Invincia Blog

Author: Invincia Technologies

  • Change your current IT provider with ease

    Invincia Technologies Special Offer Change your IT/MSP Provider

    frustrated Your managed IT service provider just isn’t cutting it anymore and has left you frustrated and wondering, “How can I switch Managed IT Service providers so that my business won’t have to suffer any longer?”

    Switching IT support provider is not a decision to be taken lightly but it is often a decision born from necessity rather than from choice.

     

    • Are you tired of the lack of focus on customer service from you current IT provider?
    • Are you tired of being nickeled and dimed for services?
    • Fed up with overly-complicated invoicing?
    • Have you lost data due to your provider’s breached network? Loss of productivity and extended down-time?
    • Are you sick of talking to a new employee every time you have to call in for support?
    • Being sold on equipment you don’t want or need?
    • But it’s such a pain to move and can get very expensive?!?!?!?

    We get it. We’ve been there. But wait….

    Invincia Technologies is offering you a golden opportunity to ditch your current IT and/or Managed Services Provider for good.

    For a limited time, we are proud to announce that, we will waive all on-boarding and migration costs AND decrease your monthly bill for similar services by at least 15% !

    If you’ve been wanting out but didn’t know how, do NOT let this opportunity pass you by. Let the professionals at Invincia Technologies show you how outsourced IT and data-center services are supposed to be run. By placing YOU, the customer, at the center of the relationship.

    Whether you’re new to managed IT services, or wondering how you can switch providers, so the IT of your business is in better hands, we’ve got you covered!

    We look forward to showing you the Invincia Technologies service difference.
    Call us TODAY!!!

    (727) 674-1455 Option 5

  • Coming to terms with COVID security reality

    survey of more than 1,100 American workers conducted by PwC suggests the divide between cybersecurity teams and the end-users they are trying to protect has only widened in the wake of the COVID-19 pandemic.

    While most cybersecurity and IT leaders have increased access to cybersecurity training since the bulk of employees suddenly began working from home in March, only 30 percent of employees said their employer trained them on to secure data, and only 23 percent said their company provided a compelling case for why employees need to have good data security habits.

    Well over a third of respondents (39%) said they find it burdensome and restrictive to comply with all the security guidelines of their organization. Less than a third, however, also said they are required to authenticate their identity to access corporate networks/data (31%).

    Less than a third (29%) also said their employer provided devices so they could work outside the office without having to employ their personal devices. In addition, more than half (51%) of the Millennials and 45 percent of so-called Gen Zers admitted they use applications on their work devices that their employer has expressly prohibited.

    Perhaps most troubling of all, though, only just over a quarter (26%) of respondents strongly agree that they can escalate a security incident they may have caused without fear of reprisal.

    Increased cybersecurity challenges

    Cybercriminals have apparently taken note of reckless employee behavior. A global survey of 1,000 CXOs conducted by Tanium, a provider of endpoint management and security tools, find 90 percent have seen an increase in cyberattacks due to the pandemic. The most common of these were attacks involved data exposure (38%), business email or transaction fraud (37%), and phishing (35%).

    A full 98 percent of respondents said they experienced security challenges within the first two months of the pandemic. The top three challenges identified are new personal computing devices (27%); overwhelmed IT capacity due to virtual private network (VPN) requirements (22%); and increased security risks involving video conferencing (20%).

    A full 88 percent of respondents also had trouble patching systems, with 43 percent specifically citing difficulties patching personal devices belonging to workers. Just over a quarter (26%) admit they effectively side-lined patching systems at a time when Microsoft alone released more than 100 fixes on successive Patch Tuesdays.

    Preparing for an extended battle

    While most IT teams are to be applauded for enabling a mass transition to working from home in a matter of a few days, it’s clear that from end-user training to zero-trust architecture there are lots of cybersecurity issues that need to be addressed. Many organizations assumed the COVID-19 pandemic would be roughly equivalent to an extended blizzard that would shut down the office for a few weeks. Increasingly, it’s looking like combating the COVID-19 pandemic will be an extended battle that requires fundamentally new approaches to how IT is delivered and secured.

    Naturally, each organization always will need to decide just what the right level of business risk should be given the sensitivity of the data that needs to be protected. However, organizations are being presented with a unique opportunity to approach cybersecurity with a blank piece of paper that should not be wasted.

    _______________

    Re posted with permission from: https://blog.barracuda.com/2020/08/03/coming-to-terms-with-covid-security-reality/

    Written by:

     

  • Adjusting to the New Normal

    Adjusting to the New Normal is the Only Way to Success

    As remote working becomes a norm, creating a digital workspace that empowers employees to work with agility and resiliency has become extremely critical. From enabling access to centralized resources from a greater range of devices to allowing seamless, real-time communication across departments, streamlining the file sharing and document management process, to paving the way for collaborative teamwork – organizations need to support their mobile workforce holistically.

    COVID-19 has completely changed how businesses operate and its impact will be visible for a long time. What’s important is for organizations to adjust to this new way of working and drive efforts in ensuring productivity of the mobile workforce.

    Digital Security While Working Remotely

    Companies of all sizes are under attack. Meanwhile, remote work has become a necessity for modern organizations.

    Remote work presents a unique challenge for information security because remote work environments don’t usually have the same safeguards as in the office. When an employee is at the office, they are working behind layers of preventive security controls. While not perfect, it is harder to make a security mistake while at the office. However, when computers leave the perimeter and people work remote, new risks arise for the company and additional security policies are essential.

    These are the top remote work security issues businesses should be wary of.

    • Managing Devices and Employees
    • Insecure Passwords
    • Phishing Emails
    • Using Unsecured Personal Devices & Networks
    • Video Attacks
    • Weak Backup & Recovery Systems

    Users can  become complacent about  cybersecurity practices. They often assume your company’s IT department takes responsibility for protecting them even outside of the office.

    Enhance Your Organization’s Cybersecurity with Invincia’s Managed IT Security Services

    Cybersecurity for remote workers requires constant vigilance. If you’re nervous about your current remote security policies, give us a call. We’ll assess and implement the precautions necessary to ensure your remote employees can work safely and productively.

    At Invincia, we’re committed to excellent customer service and continuously strive to exceed your expectations. Our certified engineers are dedicated to solving your business challenges – 24 hours a day, seven days a week.

    Contact us today to chat about how our managed IT support services can help build your future securely.

  • How MSPs are supporting clients during the COVID-19 pandemic

    The COVID-19 pandemic and the sweeping shutdowns to contain the spread of the virus brought about significant impacts on businesses. Many small companies realized they lacked the resources to rapidly adopt a remote work setup and tapped their IT partners to help address their technology demands. Here’s how managed IT services providers (MSPs) are rising to the challenge.

    Providing infrastructure and service desk capabilities

    In today’s digital work landscape, MSPs are keeping their noses to the grindstone to fulfill customer demands and help keep businesses running. While many small companies have taken the first step of transitioning to remote work, they still need help managing the logistics.

    Right now, MSPs are providing customers with IT infrastructures and taking on a host of network tasks, including configuring hardware, establishing remote connections, and managing backup and storage options, among other activities. These all help to ensure that company networks are reliable enough to facilitate a remote workforce.

    MSPs are also offering service desk capabilities, providing companies with a centralized resource for employees, customers, and business partners to answer questions, troubleshoot problems, and facilitate solutions. Appropriate and timely support is crucial, especially in times of great uncertainty.

    Simplifying cloud adoption

    Cloud solutions are ideal if IT environments must be quickly modified to meet changing demands or difficulties, which is why MSPs are now helping businesses leverage a variety of cloud technologies and even move their data and applications online.

    And because cloud migration can get complex, many MSPs are also offering managed migration plans that help companies transition key workflows and processes to the cloud safely and efficiently.

    Offering remote support where possible

    The current travel restrictions and social distancing measures make work-related travel difficult and risky. And with highly distributed workforces, many companies would rather source local service technicians for break/fix assistance, cabling, and other IT solutions.

    Partnering with MSPs ensures that systems and networks are protected all the time and critical support is provided within 24 hours. What’s even better is that some providers have technicians in different locations, making it easy to provide tools, resources, and support even in hard-to-reach areas.

    Delivering flexible solutions

    As business needs continue to shift, MSPs must move in lockstep and provide support wherever they can. Here are some other ways MSPs are helping their clients navigate these trying times:

    Assisting with IT projects
    Because of how broad and challenging IT projects can be, it’s not uncommon for companies to lack the right skills and resources to handle them. MSPs are helping them by providing the expertise and technologies needed to pursue these projects, allowing companies to keep moving forward.

    Foregoing long-term contracts
    Some companies need IT support and services but can’t afford to commit to long-term contracts. Similarly, some want to augment their IT only for the duration of the COVID-19 pandemic. What’s great is many MSPs are providing flexible IT solutions, giving customers all the services and support they need, when they need them.

    Offering faster response times
    Especially now that downtime could likely spell the end of a business, companies seek quick turnaround times. Since MSPs typically offer 24/7 support and tout specialists with a wide range of experience and knowledge, they can proactively address issues and ensure that IT infrastructures are working as efficiently as possible.

    Providing better customer service

    As many businesses are still adjusting to the new normal, providing positive customer experiences will go a long way to earning trust and ensuring customer loyalty post-crisis. By being compassionate and empathetic to the situations of their customers, MSPs are showing companies that they’re navigating these trying times together.

    Call our IT experts today to help configure the perfect remote work setup for your business (727) 674-1455

     

    Published with permission from our partner, INFIMA Cyber Security. Blog Link

  • Hackers Hit By Pandemic, Start Auctioning Data

    Cybercriminal businesses have seen a hit from the weakened economy. In response, they’re further morphing tactics to extract money.

    Times are tough.

    Cybercriminals are getting creative.

    We’ve seen several stories of Ransomware groups releasing stolen data to force ransom payment (like here). Some have even formed a cartel to expand reach and revenue (like here). Now, they’ve added a new line of revenue from victim data.

    The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software.

    Many Ransomed organizations are either unwilling or unable to pay Ransom demands. This could be in following law enforcement guidance or they simply don’t have the funds in this tough economy. Unfortunately, this has consequences.

    “The problem is a lot of victim companies just don’t have the money [to pay ransom demands] right now.”

    When ransom demands aren’t met, the REvil team is now exacting their tolls via data auctions.

    Experts say the auction is a sign that ransomware groups may be feeling the financial pinch from the current economic crisis, and are looking for new ways to extract value from victims

    On the block in their first auction, the REvil team is selling data from a Canadian agricultural producer who has reportedly not paid their Ransom demand.

    The victim firm’s auction page says a successful bidder will get three databases and more than 22,000 files stolen from the agricultural company.

    Cybercriminals have been printing money (figuratively) through these attacks, and they don’t seem to be stopping.

    “Others are now charging a fee not only for the ransomware decryptor, but also a fee to delete the victim’s data. So it’s a double vig.”

    This is yet another dark turn in the Ransomware game. As much as we don’t want to admit it, these criminals are crafty and smart.

    It’s time to protect your team and your assets from these attacks.

    Are you ready to take action?
    You already have a lot on your plate, so we make it easy. Find out how to protect your team with Invincia’s Automated Security Awareness platform.

    To get a quote, set up a call with our team here!

    Original article here.
    [https://krebsonsecurity.com/2020/06/revil-ransomware-gang-starts-auctioning-victim-data/]

  • Office 365 Phishing Attack Targets WFH

    Hackers keep abusing WFH confusion. This time focused on VPNs.

    With many employees working from home, VPNs (virtual private networks) have become widely used for WFH security. And they should be! It’s an important layer of security for any remote work environment.

    As we’ve seen recently, hackers are creating and exploiting pandemic confusion for their profit (just like here and here). A new Phishing attack warns users to urgently update VPN configurations. The email impersonates the victim’s IT department with a link to a spoofed Office 365 login page.

    The attackers are spoofing the sender email address to match the domains of their targets’ organizations and embed hyperlinks that send them to phishing landing sites designed to steal their Office 365 credentials.

    The hackers are spoofing the victim’s domain in the sender email address. This can provide a false sense of security to the user and increase the likelihood of taking the bait.

    These attacks could have a high rate of success in tricking potential victims since many recipients might click through and log into their Office 365 accounts to avoid losing remote access to company servers and resources.

    Once the user clicks the link, they’re sent to a landing page that looks exactly like a legitimate Office 365 login. The attackers exploit Microsoft’s Azure Blob Storage, making the URL look safe.

    The landing page is a cloned Office 365 login page hosted on the Microsoft-owned web.core.windows.net domain by abusing the Azure Blob Storage and it comes with a valid Microsoft certificate.

    Hackers keep improving spoofing tactics, making attacks harder to recognize. It is up to every organization to take action to arm their people with the safe online behaviors and tools to protect their networks and data.

    Are you ready to take action?
    Find out how to protect your team with INFIMA’s Automated Security Awareness platform.

    To get a quote, set up a call with our team here!

    Original article here.

  • Lady Gaga & Springsteen’s Law Firm Hacked

    Attackers compromised a law firm, stealing a huge trove of data on A-List celebs.

    The media & entertainment law firm of Grubman Shire Meiselas & Sacks suffered a vicious cyber attack.  The 756GB in stolen files appears to contain data on dozens of high profile celebs, also including Mariah Carey, Cam Newton and John Oliver.

    The ransomware attack was perpetrated by a group called “REvil,” also known as “Sodinokibi.”

    The REvil group has its own A-List of previous attacks, including Travelex and Brooks International. A hallmark of their attacks includes stealing data before ransoming the organization.

    “Cybercriminals use the threat of releasing the stolen data as leverage to extort payment.”

    In this case, the compromised data could be very valuable to the law firm and, in turn, the attackers.

    “The trove of data allegedly stolen includes contracts, nondisclosure agreements, phone numbers and email addresses, and “personal correspondence.

    To prove their case, the hackers posted snippets of the stolen data on a dark web forum. This is very similar to this attack on a Texas law firm earlier this year.

    The attacks on law firms will continue. They hold tons of sensitive data, and cyber criminals know it. As always, they will go after the softest targets.

    Are you ready to take action?
    Start with booking quick call to learn how Invincia’s Managed IT Security can help your company.

    To learn more, set up a call with our (non-pushy) team here!

    Original article here.
    [https://variety.com/2020/digital/news/entertainment-law-firm-hacked-data-breach-lady-gaga-madonna-bruce-springsteen-1234602737/]

  • COVID-19 fraud: companies face new phishing attacks

    As Coronavirus COVID-19 makes its way across the world, individuals are doing their best to stay up-to-date on the latest outbreak locations and confirmed cases. Hackers have created new attacks based on the public interest in this virus.

    One of the most common attacks is an email impersonation attack. In this attack, the criminal impersonates organizations like the UN World Health Organization (WHO) and the US Centers for Disease Control and Prevention (CDC) to trick users into opening a malicious email. Multiple government organizations have issued warnings against these attacks.

    Email scams always follow the headlines

    It’s not unusual for hackers to monetize on tragedies like hurricanes and other disasters. Most of these scams are designed to do some variation of the following:

    • Infect the user device and spread malware
    • Steal login credentials by way of a phishing site or other phishing mechanism
    • Collect donations for fake charities through malicious websites

    The current pandemic has given scammers all those opportunities and more:

    Email scammers will continue to find new ways to take advantage of the Coronavirus COVID-19 pandemic. If you have the proper email protection in place and you know what to watch out for, you can protect yourself from these email attacks.

    Spreading the infection

    There has been a real surge in the registration of new domains that use the word ‘coronavirus.’ Some of these will be put to a good use, but many will be used by hackers for malicious purposes. These malicious websites might appear to offer news or advice on coronavirus outbreak but are being used for phishing or to spread malware. Email impersonation scams often include links to this type of site.

    Email impersonation attacks

    Over the past few weeks, we have seen a number of attacks impersonating the World Health Organization. These phishing emails appear to come from WHO with information on Coronavirus COVID-19. They often use domain spoofing tactics to trick users into thinking these messages are legitimate.

    These email impersonation attacks will include a link in the body of the email.  Users who click on that link are taken to a newly registered phishing website.

    Remote work and increased risk

    As a preventative measure against the spread of Coronavirus COVID-19, many organizations are asking employees to work remotely from home until further notice. These remote workers may rely on email for communication with other employees as well as updates on workplace location and other issues related to the outbreak. This puts users in a state of expectation for email messages from HR or upper management on the subject of the virus. This expectation creates an increased risk for the company because the user is more likely to accidentally open a malicious email if they are expecting a similar legitimate message.

    These factors, combined with the diminished ability to confirm the legitimacy of an email due to remote working is a perfect environment for email scams.

    Protecting your organization and employees

    There are several ways to protect your company and employees from email scams, and they are based on employee education and security technology:

    • Don’t click on links in email from sources you do not know; they may lead to malicious websites
    • Be wary of emails claiming to be from the CDC or WHO. Go directly to their websites for the latest information.
    • Pay special attention to email messages from internal departments or executives who sent regular updates on the outbreak. Domain and display name spoofing are some of the most common techniques used.
    • Never give personal information or login details in response to an email request. This is how a phishing attack leads to business email compromise.
    • All malicious emails and attacks should be immediately reported to IT departments for investigation and remediation.
    • Ensure that your organization has reliable virus, malware, and anti-phishing protection.
    • Make sure employees receive up-to-date training on the latest phishing and social-engineering attacks.

    Criminals are always looking for new ways to exploit the latest tragedies. Keep up on the latest scams by following alerts from CISA and similar sites.

    Posted by  on 

    From: https://blog.barracudamsp.com

  • Cyber readiness starts with awareness

    News emerged in a new report last week that just 10% of European and US firms are “cyber ready”, despite surging attacks.

    The study from insurer Hiscox — which spanned the UK, US, Germany, Belgium France, Spain, and the Netherlands — should be something of a wake-up call for IT and cybersecurity leaders. SMEs, in particular, are said to be in the firing line.

    Although technical controls certainly play their part in helping to mitigate risk and improve preparedness, the report revealed that cultural changes and a more proactive approach to training are equally important. Perhaps it’s time for the security industry, in general, to take a more holistic approach to threat prevention that’s not so solution-centric.

    Attacks soar in 2018

    The percentage of firms classed as “experts” in cyber-readiness actually dropped from 11% last year. Yet the threats facing them have never been more pronounced: 61% reported an attack over the past year, up from less than half (45%) the year before. The figure rose even higher in France (67%) and Belgium (71%). The frequency of attacks has also increased, as has their cost: up 61% from $229,000 last year to $369,000 in this year’s report, with medium and large firms bearing most of the financial impact.

    According to an FBI report also out last week, total losses from global complaints to the Bureau’s Internet Crime Complaint Center in 2018reached $2.7bn, with nearly half ($1.3bn) coming from Business Email Compromise attacks. Ransomware losses also surged, from $2.3m to $3.6m, although many more attacks go unreported.

    Read the full article here

  • Proud Sponsors of The Association of Legal Administrators

    Invincia Technologies is proud to sponsor the ALA Central Florida Chapter’s signature event, the Business Partner Showcase.

    Invincia’s executive team, including Scott Dollar and Bill Rutherford, attended the event February 28th at the Tampa Bay History Center. They spent the day showcasing Invincia Technologies IT Serucity services and  networking with Tampa’s top legal administrators.

    The Association of Legal Administrators (ALA) was formed over 30 years ago to enhance the education of legal managers and promote the profession of legal administrators and functional specialists all over the world.

    Scott Dollar

    In 1981, a small group of local administrators formed the Suncoast Chapter ALA when the Chapter Charter was presented by Attorney Charlie Robinson at an inaugural meeting at a restaurant on Treasure Island, Florida. One of the early functions of the new Chapter was hosting the first Managing Partners Dinner in 1983 where Brad Hildebrandt, the original founder of the Association of Legal Administrators, was the guest speaker. Presently the Suncoast Chapter serves over 100 members that include a diverse group of managers and decision makers from the tri-county area of Hillsborough, Pinellas and Polk counties.

    The Association of Legal Administrators

    The goals of the Association are to provide personal and professional growth. At the local level the Chapter offers a wonderful networking opportunity for all members through an Internet Listserv that has become a great resource for instantaneous feedback regarding any problems or issues an administrator may face on a day-to-day basis. The Chapter produces a quarterly newsletter offering a wealth of information including upcoming events, relevant articles on human resources, information systems and technology, leadership, marketing, finance and motivation, as well as contact information for our local business partners. We also offer an annual educational conference developed by a committee of peers, Chapter lunch meetings, and hosted webinars. We encourage all members to utilize resources at the ALA regional and national levels by visiting the website www.alanet.org to explore the many benefits offered to legal administrators and functional specialists throughout the world.