Have you started the new year at risk? Now that we are all firmly settled into the new year; we think it’s time to remind you of the biggest risks that we encountered and helped our clients to secure themselves against in 2019.

PPTP blocked

Have you been experiencing issues connecting to a PPTP VPN? This particular type of VPN was blocked by manufacturers, such as Apple, because of the numerous security vulnerabilities that were discovered back in 2012.

Files saved to the desktop aren’t backed up

In our blog ‘The Desktop: where data goes to die’ we explain the implications involved in saving files to the desktop and not dropbox or a server.

If you save your files to the desktop, these files will not be backed and therefore if you have a data breach or can’t access your device, the files will be unrecoverable.

Sextortion scam

An email scam that dominated 2019 was the ‘sextortion scam’ . This scam was designed to trick people into paying an amount of bitcoin, in exchange for them not releasing an ‘intimate’ video of you which was threatened to be sent out to their friends and family. The scammer also included a password of yours which they will have obtained from a previous data breach, in order the make the scam seem more believable.

Let us reassure you, this is nothing more than a clever scam designed to manipulate your emotional fears and embarrassment.

RDP attack

As an update to our previous blog explaining how the Windows RDP remote desktop software bugs could be exploited, we wanted to let you know about some further patches that have been released.

Researchers have posted another “proof-of-concept exploits” for two more flaws in the release. These are CVE-2020-0609 and CVE-2020-0610.

What is a “proof-of-concept exploit”? This is when a method or idea is tested in order to demonstrate its feasibility or to verify a concept. In this case, it means that these flaws were exploited in an experiment and were proven to grant access to the tested server.

The implications of this would be that if a cyber-criminal writes a script that scans for machines on the internet with RDP enabled and use the exploits/flaws mentioned earlier, the criminal will be able to install itself on your server.

To receive a free scan of your network to see if your RDP is open, fill in our form here.

Select Windows software has expired

Over the past year, we have released guides and blogs on why you should update the following Microsoft products; Windows Server 2008 R2, Windows Server 2008, Small Business Server 2011, Office 2010, Windows 7 and Exchange 2010.

On the 14th Of January, the specified software expired and will no longer receive security and performance updates.

Want help updating your hardware? Give us a call on 0114 223 8000 and we can advise on next steps.