Pennyrile Technologies

DNS filtering has become an important tool in our fight against malicious websites, phishing attacks, ransomware, and unwanted content. DNS (Domain Name System) filtering acts as an early detection and blocking mechanism that helps safeguard businesses from a wide variety of online threats. Given its simplicity, cost-effectiveness, and role in protecting the network at an early stage, it is an essential part of a modern security stack for businesses. What is the Domain Name System (DNS) Before we can get into DNS filtering, we need to explain what DNS is. Think of DNS as the phone book of the Internet. When you type in a website name like youtube.com into your browser, your computer doesn’t automatically know where to go. It needs to find the address of that website first (called an IP address). So when you type in a website name, your computer will use DNS to translate the website into an IP address it can access. For instance, www.amazon.com would translate to the IP address 54.239.28.85. In short, DNS helps translate easy to remember website names into the IP addresses your computer needs to access them! What is DNS Filtering? So now that we know what DNS is, what is DNS filtering? The short answer is, it’s a tool that gives you the ability to filter bad or wanted content at the DNS level. It’s the process of using the Domain Name System to help filter and block malicious websites and content before it can reach your computer. It works by intercepting DNS requests, or the “addresses” that users and devices query to access websites. After intercepting the request, it will then block the request or redirect the request based on predefined rules. DNS filtering is an important part of any business’s security stack because it helps prevent access to malicious websites, malware, phishing sites, and other harmful online threats!   Why DNS Filtering is Crucial for Business Security Prevents Access to Malicious Websites: DNS filtering can block access to known malicious domains. If an employee attempts to visit a site that hosts malware, ransomware, or phishing schemes, the DNS request will be blocked before the harmful content is even loaded on the computer. Protects Against Phishing and Social Engineering Attacks: Phishing sites can be disguised as legitimate ones to trick users into entering sensitive data, like usernames, passwords, or payment information. DNS filtering can block access to these sites, stopping users from interacting with potentially harmful content. Reduces the Risk of Malware and Ransomware: Many malware and ransomware attacks rely on malicious domains to download payloads or to communicate with command and control servers. By blocking these domains, DNS filtering helps prevent these threats from reaching the organization’s network. Enhances Employee Productivity: Beyond security, it can also be used to limit access to non-work-related sites, such as social media, gaming, entertainment sites, and even ads. This can help improve employee productivity and reduce distractions. Centralized Control: With DNS filtering, network administrators can easily monitor and enforce policies across an organization, all from a centralized location. This makes it easier to implement security protocols and stay compliant with industry regulations. It also provides real-time monitoring and logs of DNS queries, allowing businesses to track user activity and analyze network behavior. Low Overhead: DNS filtering does not require heavy computational resources like traditional endpoint security solutions. It operates at the DNS query level, meaning it works faster and has less impact on system performance. Protection for Remote Workers: As remote and hybrid work models grow, DNS filtering can be extended to users who are outside the company’s physical network. This ensures that remote employees are still protected from malicious sites, regardless of where they are working from. Cost-Effective: Compared to more complex, hardware-based solutions like firewalls or endpoint protection software, DNS filtering is generally more affordable and simpler to implement, making it a great security layer for businesses of all sizes. Does Your Business Use DNS Filtering? DNS filtering is a powerful tool in securing your network and safeguarding your business against cyber threats. By blocking malicious websites and controlling access to harmful content, DNS filtering significantly reduces the risk of data breaches, malware infections, and phishing attacks. Implementing this solution not only improves network security but also enhances productivity and compliance across your organization. Need help implementing DNS filtering at your business? Our team of experts can guide you through the process of setting up a robust, tailored DNS filtering solution to meet your unique security needs. Contact us today to get started and take the first step toward a more secure and resilient network.

As trusted stewards of sensitive financial information, accountants play a critical role in protecting the personal data of clients. The evolving landscape of cybersecurity threats and regulatory compliance has prompted stricter requirements, especially for those handling non-public personal information (NPI). One of the most significant regulatory frameworks governing data protection is the Gramm-Leach-Bliley Act (GLBA) and it’s Safeguards Rule which requires a Written Information Security Plan (WISP). In 2021, the Federal Trade Commission (FTC) updated the Safeguards Rule, which now mandates even more rigorous data security practices for financial institutions, including accounting firms and tax professionals. These updates went into effect in June 2023, reflecting the need for enhanced protection in an increasingly digital world. Understanding these changes is crucial not only for regulatory compliance but also for safeguarding client trust. In this article, we’ll break down the key updates to the FTC’s Safeguards Rule, explain what they mean for your practice, and offer practical steps you can take to meet these new obligations. What is the Gramm-Leach-Bliley Act? The Gramm-Leach-Bliley Act, enacted in 1999, is a federal law that regulates how financial institutions handle and protect the privacy of consumers’ personal information. Also known as the Financial Services Modernization Act, it was initially created to remove barriers between banks, securities companies, and insurance providers, allowing them to consolidate and offer a broader range of services. However, the law also includes significant privacy and security provisions to safeguard sensitive customer data. Some of the key provisions of the GLBA include the Financial Privacy Rule, which governs the collection and disclosure of consumers’ personal financial information by institutions, the Safeguards Rule, which mandates that financial institutions implement a written information security plan to protect customer data, and the Pretexting Protection provision, which is a provision protecting against obtaining personal information through false pretenses. What is the Safeguards Rule? The Gramm-Leach-Bliley Act’s Safeguards Rule is a key regulation that requires financial institutions, including accounting firms, tax preparers, and other entities handling sensitive financial information, to develop, implement, and maintain a written information security plan to protect customer data. The IRS began requiring a written information security plan as part of compliance with GBLA back in 2019. In IRS Publication 4557, the IRS provides guidance for tax professionals on protecting taxpayer data. It outlines the need for a data security plan, which includes written policies to safeguard sensitive information. This mandate was reinforced as part of the “Security Summit” initiative, a collaboration between the IRS, state tax agencies, and the private sector to combat tax-related identity theft. A written information security plan for accounting practices is a formalized, documented plan that outlines the specific policies and procedures a firm must follow to protect sensitive information, such as financial records and personal data, from unauthorized access, breaches, or theft. It is designed to ensure compliance with regulatory requirements, such as those under the GLBA or state-specific privacy laws, and to mitigate risks associated with data handling in accounting. In addition to developing their own safeguards, companies covered by the rule are responsible for taking steps to ensure that their affiliates and service providers safeguard customer information in their care as well. Who Must Comply? The Safeguards Rule applies to a wide range of financial institutions, including but not limited to: Banks and Credit Unions Mortgage Brokers Tax preparers and Accountants Credit Counselors and Investment Advisors Insurance Companies Collection Agencies Tax Preparation Firms Payday Lenders This rule is particularly relevant for any company handling non-public personal information (NPI), such as names, addresses, bank account details, credit history, or Social Security  numbers. Importance of a Written Information Security Plan Having a written information security plan is crucial for accountants and financial institutions for several reasons. First and foremost, many financial professionals are legally required to have a WISP under laws like the Gramm-Leach-Bliley Act, and non-compliance can lead to penalties, fines, and legal liabilities. Moreover, accountants handle sensitive financial information, including personal identification and financial data. A WISP helps establish protocols for safeguarding this information against unauthorized access, breaches, and cyber threats. Additionally, clients expect their financial information to remain confidential and secure. Implementing a WISP demonstrates a commitment to data security, which can enhance client trust and protect the firm’s reputation. A WISP also involves conducting risk assessments and identifying vulnerabilities within the organization, enabling firms to mitigate potential risks before they lead to data breaches or financial loss. In the event of a data breach or security incident, a well-structured WISP includes an incident response plan that outlines the steps to take, helping to minimize damage and ensure quick recovery while maintaining business continuity. Furthermore, developing a written information security plan fosters a culture of security within the organization by including employee training on proper data handling practices. This training reduces the risk of human error and ensures that everyone understands their role in protecting client information. Getting Started on Your Written Information Security Plan Running a successful tax preparation business involves many key tasks, from staying up to date with tax law changes and software updates to managing and training staff. However, one crucial element often overlooked is developing a written information security plan. A WISP isn’t just a smart business practice—it’s a legal requirement. For many tax professionals, knowing how to begin creating a WISP can be challenging, but developing a security plan will help protect both your business and clients while ensuring compliance with the law. Key requirements to building a successful WISP: Designate a Security Coordinator: Each financial institution must designate one or more employees responsible for coordinating and overseeing the security program. Risk assessment: The company must identify and assess potential internal and external risks to the security, confidentiality, and integrity of customer information. This assessment should cover risks related to employee misconduct or error, system failures, and unauthorized access, including cyber threats. Design and Implement Safeguards: Based on the risk assessment, the organization must design and implement safeguards to control the identified risks. These controls include access

Vulnerability scanning has become a crucial process in IT security that involves systematically identifying, assessing, and prioritizing security vulnerabilities in computer systems, networks, applications, and other IT infrastructure. It’s essentially like a health check for your digital assets, helping organizations proactively identify weaknesses before they can be exploited by malicious actors. What is Vulnerability Scanning? Imagine your computer system is like a house with lots of doors and windows. Sometimes, bad guys try to find those doors and windows that are left unlocked or have weak locks so they can get in and cause trouble. Vulnerability scanning is like having a friendly inspector who goes around your house checking all the doors and windows to make sure they’re secure. Instead of physical doors and windows, though, it looks at the digital parts of your computer system to find any weaknesses that could let bad guys in (aka vulnerabilities). This friendly inspector, or the scanning tool, looks for things like outdated software, missing security updates, or settings that aren’t quite right. When it finds something that could be a problem, it lets you know so you can fix it before any bad guys can take advantage of it. So, vulnerability scanning is like having a digital security check-up for your computer system, making sure everything is locked up tight and keeping the bad guys out. What are the Benefits of Vulnerability Scanning? Vulnerability scanning and assessment has many benefits for business large and small. It is a vital component of a comprehensive cybersecurity strategy for businesses, providing essential insights into the security posture, helping ensure compliance with regulations, managing risks effectively, saving costs, and safeguarding business continuity. 1. Compliance and Regulatory Requirements: Many industries are subject to regulatory requirements that mandate regular vulnerability assessments. By conducting vulnerability scans, businesses can demonstrate compliance with industry standards and regulations such as PCI DSS, HIPAA, GDPR, and others, avoiding potential fines and penalties. 2. Enhance Security: By regularly scanning for vulnerabilities, businesses can identify weaknesses in their IT systems and infrastructure before they can be exploited by cyber attackers. This proactive approach helps strengthen the overall security posture, reducing the risk of data breaches, malware infections, and other security incidents. 3. Cost Savings: Proactively addressing vulnerabilities through regular scanning can help businesses save money in the long run. By preventing security breaches and data breaches, organizations can avoid the financial costs associated with incident response, regulatory fines, legal fees, loss of reputation, and customer trust. 4. Business Continuity: Vulnerability scanning contributes to maintaining business continuity by reducing the likelihood of disruptive security incidents. By identifying and remediating vulnerabilities promptly, businesses can minimize downtime, ensure the availability of critical systems and services, and protect the continuity of operations. How does Vulnerability Scanning Work? Vulnerability scanning works by systematically examining computer systems, networks, and applications for known security weaknesses or vulnerabilities. Here’s a simplified explanation of how it typically works: 1. Discovery: The scanning process begins with the identification of devices, systems, and resources within the network that are subject to scanning. This can involve discovering IP addresses, domain names, and other network information to create a comprehensive inventory of assets to be scanned. 2. Attack Surface Scan: Once the assets are identified, the scanning tool probes these assets to gather more detailed information about their characteristics and configurations. This may include identifying open ports, services running on those ports, and software versions installed on the target systems. 3. Vulnerability Detection: The scanning tool then compares the information collected during the enumeration phase against a database of known vulnerabilities and security issues. This database, often referred to as a vulnerability signature database or vulnerability database, contains information about common security flaws, misconfigured devices, and weaknesses in software, operating systems, and network protocols. 4. Analysis and Reporting: Based on the results of the vulnerability detection process, the scanning tool generates a report outlining the identified vulnerabilities, their severity levels, and recommendations for remediation. This report provides actionable insights that IT security teams can use to prioritize and address security issues effectively. 5. Remediation: Armed with the vulnerability assessment report, IT security teams can take appropriate action to remediate the identified vulnerabilities. This may involve applying security patches, configuring security settings, updating software or firmware, implementing security controls, or deploying additional security measures to mitigate the risks posed by the vulnerabilities. 6. Continuous Monitoring: Vulnerability scanning is typically an ongoing process rather than a one-time activity. As new vulnerabilities are discovered and software updates are released, organizations need to regularly repeat the scanning process to ensure that their systems remain secure and up-to-date. What are some of the Types of Vulnerability Scans? Vulnerability scans can be categorized into several types based on their scope, methodology, and purpose. Here are some common types of vulnerability scans: 1. Network Vulnerability Scans: These scans focus on identifying vulnerabilities within the network infrastructure, including routers, switches, firewalls, servers, and other network devices. Network vulnerability scans examine open ports, services, and configurations to identify potential security weaknesses that could be exploited by attackers. 2. Host-based Vulnerability Scans: Host-based scans target individual computers or systems, analyzing the software, operating systems, and configurations for known vulnerabilities. These scans are typically performed using agent-based or agentless scanning tools installed directly on the target hosts. 3. Web Application Vulnerability Scans: Web application scans assess the security of web applications and websites, identifying common vulnerabilities such as SQL injection, cross-site scripting (XSS), insecure authentication mechanisms, and other web application security flaws. These scans simulate attacks on web applications to uncover potential vulnerabilities and security weaknesses. 4. Database Vulnerability Scans: Database scans focus on identifying vulnerabilities in database management systems (DBMS) and database servers. These scans examine database configurations, user permissions, and access controls to identify potential security risks such as weak passwords, misconfigurations, and unpatched vulnerabilities. 5. Wireless Network Vulnerability Scans: Wireless network scans assess the security of wireless networks, including Wi-Fi networks and access points. These scans identify vulnerabilities such as weak encryption, misconfigured access points,

In a recent deepfake phishing scam, an employee at an multinational corporation was fooled into paying out $25 million to scammers in an elaborate deepfake video conference. This is the first reported incident of this kind and may be a sign of more elaborate scams involving deepfakes and evolving AI technologies. The scam involved a digitally recreated version of the company’s chief financial officer, along with other colleagues, who appeared in a video conference call instructing an employee to transfer funds. Authorities said publicly available footage of the CFO and other employees was used to create the deepfake images, and the victim was the only person on the conference call who was not a deepfake. The finance worker ultimately transferred $200 million HKD, or the equivalent of about $25.6 million USD, to five different bank accounts across 15 transactions, following the fake colleagues’ instructions on the video call. What is a deepfake phishing scam? A deepfake phishing scam is a new form of scam that combines two deceptive techniques: deepfake technology and phishing tactics. Deepfake Technology: Deepfake technology utilizes artificial intelligence (AI) to create highly convincing manipulated videos or audio recordings. These manipulated media files can make it appear as though someone is saying or doing something that they never actually did. Phishing Tactics: Phishing is a type of cyber attack where attackers use fraudulent emails, messages, or websites to trick individuals into providing sensitive information such as passwords, financial information, or personal data. In a deepfake phishing scam, attackers may use deepfake technology to create convincing videos or audio recordings of high-profile individuals, such as CEOs, government officials, or celebrities, delivering a message. The message might urge recipients to take urgent action, such as clicking on a link to update their account information, transfer funds, or disclose sensitive data. The combination of the realistic deepfake content with the urgency and authority conveyed through phishing tactics can make recipients more likely to fall for the scam and unwittingly divulge sensitive information or perform actions that compromise their security. How to combat deepfake phishing scams? Combatting deepfake phishing scams requires a combination of awareness, technological solutions, and security practices. Here are several strategies to help combat these scams: Education and Awareness: Educate yourself and your organization about the existence of deepfake technology and its potential use in phishing scams. Training sessions on recognizing phishing attempts, including those involving deepfakes, can help individuals become more discerning and cautious. Verify Sources: Encourage skepticism and verification of sources, especially when receiving unexpected or urgent requests via email, text, or social media. If a message seems suspicious, independently verify the information through trusted channels before taking any action. Use Multi-Factor Authentication (MFA): Implement multi-factor authentication wherever possible to add an extra layer of security to accounts. Even if attackers obtain login credentials through phishing, MFA can prevent unauthorized access. Implement Email Security Measures: Use email security measures such as email authentication protocols (SPF, DKIM, DMARC) and anti-phishing tools to detect and block phishing attempts, including those involving deepfakes. Establish Communication Protocols: Establish clear communication protocols within your organization to verify the authenticity of requests for sensitive information or actions involving financial transactions. Encourage employees to verify any unusual requests through a known and trusted communication channel. To protect against deepfake phishing scams, individuals should remain vigilant when receiving unsolicited messages, especially those that demand immediate action or contain unusual requests. Verifying the authenticity of requests through alternative channels, such as contacting the purported sender through a known and trusted means of communication, can help prevent falling victim to such scams. Additionally, being cautious about clicking on links or downloading attachments from unknown or suspicious sources can mitigate the risk of phishing attacks. Need assistance fighting phishing scams? Is your organization prepared to combat the rising tide of cyber attacks, including phishing scams and deepfake threats? Ensure your staff are equipped with the knowledge and skills needed to defend against evolving cyber threats. At Pennyrile Technologies, we specialize in comprehensive cybersecurity training tailored to your organization’s needs. Our expert-led courses cover essential topics such as phishing awareness, deepfake detection, and best practices for safeguarding sensitive data. Benefits of partnering with us: Training programs to fit your schedule and requirements. Engaging and interactive learning experiences for all skill levels. Practical strategies to mitigate cyber risks and protect your assets. Don’t wait until it’s too late! Contact us today to schedule cyber security training for your staff and fortify your organization’s defenses against cyber threats.