1.800.840.9690|save@cutmycost.com

About cmcwplgnomg404

This author has not yet filled in any details.
So far cmcwplgnomg404 has created 100 blog entries.

Cost of IT Downtime for Englewood Businesses

The cost of IT downtime for Englewood NJ businesses continues to rise as even short outages disrupt operations, delay client work, and create unexpected expenses. Whether you’re running a law firm, accounting practice, or medical office, any interruption to your systems can have cascading effects across your entire business—affecting both your bottom line and reputation.

Englewood NJ business owner looking at computer concerned over IT downtime

What Exactly Is “Downtime”?

Downtime occurs any time your systems are unavailable—whether it’s your email server, case management software, file access, or even internet connectivity. For businesses in Englewood that rely heavily on technology to serve clients, process payments, or manage appointments, even a short outage can have serious consequences.

The Hidden Costs Behind the Outage

Many business owners think of downtime in terms of hourly billing losses, but the full cost runs deeper. Consider the following impact areas:

  • Lost productivity: Employees sit idle while systems are offline.
  • Missed deadlines: Court filings, financial reports, or patient follow-ups get delayed.
  • Client dissatisfaction: Poor communication during an outage can erode trust.
  • Reputation damage: Word spreads quickly when a business isn’t responsive.
  • Data recovery costs: Restoring files or systems after a crash is never free—or guaranteed.

A single day of downtime can cost thousands, even for a small firm. And that doesn’t account for the stress, client churn, or regulatory exposure it can create.

What Causes Downtime?

Downtime can be triggered by a wide range of issues—many of them preventable:

  • Hardware failure
  • Power outages
  • Cyberattacks like ransomware
  • Outdated software or unpatched systems
  • Poorly managed cloud services or network misconfigurations

In most cases, downtime isn’t caused by catastrophic failure. It’s the result of overlooked maintenance, lack of monitoring, or an absence of backup and recovery planning.

How Englewood Businesses Can Minimize Risk

Reducing downtime starts with visibility and preparedness. At Cost+, we help Englewood businesses stay ahead of issues with proactive monitoring, managed IT support, and fast response when problems arise. We also build backup and recovery plans that allow firms to restore operations quickly after an outage—without paying ransom or starting from scratch.

Simple Ways to Improve Your Uptime

If you’re not ready for a full managed IT plan, there are still practical steps you can take:

  • Ensure automatic backups are running—and test them
  • Keep software and operating systems updated
  • Use hardware monitoring tools to predict failures
  • Document a basic recovery process and assign roles
  • Work with an IT partner who can step in when you need help

Even a few of these actions can dramatically reduce your exposure to downtime and the costs that come with it.

The Cost of Doing Nothing

Many business owners delay investing in IT protections until something goes wrong. But the reality is, reactive IT is far more expensive than proactive planning. Every hour of downtime chips away at client confidence and productivity—and that damage adds up fast. For Englewood firms, particularly those in legal and financial sectors, the reputational cost of being unreachable during a time-sensitive issue may be worse than the technical failure itself.

Protect Your Time, Revenue, and Reputation

Technology issues don’t just waste time—they cost money. The longer your business goes without proper IT oversight, the more vulnerable you become to preventable downtime. If you want to protect your operations, start with an IT partner that understands Englewood businesses and delivers solutions that work. We offer both remote and onsite support, helping your business stay secure, connected, and productive—even when challenges arise.

2025-07-02T09:17:35-05:00July 2, 2025|
Read More

Microsoft 365 Direct Send Exploited for Internal Phishing: What You Need to Know

Threat actors are now abusing a legitimate feature of Microsoft 365 known as Direct Send phishing to deliver fraudulent emails that appear to come from internal users. This attack method bypasses traditional email defenses by exploiting a trusted mail flow configuration, making it especially dangerous in enterprise environments. In this article, we break down how this attack works, what makes it effective, and how to defend against it using Microsoft best practices and layered security controls.

a woman with a fishing pole simulating microsoft phishing using direct send

Understanding Direct Send in Microsoft 365

Microsoft 365 offers three ways to send mail from devices and applications: SMTP AUTH client submission, Microsoft 365 or Office 365 SMTP relay, and Direct Send. The Direct Send method allows email to be transmitted from an application or device (like a printer, scanner, or third-party app) directly to Microsoft 365 without authentication, as long as the IP is allowed and the domain is valid. According to Microsoft, this method supports internal email routing without needing user credentials. You can read more in their official documentation here.

How Attackers Are Exploiting Direct Send

By impersonating legitimate applications and spoofing trusted IPs, attackers can send phishing emails through Direct Send that appear to come from verified internal addresses. These emails often bypass SPF, DKIM, and DMARC checks because they technically originate from within the organization’s domain and IP allowances.

This tactic gives attackers a powerful advantage: the messages don’t look suspicious to email security filters or to users. Targets are more likely to engage with a message if it appears to come from a known colleague or internal system—especially when the content mimics invoice alerts, password change requests, or file-sharing notifications.

Why This Threat Is So Effective

Unlike typical phishing campaigns that rely on misspelled sender names or domain lookalikes, Direct Send phishing creates emails that pass as entirely legitimate in both metadata and presentation. That means:

  • The sender appears internal and familiar
  • Email filters may not flag the message as suspicious
  • End users are less likely to report the message
  • Security logs may not show obvious red flags

This creates a perfect storm of risk: high trust, low detection, and quick impact.

Recommended Mitigations and Best Practices

To protect against this type of abuse, organizations should follow Microsoft’s updated guidance on Direct Send configuration, outlined in their official documentation here.

Microsoft emphasizes several key safeguards:

  • Restrict the accepted IP addresses in the mail flow rule to only known and documented devices.
  • Disable Direct Send unless it’s absolutely necessary for business functions.
  • Use SMTP authentication with strong credentials and MFA whenever possible instead of unauthenticated Direct Send.
  • Monitor email headers and audit logs for unexpected traffic from non-mailbox sources.

Additionally, your organization should conduct regular phishing simulations to educate users on identifying unusual requests—even when they appear internal.

How Cost+ Helps Secure Your Microsoft 365 Environment

At Cost+, we proactively defend Microsoft 365 environments through a combination of prevention, monitoring, and response services. Our Security+ offering includes email threat detection, 24/7 monitoring, and hardening of misconfigured or vulnerable Microsoft 365 settings. We also assist with:

  • Configuring secure mail flow and anti-spoofing policies
  • Disabling unused protocols and reducing attack surface
  • Alerting on abnormal internal email behavior

For organizations that rely heavily on application-based email—such as CRMs, scanners, or cloud apps—we provide auditing and remediation through our Support+ team to ensure your Direct Send configuration doesn’t become an open door for attackers.

Next Steps for Security and IT Teams

If your organization uses Direct Send—or isn’t sure how it’s configured—it’s critical to perform an immediate review. Start by inventorying every device or application that’s allowed to send mail using this method. Then verify:

  • Each sending IP is expected and documented
  • No new mail flow rules have been added or modified unexpectedly
  • End user reports of “weird” internal messages are followed up with proper investigation

You should also configure alerts for any unusual spikes in email volume from IPs tied to Direct Send or apps using SMTP relay. These patterns often precede broader phishing campaigns.

Final Thoughts

Direct Send phishing is a reminder that even legitimate tools can become threat vectors when not properly governed. Microsoft’s built-in mail delivery flexibility helps businesses function efficiently—but it also creates opportunities for abuse if not configured securely.

By following Microsoft’s published best practices and layering your security defenses, you can reduce risk while preserving business continuity. Cost+ is here to help you close these gaps before they become exploited entry points.

Get in touch with us to schedule a review of your Microsoft 365 security posture—including Direct Send risk assessments and remediation planning.

By Thomas McDonald
Vice President

2025-06-30T15:50:34-05:00June 30, 2025|
Read More

Microsoft Confirms June 2025 Windows Security Delay: What IT Teams Need to Know

The June 2025 Windows security delay has raised serious concerns among IT departments and cybersecurity professionals. Microsoft confirmed that several critical security updates originally scheduled for release on June 11 were delayed due to an unexpected metadata issue. The delay was caused by an incorrect timestamp that prevented updates from being properly recognized or installed on Windows systems. As a result, organizations relying on timely patch deployment have faced heightened security risks and operational uncertainty.

server engineer dealing with delayed june 2025 microsoft security updates BK5060842

What Happened: Metadata Timestamp Issues

Microsoft’s official explanation points to a publishing error involving the metadata timestamp embedded within the June 2025 cumulative update package. This flaw disrupted the normal detection and delivery of the update via Windows Server Update Services (WSUS), Microsoft Endpoint Configuration Manager, and Windows Update for Business. The impacted update, identified as KB5060842, targets Windows 11 version 24H2.

Administrators began reporting issues almost immediately after the scheduled release date, noting that the update was either not being offered at all or was incorrectly flagged as already installed. Microsoft has since acknowledged the delay and is actively working on a corrected version of the update to be republished for proper detection and deployment across enterprise environments.

Why the June 2025 Delay Matters

Security updates are often the first and last line of defense against newly disclosed vulnerabilities. When these updates fail to deploy on schedule, threat actors gain an advantage. In this case, the delay was not caused by a known exploit, but by an infrastructure-level publishing error. That makes it harder to mitigate, because administrators expecting automatic deployment may falsely assume systems are up to date.

In the context of today’s evolving threat landscape, even a 24-hour delay can be significant. Microsoft’s own telemetry frequently shows exploit attempts within days—sometimes hours—of patch disclosures. With the June 2025 Windows security delay, the exposure window widened unexpectedly for tens of thousands of endpoints.

Recommended Actions for IT Teams

While Microsoft continues remediation efforts, IT leaders and administrators should take immediate steps to assess exposure and manually enforce compliance where necessary:

  • Manually verify that update KB5060842 is properly installed across all relevant Windows 11 24H2 systems.
  • If not installed, monitor for re-release and consider manual deployment via standalone installer.
  • Update your asset inventory to reflect known affected machines and prioritize them for audit.
  • Coordinate with your Support+ provider to perform a fast vulnerability review and ensure critical systems are not at risk.

Organizations using Microsoft Endpoint Configuration Manager should also validate their sync processes and distribution point health to ensure that once the revised update is published, it can be delivered without delay or rollback issues.

Proactive Defense Through Layered Security

This delay highlights the importance of layered defense strategies beyond just patch management. Even when updates are delayed or flawed, a properly configured security stack can still provide meaningful protection. At Security+, we advocate for endpoint protection, threat detection, and segmentation strategies that reduce the blast radius of a missed patch.

Administrators should also consider deploying real-time alerting tools that can flag when scheduled updates fail, or when system patch status does not match the organization’s baseline configuration.

Communication and Risk Transparency

One of the most overlooked aspects of incidents like this is internal communication. IT teams should proactively inform business stakeholders and compliance leads about the nature of the delay and what steps are being taken to address it. Transparency not only builds trust but ensures that executive teams don’t mistake a vendor delay for an internal failure.

We recommend documenting this delay as part of your monthly risk register or change log, noting any compensating controls put in place during the patch window. This is especially critical in regulated industries where patch timelines are auditable under frameworks such as HIPAA, PCI-DSS, or SOX.

What to Expect Next from Microsoft

Microsoft has stated that a corrected version of the June 2025 update will be republished once the metadata issue is resolved. However, no specific timeline has been given for that release. The company’s update center is still listing KB5060842 as active, but with known issues. You can follow the latest official status directly from Microsoft here.

Once the revised package is available, organizations should prioritize deployment, particularly on systems exposed to the public internet or used in sensitive operations. Delays like this underscore the importance of combining automation with human oversight in all patching and update workflows.

Closing Thoughts

The June 2025 Windows security delay is a timely reminder that even highly automated update systems are not immune to human error or metadata corruption. IT and security leaders should treat this as an opportunity to audit internal assumptions, test their fallback plans, and reinforce the principles of layered defense. At Cost+, we work with clients every day to ensure that when vendors slip, their protection doesn’t.

Need help validating patch status, mitigating short-term risks, or automating your endpoint coverage? Schedule a call with our team and we’ll help you stay ahead of vulnerabilities—even when the update doesn’t arrive on time.

By Thomas McDonald
Vice President

2025-06-30T14:58:16-05:00June 30, 2025|
Read More

Backup and Disaster Recovery for Saint Johns Businesses

Backup and Disaster Recovery for Saint Johns, FL Businesses

Backup and disaster recovery for Saint Johns FL businesses is more than a precaution—it’s a necessity. In Florida’s storm-prone climate, companies face unique threats that go beyond cybersecurity. Power outages, hurricanes, flooding, hardware failure, and human error can all lead to catastrophic data loss if proper safeguards aren’t in place. For local businesses, the question isn’t if a disruption will happen—but when.

a saint johns florida sign next to the Castillo de San Marcos national monument

Why Basic Backups Aren’t Enough

Many businesses believe that saving a copy of their files to an external drive or syncing with a cloud folder is enough to stay safe. While these steps are better than nothing, they often fall short when tested in real-world recovery scenarios. For example, a cloud-synced folder won’t restore a full server environment. A USB drive won’t help you if it was sitting in the same building that just flooded.

True resilience means having multiple layers of protection: local backups for quick recovery, offsite backups for worst-case scenarios, and the ability to restore full systems—not just files. It also means documenting the process, assigning clear responsibilities, and testing everything regularly.

The Risks of Incomplete or Unverified Backups

  • Backups stored onsite are vulnerable to the same event as your primary data
  • Outdated recovery procedures can delay restoration, costing time and money
  • Critical systems and applications may be excluded, leaving gaps in recovery
  • Lack of encryption exposes backup data to theft or ransomware attacks
  • Without routine verification, backups may silently fail over time

How We Help Saint Johns Businesses Prepare

At Cost+, we specialize in turning uncertain plans into reliable ones. Our Recovery+ service provides Saint Johns businesses with full-system imaging, secure cloud replication, and rapid failover options. We don’t just install backup software—we monitor it, test it, and keep it aligned with your actual business needs.

Whether you’re running a local law office, retail store, healthcare practice, or professional services firm, your systems need to be online, your data needs to be intact, and your team needs to know how to respond. Our backup and disaster recovery strategies are tailored to each client and come with clear documentation, fast support, and zero guesswork.

Next Steps for a More Resilient Operation

Don’t wait for a storm, cyberattack, or hardware failure to realize your recovery plan has gaps. The Department of Homeland Security’s Cyber Essentials guide offers a solid foundation—but every business needs a plan specific to its own infrastructure and workflows.

If you’re unsure whether your current backup strategy will hold up under pressure, schedule a no-cost consultation. And if you’re looking for more ways to protect your operations, read about our full Saint Johns IT support and cybersecurity services.

By Thomas McDonald
Vice President

2025-06-28T19:49:21-05:00June 28, 2025|
Read More

What Business Email Compromise Looks Like Today—and How to Stop It

Business Email Compromise (BEC) is one of the most syndicate-driven cyber threats facing organizations today—and it’s growing more sophisticated than ever. Modern business email compromise schemes often use compromised email accounts, deepfake AI tools, or domain spoofing to trick employees into approving fraudulent payments.

man upset over business email compomise

 

How BEC Has Evolved

Earlier BEC scams relied on spoofed domains or fake invoices. Today, attackers often hijack real email accounts or use AI-generated mimicry to craft convincing messages. According to the FBI, more than $26 billion has been lost to BEC scams in recent years, including incidents where large firms fell victim to fake invoice fraud.

Common Modern BEC Scenarios

  • CEO or executive impersonation: Attackers send urgent payment requests appearing to come from a trusted executive.
  • Account takeover: Hackers gain access to a legitimate business email account and send fraudulent requests from it.
  • Vendor invoice fraud: Fake invoice emails mimic real vendors and arrive just before payment cycles to avoid scrutiny.
  • AI-enhanced impersonation: Deepfake voices or synthetic emails make spoofed communication even harder to detect.

Red Flags to Watch For

  • Urgent or secretive tone
  • Requests outside normal payment processes
  • Slightly altered domain names or unfamiliar email addresses
  • Instructions to change banking information or bypass verification

How to Protect Your Business

1. Verify Via a Second Channel

Always confirm payment requests using an independent method—such as a direct phone call—not via the same email thread. This simple step can stop most fraud attempts.

2. Enable Email Authentication

Implement SPF, DKIM, and DMARC email protocols. These protect your domain from being spoofed and help email recipients trust your communications. Learn more about DMARC from CISA.gov.

3. Enforce MFA and Role-Based Access

Multi-factor authentication (MFA) prevents attackers from logging into email accounts even if they’ve obtained a password. Combine this with least-privilege access policies to limit who can approve payments.

4. Train Employees on BEC Awareness

Provide practical training on how to spot suspicious emails, spoofed domains, and signs of social engineering. Simulated attacks and phishing tests improve awareness across departments.

5. Use Dual Authorization for Payments

For larger transactions, require at least two people to approve before payment is released. This makes it harder for one compromised account to result in financial loss.

6. Deploy Threat Detection Tools

Secure email gateways and threat detection tools can catch impersonation attempts, monitor for abnormal behavior, and block messages from known malicious IPs or domains. Consider a solution that includes anomaly detection and adaptive controls.

Where Cost+ Comes In

Our Security+ service helps organizations prevent business email compromise with layered protection, DMARC enforcement, staff training, and payment workflow consulting.

Bottom Line

Today’s business email compromise threats go far beyond basic phishing. Attackers are well-organized, use advanced impersonation tactics, and exploit trust in your vendors and executives. With the right training, technology, and financial safeguards, you can reduce your exposure and avoid costly mistakes.

By Thomas McDonald
Vice President

2025-06-21T18:59:54-05:00June 27, 2025|
Read More
Company

About
Careers
Press Room
Contact Us

Consulting

Penn Testing
Virtual C-Suite
Expense Review
Business Continuity

About

Privacy Policy
Billing Policy
Acceptable Use
Terms of Service

Quick Links

Security Blog
Code of Conduct
Employee Whistleblower Policy
Modern Day Slavery Statement

© 2025 National Discount Brands, LLC. All Rights Reserved.

Go to Top