy as others, don’t hesitate to ask for help. You’re not a burden for doing so whatsoever.
  • Be careful with what apps you allow to have access to what data, and consider only accepting necessary cookies for websites.
  • Make sure shared accounts are limited and all passwords for those are complex.
  • Be careful with pre-filling passwords, many websites don’t properly encrypt those and they have been common targets for keyloggers.
  • Most importantly, be extra cautious. Even with all the security controls out there, you as the end user will always have the keys to the castle.

It is more important than ever to make it a priority to improve your organization’s cybersecurity practices and train your employees to stay conscious of any suspicious activity. If you notice anything questionable, reach out to KiteTech immediately so we can investigate.

If you are not currently working with KiteTechnology and would like to learn more about our Managed IT and Security Services, please reach out and schedule a conversation. We are here to help!

Dillon Fornaro

Dillon Fornaro

Security Engineer
Kite Technology Group

Preventing Mobile Cyber Attacks

Did you know that 40% of all mobile devices are vulnerable to cyber-attacks and exploits? 

As smartphones and tablets become increasingly common in the workplace, hackers aren’t necessarily just using your device to infect it with malware, but also to infect devices on the same network as you. 

In this post, we share a few helpful tips to help you stay secure when using your mobile devices.  

Apps

Applications are the lifeblood of a smartphone. However, not all are created equal. Make sure you are only installing apps that are available through your dedicated App Store. Depending on your device, this would either be Google Play for Android or Apple App Store for iPhones.

Wi-Fi

Set your applications to automatically update to ensure they have the latest security. If your wireless carrier is limiting the amount of data you are allowed to use on a monthly basis, consider turning on the feature that will only update your applications if you are connected to Wi-Fi. You can even set a schedule for when you know you’ll be home.

Browsers

The browser on your smartphone works the same way as it would on a desktop PC or a laptop. You should never save a username or password inside of a browser. If you are someone that is juggling a lot of different accounts like a lot of people today, consider using a password manager. 

Pay close attention to URLs. Just like when you’re browsing the web on a laptop or desktop, you always want to make sure that you’re on the correct site before inserting any information. 

Bluetooth

Bluetooth is a pretty simplified connection method. However, there are still ways to secure yourself from attacks associated with it. Turning off automatic Bluetooth pairing is an effortless way to prevent someone from illegitimately accessing your device. Also, if you’re not using Bluetooth, it is best to just turn it off completely. This will help protect from unwanted connections.

Vishing (voice phishing)

Spam calls are becoming extremely common on a day-to-day basis. How do we protect ourselves from people pretending to be someone they aren’t? Make sure you do not reveal any personal information over the phone unless you are absolutely sure who that person is. If you are hesitant, it is best to just hang up and call the direct number of the company or person in question. Also, be wary of urgency as scammers will try tricking you into thinking that this must happen now. I can assure you it doesn’t. 

Smishing (phishing via SMS)

Text messaging is becoming the most popular communication method between individuals. This just means that more people will start using this form of communication for malicious intent. Never click links or respond. The messages sent from unknown recipients always go directly to the source. Also, standard text messages are not encrypted if nonpublic information is being requestedit is best to use another form of communication to provide these details. 

I hope that these quick tips on mobile device security have been helpful. Remember, it is important to stay just as vigilant on your mobile devices as you are on your desktop PC.

If you would like to learn more about our Managed IT and Cybersecurity Services, please feel free to reach out. We would be happy to schedule a complimentary consultation to learn how we can help you operate more securely and meet compliance regulations.

Dillon Fornaro

Dillon Fornaro

Security Engineer
Kite Technology Group

Top 3 Security Threats Related to a Remote Workforce

With so many businesses still having a distributed workforce, it is important to prioritize computer and network security.  While there are various security threats associated with employees working remotely, today, I will be focusing on the top 3 threats that you should be aware of and address to ensure that your employees and business are secure.

Home Networks

One of the main security risks of a remote workforce is the possibility of unsecured home networks. Did you know that according to PC Magazine, in a study of 2000 US residents, 23% of people reported that they are using default credentials on their router/modem, and 11% were not even sure of what their credentials are? That is very concerning with the number of cyber threats that are out there. Most home networks are set up by a local ISP and use a modem/router to provide WiFi. These home networks are often set up by a technician whose focus is function, but not necessarily security. Therefore, your network traffic may be open for anyone to snoop on without your knowledge. The best way to protect that data is to encrypt all non-public information you and your company send over the wire. This would require the use of a VPN (virtual private network). With the proper configuration of a VPN, your data will be encrypted in transit and unreadable to those who may be listening. To make sure you have a secure home connection, you will want to make sure that:

  1. You have encryption set up with a VPN to protect corporate data.
  2. Your WiFi has a secure password associated with it.
  3. Default credentials on all network devices are changed.

These three steps go a long way to ensure you have a secure home connection better defended from hackers with malicious intent.

Personal Computer Equipment

When the rapid shift to remote work took place last year, many employees started using their home PC to access company data and perform their business functions. While it is crucial to ensure that the devices in an environment that allow data to flow through the network are locked down, the machine that holds all your data- the PC, will be a hacker’s biggest target. According to Forbes.com, in a recent study, “56% of people were unable to bring equipment from their employer to work from home” and “a third admit to personally purchasing equipment to help them work remotely during COVID-19.”  That is an extremely high number of personal devices, considering how many people are still working remotely.  Furthermore, home PCs are often shared with children or significant others, further increasing your cyber risk. It is vital to your company’s security that remote employees use company-managed PCs or laptops. It takes the management out of the users’ hands and provides a higher level of security while handling the company’s data.

Cell phones and mobile devices are another component that need security when being used for company email and accessing files. Make sure your infrastructure management includes a plan for keeping these devices protected.

Security Updates

According to bleepingcomputer.com, “based on a sample size of 163 million computers, 55% of all programs installed on personal computers running Windows are outdated.” Whether it is a firmware update for your hardware or a software update for your line-of-business application, this is something that the typical end-user often does not take the time to do. What can you do about it? Turn on automatic updates. This can go a long way in ensuring that updates are installed, and personal devices remain secure. While many of the software companies’ releases may be feature updates, you will also get vital security updates that help prevent exploitation of vulnerabilities in the system. This brings me back to having company-provided hardware.  When your company provides and manages home devices, your IT department can manage, audit and ensure that updates are promptly and correctly installed, which will go a long way in protecting your company’s data. Keep your devices up to date!

These are just a few of the security risks associated with a remote workforce. Unfortunately, there are many more threats to consider as malicious actors continuously search for opportunities to access your company’s data. It is essential to keep security top of mind and continue strengthening your security posture. There are many resources out there that can help you evaluate your current environment and provide recommendations for improving your security standards. We at Kite Technology can be that resource and can help you identify vulnerabilities and provide the tools, like cloud solutions, you need to eliminate them. Contact us today to learn more.

https://www.pcmag.com/news/survey-shows-many-home-networks-are-insecure

https://www.forbes.com/sites/chriswestfall/2020/08/25/statistics-show-remote-workers-are-frustrated-many-still-unprepared-for-working-from-home/?sh=403987c848b3

https://www.bleepingcomputer.com/news/security/outdated-software-exposes-pc-users-to-security-risks-says-report/ 

adam atwell

Adam Atwell

Cloud solutions architect

Adam is passionate about consulting with organizations across the country to help them develop and execute a cloud adoption strategy that meets their business needs and future objectives. Adam oversees and manages our company strategy for Microsoft 365 adoption and is responsible for future growth and development inside Microsoft 365 and other cloud technologies.