A new unpatched Microsoft office vulnerability has been discovered by security researchers. The vulnerability, dubbed “Follina”, affects all versions of Microsoft Office from 2007 onwards. Follina tricks the system into downloading malware from a remote URL that is...
SpireTech Company News and Tips
Security
Cyber insurance costs on the rise
We’re starting to hear from clients and insurance brokers that cyber insurance costs are on the rise, in some cases up to 200%. Of course, this comes with insurers cracking down on IT controls – making sure their insureds are operating as securely as...
Why “app registrations” present a security risk to M365
Let’s start by describing what an app registration is: An app registration happens when you allow an external program to integrate with your Microsoft 365 tenant. A common example might be allowing a scheduling tool like Calendly to access your companies’...
FBI engages in white-hat hacking
An interesting development came to light recently wherein the FBI intervened on behalf of people who had not updated their watchguard firewalls and had gotten hacked by Russian threat actors. In a clandestine takedown operation cloaked by a federal warrant, FBI...
Client Security Journey
By now we hope that our clients understand that IT security is never “done”. It is a constantly evolving and maturing process involving additional tools, training, and knowledge. This image shows the journey many clients are on with us to improve and mature the...
Huntress Active Threat hunting now included
Moving forward in 2022 SpireTech VIPSupport managed services package renewals will have Huntress included in the base package. Huntress is specialized Managed Detection and response software backed by humans that looks for persistent footholds, backdoors, and other...
Cybersecurity researchers agree: Russia has increased hacking
Multiple cyber news sources and email protection vendors have warned of increased phish and spearphishing activity coming from Russian hackers since the attack on Ukraine. The strategies are largely the same as in the past: using phish emails or social...
You need Multi-factor Authentication
“Authentication” is the process of proving that you are who you say you are. Traditionally that's been done with a username and a password. Unfortunately, authenticating with a username/password alone is simply not good enough in today’s world. Usernames are often...
6 Ways Small Businesses Can Avoid Ransomware Attacks
During the course of the COVID-19 pandemic, cybercrime has seen an incredible 600% increase — and it’s not slowing down. This alarming trend means that proper cybersecurity implementation is more important than ever. A large number of these attacks are ransomware...
Five Essential Steps to Protecting Your Business
Cybersecurity threats are an ongoing issue for various industries from medical practices to architecture and engineering firms. Unfortunately, the consequences can often be disastrous, leading to breaches in confidential data or sensitive client information. These...