ThreeShield Information Security Corporation

07/01/2025

🍁 Happy Canada Day! 🍁
In case you missed it, Canada has ordered Hikvision to close Canadian operations over security concerns.

Many of our clients moved from Hikvision security cameras to cloud-based business-class camera systems like Verkada and Rhombus over the last decade because legacy cameras are little computers that don't update security problems fast enough (and the on-premise video recorders are headache after headache).

We kept finding ways that the cameras could be used to attack other computers on our clients' networks. In many cases, our cybersecurity audits also found these vulnerable systems exposed to the Internet, wide open to attackers.

It became such a consistent problem that we ended up partnering with Verkada and Rhombus to provide discounted enterprise-grade solutions to small and medium-sized businesses.

Rhombus's relay and Verkada's Command Connector allow companies to get into cloud monitoring (without requiring Network Video Recorders and the backup headaches that come with them) without ripping and replacing their existing Hikvision cameras.

However, doing so leaves you stuck with the firmware update headaches and vulnerabilities that tend to remain because Hikvision and other legacy camera companies tend to be slow with their updates anyhow.

If you're Canadian, we recommend talking to your managed IT service provider to move your cameras to a modern, managed cloud provider. If you don't have an existing IT provider, we're happy to help connect you.

06/12/2025

If your website is down, you aren't alone...

04/15/2025

If your password manager doesn't fill in your Microsoft password for you, then please don't copy it yourself!

We're getting a huge spike in shared "Microsoft" file phishing attempts this week. These attacks let the bad guys take over your Microsoft session, even if you're using the Microsoft Authenticator.

If you aren't using a password manager, then please start. It's the easiest way to get an extra nudge against falling for phishing websites.

Also, Microsoft is still investigating the Microsoft 365 Admin Centre issue. However, some of our tenants seem to be working again.

04/08/2025

Every time we're brought in to look at a new app or website right before launch, I scream into my pillow, "WHY DIDN'T THEY ASK MONTHS AGO?!"

It's always the same for first-time clients. I mean ALWAYS. Usually, we were able to shift mindsets so their subsequent projects aren't as horrific. However, the first time, it's always the same.

Recently, we've had clients that used three different frameworks -- THAT EACH LOCKED THEIR VICTIM COMPANY INTO WEAK LOGINS before costly overhauls! Each time, we had significant database design issues that required a lot of rework.

One unlucky business hired someone who clearly was very good within their framework, but didn't have a clue about servers or infrastructure and couldn't even do HTTPS because they only knew how to set up a development debugger as a "web server."

This needs to stop. How can we convince people that Cybersecurity needs to start at the requirements definition phase during the initial design then continue through the release process?

My pillow can't take many more tears and screams.

03/21/2025

This morning, we had another great reminder of why it's crucial to have the Canadians at Lavawall double-check for missing application patches (on 7,438 programs) when it turned out that OpenVPN Connect had a missing patch that corrected a problem that prevented automatic updates!

For the rest of March, you can scan your domain and check your computers for missing patches and configuration problems for free at https://lavawall.com

Please let me us about any bugs you find before our hard launch at the end of the month. 🤓

02/06/2025

I'm in the business of delivering unvarnished truth about problems that my clients need to fix quickly. This often involves web designers and developers who show up in our comprehensive vulnerability assessments. Some put their backs up defensively, and others transform their business and practices to make the world a better place. This is a story about the latter.

After we found a lot of problems with a larger organization's website, they took the results to their extremely talented web designer.

And what this marketing company did with the findings blew me out of the water.

They listened, dug deep and fixed their own cybersecurity gaps.

Then, they referred us to their other clients who now have strong cybersecurity programs. It turned out that their clients had the same mindset, and they referred us to many others.

Because one confident web designer acted on news that has made others put up walls of denial, at least a dozen other companies are now better off, and I'm able to confidently refer our web design clients back to them, knowing that they're in good hands.

Nothing builds business better than partnerships, when we help one another, we all get better.

12/28/2024

We're in the Whitecourt and Mayerthorpe areas today, setting up enterprise-grade cybersecurity and IT support.
Call us at 1-877-528-2925 or visit https://Agcyber.ca to protect your business, farm, or ranch today.

IT and cybersecurity for rural Alberta provides reliable remote and on-site IT to farmers, ranchers, and rural businesses outside of typical service areas.

12/20/2024

If you take credit cards through your website (even if you don't host the credit card form) or through most credit card machines plugged into your network or Wi-Fi, you need to get quarterly security scans from an approved vendor.

There's still some time to get this first step done so you can get compliant and reduce your insurance and processing costs by Q3 2025 (when you'll have the required 4 quarterly scans).

Until this quarter, we were only setting up these scans for our managed cybersecurity clients. However, a lot of folks need to wait until next year before getting approval for a big IT change -- but can scrape together a couple hundred bucks to get PCI compliance scans for before year-end.

Feel free to book a meeting to discuss more at https://booking.threeshield.ca/ or call to get this last thing checked off before year-end. It's a quick agreement and setup, so we'll still be setting these up during the Christmas break.

To congratulate you on starting the journey, we'll throw in free pre-scans to ensure you pass along with application patch monitoring on up to 20 computers as a Christmas gift!

ThreeShield Information Security reduces IT costs and protects medium-sized businesses from cyber security breaches with affordable security services.

12/02/2024

Cool! The CRA includes a reference to authenticate the message (corporate tax number), but doesn't have any links or phone numbers. It just directs you to check the mail on a well-known website. This is great training for business owners not to click emails claiming to come from the CRA.

07/24/2024

Microsoft has released a tool to automate recovery from the Crowdstrike problem. Unfortunately, the bad guys are doing the same thing. Crowdstrike discusses one of the attacks here:

Learn more about a Word document CrowdStrike Intelligence identified containing macros that download an unidentified stealer now tracked as Daolpu.

07/19/2024

Now that CrowdStrike has a fix out, many are resolving the issue by rebooting.
If rebooting doesn't work:
1. Boot into safe mode or Windows Recovery Environment
2. Delete c:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys
3. Reboot and enjoy the beautiful summer day