KeePass Exploit Unveiled: Retrieving Master Passwords in Clear Text

Working from Home is a Hacker’s Dream

“Microsoft has found that 80% of Organizations Encounter an Increase in Security Threats Due to Remote Workers.”

No kidding. This seems pretty obvious but it also bears paying attention to. Covid broke up the control system that companies were starting to employ to lock down networks and endpoints that hackers were actively exploiting. The scenario for IT admins became nightmarish last winter when everyone went home with a work laptop and rushed to connect back to the mother ship remotely…

Research Shows…

Microsoft’s New Future of Work Report (subtitled Research from Microsoft into the Pandemic’s Impact on Work Practices) offers real insight into how businesses have changed the way they now work, what challenges exist, and what they’re doing to succeed. One of the topics within this 65-page report is a section on IT and Security where security professionals including SOC Analysts, security admins and CISOs were polled to understand how remote working has impacted the state of organizational security. Within this poll are some pretty alarming results:

  • 80% of organizations surveyed stated they encountered increased security threats since the switch to remote working.
  • 62% said phishing campaigns were the most increased security threat.
  • Shiny new collaboration tools were reported as the biggest threat to a company’s compliance posture by 45% of organizations polled.
  • 28% of compliance IT professionals reported that the biggest threat was an increase in the number of devices used by employees to access company data. 

One of the biggest issues IT faced, according to the report, was the lack of end-user security training.  For 37% of organizations, end users without security training are the single largest long-term threat.  If you still have many of your employees working remotely, putting Security Awareness Training in place is a key next step. This action will help close the security gaps that exist because of the shift to remote work.

When users DON’T catch an incoming threat…

We also recommend hardening your workstations using endpoint detection and response (EDR) tools to make sure that, if your users accidentally – or unwittingly – invite a bad actor in, the desktop environment is protected at that point, before an intrusion can get into the network. This intermediate step is another in the chain of protection necessary to stop the “barbarians at the gate”. The tools used to do this are new breed next-gen solutions designed to plant technical bird dogs in your workstation and can tell when things are just starting to go awry, allowing your systems to catch an issue early, before the cancer spreads and everyone is affected. EDR will also detect a virus’ persistent foothold (very sneaky…) in your PC and alert your IT team, allowing them to act.

Contact Beringer Today!

We see the workforce coming back to the office gradually, with the advent of vaccines and herd immunity. Be aware that it will still take an array of tools to mitigate the risks and protect the ongoing hybrid workplace.

Beringer is a huge proponent of security awareness training, endpoint detection and response, and other filters to stop attackers. It’s good to see both IT folks and concerned execs realizing the impact of a lack of security awareness training. It’s a real eye-opener to see the effect this deficiency can have on an organization’s security posture. Reach out to Beringer Technology Group today and ask about our Cyber Security Risk Assessment Solution.

Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution also provides expert Managed IT ServicesBackup and Disaster RecoveryCloud Based Computing, Email Security Implementation and Training,  Unified Communication Solutions, and Cybersecurity Risk Assessment.