A Difficult Year

Americans on cybersecurity. 2020 was that to say the least. No matter your political affiliation or beliefs, it was a difficult time in our country. Compounding all of the global news was the looming election in the United States. Americans had a lot on their minds, but where did cybersecurity fall in that?

As malware and data breaches ran rampant, ransoms continued to increase. Ransomware went from being an arbitrary thought in the American household to a regular headline across our news feeds. Everyone is now aware in some respect. And despite the continued attacks, Americans have yet to bring the conversation forward.

So PC Matic was curious, how do Americans feel about cybersecurity? Do we think we’re prepared? Finally, are our federal and local governments equipped to handle an attack?

The Survey

We surveyed nearly 1400 people from across the US for our Americans on Cybersecurity poll. These respondents represent ages 18 to 75+ and are from a myriad of different educational and socioeconomic backgrounds. Additionally, the gender split was almost completely even.

The highlights include the first and possibly most important question. “How confident are you that the United States government can defend itself against cyber-attacks?” 57% of Americans polled do not feel confident that the US government can defend itself.

Another interesting find is that over 90% of Americans are concerned about identity theft following an attack. In fact, a majority of Americans (85%+) have concerns about losing access to financial institutions, personal devices, and critical infrastructure like water and electricity. These are all valid concerns.

In Summation

Mostly what we found are that Americans are split. Some feel we’re prepared, others vehemently do not. What we can all agree on, however, is our collective concern over if a successful attack were to be executed. With President Biden’s infrastructure plan being rolled out, we wonder how much of that will be allocated to the persistent need for increased cybersecurity. So far there are no set plans.

If you didn’t have a chance to answer, tell us how prepared you feel your local state government is for a cyberattack. Also, do you feel the federal government could defend itself under those circumstances? Let us know! We look forward to hearing from you.

Until next time, stay safe out there.

To read the full report, visit us here.

Microsoft Exchange New Release is Vulnerable.

In mid-March, we issued a guide to the patching of vulnerable versions of Microsoft Exchange Server. The affected versions include Exchange Servers 2010, 2013, 2016 and 2019. In mid-April, we took a look at our data to see how quickly users are updating this software to the new releases. Unfortunately, we’re not seeing as much progress as we anticipated regarding the Microsoft Exchange vulnerable release. Remarkably, our data shows that more than 50% of devices are still running vulnerable versions.

What Component is Vulnerable?

The vulnerable MS Exchange component is part of the network stack. The set of possible attackers extends beyond those normally listed to the entire Internet. This type of cyber-vulnerability is often termed “remotely exploitable“. This makes a cyber attack at the protocol level possible across one or more routers. To ensure greater cyber-protection, users should check to see that they aren’t running vulnerable releases of the program.

Security is proposedly one of the main benefits of using Exchange Server. It allows users to link their email, contacts, and calendars from Windows applications on their PC to browsers, and to their mobile devices. IT administrators should prioritize installing updates to help protect users’ confidentiality. The vulnerability patch will help prevent a loss of confidentiality which could result in data being divulged to an attacker.

PC Matic is confident that its customers are secure but stresses that any vulnerable software should be patched immediately as a best practice. As new releases of Microsoft Exchange come out, our team of cyber security specialists will continue to monitor vulnerabilities.

Visit the Microsoft Download Center to download new releases.

It has been 11 weeks since Microsoft released patched versions of Exchange Server Software, which were being actively exploited due to cybersecurity vulnerabilities since the beginning of 2021. We took a look at our data in mid-April to understand how quickly users were updating their software. The stats were not great. Over 50% of users were still running vulnerable versions of Exchange six weeks after the update release. We gave it another month, hoping that the vast majority of users would have updated their software by then. Unfortunately, that is not the case. Our data shows that 48% of users are still running vulnerable versions of the Exchange software. Exchange Server Software has a cybersecurity vulnerability and updating immediately helps to avoid intrusion, protect against exploits, a loss of data and confidentiality.

According to the Cybersecurity & Infrastructure Security Agency (CISA), “New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep your software up to date. This is the most effective measure you can take to protect your computer, phone, and other digital devices.”

Cyber criminals are attacking and exploiting everywhere they can, from individual machines to servers of infrastructure giants. It is up to the users to prevent these attacks by being pro-active in securing their devices and data. Follow the guidance from the CISA and prevent attacks by updating your software as soon as the release becomes available.

Exchange Server Software from Microsoft has a cybersecurity vulnerability without patched versions.

Cyber risks exist for users still running vulnerable versions of Exchange Server. The patched versions of Exchange Server fix the Microsoft vulnerability. This provides a good measure of cybersecurity and protection with the updated software installed. Read more about the Exchange Server security issues at A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities (pcmatic.com) We will continue to monitor Microsoft’s Exchange Server Software cybersecurity vulnerability as well as user adoption of the patched versions.

Like every other industry, the cyber security industry is constantly moving. Along with that comes changes in the advice from experts to consumers, businesses, and governments on how to best protect their data from the cyber threats of today. However, there’s one piece of advice that has held strong as a Silver Bullet for protection from cyber threats of the past and of today, including ransomware: backups.

A Silver Bullet in cybersecurity protection is not a mythical solution that solves every single problem, but one that covers the vast majority of your bases and increases the efficacy of your security posture drastically. When you look to the media for advice today, you’ll find backups to be the top recommendation almost 10% of the time according to our research. We’re going to explore why backups are no longer the silver bullet they once were, and what solution or solutions have taken its place.

The past is the past.

There was a time when backups were the Silver Bullet that we all needed. Cyber threats were less advanced, and having good reliable backups was almost all you really needed. Viruses and trojans would work their way into your computer and you could roll back to a version pre-infection with little to worry about. Even after the introduction of early ransomware, backups were still proving to be the most effective way to protect yourself. Encrypted photos and files could easily be retrieved from your latest backup and your day continues on. However, as they always do, cyber criminals looked to improve their success rate in getting the ransom paid; and their number one target? Your backups. 

In a recent Ransomware infection at software provider Marketron, their CEO stated “This issue comes despite significant recent investments in separating backup and disaster recovery…” Even with these heavy investments into backups, Marketron was still stuck at a standstill with all services down for their customers. 

Ransomware quickly evolved to target backup drives, network shares, or any place where you could be storing those precious backups if they were found connected to the device. Successfully encrypting your backups increased their odds of receiving a ransom payment to almost 100%. While it was beginning to show spots of tarnish, the cyber security industry continued to latch onto backups as the shinest Silver Bullet.

While writing this piece a new report was published about the Conti Ransomware Gang describing their practices of targeting on-premise and cloud backups by hunting for privileged users inside your network to access, exfiltrate, encrypt or remove your backups. All but guaranteeing a ransomware payment is coming their way.

The gold standard.

Needing a new approach to backups to keep ransomware at bay, the advice to air gap your backups came to the front line. Air gapping a backup is keeping it disconnected from your device and network when you’re not actively doing a backup. This potentially makes it impossible for ransomware or other malware to see that you have backups and certainly stops them from encrypting those backups. 

However, there are many flaws that come into play with the air-gapped strategy. The more air-gapped your backups are the less reliable they’re going to be. You’re keeping the backups separated from your network for longer periods of time leading to backups that have less and less of the information on them that you need. On top of that, malware has been using time-release tactics for years and years now. There is no big leap for ransomware to lie in wait and trigger on a device when it is able to detect backups have been connected and are in progress.

The pivot to theft.

With air-gapped backups, we discussed the possibility of ransomware evolving to time-release and wait for you to reconnect your backups. The possibility. Ransomware shifting to data theft has long been a guarantee. In early 2020 the FBI was warning industries that ransomware was specifically looking to steal data in an effort to increase the odds that you pay the ransom. Backups or not, if you have any kind of sensitive or customer data and it’s stolen and released on the dark web, you may be looking at an even more expensive PR problem than just paying the ransom. 

While ransomware gangs like Conti might rely on it as a secondary fallback, data theft can be detrimental to some businesses. For those in Healthcare, Finance, or even Education, it can be a crushing blow for your user or customer data to be released onto the dark web. However, because there’s a smaller chance that blackmail will be the driving factor to pay the ransom, most ransomware gangs are still focusing on destroying or encrypting your backups to ensure there is no quick road to recovery. A swift end to your ability to do business will drive immediate attention to making a ransomware payment. And who can blame you?

The last line of defense.

What is now painfully obvious, backups cannot be relied on as the silver bullet in your security stack. They still play a critical part, and every security stack should have reaction layers like backups and EDR combined with prevention layers like Firewall and Application Whitelisting. The lack of recommendations surrounding adding prevention layers into security stacks to defeat ransomware is nothing short of astounding. In our research, we saw one single article recommend adding Application Whitelisting to help defeat ransomware. One article out of one hundred and one total articles that we digested to comprise this data set. Prevention is the key to defeating ransomware and without more inclusion in the advice and recommendations that so many look to, ransomware will be here to stay. 

The contrast is so stark between the advice and recommendations from the media and the top institutions around the world. While little to no media coverage recommends Application Whitelisting, almost every top agency in the US and many across the world praise it as an incredibly important solution to add to every security stack.

• The National Institute of Standards and Technology (NIST), has recommended controls that everyone should “Employ a deny-all, permit by-exception policy” in their environment. Application Whitelisting fulfills this requirement to default-deny all unknown executions and only allow those explicitly permitted.
• The US Department of Homeland Security states that “Application Whitelisting should be an integral component of a defense-in-depth solution.”
• The Cybersecurity & Infrastructure Security Agency (CISA) has created a program to fully fund Application Whitelisting for 2 full years inside the Federal Government. Urging Federal Agencies to deploy this into all security stacks.
• In Australia, the Australian Cyber Security Centre lists Application Whitelisting as one of its eight essential strategies to mitigate cyber threats like ransomware including it in every level of their Matruity Model. 
• The US Department of Defense (DoD) released the Cybersecurity Maturity Model Certification (CMMC) in 2020 recommending application whitelisting for Level 3 and requiring it for Levels 4 & 5 across all of the US Defense Industrial Base.

We’re not here to completely shut down the notion of backups and their importance. Having good, reliable backups is a critical component of your overall security stack. The problem is that in today’s environment cyber criminals have evolved to defeat the simple notion of: “we have everything backed up”. 

However, adding Application Whitelisting into security stacks will drastically reduce and potentially eliminate the overall threat of ransomware. This practice is recommended by all of the highest agencies in the US and many around the world including in Australia. It’s time for a new Silver Bullet in Cyber Security, and Application Whitelisting is here to stay. If you’d like to learn more about Application Whitelisting and its history, check out our in-depth analysis.

In March 2022, the Biden administration announced that cyberattacks from Russia were imminent.   Although this is untrue, it shines a light on how unprepared the federal government and the rest of the country are for a nation-state attack.

A nation-state attack is exponentially more serious than ransomware.  Unlike ransomware, a nation attack does not attempt to extort a fee to restore operations.  It simply destroys without regard to consequence.

More importantly, a nation attack accelerates the frequency and sophistication of the attacks.  For over a decade, the United States, Russia, China, North Korea, and Iran have been stockpiling vulnerabilities in the event of a cyberwar. This is the reason why a cyber attack is NOT imminent, because Russia knows that America likely has a larger stockpile with more severe consequences.

When the Americans shut down 3 Iranian nuclear reactors and Russia shut down the Ukrainian electric grid, each of these attacks was accomplished through one vulnerability.  The WannaCry virus infected 250K computers in one day through one vulnerability.

Any nation-state, and most certainly Russia, has dozens if not hundreds of these vulnerabilities.  Rather than one vulnerability, a nation-state attack would deploy numerous vulnerabilities simultaneously entering unobstructed into every server and endpoint and any other device that contained critical information in the nation.

The first line of defense is patch management but this is wholly ineffective because patch management works with known vulnerabilities and these vulnerabilities are unknown by design.

The next line of defense is the antivirus which has not functioned against modern threats for almost a decade yet consumers and businesses and even the federal government blindly throw money at this obsolete vestige from a prior era of computing. So the attack continues.

The last line of defense is EDR / XDR / Zero Trust, which attempts to detect and respond to the full-frontal onslaught nation-state attack.  Unlike ransomware, a nation attack would overwhelm the SOC (Security Operations Center) and it would quickly fall down.

This exposes the largest flaw in the nation’s defense.  EDR / XDR / Zero Trust / SOC cannot scale to meet a spike in attacks.  For a SOC to double in size, would take months, and a nation-state can increase its attack level in seconds.

As stated earlier, this is not going to happen due to respect for America’s vulnerability stockpile, however, our defense frameworks should consider the possibility of a nation-state attack. Unfortunately, none of the popular frameworks including NIST, MITRE, and even Jack Voltaic comprehend the possibility of a nation-state attack.

The first nation to contemplate in its national defensive cyber strategy the impact of a national attack will win the cyberwar. The first nation to effectively create cyber defenses that negate a flood of vulnerabilities attacks from a nation-state will rise to the top of the world order because it is no longer exposed to a cyber counterstrike.

There is a solution and that is application whitelisting, AKA allow listing or software asset management.  As NIST has been recommending for the last 7 years, application whitelisting should reside between the patch management and the antivirus layers.  In this way, during a nation-state cyberattack, the application whitelisting will strictly allow authorized applications to run. During this scenario, the volume on the network is substantial and network performance may deteriorate but it will not fall down. Some new good programs may not run properly until the attacks abate, but the goal is resilience, to withstand the attack.  

This resilience gives patch management time to identify the vulnerability and remediate the vulnerability so the attacks abate.  The nation-state will likely deploy more of its stock of vulnerabilities which should also prove futile. At this point, the nation is deploying vulnerabilities faster than it can replenish, until the stockpile falls to zero.  Then America wins.  

Secure the Homeland.

Myrtle Beach, SC – Today, American-based cybersecurity firm, PC Matic, announced it has received authorization from the Federal Risk and Authorization Management Program (FedRAMP) for its federal application execution control solution, PC Matic Federal. PC Matic’s Authorization to Operate (ATO) is at the moderate impact level through partnership from the U.S. Small Business Administration (SBA).

With the full authorization milestone now achieved, PC Matic Federal joins a small and elite group of cloud technology companies authorized to sell into the federal marketplace. This designation allows the United States federal government to begin purchasing and deploying the company’s patented application execution control technology to endpoints across its respective departments and agencies. Application execution control is also commonly referred to as Application Whitelisting or Application Allowlisting.

“Zero trust begins with prevention,” said Rob Cheng, CEO and Founder of PC Matic. “As the federal government begins to align its IT infrastructure with Zero Trust Architectures (ZTA) as mandated by the President’s Executive Order on Improving the Nation’s Cybersecurity, the ability to procure and deploy application execution control solutions is mission critical. With our authorization fully approved, PC Matic Federal is now well-positioned to assist the federal government with taking a preventative approach to cybersecurity by enhancing its zero trust architectures.”

PC Matic has been granted five patents and is a Technology Partner with the National Institute of Standards and Technology (NIST) and its National Cybersecurity Center of Excellence (NCCoE) Zero-Trust Architecture project. The company was founded in 1999 and pioneered the use of default-deny permit by exception for computer applications.

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The program enables federal agencies to rapidly adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based technology.

PC Matic Federal is available on the FedRAMP Marketplace and more information on the product may be found at pcmatic.com/federal.

For more information on FedRAMP, visit https://www.fedramp.gov.

Think of the internet as a big city full of exciting things to do but also potential risks. Just like you’d want to stay safe and keep your belongings private in a city you need to do the same online. That’s where a VPN (Virtual Private Network) comes in handy. It acts like a personal bodyguard for your online activities.

Let’s look at why it’s essential for anyone using the internet:

1. Keeping Your Secrets Safe: A VPN is like an invisible cloak that hides your online activities from prying eyes, much like sending private letters in a locked box rather than a see-through envelope. This is crucial because some companies and hackers try to snoop on your online behavior.
2. Safe Surfing at Cafes and Airports: Using free Wi-Fi in public places like cafes or airports is convenient but not always safe. It’s akin to having a conversation in a crowded room where anyone can eavesdrop. A VPN turns this into a conversation in a soundproof room, encrypting your internet use to prevent others on the same Wi-Fi network from easily spying on you.
3. Watching Shows from Anywhere: If you’ve ever been frustrated because your favorite show isn’t available in your country, a VPN can solve that problem. It acts like a magic ticket that allows you to access TV shows and movies from around the world by making it appear as if your computer is located in a different country.
4. Keeping Hackers at Bay: Just like a jungle with hidden dangers, the internet is full of digital pickpockets (hackers) waiting to steal your personal information. A VPN adds an extra layer of security, making it much harder for hackers to intercept your data. It’s like traveling through the internet in a secure, armored car instead of on a vulnerable bicycle.
5. Protecting Your Online Freedom: Some places heavily monitor or restrict internet usage, similar to having a curfew in your town. A VPN acts like a secret tunnel that allows you to explore the internet freely without any restrictions.

In simple terms, having a VPN is like having a special tool that ensures your online activities remain safe, private, and unrestricted. Whether you’re shopping online, chatting with friends, or streaming movies, a VPN is crucial for staying secure and making the most out of the internet.

Enjoy true online freedom with PC Matic VPN. Hide your online activity, secure your connection, and access region-blocked content, from anywhere.

Pharmacies across the country are facing outages due to a cybersecurity threat.

Change Healthcare, a major healthcare technology company disclosed that its network was attacked on Wednesday. The disruption is expected to persist for the day.

The Tennessee-based company reported connectivity issues since 5 a.m. EST and immediately disconnected systems upon detecting the threat to protect partners and patients. Experts are currently working to resolve the issue.

PC Matic Pro protects healthcare institutions and hospitals from ransomware attacks, malware, and advanced cyber threats. PC Matic Pro is an effective solution for protecting sensitive patient information.

Change Healthcare facilitates nationwide order processing and patient payments. A pharmacy in New Bern, North Carolina, is affected, leading customers to pay in cash. The National Desk attempted to contact Change Healthcare for further information but received no response at the time of publication.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

While many believe MacOS is better at keeping out malware, the reality is different. MacOS is just as susceptible to malware as other systems. A new threat called SpectralBlur, created by the Lazarus hacking group from North Korea, targets Macs. It gained attention in 2023 but remained undetected for some time.

SpectralBlur is a backdoor malware that allows remote access to your Mac, enabling hackers to steal or delete files, deploy additional malware, and more. It avoids detection by using various tactics like encryption, remaining dormant, and updating its configuration.

To protect against SpectralBlur:

1. Keep your MacOS updated.
2. Install reliable antivirus software.
   • PC Matic is an antivirus software that prevents cybercriminals from running malware on your MacOS, stealing sensitive data, encrypting files, or holding critical digital assets for ransom.
3. Be cautious with email attachments and downloads.
4. Consider identity theft protection.
5. Regularly back up your important data.

Stay vigilant for signs of unusual system behavior, increased resource usage, unfamiliar files or apps, or indications of identity theft. These can signal a SpectralBlur infection, prompting you to take action to mitigate its impact.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

In the vast ecosystem of the Internet, where millions of interactions happen every second, there exists a digital equivalent of your home address – the IP address. Often overlooked by the average internet user, an IP address is crucial in facilitating communication across the web.

What is an IP address, why is it important, and what secrets does it hold about you? Let’s delve into the intricacies of this fundamental aspect of the Internet.

Understanding IP Addresses

An IP address, short for Internet Protocol address, is a numerical label assigned to each device connected to a computer network. It serves as a unique identifier, enabling devices to communicate with each other and exchange data. Just as your postal address helps mail carriers locate your home, an IP address allows data packets to find their way to the intended destination in the vast network of interconnected devices known as the Internet.

The Importance of IP Addresses

IP addresses form the backbone of the internet infrastructure, facilitating seamless data transmission between devices regardless of their physical locations. Whether browsing the web, sending emails, or streaming content online, your device relies on IP addresses to connect to servers and other devices across the globe.

Moreover, IP addresses play a crucial role in cybersecurity and network management. They enable network administrators to monitor and control the data flow, identify potential security threats, and troubleshoot connectivity issues. Without IP addresses, the Internet as we know it would cease to function effectively.

Understanding Your Online Presence

While IP addresses are essential for enabling communication over the internet, they also reveal details about the devices and users behind them.

Here are some insights into what your IP address can potentially disclose:

1. Geographical Location: By analyzing your IP address, it’s possible to determine the approximate geographical location of your device. While this information may not pinpoint your exact address, it can provide insights into your city or region.
2. Internet Service Provider (ISP): Each IP address is associated with a specific ISP, revealing the company that provides internet connectivity to your device. This information can be valuable for targeted advertising and market analysis.
3. Device Type and Operating System: In some cases, IP addresses may offer clues about the type of device and operating system. This information can be utilized by websites and services to optimize their content for different platforms.
4. Browsing History: While not directly embedded in the IP address, internet service providers and network administrators can track users’ browsing activities associated with specific IP addresses. This data can be used for various purposes, including targeted advertising and law enforcement investigations.

Protecting Your Privacy

Given the potential implications of IP address tracking, many individuals are concerned about their online privacy.

Fortunately, there are steps you can take to safeguard your digital identity:

• Use Virtual Private Networks (VPNs): VPNs route your internet traffic through encrypted tunnels, masking your IP address and enhancing online privacy and security.
• Use Proxy Servers: Like VPNs, proxy servers act as intermediaries between your device and the Internet, hiding your IP address from websites and services.
• Enable Privacy Settings: Many websites and online services offer privacy settings that allow you to limit the collection and tracking of your browsing data.
• Regularly Update Software: Keeping your operating system and applications up to date helps mitigate security vulnerabilities that could be exploited to track your online activities.

What is My IP Address?

See what your IP Address is here.

Be aware that your IP address could be visible to others and potentially exposed. Keep your IP address and online activity private with PC Matic VPN.

PC Matic’s cutting-edge VPN secures your online activities, protects your Wi-Fi connection, and offers lightning-fast speeds with just one click, outperforming traditional VPNs.

In conclusion, IP addresses are essential for enabling communication and connectivity, but they also carry implications for privacy and security. You can navigate the online world with peace of mind by understanding the fundamentals of IP addressing and taking proactive measures to protect your digital identity.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com/consumer
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

In today’s digital age, safeguarding our online presence has become more crucial. Robust security measures are important with cyber threats lurking around every corner. Among the arsenal of tools available to protect ourselves, one stands out as a frontline defense: the password generator.

What is a Password Generator?

A password generator is a tool designed to create complex, random, and virtually uncrackable passwords for various online accounts and services. Unlike the passwords we often devise ourselves, which may include common words, phrases, or personal information, passwords generated by these tools are devoid of any predictable patterns, making them exceptionally resilient to hacking attempts.

Why is a Password Generator Important?

The importance of a password generator cannot be overstated in today’s digital landscape.

Here’s why it’s crucial:

1. Enhanced Security: Password generators produce passwords that are significantly more secure than those created by individuals. By incorporating a mix of uppercase and lowercase letters, numbers, and special characters, they create robust passwords that are difficult for cybercriminals to crack using brute force or dictionary attacks.
2. Protection Against Data Breaches: With a password generator, you can ensure that each of your online accounts has a unique and strong password. This means that in the event of a data breach affecting one of your accounts, the damage is contained, preventing unauthorized access to your other accounts.
3. Peace of Mind: Using strong, randomly generated passwords alleviates the constant worry of your accounts being compromised. With a password generator, you can rest assured that you’ve taken proactive measures to fortify your online security.

How to Use a Password Generator

Using a password generator is straightforward and user-friendly.

Here’s a step-by-step guide:

1. Choose a Reputable Password Generator: There are numerous password generator tools available online, ranging from standalone websites to built-in features in password managers. Opt for a well-established and reputable generator to ensure reliability and security.
   • Protect your account with randomly generated passwords with PC Matic’s secure password generator.
2. Specify Password Criteria: Most password generators allow you to customize the generated passwords according to your preferences. Specify the desired length, character types (uppercase, lowercase, numbers, special characters), and any additional criteria.
3. Generate Password: Once you’ve set the parameters, simply click or tap the “Generate” button. The tool will instantly produce a random password meeting your specified criteria.
4. Copy and Store Securely: Copy the generated password and securely store it in a password manager or another trusted location. Avoid writing it down or storing it in easily accessible digital formats.
5. Update Regularly: For optimal security, it’s advisable to update your passwords periodically. Use the password generator to create new passwords and replace existing ones across your accounts.

In conclusion, a password generator is a great tool to fight against cyber threats. By leveraging its capabilities to generate strong, unique passwords, you can fortify your online security and safeguard your digital identity against malicious actors. Make it a priority to integrate a password generator into your cybersecurity arsenal and take proactive steps to protect yourself in the vast and ever-evolving realm of cyberspace.

Receive worry-free online protection with PC Matic. Keep your information private, avoid online scams, and protect your devices with real-time antivirus.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com/consumer
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

UnitedHealth Group fell victim to a cyberattack orchestrated by the notorious ransomware group Blackcat. The attack disrupted essential prescription services nationwide, raising alarms about cybersecurity in the healthcare sector.

Blackcat’s method involves a sophisticated extortion scheme, targeting organizations like UnitedHealth Group to steal sensitive data and demand ransom payments. The recent attack specifically targeted UnitedHealth Group’s Change Healthcare business in Tennessee, causing widespread disruptions to vital information technology systems relied upon by pharmacies across the country.

Pharmacies faced challenges in verifying health insurance coverage and calculating patient costs for prescriptions due to the outage of Change Healthcare systems. Patients experienced longer wait times and increased uncertainty as pharmacists worked tirelessly to maintain access to essential medications.

Change Healthcare acknowledged ongoing efforts to restore systems but warned of continued disruptions. The American Hospital Association echoed concerns about the broader impact of cyberattacks on healthcare infrastructure.

Blackcat’s threat extends beyond UnitedHealth Group, with a history of targeting major corporations and amassing victims worldwide. Efforts to combat Blackcat have been underway, but the adaptability of cybercriminals poses ongoing challenges for cybersecurity experts.

The attack on UnitedHealth Group underscores vulnerabilities in the healthcare industry, where patient records are prime targets for cybercriminals. The financial toll of breaches is significant, with healthcare-related breaches averaging over $10 million.

PC Matic Pro protects healthcare institutions and hospitals from ransomware groups like Blackcat by blocking all malware, ransomware, and malicious scripts from executing. Protect your business data, users, and network with PC Matic’s allowlist cybersecurity solution.

As cybersecurity threats evolve, organizations must remain vigilant in safeguarding data and fortifying defenses against malicious actors like Blackcat. This attack serves as a reminder of the critical importance of cybersecurity in protecting healthcare systems and ensuring the continuity of patient care.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

ConnectWise, a prominent technology company based in Tampa, Florida, recently disclosed vulnerabilities in its ScreenConnect tool, affecting cloud and on-premises instances. The company took swift action, notifying partners through its Trust Center and providing instructions for immediate updates to on-premises servers. While ConnectWise has successfully patched all cloud environments, attention has shifted to addressing vulnerabilities in on-premises installations.

Patch Deployment and Impact:

ConnectWise swiftly patched all cloud environments and instructed on-premises partners to update their servers immediately. Patrick Beggs, CISO for ConnectWise, stressed the importance of maintaining good cyber hygiene to prevent exploitation.

Mitigation Efforts:

Ciaran Chu, general manager of ConnectWise ScreenConnect, reported that approximately 80% of ScreenConnect users were mitigated last week. ConnectWise has been actively communicating with partners to ensure all systems are secure.

Exploitation and Response:

Mandiant discovered several vulnerabilities being exploited by threat actors deploying ransomware and other malicious activities. Huntress detected and eliminated active adversaries who were exploiting ScreenConnect access.

ConnectWise and Change Healthcare Incident:

While one incident involving Change Healthcare was reported, ConnectWise has not confirmed a direct connection to the ScreenConnect vulnerability. ConnectWise continues to investigate and collaborate with relevant parties.

Read more about the Change Healthcare Incident here.

CISA Involvement and Recommendations:

CISA has added the vulnerabilities to its Known Exploited Vulnerabilities Catalog and issued a notice urging partners to update their systems promptly. ConnectWise has provided guidance and support to partners, including making older versions available for critical vulnerability fixes.

Conclusion:

The recent emphasis on vulnerabilities underscores the critical need for all organizations to prioritize system security. In light of these serious vulnerabilities, immediate action is imperative to secure systems and protect against potential exploits. Collaboration among partners and stakeholders is essential in implementing proactive measures to mitigate risks effectively.

Learn more about the vulnerability here.

Protect Your Existing Security Stack

PC Matic‘s zero-trust allowlisting solution prevents hacking and cyber-attacks. Block all malware, ransomware, and malicious scripts from executing. Protect your business data, users, and network with our allowlist cybersecurity solution.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

Gilroy Gardens, the popular theme park in California, recently faced a cyberattack. The attack locked out their ticketing system, servers, and machines.

One of the main worries resulting from such attacks is the security of customer data. Since Gilroy Gardens’ ticketing system holds sensitive information, such as customer names and credit card details, concerns arise about the possibility of a breach of personal data. However, Gilroy Gardens released a statement to reassure the public that the FBI had not uncovered any evidence of data being compromised during the incident.

PC Matic Application Allowlisting prevents cybercriminals from running malware or ransomware on your network and endpoints to disrupt operations, steal sensitive data, encrypt files, or hold critical digital assets for ransom.

Gilroy Gardens promised to keep everyone informed if anything changes.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

In a troubling turn of events, a nationwide cyber-attack has disrupted the medication supply for military clinics, hospitals, pharmacies, and Tricare beneficiaries across the United States. The impact has left many, including John Fishel, a Navy veteran, and his wife, struggling to obtain essential medication.

Fishel, who served in the Navy for 20 years, expressed frustration over the difficulties encountered at a Kirtland Air Force Base pharmacy in Albuquerque. For weeks, attempts to procure medication for himself and his wife were met with automated responses indicating that the system was down and prescriptions were not being processed.

The cyber-attack, reportedly initiated against Change Healthcare, a drug processing company in the country, occurred in February. As a precautionary measure to safeguard patient information, the company disconnected its systems on February 21, impacting all military pharmacies and Tricare beneficiaries nationwide.

The repercussions of this attack are significant. Tricare beneficiaries like Fishel and his wife rely on military pharmacies for their medication, often benefiting from cost-free access due to military service-related health benefits. However, with the system down, transferring prescriptions to outside pharmacies is not an option, exacerbating the situation for those who need medication.

Despite assurances from Military Health System Communications, obtaining prescriptions from military clinics and hospitals remains slow and cumbersome. Urgent prescriptions are being prioritized, leaving many, including Fishel, waiting anxiously for resolution.

Fishel recounted hearing that military pharmacies would assess critical medications for refill, providing a glimmer of hope amidst the chaos. Yet, the couple’s concerns persist as they await resolution, now into the thirteenth day of the crisis.

With mounting frustration and uncertainty, Fishel and his wife plan to visit the base once more in hopes of finally obtaining the medication they desperately need. The impact of this cyber-attack on Tricare beneficiaries underscores the vulnerabilities inherent in our interconnected healthcare systems, prompting calls for heightened cybersecurity measures to prevent future disruptions.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

Recently, a routine flight from Los Angeles to Pittsburgh took an unexpected turn when a passenger’s laptop caught fire mid-air, prompting an emergency landing in Albuquerque. With only an hour into the journey, the Airbus A220 diverted its course to ensure safety, as reported by the Aviation Herald.

Thankfully, the cabin crew acted swiftly to extinguish the flames. Despite the scare, the incident resulted in minor injuries, limited to the laptop’s owner, who received prompt medical attention on-site. It appears the laptop was in use rather than stowed away, which could have exacerbated the situation.

Although Breeze Airways and the Federal Aviation Administration (FAA) have yet to comment on the incident, it underscores the importance of adhering to safety regulations, particularly concerning electronic devices on flights.

The FAA emphasizes the necessity of carrying devices containing lithium batteries, such as laptops and smartphones, in carry-on luggage. This precaution ensures that flight crews can swiftly identify and respond to potential battery-related emergencies.

Moreover, the Transportation Security Administration (TSA) has banned spare lithium batteries from checked baggage, necessitating their carriage in the cabin. This rule extends to power banks and cellphone charging cases, aiming to mitigate the risk of battery-related incidents during flight.

While incidents like these are rare, they serve as crucial reminders of the importance of following safety guidelines for passengers and airline personnel. By understanding and adhering to these regulations, we can contribute to safer air travel experiences for everyone.

Read more about the incident here.

PC Matic and D2 Worldwide Had Warned Users of Laptop Fires 18 Years Ago

Rob Cheng, PC Matic’s CEO, compiled a list of advice for all portable users based on conversations and thoughts about the extent of laptop fires. Read more here: Playing with Fire.

D2 Worldwide highlights the hazards of lithium-ion laptop batteries by demonstrating an exploding laptop.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

In a recently released report by the FBI, shocking figures emerge detailing the staggering financial toll of online scams in 2023. A record-breaking $12.5 billion in losses were reported, marking a significant increase from the previous year and highlighting the pervasive threat posed by cybercriminals.

The surge in losses was attributed to a spike in cryptocurrency investment fraud, with more than a third of the reported losses stemming from investment scams. These schemes often preyed on individuals through deceptive tactics, such as posing as romantic interests to lure victims into fraudulent cryptocurrency ventures.

Timothy Langan, the FBI executive assistant director, underscored the grave consequences of cybercrime, emphasizing the potential for criminals to disrupt critical infrastructure and victimize individuals and organizations across various sectors.

A recent investigation by CNN shed further light on the prevalence and sophistication of cryptocurrency scams, offering insights from victims, investigators, and even perpetrators.

While the FBI report provides valuable insights into the financial impact of cybercrime, it only paints a partial picture, as many victims fail to report scams. This underscores the need for heightened awareness and proactive measures to combat online fraud.

To help protect your privacy online, PC Matic includes anti-ransomware protection, identity theft protection, and more.

PC Matic Identity Theft Protection includes comprehensive monitoring for bank and credit card activities, Social Security Numbers, driver’s licenses, and email communications. Users benefit from timely identity theft alerts, ensuring proactive responses to potential threats. Additionally, customers receive $1 million in identity theft insurance for an extra layer of security. The service is supported by 24/7 U.S. customer service, ensuring users have reliable assistance whenever needed.

The report also highlighted the escalating costs of ransomware attacks, urging corporate victims to refrain from paying hackers. Reported losses from ransomware attacks saw a significant increase from the previous year, but the actual financial toll is much higher, considering both ransom payments and associated costs.

Cybercriminals extracted a record $1.1 billion in ransom payments globally, according to Chainalysis, further underscoring the severity of the ransomware threat. The healthcare sector emerged as a primary target, reporting the highest ransomware incidents.

The release of the FBI report coincides with efforts by federal agencies to mitigate the fallout from recent high-profile ransomware attacks, such as the incident involving health insurance billing giant Change Healthcare.

As the threat landscape continues, collaboration between law enforcement, government agencies, and private sector entities becomes increasingly crucial in safeguarding against cyber threats and protecting individuals and organizations from financial harm.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
pcmatic.com
sales@pcmatic.com

• Facebook
• LinkedIn
• X
• Instagram
• YouTube

This year is an exciting one here at PC Matic, and it’s time to bring you in on the fun. Our teams have been hard at work since summer of 2023 putting together the future of PC Matic. We’re calling this PC Matic version 5, and it’s a complete rebuild of everything you know and love in PC Matic. 

To give you a little backstory, the PC Matic application was launched in 2009, 10 years after the founding of PC Pitstop (our former company name), so it’s coming into its teenage years, which means it’s starting to get a little angsty. Software years are like dog years though, so PC Matic has been due for a rebirth. We initially set out to build PC Matic as an all-in-one application for all of our tools. It combined Exterminate, Optimize, Disk MD, Driver Alert, and many other PC Pitstop applications to give our customers one application to rule them all. In 2024, we’re doing the same thing all over again. 

The future of PC Matic is a brand-new application, built from the ground up using the latest technology available to provide the most secure, stable, and efficient set of applications for your computer. It combines the PC Matic you know and love with the fastest VPN that we launched last year, a rebuilt privacy scanner (formerly PC Magnum), and so much more. 

We’ve even built in more ways to easily get help through our support team, added highly requested features like the ability to control the magnification of the window, go full screen, and manage all of your account subscriptions, change your password, and more right from inside the app! 

PC Matic version 5 is faster, easier to navigate, and has drastic improvements to the scan engine to decrease scan times.

How do I get my hands on it early?

Stay tuned for more information about the upcoming release of PC Matic version 5. If you’re interested in joining our team of beta testers, please reach out to support@pcmatic.com and reference becoming a beta tester in your email.