LISS Notification: Security Alert

Dear LISS Consulting Corp.,

As you may have heard, UBER was breached in a massive hack which has leaked the information of 57 million customers and drivers. Uber paid the criminals the ransom to get the data back and claims to have proof of the destruction of the data. We advise our customers to take the following action if you have ever used UBER.

  1. Immediately change your password for your account for UBER and any other account which uses the same password and make sure to remove this password from use moving forward. Although UBER claims the passwords are not one of the items that were obtained in the breach it’s possible this info was simply not disclosed to UBER and it’s best to err on the side of caution.
  2. As per best practice if you have any accounts that support 2FA (two-factor authentication) we recommend enabling it. 2FA will provide a degree of protection and buy you some time in the event that your passwords are ever leaked in a breach. With 2FA in addition to a password, a user must enter a one-time code displayed in an app on their phone or sent via email or SMS.
  3. If you haven’t frozen your credit after the Equifax breach this is a good time to do it. The amount of threats focused on obtaining PII (personally identifiable information) is ever growing and freezing your credit provides active protection against would-be identity thieves. Unlike credit monitoring which simply alerts that you to activity that has occurred, a credit freeze is a preventive measure. The cost to freeze and unfreeze your credit varies by credit bureau and state of residence, please refer to the below site for more info:

https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs#what

  1. From a business standpoint, this is a good time to review your business continuity plan, DR preparations and internal security procedures for both physical and IT security.

Lastly, watch out for phishing emails related to this scam, scams such as “click here” to change your UBER account passwords are what we would expect to see a rise in after this news.

If you have any questions, or would like to schedule a security assessment please don’t hesitate to reach out to the helpdesk. 

Thank you,
————————————————————————————–
Client Services
LISS Consulting Corp., a LISS Group company
844/4.LISS.HD (844.454.7743) | helpdesk@lissconsulting.com | www.lisshelpdesk.com

– For Critical Service Notifications please visit: www.lissconsulting.com/notices
* The contents of this email message are confidential & proprietary *
————————————————————————————–

Message sent by: LISS Consulting Corp.

Unsubscribe

LISS Notification: Holiday Business Closure

Dear LISS Consulting Corp.,

As a reminder, in observance of the Thanksgiving Day holiday, LISS Consulting corporate offices will be closed on Thursday, November 23 and will close early at 1:00 PM on Friday, November 24.  Although LISS Consulting will be closed, our HelpDesk & Network Operations departments will have staff on-call to assist you with any emergency support requests.

For a complete holiday schedule, please visit our Support FAQ at http://www.lissgroup.com/support/#frequently-asked-questions.

You are receiving this message because you have been identified as a LISS Consulting Corp. Authorized Contact for your company. If you have received this message in error, please notify us with the appropriate contact information and forward this email to that contact within your organization.

Please do not reply to this e-mail. This e-mail has been sent to you automatically and is not capable of handling responses.

Thank you,
——————————————————————————–
Client Services | Network Operations
LISS Consulting Corp., a LISS Group company
844/4.LISS.HD (844.454.7743) | helpdesk@lissconsulting.com | www.lisshelpdesk.com

– For Critical Service Notifications please visit: http://www.lissgroup.com/support/#notices
* The contents of this email message are confidential and proprietary *
——————————————————————————–

Message sent by: LISS Consulting Corp.

Unsubscribe

LISS Notification: Client Notice

Dear LISS Consulting Corp.,

We are currently experiencing intermittent issues on our inbound call routes. We have moved to our fail-over solution. All inbound calls will be routed to our ticket center until further notice.

As always tickets can be opened by phone, webform, or email.

You are receiving this message because you have been identified as a LISS Consulting Corp. Authorized Contact for your company. If you have received this message in error, please notify us with the appropriate contact information and forward this email to that contact within your organization.

Please do not reply to this email. This e-mail has been sent to you automatically and is not capable of handling responses.

Thank you,
————————————————————————————–
Client Services
LISS Consulting Corp., a LISS Group company
844/4.LISS.HD (844.454.7743) | helpdesk@lissconsulting.com | www.lisshelpdesk.com

– For Critical Service Notifications please visit: www.lissconsulting.com/notices
* The contents of this email message are confidential & proprietary *
————————————————————————————–

Message sent by: LISS Consulting Corp.

Unsubscribe

LISS Notification: Security Alert

Dear LISS Consulting Corp.,

On Monday a new Wi-Fi Vulnerability was announced, currently
referred to as the “Krack Wi-Fi Vulnerability aka key re-installation attack”.
It focuses on intercepting the encryption key as it is assigned to the client.
This a variant of an attack method called a re-play attack, whereby an attacker
gains privileged information and continues to replay it to prove his identity
is something that the devices expect to see. Because the attacker gets the
encryption key he/she can decrypt all the data being sent wirelessly.

 While manufacturers work to patch the vulnerability we
continue to investigate the potential impact this may have on your network. 

What is important to note:

  1. The Attacker must be nearby to execute this attack, so
    this significantly cuts your risk factor.
  2. If you are concerned about data with web-based
    applications like banking sites or your webmail, there is no need to
    worry, that data is additionally encrypted in the web browser and is not
    currently at risk of compromise due to this attack.
  3. Microsoft has already released a windows patch and we
    are beginning the scheduled rollout for your computers and servers.
  4. For clients with Meraki devices Cisco is currently
    working on a patch and we will have that applied as soon as it is
    released.
  5. It is important to patch your mobile devices whenever
    possible. We are ever more focused on mobile devices and as we shift our
    workflow to mobile hackers adjust and coordinate their attacks against
    mobile devices. To update your devices please contact your respective
    mobile provider for more information on how you can patch your device.
  6. Your personal Wi-Fi at home is probably your biggest
    vulnerability and the easiest to fix. Look up the model of wi-fi router
    that you have and see if you can find a firmware update online. Updates
    for home routers are usually fairly easily to install on newer devices. If
    you have an older device this might be a good time to upgrade, just make
    sure you are moving to a manufacturer that patches regularly.
  7. If you would like to err on the side of caution you can
    take the additional step of disabling the Wi-Fi on your mobile devices
    where feasible. Instead of Wi-Fi, consider temporarily relying on a wired
    connection and/or mobile data.

If you have any questions, or would like to schedule a security
assessment please don’t hesitate to reach out to the helpdesk. 

Thank you,
————————————————————————————–
Client Services
LISS Consulting Corp., a LISS Group company
844/4.LISS.HD (844.454.7743) | helpdesk@lissconsulting.com | www.lisshelpdesk.com

– For Critical Service Notifications please visit: www.lissconsulting.com/notices
* The contents of this email message are confidential & proprietary *
————————————————————————————–

Message sent by: LISS Consulting Corp.

Unsubscribe