August 2025 Cybersecurity Recap
How SpeakGeek PCs protected businesses in Las Vegas, Pahrump, Mesquite, and Henderson with Managed Services.
What happened in August
- Hackers attempted brute-force logins on RDP and SMB targeting a production server.
- Datto EDR flagged
wscript.exelaunched byhh.exeas defense evasion on a workstation. - We hardened recovery controls to prevent backup tampering.
- Risky traffic patterns were reviewed and filtered to protect home-to-office users.
Key incidents (anonymized)
Device: Server-Alpha
Repeated login attempts from China and Russia using usernames like EWILLIAMS, Test, and generic server names. Offending IPs showed 7–10 VirusTotal detections.
Action: Keep RDP behind VPN, patch fully, and block IPs or geos at the firewall.
Device: Server-Echo
Inbound SMB probes from Russian networks. Reputation checks returned 9 detections.
Action: Block 445 externally, enforce geo-blocks, and restrict SMB to internal networks.
Device: Workstation-Foxtrot
hh.exe launched wscript.exe linked to a vendor tool script. Flagged as MITRE T1218.001.
Action: Validate business need, suppress only if approved, otherwise remove and harden script execution.
Device: Server-Sierra
Remote host attempted to log in with the username admin. Failed with code 0xC0000064 (account does not exist).
Action: Block source IP, confirm firewall firmware is patched, and review access logs.
Why this matters for your business
Real threats stopped
Brute-force and script attacks are constant. Our SOC caught them before damage was done.
Backups protected
Ransomware disables recovery first. We guard and verify backup integrity.
Local managed services
Trusted protection for Las Vegas and Pahrump businesses through SpeakGeek PCs.
August at a glance
Protect your business today
SpeakGeek PCs Managed Services deliver 24/7 monitoring, endpoint protection, and recovery safeguards.
Serving Las Vegas, Pahrump, Mesquite, and Henderson.