Skip to Main Content

Blog

Security Bulletin: SolarWinds Orion Breach

December 14, 2020
Security Bulletin: SolarWinds OrionLate yesterday, our team became aware of an attack on SolarWinds Orion, a network management product by SolarWinds who counts 450 of the top Fortune 500 companies in addition several branches of the Federal Government as customers. To be clear, simpleroute does not use or rely on any SolarWinds software in our practice. However, the incident has already lead to significant connectivity issues over the prior 48-hours which we expect to continue for the foreseeable future until parties are confident that effective protective measures are in

New Podcast Episode: Cyber Liability Coverage

November 02, 2020
Did you know that if you bought a cyber liability policy there may be IT requirements buried within? Tune in to hear about some common about issues to watch for.If you don't have a policy, you'll definitely want to listen as we also discuss how a policy can help protect you and recap current threats being encountered in the wild.Listen to the embedded podcast below, click here for a hosted version or search 'simpleroute' on your favorite podcast platform.

Disclosure Notice: NEMRC Software Vulnerabilities

January 31, 2019
New England Municipal Resource Center (NEMRC) Software Vulnerabilities DisclosureMost municipalities in Vermont rely on software called NEMRC made by the New England Municipal Resource Center (NEMRC) for holding town and resident data. Working with clients, simpleroute previously identified three critical vulnerabilities in the NEMRC software in December, 2017. These were reported to NEMRC in January, 2018. NEMRC's public listing of clients shows over 300 entities using some form of their software, some or all of which may have been affected. Evidence from client backups show that at

Windows 7 & Windows 2008 End of Life

January 15, 2019
Free Microsoft Risk Assessment And Migration Plan Shows You The Easiest, Most Budget-Friendly Way To Upgrade Your Windows 7 And Windows Server 2008 MachinesAs a local Microsoft Certified Partner, my company has committed to helping businesses in the Burlington area by offering a Microsoft Risk Assessment and Migration Plan for free.At no cost, we’ll come to your office and conduct our proprietary 21-Point Risk Assessment — a process that’s taken us over 9 years to perfect — to not only determine what specific computers and servers will be affected by this announcement, but also to

Marine Corps Data Leak Affects 20k

April 11, 2018
One Error Goes a Long WayThe U.S. Marine Corps has launched an investigation following an accidental leak of confidential information belonging to over twenty-one thousand Marines and civiliansOn February 27th, the Defense Department’s Defense Travel System (DTS) inadvertently sent an unencrypted email to contacts listed in the unclassified “usmc.mil” domain containing a roster with personal and financial details belonging to thousands of Marines. Truncated social security numbers, bank and credit card information and contact details belonging to the affected individuals have been

Krack Security Vulnerability

October 18, 2017
Yesterday, a whitepaper vulnerability was published by Mathy Vanhoef of Belgian University KU Leuven.The KRACK (Key Reinstallation AttaCK) vulnerability is an advanced Man in the Middle attack, allowing cybercriminals to redirect information transmitted through a wireless network, capturing usernames and passwords or other sensitive data. This vulnerability also allows an attacker to manipulate data, which may allow for the injection of ransomware or malware as data is being transmitted to or from a device.Some device manufacturers have already issued patches to protect devices. However,

How to Keep Yourself Secure After the Equifax Data Breach

October 13, 2017
The ScoopEquifax publicly reported a massive data breach on July 29th, and many users of the credit reporting service are still wondering if their information was exposed, and what to do about it if it was.The breach lasted from mid-May to July of this year. Names, social security numbers, birthdates, addresses and driver’s license numbers, as well as credit card numbers and dispute documents from some users, were taken. An estimated 145.5 million Americans (>45%) have been affected, and thousands of records have been stolen from individuals in Canada and the UK as well.Equifax is

You Need Two-factor Authentication

January 31, 2018
It’s as simple as this: if you don’t know what two-step authentication is then you are at risk. Two-step authentication is a method of granting a user access using two or more ‘authentication factors’.  An authentication factor can be as simple as a password.  Using a single authentication factor (a single text password) has become a weak means of protecting online assets.Despite having the best security measures and following all the ‘best practices,’ the fact is PCs can become compromised and passwords can be cracked, deciphered and exploited. This can put you and your

All Case Studies



  • This field is for validation purposes and should be left unchanged.

FREE CONSULTATION

See how our MANAGED SERVICES will empower your business growth