Ubiquiti, a well-known manufacturer of network equipment/devices, recently notified their customers to update their passwords and add multi-factor authentication (MFA) due to a security breach.

Epoch always advises using unique passwords that are frequently updated as well as turning on MFA whenever available.

Take a look at the article below for more:

https://www.zdnet.com/article/ubiquiti-tells-customers-to-change-passwords-after-security-breach/

There has been a recent phishing message making its way around LinkedIn. See the example below.

Do NOT click or open the attached .pdf file. We also recommend as a general rule to never click on attachments that you are not sure of.

An example of the phishing message being sent on LinkedIn

You may have noticed a notification on your iPhone or Android device, alerting you that “COVID-19 Exposure Notifications are Available.”

The Maryland Department of Health has launched this new initiative, MD COVID Alert, to track potential exposure using individual’s Bluetooth locations.

Each phone receives a random ID number that changes every 10-20 minutes. It looks to identify phones that are six feet apart, for an average exposure of over 15 minutes. If someone with those conditions tests positive or is exposed to COVID-19, it will alert you.

Privacy is a big issue here. MDH has clarified that no data is stored, you are not being tracked, and you remain anonymous in the system. You do not see other users data. 

To opt-in on iPhone, take a look at this video. Go to Settings > Exposure Notifications > Turn on Exposure Notifications > Select your country > Select your state or region > Read and agree to turn on notifications > Click DONE and ensure your notifications says it is “Active.”

Cybercriminals are sending company-branded Google Forms from email addresses spoofing large corporations in order to access your networks. These include AT&T, Capital One, Microsoft365 and many more, but the email senders are not actually from those domains.

It has never been more important to be aware of what you are clicking in your emails and SMS text messages. Be sure to ALWAYS double check and verify the sender, and contact your IT company with any potential questions or concerns.

Here’s an example from the Forbes article. One of the fake Google Forms was sent as if it was from Microsoft365, requesting user information.

A fake Office 365 login using Google Forms

Image from Forbes 11/3

Network utilization and traffic on the Internet has shifted since most people are working at home and kids are home using their devices.

We are seeing an increase of virus traffic and hacking attempts. If you’re working from a home computer, make sure your patches are up to date! Any personal device connecting to a corporate network should be protected by doing this at the minimum.

-Chris Riismandel