January 31, 2019
New England Municipal Resource Center (NEMRC) Software Vulnerabilities DisclosureMost municipalities in Vermont rely on software called NEMRC made by the New England Municipal Resource Center (NEMRC) for holding town and resident data. Working with clients, simpleroute previously identified three critical vulnerabilities in the NEMRC software in December, 2017. These were reported to NEMRC in January, 2018. NEMRC's public listing of clients shows over 300 entities using some form of their software, some or all of which may have been affected. Evidence from client backups show that at Blog
Windows 7 & Windows 2008 End of Life
January 15, 2019
Free Microsoft Risk Assessment And Migration Plan Shows You The Easiest, Most Budget-Friendly Way To Upgrade Your Windows 7 And Windows Server 2008 MachinesAs a local Microsoft Certified Partner, my company has committed to helping businesses in the Burlington area by offering a Microsoft Risk Assessment and Migration Plan for free.At no cost, we’ll come to your office and conduct our proprietary 21-Point Risk Assessment — a process that’s taken us over 9 years to perfect — to not only determine what specific computers and servers will be affected by this announcement, but also to Marine Corps Data Leak Affects 20k
April 11, 2018
One Error Goes a Long WayThe U.S. Marine Corps has launched an investigation following an accidental leak of confidential information belonging to over twenty-one thousand Marines and civiliansOn February 27th, the Defense Department’s Defense Travel System (DTS) inadvertently sent an unencrypted email to contacts listed in the unclassified “usmc.mil” domain containing a roster with personal and financial details belonging to thousands of Marines. Truncated social security numbers, bank and credit card information and contact details belonging to the affected individuals have been Krack Security Vulnerability
October 18, 2017
Yesterday, a whitepaper vulnerability was published by Mathy Vanhoef of Belgian University KU Leuven.The KRACK (Key Reinstallation AttaCK) vulnerability is an advanced Man in the Middle attack, allowing cybercriminals to redirect information transmitted through a wireless network, capturing usernames and passwords or other sensitive data. This vulnerability also allows an attacker to manipulate data, which may allow for the injection of ransomware or malware as data is being transmitted to or from a device.Some device manufacturers have already issued patches to protect devices. However, How to Keep Yourself Secure After the Equifax Data Breach
October 13, 2017
The ScoopEquifax publicly reported a massive data breach on July 29th, and many users of the credit reporting service are still wondering if their information was exposed, and what to do about it if it was.The breach lasted from mid-May to July of this year. Names, social security numbers, birthdates, addresses and driver’s license numbers, as well as credit card numbers and dispute documents from some users, were taken. An estimated 145.5 million Americans (>45%) have been affected, and thousands of records have been stolen from individuals in Canada and the UK as well.Equifax is You Need Two-factor Authentication
January 31, 2018
It’s as simple as this: if you don’t know what two-step authentication is then you are at risk. Two-step authentication is a method of granting a user access using two or more ‘authentication factors’. An authentication factor can be as simple as a password. Using a single authentication factor (a single text password) has become a weak means of protecting online assets.Despite having the best security measures and following all the ‘best practices,’ the fact is PCs can become compromised and passwords can be cracked, deciphered and exploited. This can put you and your 
