Access Point Consulting

At Access Point Consulting, our guiding principle is simple: earn the trust of our clients by delivering exceptional, dependable information security solutions. Last month, we wrapped on All Access 2024. Three years ago, after our first company all-hands in Ocean City, New Jersey, Access Point Consulting made the committment to gather our team once every year for a chance to socialize, strategize, and convene as one. With the third iteration of this event now under our belts, we're as confident as ever in the future of this company. For many, it really comes down to three crucial things: Our people. Our culture. Our vision for the future. In an industry that’s saturated with options, we set ourselves apart by being a reliable partner that understands not only the tactical requirements of cybersecurity but also the operational and strategic needs unique to each organization with whom we work. But most of all, we have a great time along the way. #AllAccess2024

A new strain called Windows 4.0 has emerged, targeting users through gaming-related tools and optimization software. This malware, evolved from the infamous Ghost RAT, represents a shift in how cybercriminals deliver and control malicious payloads, leveraging the popularity of online gaming platforms to infiltrate systems. Once installed, Windows 4.0 provides attackers with a highly stable and functional control platform, enabling capabilities such as clipboard monitoring, system scans, and extensive data gathering. Despite its sophistication, Windows 4.0 is particularly insidious because it disguises itself as legitimate gaming software, exploiting user trust to gain access to systems. Like similar campaigns involving RAT malware, there’s no specific patch or update that can neutralize this threat. Instead, analysts emphasize the importance of user education to prevent infections and intensive system monitoring to detect any malicious activity.

Security awareness isn’t about policies sitting in a binder or the occasional compliance training. It’s about embedding security into the fabric of your organization—and that starts with leadership. Here’s the key: If you’re a CEO, department leader, or team manager, your actions speak louder than any policy. ?? Turn Stories into Learning Opportunities Share real-world incidents in everyday conversations: -“Did you hear about that company that got breached yesterday? Do we have protections in place to stop that here?” -Use storytelling to spark dialogue. Ask questions and invite employees to think critically about how your organization handles similar risks. ?? Make Employees Part of the Solution For too long, users have been treated as the “weakest link” in security. It’s time to change that narrative: -Engage employees as partners in security. -Provide actionable training and nurture their awareness so they feel empowered to protect your organization. ??? Walk the Talk It’s not enough to just talk about security—demonstrate it daily: -Integrate security discussions into team meetings. -Set an example by following best practices yourself. -Highlight small, achievable steps employees can take to make a big impact. How are you embedding security into your organization's culture? #Cybersecurity #SecurityAwareness #Leadership #CultureChange

A new malicious email campaign is leveraging Excel files to spread the Remcos RAT (Remote Access Trojan)—a tool capable of granting attackers complete remote control of a victim's system. How it works: 1?? The email poses as a legitimate purchase order to lure recipients. 2?? Once the file is opened, it launches an HTML application file that acts as a loader for the RAT. 3?? From there, the campaign can facilitate fraud, data capture and exfiltration, and remote control of systems. What’s the solution? Technology alone won’t stop these campaigns—user education is your best line of defense: -Continuous training: Teach employees how to recognize phishing attempts. -Reinforcement: Use reminders and simulated phishing tests to strengthen awareness. -Clear policies: Educate teams on when (and why) to question unusual or unexpected emails. Cybersecurity is a team sport. Building a culture of vigilance and security-first thinking is the most effective way to combat threats like this one. #Cybersecurity #Phishing #UserEducation #RAT #RemcosRAT #SecurityAwareness

Bring Your Own Device (BYOD) and remote work are here to stay, but they bring a unique challenge that every CISO should be thinking about. When employees work from home, your security perimeter no longer stops at the office—it now extends to their living rooms, home networks, and personal devices. Here’s why it matters and what we can do about it: 1?? Even with company-managed devices, you don’t always know: Who is walking into the room? Who can see sensitive information on their screen? How secure their home Wi-Fi network is? Many employees don’t secure their home networks—and why would they? Unless they’re cybersecurity professionals, it’s not something most people think about. 2?? As security leaders, it’s on us to translate awareness training to the home: Teach employees how to segment their home networks (e.g., separate the kids’ devices from their work devices). Encourage them to secure their Wi-Fi with strong passwords and encryption. Provide easy-to-follow guidelines on securing personal and shared spaces where sensitive work might take place. 3?? Don’t just tell employees what to do—give them the tools and assistance they need to act. Whether it’s step-by-step guides, video tutorials, or support teams ready to answer their questions, empowering them to secure their home environment is crucial. The bottom line—security awareness must extend beyond the office. When we teach employees to protect their home environments, we’re not just safeguarding the company—we’re building habits that protect them and their families, too. How is your organization addressing the security challenges of remote work? #Cybersecurity #RemoteWork #BYOD #SecurityAwareness #HomeNetworkSecurity

???????? ???????? ???? ???????????????????? ?? Microsoft’s October Patch Causes SSH Breakdowns The latest Windows security update disrupted SSH connections on select Windows 11 systems. Microsoft provided a temporary PowerShell workaround while working on a permanent fix. IT teams should monitor updates closely to avoid similar issues. ?? Evolving Malware Campaigns -Remcos RAT: Delivered via fake purchase order emails, this remote access trojan compromises systems for fraud and data exfiltration. -Windows 4.0: A malware strain targeting gaming apps to monitor systems and mine cryptocurrency. -Stelfox: Disguised as crack software, this malware steals payment details and mines cryptocurrency. ?? Patch Tuesday and Major Updates Microsoft addressed 89 vulnerabilities, including four zero-days, while Adobe and Zoom issued critical patches for content creation and workplace apps. Chrome’s update fixed 12 flaws, with some details withheld to protect users during rollout. Update all applications promptly. ?? Infostealer News: Rhadamanthus and Redline Takedown -Rhadamanthus: Posing as copyright infringement notices, this malware exfiltrates sensitive data. -Redline Stealer: Law enforcement dismantled this malware-as-a-service operation, disrupting a key platform for cybercrime. Listen to the CyberWatch podcast on Spotify, Apple Podcasts, or watch on YouTube. #CyberWatch #MalwareTrends #PatchTuesday #SupplyChainSecurity #Infostealers #CybersecurityUpdates

Your employees can either be your biggest threat or your strongest line of defense. The choice is yours. In cybersecurity, focusing solely on technical risks misses the mark. One of the most impactful steps you can take as a CISO or security leader is to make security personal and relatable for your employees. Here’s how: 1?? Teach Them to Protect What Matters Don’t just train employees on company data protection. Show them how to secure their personal lives—protecting their families online, safeguarding their home Wi-Fi, and understanding risks like phishing or identity theft. When security becomes a personal habit, it naturally extends to the workplace. 2?? Incorporate Storytelling Effective security leaders excel at storytelling. Bring in real-life scenarios during team discussions or trainings: What if your child clicked on a malicious link while doing homework? What if an email looked like it came from HR but wasn’t? These relatable examples make security tangible and engaging, creating a culture of awareness. 3?? Try Bite-Sized Tabletop Exercises Gone are the days of lengthy, cumbersome security drills. Instead, run hour-long monthly tabletop exercises with teams to answer one critical question: “What would we do if...?” These short, scenario-based sessions build confidence, reinforce habits, and cultivate a collective sense of responsibility. At the end of the day, building a security-first culture isn’t just about checking boxes. It’s about empowering your workforce to take ownership—at work and at home. What’s one strategy you’ve seen work in building a more security-conscious workforce? #Cybersecurity #Leadership #SecurityAwareness #WorkforceTraining #TabletopExercises

Understanding the connections and communication paths across a network enables organizations to see where risks may arise—and which assets need priority protection. A prime example is the Equifax breach. The exploited vulnerability wasn’t new; in fact, the patch had been available for months. But the patch wasn’t applied in time, leaving a dangerous window open for attackers. The result? Access to sensitive personal data of nearly 150 million Americans, snowballing into immense financial losses, government fines, lawsuits, and a profound impact on customer trust. #Cybersecurity #NetworkMapping #VulnerabilityManagement #Equifax #PatchManagement #CyberResilience

One of the most critical yet undervalued controls in cybersecurity is patching and vulnerability management. This process of continuously identifying, evaluating, and mitigating vulnerabilities within an organization isn’t just routine housekeeping—it’s foundational to a resilient security posture. Recent high-profile incidents like WannaCry and the Equifax breach serve as harsh reminders. Both attacks exploited unpatched vulnerabilities, leading to massive operational disruptions and financial losses. The lesson? Neglecting regular patching isn’t a minor oversight; it’s a decision that can expose an organization to catastrophic consequences. Yet, for many organizations, resource limitations make it challenging to stay on top of every vulnerability. This is where strategic investment in vulnerability management—whether through automation, risk prioritization, or external support—becomes essential. #Cybersecurity #VulnerabilityManagement #PatchManagement #CyberResilience #WannaCry #Equifax

???????? ???????? ???? ???????????????????? Supply Chain Breach at Pacific Life via Infosys McCamish A ransomware attack on Pacific Life’s contractor, Infosys McCamish, exposed sensitive customer information nearly a year before details could be confirmed. The breach highlights the need for multi-factor authentication and encryption of sensitive data, especially in outsourced environments. Dell Partner Portal and Summit Pathology Data Exposures Dell’s Partner Portal was breached, leaking data on 80,000 users, while Summit Pathology suffered a ransomware attack impacting 1.8 million patients’ personal and medical information. Analysts advise affected users to change passwords, enable multi-factor authentication, and monitor their accounts for unusual activity. VeilDrive and SharePoint Exploits Targeting Microsoft SaaS Russian criminal groups have deployed VeilDrive, a phishing campaign using Microsoft Teams, SharePoint, and OneDrive as attack platforms. Another group exploited a vulnerability in SharePoint (CVE-2024-38094) to gain domain admin privileges. IT teams are urged to patch regularly and monitor Microsoft applications for unusual activity. Phishing Targets ChatGPT and KnowBe4 Training Emails Phishers are targeting ChatGPT users with fake payment decline notices and using KnowBe4 lookalike emails to trick employees into exposing credentials. Strong DMARC, SPF, and DKIM policies, along with phishing-resistant authentication, are recommended to counter these tactics. Listen now on Spotify, Apple Podcasts, or watch on YouTube. #CyberWatch #SupplyChainSecurity #VeilDrive #MicrosoftSharePoint #Phishing #ChatGPT #TechNews