NRC Newsletter - January/February 2023
In this issue
Happy New Year!
We hope you and your organization had a successful 2022. Thank you for all trusting in our ability to provide your company IT solutions. We value our business relationships and look forward to a New Year filled with more work and opportunities from you. Here’s to a happy and healthy 2023 for you and yours! Let us continue to help you make IT Easy and Secure!
LastPass incident and next steps
The LastPass password management software had a recent compromise. In December 2022, LastPass acknowledged an extensive breach of customer data. According to LastPass, most of this data is encrypted, such as usernames and passwords. However, URLs used in passwords vaults are not. A master password is still needed to decrypt all the stolen data but that increases the likelihood the bad actors will use unencrypted data they do have. What does that mean? They can use the unencrypted data to launch targeted phishing attacks. Thus, many security firms have warned that hackers may try using leaked customer information to check the Dark Web for re-used passwords that may match master passwords.
To protect your credentials stored in LastPass, here are a few steps we recommend you take:
- Rotate any passwords and keys stored in LastPass.
- Check for password re-use across your sites & services.
- Enable MFA on everything.
- Warn your users of an increased risk of phishing.
- Pay extra careful attention to your accounts for breaches and suspicious activity.
This story continues to unfold. It is possible that some of the unencrypted data could be used for more than phishing. Now would be a good time to do a 3rd-party assessment to find compromised passwords on the Dark Web. If you are interested in having an assessment performed, please contact us 540 808 2900 x2 | schedule a Zoom meeting or phone call
Stay tuned.
Security and cyber liability with BBQ and beer
New River Computing recently hosted a panel discussion on security and cyber liability featuring the following panelists: Jeff Wynn - President, New River Computing, Jessica Swann - Cyber, Professional and Liability Broker, Risk Placement Services, Inc., Natalie Suarez - Principal Solutions Advisor, ConnectWise. The panel was moderated by Jeff Nosenzo - Vice President of Brown Insurance.
If you missed out on the panel or want to revisit it, you can check it out in the video above! If you'd like to know when future events like this are on the horizon, contact us to sign up for our newsletter.
Birthdays and work anniversaries
January - Hansen Ball and Celeste Parker
February - Lindsay Taylor
January
George Probst : George has been around NRC since 2007 wearing many hats as a contractor and officially joined the NRC ranks in January 2018. An NRC Team member said this about George, "George, I really appreciate you being an NRC employee. You are always solid and can be counted on." We think you’re jaw-some! (a bad pun-ny in honor of George’s love of sharks).
February
Zac Callahan : Zac is an integral part of the NRC Team. We are glad you joined us in February 2020 just as we were entering the start of COVID lockdown. We are even more excited that you stuck with us! Thank you for your willingness to rollup your sleeves, dive headfirst into working with new products and software and most importantly share what you learn!
Joshua Howard : Joshua will celebrate his 1st Year with the NRC Team on February 16! Joshua joined us from Eastern Kentucky and has more than nine years of IT experience. All our clients love Joshua's calm demeanor and broad know-how. One client said this about him, "Josh was super helpful and resolved my issue within minutes! I was so freaked out and he took care of everything. THANK YOU!" We appreciate you!
Thank you for all you do! Happy workaversary, gentlemen!