Blue Ridge Technology

New Threat to Microsoft Teams We’re constantly warning about the threats of phishing schemes and other similar attacks, and for good reason — they still remain the most common way that cyberattacks and other digital threats originate. Well, we wish this post were different, but instead it’s just a little bit worse: now the threat could be coming from inside the house. Here’s what we mean, and what to watch out for. New Threat: Attackers Sending Messages Within Microsoft Teams The new threat, first identified by Sophos and reported on in Security Week , is an attack that uses Microsoft Teams. The threat actors who got caught using this attack exploited a vulnerability in Microsoft Teams — more specifically, in one of its default configurations. Millions of companies rely on these default configurations, so we’d say it’s a pretty big vulnerability! The Scam’s Architecture Here’s how the scam played out. First, the bad guys sent a ton of spammy messages through Microsoft Teams. These wer...

Windows Hello gets a new look and improved security Ever heard of Windows Hello? Whether it sounds like a brand-new (or let’s be honest, kind of made-up) product or it’s something your business is already using, Microsoft is making important changes to Windows Hello. Businesses should be aware of these changes, and many should consider adopting Windows Hello for increased security and smoother day-to-day operations. Here’s what to know. What Is Windows Hello? Before we get into what’s new, here’s an introduction (or a refresher). Windows Hello is an authentication protocol from Microsoft that uses one of several different types of authentication to log users in to systems and accounts. The most significant thing setting Windows Hello apart from older login systems is that it skips the traditional password entirely: users supply their username and are then asked for an authentication factor like: A fingerprint A face scan / facial recognition A random PIN If that last option sounds a lo...

Text Messages Aren’t Secure A new warning from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) in December 2024 is making waves and causing many businesses to re-evaluate a central aspect of their cybersecurity strategy. This new warning somewhat invalidates advice we’ve given on this blog before, so we think it’s important to get the word out to our clients and readers. Here’s what the FBI and CISA are warning about — and what the implications might look like for your business. The Warning: Stop Texting The tl;dr of the FBI’s warning is this: stop texting . (At least, stop texting anything you don’t want going public.) If this sounds a little familiar, don’t tune out yet: yes, various government agencies have issued similar warnings in the past, but this one’s different. In the past, the warning was pretty general: text messages aren’t all that secure, so it’s possible that they could be intercepted if someone had the right technology and enough motivation. Th...

IT Systems End of Life When you think about the technology powering your business, how does it make you feel? Are you confident? Excited? Mystified? Nervous? Terrified? (Maybe a mix of all of the above?) Many business leaders are confident about their IT right now — but really nervous about what comes next. Here’s what you need to know about a recent report about future readiness, plus what to watch for in your own business. A Concerning Report on Future Readiness A recent report from Kyndryl revealed quite a bit about what today’s business leaders are thinking about technology — and the results were pretty dismal. Much of the concern comes down to how well businesses are doing at being future-ready. In other words, are they making IT decisions today that prepare them for the next few years and beyond, or are they stuck in the present? Here are some of the findings in this survey of more than 3,200 business leaders: 90% think their current IT systems are in great shape, performing wel...