With the increased dependency on computers, smartphones and tablets, cyber security has gained considerable importance for business firms in Dallas, TX. Hackers are continually using viruses, spyware, phishing, malvertizing and other attack vectors to gain access to an organization’s sensitive information. Though implementing a cyber security policy is important, employees should also be proactive and comply with the company’s risk management strategy.

Listed below are some cyber security do’s and don’ts that need to be followed:

Do’s

• Follow Good Password Practices: Make sure you create strong and hard-to-guess passwords for all your official accounts. It should be of 6 to 10 characters comprising a combination of alphabets, numbers and symbols. Create different passwords for all your official accounts and do not share them with anyone.
• Stay Vigilant Against Phishing Scams: Do not open emails or download attachments you receive from unknown senders. Hackers often send spam emails, claiming to be from a legitimate source, with an aim of tricking users to execute a file or visit a fake URL. If you receive any such email, you must delete it and inform the IT division of your organization.
• Protect Your Information: Keep all the important data and files protected with regular backup on an external hard drive. Personal, financial as well as other sensitive information should be stored in an encrypted format. Thus, even in the event of a data breach, the hackers will not be able to decode the information.

Don’ts    

• Leave Your Computer Unlocked: You should lock your computer system whenever you leave your seat. This is important to make sure your files and email accounts are protected against unauthorized access.
• Download Unnecessary Software: Avoid downloading and installing unrequired software on your computer, particularly from third party sources. These may contain a malicious code to infect your system and can steal, modify or delete confidential information. Always download software that is licensed and released by legitimate vendors.
• Plug In Portable Devices: Do not plug in any removable media, such as hard disk, CD or pen drive, without the permission of the IT department. These devices may contain malware and infect your computer system upon connecting. Make sure you run a thorough scan to detect and remove any virus in these devices.

We, at Centex Technologies, provide cyber security solutions to business firms across Dallas, TX. For more information, feel free to call us at (972) 375 – 9654.

Considering the fact that an average user has to manage at least 4 to 5 online accounts, a lot of people end up setting the same or easy-to-remember passwords for all of them. The exasperation of remembering different passwords and ignorance about the consequences of a data breach are the main reasons behind a security attack. The ever increasing use of internet and poor password practices has created unlimited opportunities for the hackers to steal important data, tamper websites, gain access to financial information etc.

Listed below are some of the common types of password attacks:

• Brute Force Attack: In this attack, the hacker uses a computer program to try every possible password combination until the correct one is found. Using a list of some of the most common passwords, such as ‘123456’, ‘password’ or ‘Password1234’, the hacker attempts to gain access to the user’s account. Due to the endless combinations of letters, numbers and symbols, brute force attack may take a long time to be completed. 
• Guessing Game: This is another form of brute force attack that involves guessing a user’s password by trying the most obvious words, such as names of loved ones, pets, places, numbers, birth dates, phone numbers etc. Even combination passwords, such as ‘name123’ are quite trivial to guess.
• Keylogger Attack: It refers to a type of physical breach in which the hacker tracks the keystrokes to record the user name and password. Even a strong password or encrypted login credentials do not provide complete protection from this attack. Initially, the user may be tricked to install the keylogger software, either through phishing or in the form of a drive-by download. Whenever you login to your account, the software traces everything you have typed and transmits it to the hacker to gain easy access to your information.
• Intercepting: Passwords can also be captured when they are transmitted over the network in an unencrypted format. Packet sniffers and other network monitoring software may be used by the hackers to intercept your login details as well as online financial transactions. These types of attacks most commonly occur when users access their online accounts through unsecure wireless networks.

Centex Technologies is a leading IT security company serving the businesses in Dallas, TX. For more information on the common password attacks and the ways to prevent them, feel free to call us at (972) 375 – 9654.

ZCryptor is a malicious software that infects removable devices and network drives to encrypt files stored on a computer. It mainly spreads through spam emails, macro malware or fake installers. ZCryptor was first discovered by a security researcher named Jack, after which Microsoft also investigated the potential threats caused by the ransomware. The company issued an alert for the users stating:

“We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior. It leverages removable and network drives to replicate itself and infect more systems. We detect this ransomware as Ransom:Win32/ZCryptor.A.”

According to the researchers, the ransomware was initially designed to target systems with Windows XP 64 bit, but computers having the latest version of the operating system can also be infected.

How Does ZCryptor Work?

To infect a computer system, ZCryptor uses the common phishing techniques, such as camouflaging an executable file as a known software, usually Adobe Flash Player, or through macro files in Microsoft Office. Once executed on the system, the ransomware starts encrypting the files stored in it. It creates a registry key to ensure auto-execution on every start-up. Next, an ‘autorun.inf’ file is installed on the removable drives so that the malware spreads to all computer systems that these devices connect to. It replicates by creating copies in different network drives and using multiple file attributes in order to avoid detection by the users.

ZCryptor is known to encrypt a wide range of file formats including documents, audio, video, image, archive, database, APK, Java source code etc. and change their extension to ‘.zcrypt’. Upon encryption of all the files, a pop-up appears on the computer screen, asking the user to pay a ransom amount to get access to the unique decryption key.

How To Protect Against ZCryptor?

• Keep your operating system and other software updated to stay protected against the known vulnerabilities.
• Avoid visiting suspicious websites, opening unknown email attachments and downloading software from unidentified developers.
• Use a reliable anti-virus software to prevent and detect malware infections.
• Disable macro files in Microsoft Office.
• Keep a backup of your files on a removable media device to minimize the consequences of a ZCryptor attack.
• Format the infected removable drives before you connect them to other computer systems.

For more information about ZCryptor ransomware, you can contact Centex Technologies at (972) 375-9654.

With more than 300 million users, LinkedIn provides a networking opportunity for business professionals across the world. However, just like other social media platforms, LinkedIn also has its own set of security issues. It is important that you protect your account in order to safeguard your information and avoid spoiling your online reputation.

Given below are some tips to protect your LinkedIn profile:

• Update Your Privacy Settings: Make sure you review your privacy settings to keep a check on the information you want to share with your connections. For instance, you should turn off your activity broadcasts if you do not want to display updates about the changes you made to your profile. You can also change the visibility settings for your profile picture, connections and other professional details.
• Opt For Two Step Verification: LinkedIn allows its users to activate two step verification for their accounts. This offers a higher level of protection and prevents the incidence of identity theft and unauthorized account access by the cybercriminals. When you choose two step verification, you will be required to enter the password, along with a numeric code sent to your phone when logging in from an unrecognized device.
• Verify Your Connections: You should connect only with the people you know. Adding unknown connections or merely acquaintances puts your account information at risk. Cybercriminals use fake accounts to connect to entrepreneurs and gain access to their business information that can be further used for malicious purposes. Therefore, if you receive a connection request on LinkedIn, make sure you verify the profile to check if anything seems to be suspicious.
• Change Your Password Frequently: It is recommended to follow the best password practices to safeguard your LinkedIn account from unauthorized access. Create a strong password that includes random letters, numbers and symbols. You should use different passwords for all your online accounts and change them after every few months.
• Check Third Party Apps Connected To Your Account: Be watchful about the apps you have authorized to connect with your LinkedIn account. These can access all your confidential data and hence, you must review the apps that you have permitted. Deactivate all the apps that you do not recognize or use anymore.

For more information on LinkedIn and social media security tips, feel free to contact Centex Technologies at (972) 375 – 9654.

Cloud computing is an essential part of every business’ IT infrastructure. Regardless of the service model (IaaS, PaaS or SaaS) or deployment (public, private, community or hybrid), a large number of businesses are moving to the cloud to streamline their operations and minimize investment in IT resources. Though cloud computing offers a wide range of advantages, storing your data in a virtual space also poses certain security risks.
Listed below are some benefits and risks associated with cloud computing for businesses:

Benefits

• Cost Savings: Perhaps the biggest saving with cloud computing is in the form of reduced IT expenditure. You do not need to spend on expensive server storage and equipment. You also do not need to hire specialized IT staff for the maintenance and upgradation of these systems. Cloud offers a subscription based program that allows you to pay-as-you-go, i.e. businesses are charged according to their infrastructure requirements.
• Flexibility: Cloud computing allows employees to work more efficiently, irrespective of their location. They can access important files and documents from their home, during a vacation or while traveling. All they need is an internet connection and a compatible device to easily connect to their virtual office. This, in turn, helps to boost productivity while allowing you to increase profits.
• Reliability: With cloud computing, employees do not have to worry about the maintenance and security of the data. Your cloud service provider will offer round the clock technical support to implement any security upgrades required in the applications.

Risks

• Data Availability: When you centralize your data and applications to a cloud provider, one of the major risks involved is the loss of internet connectivity. If the server goes down, all your business activities will be affected. The quality of cloud services can also be hampered on a low bandwidth internet, making it difficult to download or print large files.
• Security And Privacy: Storing your business’ confidential data with an external service provider poses a lot of security risks. Make sure your data is stored in an encrypted format to prevent the hackers from getting access to it.
• Limited Control: Since the cloud services are completely outsourced, it does not provide any control to the clients. Except for the basic data and applications management, you cannot monitor or alter the backend administrative settings or functioning of the hardware/software.

For more information on cloud computing, you can contact Centex Technologies at (972) 375 – 9654.

Adware, or ad supported software, refers to any form of software that displays or downloads unwanted advertizements while browsing the internet. It may also be programmed to redirect the users to advertizing websites or track browsing patterns so that customized ads can be displayed. In most cases, adware is a legitimate software that comes as a drive-by download with a freeware program. A visit to a malicious website can also lead to unapproved installation of adware on your computer. However, the advertizements can be annoying, distracting and intrude the user’s privacy in the online space.

Here are some signs that your computer has been infected with adware:

• Pop-up advertizements on the desktop or within applications
• Unidentified changes in browser home page, bookmarks and favorites
• New toolbars installed in the internet browser
• Slow computer start-up and shut down
• Pop-up ads related to websites being browsed or keywords typed in the search engine
• Desktop may be slow to load or refresh
• Unexpected system shut down or restart
• Sluggish internet connection
• Software crashes
• New programs installed on the computer

How Does Adware Work?

When adware is downloaded onto a computer system, it may begin to show pop-up ads according to your web browsing habits. The software may also install tracking cookies and keyloggers or conduct an unauthorized hard drive scan. Some of the common consequences of an adware infection are:

• Infinite Pop-Ups: The user may view an endless series of pop-up advertizements over the current program window. At times, closing one pop-up ad may lead to opening of another one.
• Man-In-The-Middle Attacks: Some adware programs are designed to redirect your network activity through a proxy server to display ads over the web pages being visited.
• Spying: This adware tracks your online browsing habits, websites you visit and even records your keystrokes to figure out the type of advertizements that would catch your interest.
• Data Consumption: The adware may download unrequired add-on program to your computer, thus consuming the bandwidth on your internet connection.
• Device Slowdown: Running too many ads may hamper your device’s performance, making it slow to respond to user commands.

It is important to detect and remove adware from your computer system at the earliest. If not, it may transmit sensitive information, such as credit card numbers, passwords, important files, photos and videos to the cyber criminals who may use it for malicious purposes.

For more information on adware and cyber security, you can contact Centex Technologies at  (972) 375 – 9654.

Internet browsing has become an important part of our daily lives but various security risks may arise if proper measures are not followed. Exposing your financial information, being a victim of malware infection or losing access to the files stored on your computer, all these are some of the common threats that a user may have to deal with. Following safe web browsing practices can help to avoid all these risks and protect your personal data online.

Here are some tips to stay safe while browsing the internet.

• Keep Your Browser Updated: Make sure your web browser is constantly updated to the latest version. Security patches are often released to fix any vulnerabilities that may be present in the previous version. You can turn on automatic updates or regularly check for the newer version available. Besides the browser, the operating system and software installed on your computer should also be up-to-date.

• Improve Computer Security: Install and use an anti-virus software, spyware as well as malware detection program to improve the security of your computer. This will help to detect and remove any potentially dangerous program from your system. Also enable the firewall to avoid hackers from getting unauthorized access to your computer.

• Be Careful Of Phishing: Phishing attacks involve the use of spam emails, which appear to be from a legitimate source, and aim at acquiring sensitive information from the users. Make sure you do not click any link or download any attachment from an email received from unknown sender.

• Be Cautious When Using Wi-Fi: You should be extremely cautious when accessing the internet through a wireless connection as information shared over these networks is not usually encrypted. Do not log in to any of your online accounts, make financial transactions or access your social media profiles on a Wi-Fi connection. Your information can be easily intercepted by hackers and used for malicious purposes.

• Look For HTTPS: When accessing any website that requires you to enter important information, such as password, credit card details, bank account number etc., make sure that the website’s URL starts with an ‘HTTPS’ instead of ‘HTTP’. There should also be a padlock icon in the address bar, verifying that the website you are visiting is secure.

• Do Not Reuse Passwords: Using the same passwords for all your online activities makes it easier for the hackers to gain access to multiple accounts. Hence, you should create complex and unique passwords for different accounts, including internet banking, email, social media, online shopping etc.

For more internet safety tips, feel free to contact Centex Technologies at (972) 375 – 9654.

Network attack can be defined as an attempt to breach the security of a computer network in order to gain unauthorized access to the targeted device or exploit the vulnerabilities in the software applications. Without proper security measures, your network is vulnerable to different types of security threats, eventually causing it to crash. A network attack can either be passive (wherein the hacker may simply monitor and steal data stored on the computer) or passive (in which the information may be altered or destroyed).

Given below are some of the common types of network attacks:

IP Spoofing

A corporate or home network uses the IP address of a device to identify its entity and allow access. In a spoofing attack, the hacker may use a forged IP address to breach into a network in the guise of a legitimate user. He may alter, delete or destroy the data being shared in the network. He may also modify the source of the data packets so that they appear to be originating from another computer on the same network.

Sniffing

Network sniffing is the process of monitoring, capturing and intercepting the data packets traveling through an internet network. If the data is not properly encrypted and sent as cleartext, it can be easily read by the hacker. On the other hand, an encrypted data packet cannot be accessed unless the hacker has the key to open it.

Buffer Overflow

A buffer overflow attack occurs when the target computer receives more data/traffic than it is capable to hold, thus creating a lot of temporary files that overwrite the already existing valid data. The excess files usually contain a malicious code designed to carry out specific actions, such as deleting files, altering data or transmitting confidential information to the hacker.

Man In The Middle Attack

This is a form of session hijacking attack in which the hacker actively monitors, captures and controls the flow of information between the source as well as the destination computer on a network. The attack may be simply aimed at getting access to the information being shared or modifying it before being transmitted to the other end. In some forms of man in the middle attacks, the hacker may even disconnect the other user and completely take over the session to acquire sensitive information.

Centex Technologies is a leading IT company providing network security solutions to the business firms in Dallas, TX. For more information, feel free to call us at (972) 375 – 9654.

The ever increasing number of internet users has provided cyber criminals an opportunity to exploit the vulnerabilities in the computer systems. As people constantly rely on the digital world for work, gaming, social networking, recreation and other such purposes, there has been a massive upsurge in the malware threats. It is important to detect the infection in order to protect your computer and prevent such attacks in future.  

Given below are some warning signs that may indicate that your computer is malware infected: 

• Slow Computer: If your computer has been infected by a malware, it may slow down the speed of the system, internet and programs. However, make sure you rule out other potential causes of a slow computer, such as resource-heavy applications, fragmented system, lack of hard disk space or RAM etc. 
• Unwanted Pop-Ups: Unexpected pop-up advertizements that appear on your computer system are one of the most annoying signs of a malware infection. In some cases, these pop-ups may appear even if you are not connected to the internet. When the user clicks on a pop-up, it may redirect him to a fake website or download more malware on the system. Make sure you do not click on any of these ads or answer any survey questions. 
• Unexpected System Crashes: A malware infected computer may crash unexpectedly and quite frequently as well as switch to the BSOD (blue screen of death). However, the problem may also appear due to a technical problem in the computer, such as the lack of latest drivers or incompatible programs running on the system. If this is not the case, you should immediately scan your computer to identify any malicious program or file. 
• Random Network Activity: Another sign of a malware infection is the constant blinking of the router, indicating a high level of network activity even when you are not running a heavy program or uploading/downloading any files. It may be possible that your system has been hacked and controlled by a remote administrator.
• Lack Of Storage Space: Several types of malware are designed to manipulate files on the infected computer and fill up the space available on the hard drive. If any of your files stored in your computer system have been deleted, modified or you find any unknown programs that you didn’t install, it indicates a malware infection. 
• Disabled Security Software: In order to avoid detection, many malware programs disable the security software installed on your computer. Hence, your computer does not have the necessary tools to identify and eliminate the malware. In some cases, you may also receive security warnings or threat alerts from antivirus programs that you never installed on the system. 

We, at Centex Technologies, provide internet security solutions in Dallas, TX. For more information, you can call at (972) 375 – 9654.

Cybersecurity is a key issue faced by the finance sector. Whether it is to steal account information, illegally transfer money or inject malware, various tactics are used by hackers to gain access to an organization’s internal network. It is critical that IT professionals are updated with the latest security concerns and formulate a comprehensive strategy to stay protected against different forms of cyber-attacks.

Given blow are some of the top IT security challenges for the finance sector:

• Extortion: Hacking attacks involving extortion may be initiated in the form of a ransomware or denial of service (DoS) attack. In this, the target computer may be flooded with traffic from multiple servers, with an aim to temporarily slow down or completely disrupt the company’s network. The hackers may demand ransom amount to restore the services and remove the malware from the victim’s computer system.
• Spear Phishing: This is a common email scam in which hackers send out emails claiming to be from legitimate sources to acquire the victim’s bank account or credit card details and internet banking passwords. In an advanced form of spear phishing, known as whaling, the hacker may even send spoofed executives’ emails to the finance officials in order to get money transferred to fake bank accounts.
• Data Breach: Vulnerabilities in computer systems are also a major target for the cybercriminals to attain financial information of the users. Lack of security standards, poor data storage practices and unsecure network configuration may put the customers’ sensitive details at risk. It is important to store credit/debit card numbers, verification codes, user ids and passwords in an encrypted format.
• Point-Of-Sale Malware: It is aimed at stealing information from a business’ payment processing software. The attack can either target retail checkout system or during online purchases. Once the hackers are able to access the information, they may sell the information further or use it to make unauthorized financial transactions.
• Social Media Attacks: Cybercriminals may also use social media websites to gather information from the employees at a financial institution. With the increasing use of Facebook, Twitter, LinkedIn and other social platforms, employees can be easily duped to acquire confidential information about the company. They may create fake profiles to develop contact with the targeted employee and eventually compel him to reveal important information required to launch a bigger hacking attack. 

We, at Centex Technologies, provide complete cyber security solutions to all types of business firms in Dallas, TX. For more information, feel free to call us at (972) 375 – 9654.