Log4Shell Java Zero-Day Vulnerability Creates Critical Risk to The Internet

Log4Shell Java Zero-Day Vulnerability Creates Critical Risk to The Internet

An active zero-day Java vulnerability has impacted widely used software from companies including Amazon, Apple, Tesla, Twitter, and Microsoft. The exploit which has been named Log4Shell, manipulates the Apache Log4j2 logging tool in a way that can grant total system takeover to the attacker. The problem is extremely widespread as millions of applications take advantage of Log4j2. This is a 10 out of 10 in severity.

Put simply, this flaw can be remotely exploited from any vulnerable software that accepts text input.

The Apache Software Foundation released the necessary fixes to mitigate the Log4j2 weakness, but as consumers, we are unfortunately at the mercy of the companies who use the tool in their software. Organizations like Apple and Tesla with plenty of resources to throw at the problem have been able to resolve the issue quickly. Smaller companies are likely to take much longer to resolve this issue. So are those that have the Log4j2 tool buried buried deep in their applications.

PCS is working with vendors to ensure the systems we use to support our clients are safe and secure. We will continue to follow this situation as long as it is ongoing.

For more information, visit this collection of Log4j Security Advisories.

Resources for this story:

Cyber Security – It’s Not A Choice Anymore … It’s Necessary!

Malicious attacks have spiked throughout the years and cyber security has been discussed in so many ways.
Throughout the pandemic and employees working from home, companies have been targeted and attacked with many different methods.
Hackers don’t take a day off, so we’re here to help you stay protected.

Malicious Attacks – How Often Do They Happen?

According to Embroker, in 2021 cyber attacks happen every 11 seconds. That has increased through time, but it will continue to rise through time. It was said that in  2020, 155.8 million individuals were affected by data exposures …

Impact and Severity of Cyber Attacks

Cyber attacks can impact businesses and organizations in many ways – from minor disruptions to financial losses. Every consequence leads has some form of cost. Malicious attacks can impact your business weeks, if not months later.

Your business may suffer in these areas:
Financial losses
Loss of productivity
Reputation damage
Legal liability
Business continuity problems

Costs of Cybercrime

According to the FBI, the cost of cybercrime in the US was $3.5 billion in 2019, as stated by Colbalt. The cost could be much higher if it remains unnoticed. In 2020, the average business cost of a cyberattack is $3.86 million and it takes over 200 days to detect the breach (IBM). Statistics show that cyberattacks projected to hit $6 trillion in annual loss in 2021, which has doubled since 2015. (Cybersecurity Ventures).
Cybercrimes can cost enough to shut down small businesses if it remains unnoticeable or the malicious attacks are not safely resolved.  The average ransom demand is over $100,000, which continues to grow over time. Over a third of all companies attacked with a ransomware attack, end up paying that price, resulting, on average, in a 16-day downtime for the attacked firm. The percentage and increase of cost continues to rise through the years as hackers continue to learn and grow.

How To Prevent Malicious Attacks

Here at PCS, we help you with all your cyber security needs. With Managed Endpoint Protection/Next Generation Antivirus, Advanced E-mail Security/Phishing Training, and Multi-factor Authentication, it would be a challenge for malicious attacks to happen.

For more information or to make sure your company is protected, contact PCS!

Amazon Sidewalk And What This Means For Your Connection

Amazon Sidewalk … How Does It Work And What Does This Mean For Your Connection

Starting June 8, Amazon’s smart devices will automatically be linked together all across the U.S. as a part of their Amazon Sidewalk network.
We’re here to tell you what happens when it launches and what this means for you and your internet connection at home.

What Is Amazon Sidewalk

Sidewalk is a shared network that is supposed to help their devices work even when you personally do not have internet connection in your home.  Amazon Sidewalk connects with your neighbors connection so that way their products are still able to work even when you or your neighbors have weak or no connection.  The goal is to create a low bandwidth network bridging all devices so that users can reboot malfunctioning equipment and even locate missing objects outside of the house.
However, Amazon Sidewalk runs off of device owners’ personal Wi-Fi which posts some security concerns.
Operated by Amazon at no charge to customers.

What Devices Support Sidewalk

  • Ring Floodlight Cam (2019)
  • Ring Spotlight Cam Wired (2019)
  • Ring Spotlight Cam Mount (2019)
  • Echo (3rd gen and newer)
  • Echo Dot (3rd gen and newer)
  • Echo Dot for Kids (3rd gen and newer)
  • Echo Dot with Clock (3rd gen and newer)
  • Echo Plus (all generations)
  • Echo Show (all models and generations)
  • Echo Spot
  • Echo Studio
  • Echo Input
  • Echo Flex
  • Tile. Bluetooth tracker owners can use to keep tabs on their keys, wallet or other important items

Benefits And Concerns About Amazon Sidewalk

This seems to be ideal for users who want their Ring or Echo to continuously work even when their Wi-Fi is down.  Having the capability to still use your phone while seeing your cameras and/or Echo to still play music can help in multiple ways when your Wi-Fi connection is weak … But do you ever think how strange it is that you are using your neighbors connection to be able to make your devices work?
Take your Echo for example.  Sometimes your light on it will show red or even yellow when your connection is weak or does not work.  Instead of not having the device working, your device instead takes the connection from your neighbor to be able to allow the Echo to function normally … It’s like nothing ever happened, except that you are basically taking someone’s connection from their home to run your devices.  Strange to think about, isn’t it?  Your completely throwing out the idea of keeping your connection protected by sharing your connection with other Amazon users.

So, the benefit for this is that your Amazon Devices will continue to work, but the concerns are whether or not your internet connection is actually secured since you’re sharing your connection with other Amazon users.  The biggest issue is thinking if hackers will find ways to get into your accounts due to this.

Ways You Can Opt Out Of Sidewalk

Using The Alexa App

  • In your Amazon Alexa app, select the “More” icon at the lower right hand corner of the screen
  • Go to “Settings” > “Account Setting” > “Amazon Sidewalk.” (Just a note: if you’re not connected to any Echo or Ring devices, you will probably not see this option.)
  • Use the toggle to disable Sidewalk

Using The Ring App

  • In your Ring app, go into your Control Center by tapping the the three-lined icon in the upper left-hand corner of the screen
  • Select “Sidewalk” and use the slide button to opt out
  • You’ll be ask to confirm your opt-out. You can opt back in the same way.

You’re not stuck using Amazon Sidewalk if you don’t want to!

How To Keep Your Email and Data Safe and Secured

Cyber Crime Has Jumped By 55% In The Past Two Years And Most Is From Email Scams. Keep Your Email Safe!

Within the past two years, we have seen the number of data breaches increase significantly because of hackers being more creative about how to attack businesses.
Cybercrime is on the rise as hackers continue to steal data, disrupt business and cause harm online.
The result is billions of dollars in losses.

Here are some ways to continue to keep your data safe.


Multi-Factor Authentication

We’ve said this phrase a lot, but knowing how important it really is can make a difference to keeping your information safe. Multi-factor authentication is an electronic authentication method that a device user is granted access to a website or application only AFTER successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is).
Multi-factor authentication adds a second or third (or more) factor to the login process for company resources (apps, services, servers, etc.).
You can use multi-factor for banking accounts, emails, any sort of company program that has valuable information, and even email

Email Security Platform

Having an email security platform will help monitor what emails come through and whether or not they are spam or safe.
Cybir supports Ironscales (a self-learning email security platform to stop phishing attacks) to deliver an advanced email security platform with machine learning capabilities.  Cybir implements regular testing of employee security awareness via phishing campaigns.  Cybir offers key features to keep users safe of any acts of phishing within the company. With the jobs they have while incorporating their key features. it has the extra protection that can save the company from experiencing a data breach and losing any valuable information.

Managed Detection and Response (MDR) Solution

Keeping extra security in mind, you want to make sure that through the antivirus and firewalls, you are still being protected.  Huntress is a great and reputable software that helps clients keep that extra added protection needed so hackers can’t get into their system.  Hackers are getting very creative with the way they try to get into businesses.  Huntress helps monitor your system so you can rest 24/7 knowing your business is safe. This will help your computer system stay safe and avoid getting into.

Protection Against Account Takeover

Every email system needs something to be able to not only monitor emails, but help get rid of them and help with the compromised system.  Barracuda Sentinel helps with phishing and account takeovers.  This helps with your emailing and helping your company stay protected and risk any attackers getting into your data.  It has a 3 step procedure that is known to continue the added protection you need.

Cyber Security Training

Knowing what to look for is important.  Having cyber security training for employees to understand what to look for in case something comes up to where it shows up in the email will complete the added necessities to make sure your emails are safe and not worry about a data breach.  What you can learn from the training can also help in your own personal email to make sure your personal information is not being compromised when spam emails come in.  It doesn’t happen to just business … It can get personal too!

Having all these tools will guarantee that you won’t have a data breach.
Always stay safe with as much security as you can! You don’t want intruders coming in.
Don’t be involved in the 55% that have been compromised!!

For more information or need help setting up your systems so there are no intruders, contact PCS today!

Why Is Upgrading To Windows 10 Important?

Upgrading To Windows 10 Is More Important Than You Think!

When you think of major changes to Windows, you remember that colorful logo, how easy it is to navigate something you’ve had for years, and how comfortable you are with the software itself.
But, have you thought about what you could be missing if you don’t upgrade to the most recent software?
We at PCS are here to tell you that it’s not a good idea to keep your software updated to keep your computer safe!

Microsoft Ends Support For Windows 7

Microsoft announced back in 2020 that they will no longer have technical assistance and security updates for anyone running on Windows 7.   If you’re still running that outdated operating system, you’ll open up your company to hacks, malware, viruses and other potential future security flaws.

Windows 10 Protects Your Business

Microsoft quotes that “Windows 10 will help protect your company against modern cyber-attacks, deliver experiences your employees will love, and enable continuous innovation with a platform that keeps your company up to date with the latest technology.”  So what does this mean? It means that Windows 7&8 won’t be able to give you the full secured experience needed to keep your business running safely.  It’s a free upgrade to guarantee safety from data breaches and any hacker attacks!
The main attraction for this upgrade is so business can have the new cutting edge features.  These include allowing users to log into their devices without the need for passwords through Microsoft Passport and Windows Hello; Credential Guard, which protects corporate identities; and automatic data encryption to keep sensitive data protected.

Better Experience

Windows 10 is a happy medium between Windows 7 and Windows 8.x. Windows 8 made a lot of users unhappy due to its touch-centric interface and unintuitive Start menu and controls.  It includes features that can enhance productivity. One of the biggest features is Cortana, the voice assistant that can help employees set reminders and schedule appointments. Windows 10 also features virtual desktops, which allows users to manage multiple sets of windows on one machine.

Here’s a great example … If your phone has an update, what happens when you don’t update it? It starts to lag and eventually you start to lose safety features that are needed and you are never kept up with the new features that helps keep your software running.  It’s the same thing for windows!  You never want to run on an old update on a phone, so why would you on Windows?

These are just the top reasons why you should upgrade your windows system.  Keeping your Windows updated and keeping it up to date on the latest update will allow the security aspect to be monitored better and you won’t have to worry about the hassle of worrying about viruses and cyber attacks.
With Microsoft not supporting anything under 10, why would you wait to upgrade?

For more information or need help getting your business set up with Windows 10, contact PCS!

The Dangers of Direct RDP Access!

Direct RDP Access Used To Be So Common That Now It’s Become More Dangerous.

Did you grow up leaving your doors unlocked and your cars unlocked?
I bet you didn’t have to worry about intruders coming in.
Come to think of it, I don’t think I see it anymore.
Direct RDP access is just leaving your door unlocked for an intruder to come in!

Let’s go over why direct RDP access is dangerous.

What Is Direct RPD Access

The Remote Desktop Protocol (also known as RDP) is used to allow remote access to a computer.  Once you log into a computer, you are able to access everything the way you were able to working on the desktop. RDP is very easy to use and widely implemented. Remote Desktop even comes built-in to most versions of Microsoft Windows.  When it is used within a private network, it’s a very strong business tool. Unfortunately, it’s not secure enough to safely expose to the Internet.

What Can Happen With Direct RDP Access

Hackers are able to get into the information easier than you think.  They can target a specific business and they can act as an employee to gain access to administrative accounts.  Once they gain access, it gives them leverage to steal data, destroy data, install malware or ransomware, or even just staying under the radar and using the resources to host their own services or use as an intermediary to commit other crimes.
Most common is seeing employees getting locked out of their systems/accounts as a hacker forces access with their password.  Then the damage is done and a data breach has occurred.

What You Can Do To Prevent This

As we used above, the easiest way to avoid this is to simply close the door!  Closing down the ports to RDP and reduce the attack. There are so many different tools and protocols that can be used to provide businesses with the safety they need with secured access.

A few examples are as followed:
Setup VPN (Virtual Private Network) that must be connected first before using RDP.
Using a multifactor authentication mechanism can be implemented to augment traditional password authentication.

Another way to prevent a data breach from occurring is to contact your IT company for them to setup everything for you and your company that will keep your business safe.

Close the door and lock it so hackers can’t get in! Avoid intruders!

For more information or you want to get your company on the right track to safety, contact PCS!

How Often Should You Change Your Passwords?!


When you create a password, you often find something that not only you can remember, but you are also add different characters to make them safe.  From one special character, to at least 6 characters with one capital letter and a number, it can sometimes drive you NUTS on what your password could be.
But, in technology world, there is a reason why this needs to be done.


Here are some tips on password changes and how to keep everything safe.

How Often Should You Change Your Password?

Password changes should be about every 60-90 days, if not more.  Be sure you’re also using your multi-factor authentication and a password manager to increase your password security. This is alleviate having a security breach with having the same password lingering around your system for a while.  Always make sure your passwords are STRONG.

You Should Never Have The Same Password Twice!

Having the same password twice could end up being an issue when it comes to security.  If somehow they get into one thing, they will use the same information to get into everything! Make sure you are keeping consistent with having different passwords and having a password manager to keep all your passwords secured and organized. The golden rule is to never have the same password twice or use any personal information in your passwords.
Don’t use names, pets, birthdays, anniversaries, addresses, SS numbers, children’s names, etc. for your passwords.  Passwords should always be a random combination of letters, numbers, and symbols or unrelated phrases.

Change The Weak Passwords

Passwords should always be strong.  Leaving weak passwords will only allow hackers to potentially get into your information.  It’ll cause issues in the end if you leave them on the weaker side.

Always Use A Password Manager

We have discussed why password managers were important, but we want to refresh your minds on why it is.  A password manager is program that allows users to store, generate, and manage their passwords for local applications and online services. It assists in generating and retrieving complicated passwords, storing the passwords in an encrypted database or calculating them on demand.
DON’T STORE YOUR PASSWORDS ON A GOOGLE DOC OR WORD DOC!!!  That will only give your information away even faster if someone were to hack into your system.

Don’t Forget To Use Multi-Factor Authentication

Multi-factor Authentication is your best friend. We’ve discussed how important it is, but it goes well with a password manager so no one can get into your information.  Multi-factor authentication is an electronic authentication method that a device user is granted access to a website or application only AFTER successfully presenting two or more pieces of evidence.  It usually involves a code or token needed to access any important information.

Make Time To Change Passwords

This part is going to take you a little bit of time.  Make sure you set aside enough time to go through all your passwords and update your password manager with the new ones.  A few times a year is ideal to be able to change all your passwords effectively and make sure your information is stored correctly.  You don’t want to rush it and end up having to redo all that work.

Having all these tools will allow you to feel more secured about your password and information safety.
Once you have a schedule set to update them, it’ll feel like second nature.

Need help setting up your passwords or have questions? Contact us here at PCS and we can help make sure you’re secured!

Image VS File-Based Backups … The Great Debate!

Image-based backups VS file based back-ups are tricky. 

Knowing when you should use which is even harder.
Knowing what is best for you comes down to what kind of information you are looking to save and back-up.
Let’s go over the difference and what would be best for you and your company.
The main question is … What are you looking to recover?

Difference Between Image VS File-Based Backup’s

Image-based backups preserve a copy of a machine’s operating system. That includes system state and application configurations, as well as the data associated with that machine.  It’s basically an image of your entire operating system including files, executive programs, and OS configurations.  It works best if it is necessary to bac k up a VMware or Hyper-V virtual machine. This is very simple to configure type of backup where you just select an entire drive, partition, or an entire machine, which typically backs up the entire selection you have selected.

File-based backups will back up each file on your PC.  It will save the files, but not the applications that created them. If you did not setup your file backup to save “all” the documents on your machine, then you won’t be able to restore them. It is reasonable when it is necessary to copy separate files so that they can be recovered to any other system. File backups basically come down to you selecting some files and folders that you want to back up and then where you want those file level backups to go.

File-based backups are usually more flexible way to doing backups, scheduling, and are normally smaller backups.

Image-based backups are usually better in disaster scenarios when an entire system restore is required.

What Type of Backup is Recommended?

Now that we have established the difference between the two, the major question stands … Which one is recommended? Both is adequate when having back-ups.

A good backup setup would usually include:
1. An image backup once a month.
2. A full file level backup once a week.
3. A differential file level backup every day other than the full backup day.

This type of schedule will most often help give you an easy and quick way to get files and folders back.  Having extra backup to be able to recover any and all files will be a huge impact to your business information.


Need help backing up your computer? Don’t know where to start? Contact PCS and we can help!

Cyber Training … Why Is It Important?

Cyber security is one of the most important things in today’s technology world. 

From data breaches to just taking someone’s banking information, hackers are now being more creative with their tactics. But, there are plenty of ways to always stay alert so you can keep on top of any security threat.

Cyber Security Training

You hear this term a lot and it’s something that has been harped about … But why is it so important?

The workplace has evolved throughout the years and technology has been a big party of that transformation. Adding in the risk of having someone come into your personal information and even company data means workplaces need to have more security.  Firewalls and anti-virus protections are simply not enough for hackers.  Hackers have been more creative with their tactics and scams that now everyone needs to be more alert!

Having the ability to know what is a threat and what is just your daily routine is important.
|Cyber security training can help you recognize different types of threats using simulators and common hacker moves.

If you can’t recognize emails, links, or even phone calls, you can be potentially putting a company at risk for a data breach.
You always want to be alert with any email that is coming to you!


Having the ability to be one step above a hacker is challenging. One way is by having simulations will help you see the different kinds of attacks and how you can prevent your company from having a data breach and/or information deleted/stolen.

In 2020, there was an estimated amount of 1001 cases.
That’s 1001 cases that could of probably been avoided if companies has cyber security training.

Data breaches are getting worse and users are not aware of the risks!

Employees are often the primary targets for hackers looking to get into critical business systems.
Rather than trying to breach a secure network or system through external means, it’s much easier for hackers to pretend to be authorized members of a company while they inflict their damage from the inside and do so undetected.

Sadly, many employees don’t even realize how important cybersecurity training really is for the organization they work for.
Even worse, according to a survey of over 4,500 employees, 22% of employees don’t feel like they should be obligated to keep their employer’s information safe.

Employees handle the information on an everyday basis, so a hacker will come to them first before anyone else. Internal attacks are easier.

Don’t wait to get cyber security training. You could not only protect the company, but you can even protect your own information!

For more information about Cyber Security training, contact PCS today!