American university researchers uncovered a new cyberattack called Near-Ultrasound Inaudible Trojan (NUIT). It threatens devices with voice assistants, launching completely silent attacks. Fortunately, researchers exposed the vulnerability before threat actors could exploit it. The discovery is a warning to everyone to take the necessary precautions.

How Inaudible NUIT Attacks Work

While human ears can’t detect near-ultrasound waves, smart speakers and voice assistants can. And they respond to it. That means NUIT can manipulate devices, and the attacks will go unnoticed. Threat actors can embed NUIT in websites that play YouTube videos or other media. They can fool targets into playing malicious audio that will launch the attack. They can even play it through Zoom calls.

There are two NUIT attack methods:

• NUIT-1 – A device is both the transmitter of the NUIT and the recipient. For example, a target plays a malicious audio file on their smartphone. The microphone in the smartphone will hear it and perform the inaudible command. It can send a text to someone or open the garage door.
• NUIT-2 – A device with a speaker transmits the NUIT to other devices with microphones. An example is when a victim plays malicious media on a smart TV, and the NUIT communicates with the smartphone’s voice assistant.

Inaudible NUIT commands are only 0.77 seconds long. However, researchers explain that the speaker playing the NUIT has to reach a particular volume level for the attack to work. If successful, NUIT attacks can pose severe risks.

They can control IoTs connected to your smartphone. They can disable your home alarm or unlock your garage door without you knowing it. Because voice assistants can also open websites, NUIT attacks can drop malware on your device without your participation.

Precautions You Can Take Against NUIT Attacks

The researchers took 17 devices and checked their vulnerability to NUIT attacks. Unfortunately, all were controllable using any voice, even robot-generated ones. The only exception was Apple’s Siri which only follows commands from the smartphone’s owner. If your smartphone has a voice authentication feature, enable it as additional security against NUIT attacks.

Another way to deter NUIT is by using earphones instead of broadcasting audio on speakers. Researchers also encourage users to monitor microphone activity on their devices. Android and iOS smartphones both have on-screen indicators for that.

The Bottom Line

With NUIT’s ability to download malware, it can become a real threat to organizations. Business owners should implement strict security measures to mitigate risks. Secure your network and devices by installing security software, enabling spam filters, and setting up a firewall. In addition, have policies in place to guide your employees. You must also back up your data to help speed up recovery in case of data loss.

Used with permission from Article Aggregator

In the world of cybersecurity, change is the only constant. For many business owners, multi-factor authentication (MFA) has been the go-to option for extra security. But hackers today are more ingenious, working around the old systems that used to stop them. New tricks are emerging to get business data and customers’ sensitive information. MFA remains an essential to online security, but hackers are figuring out ways to bypass it.

Why Does This Matter for Your Business?

The danger is that hackers could take over your business account. Hackers who get past your MFA could get to your private business data. They could mess up your work, misuse your customer data, or even conduct fraud under your name. Just using MFA isn’t enough anymore.

MFA Weak Points

Here are possible vulnerabilities in the MFA system that businesses should know:

• Social Engineering. Hackers trick users into giving away their MFA codes by pretending to be someone they trust, like customer service or IT support.
• Stealing Codes. Threat actors steal your password or security code by intercepting your messages with the security team.
• MFA Prompt Bombing. Hackers will send too many security requests, so you click “approve” to stop the alerts. Once you do, the hacker, who started the prompts, gets access.
• SIM Card Swapping. This happens when a hacker fools your phone company into giving your phone number to their SIM card. They can then steal security codes sent by text.
• Malware. Threat actors can use harmful software to get to your device and steal MFA data through bad apps, email attachments, or unsafe websites.

Strengthening Your MFA Strategy

Rethink how you manage your online security by enhancing password hygiene and promoting a culture of alertness. Use different, tough-to-guess passwords for more secure processes. Train your team to recognize when someone is trying to steal their info. Educate them about the latest tricks used by hackers. Keep your systems and security software updated. Updates often include fixes for new threats. In addition, consider using controls that limit unsuccessful login attempts. This can stop attacks and protect against account lockouts.

A Layered Defense Is Your Best Offense

MFA is an integral part of your strategy to stay safe online. However, it shouldn’t be your only security strategy. Knowing how hackers get past extra security and staying informed about new cyber threats helps you protect your business. Create a robust security system with many layers. Ultimately, it is all about staying one step ahead of the hackers.

Used with permission from Article Aggregator

By leveraging new technologies and digital processes, many businesses today can improve efficiency, reduce costs, and better serve their customers. Despite this, implementing the latest technologies and procedures can be a complex and challenging task, especially for businesses lacking in-house expertise and resources. It is here where managed IT services can play a crucial role, providing the knowledge and support required to adopt new technologies and digital processes.

Managed IT services provide businesses access to a team of experienced IT professionals who can provide expert guidance and support throughout the digital transformation process. Assessment of the organization’s needs, identification of appropriate technologies, and implementation of these technologies and processes are all part of this process. Digital transformation can be especially beneficial for companies that lack the in-house IT resources or expertise to handle it.

A managed IT service can help businesses better address the risks associated with digital transformation and provide expert guidance and support. Assuring that the latest technologies and processes are secure and compliant with industry regulations is one aspect of this, as well as helping businesses recover from potential disruptions and setbacks faster. By providing this level of support and protection, managed IT services can help companies to feel more confident and secure as they navigate the often-unfamiliar waters of digital transformation.

Many businesses have benefited from managed IT services in their digital transformation efforts. For example, managed IT services are often used to help implement e-commerce platforms or electronic health record systems in retail and healthcare. Regardless of the scenario, managed IT services providers will work closely with a company to assess its needs, identify the right technology and processes, as well as ensure that the new systems operate smoothly.

The adoption of new technologies and digital processes can be greatly enhanced by managed IT services as part of a digital transformation effort. In addition to providing expert guidance and support, managed IT services can help businesses navigate the complexities of digital transformation and drive business growth by minimizing risks.

Used with permission from Article Aggregator

MITRE, a leading organization in the field of security, recently shared its list of top software threats for 2023. The top spots remain occupied by the same software bugs as last year.

Understanding the MITRE Report

MITRE created the report using its Common Weakness Enumeration (CWE) program. It points out the software weaknesses that have caused the most issues in the past two years. This list helps people who make, test, and secure software understand and address these problems. It also shows areas where businesses can improve their software building and safety practices.

The Top Threats to Businesses

Threat actors use software bugs to steal sensitive data and take control of your systems. This could disrupt your business, harm your reputation, and result in lost profits.
To protect your business, you need to stay ahead of potential threats. Use the CWE list to guide your efforts in creating better safety protocols and deciding where to focus your security testing.

Here’s a quick look at the top five threats:

• Out-of-bounds Write can change data, cause a system crash, or run harmful code.
• Cross-site Scripting can alter web pages, steal important data, or spread harmful content.
• SQL Injection can change or steal data, resulting in lost, damaged, or revealed data.
• Use After Free can cause a program to crash, run any code, or even take over a system.
• OS Command Injection can run any command, leading to data theft or system control.

Creating a Safe Environment

Ensuring everyone in your organization understands how to keep your systems safe is essential. Train your team on the dangers of these software bugs and the importance of using safe coding practices. Regular software updates and security checks are vital to keeping your systems secure.

Staying Safe in a World of Increasing Cyber threats

This list of top software threats is meant to inform and prepare, not scare. It shows how important it is to always be on the lookout for cybersecurity threats. The best defense includes:

• Preventing threats before they happen
• Updating your systems
• Regular cybersecurity training for your team

Remember, keeping your business safe from cyber threats is an ongoing process. Stay informed, stay vigilant, and stay safe.

Used with permission from Article Aggregator

You’ve probably noticed how work has changed lately. Remote collaboration tools are now a must-have.

They help your workforce stay connected and productive, even when they aren’t in the office. These tools let you keep your team involved, make communication more accessible, and help your business grow.

This article explores the importance of remote collaboration tools in modern businesses and how you can incorporate them into yours.

Why Remote Collaboration Matters

Adopting remote collaboration is crucial for modern businesses. As more people work from home or elsewhere, staying connected becomes essential.

Remote collaboration tools make communication smooth and easy for teams. They improve work-life balance, boost employee morale, and attract the best talent.

Consider the story of a small marketing agency struggling to keep up with its growing client base. The agency started using remote collaboration tools and hired people from different time zones. This way, they could give non-stop support to their clients. Clients were happier, and the agency made more money.

Choosing the Right Tools

Choosing the ideal remote collaboration tools for your business is vital. Many choices include video calls, project management apps, and file-sharing services.

Think about your team’s needs, your company’s size, and your security needs. The right mix of tools will help your team work well, no matter where they are.

Implementing Remote Collaboration Best Practices

After choosing the best tools for your business, you should:

1. Set up guidelines for remote teamwork.
2. Get your team to chat often using video calls, quick messages, or emails.
3. Make a central hub for everyone to find critical documents and materials.

Most importantly, create a work environment based on trust and responsibility. This is crucial for the success of remote work.

The Future of Remote Collaboration

As tech improves, remote collaboration becomes even more crucial for all businesses. By adopting these tools now, your company is ready for future success. You can adjust to work changes and grab new opportunities with innovative strategies.

Closing Thoughts

Now is the perfect time to welcome remote collaboration tools into your business. Using these tools can improve productivity, keep your business running smoothly, make your workplace more inclusive, and outpace competitors.

As a business owner, investing in these tools is wise and helps future-proof your operations. So, dive into the world of remote collaboration, and your business will reap the benefits.

Used with permission from Article Aggregator