We assist small businesses to define and refine their processes, plan and build their web presence using current and emerging technologies.
We provide ongoing support and advice to assist businesses to
maintain and grow a crucial path to market and focus on growing your business
Microsoft pushed an emergency patch for Office after discovering a zero-day exploit that attackers were already using. The flaw bypassed Office's built-in security protections, allowing malicious code to run when you open a document. But here is the catch: it only worked if they could convince you to open the file first.
In this episode, Charly covers:
✅ How this zero-day exploit bypassed Office security protections
✅ Why the social engineering component was critical to the attack
✅ What to do if you receive unexpected documents, even from people you know
✅ How to apply the fix for Office 2016, 2019, 2021 and Microsoft 365
✅ Why verifying through a separate channel is your best defence
The more sophisticated our systems get, the more sophisticated the attacks become. Stay vigilant.
Book a Free 30 minute Breakthrough Session: https://askcharlyleetham.com/book-me
(1 per person only)
Follow us:
Locals: https://askcharlyleetham.locals.com
Rumble: https://rumble.com/askcharlyleetham
Odyssey: https://odysee.com/@askcharlyleetham:4
YouTube: https://youtube.com/askcharlyleetham
Facebook: https://www.facebook.com/askcharlyleetham
Twitter: https://twitter.com/yourbizmgr
Instagram: https://instagram.com/ask_charly_leetham
LinkedIn: www.linkedin.com/in/charlyleetham
LinkedIn Company: https://www.linkedin.com/company/ask-charly-leetham/
Spotify: https://askcharlyleetham.com/likes/rise-and-shine
Apple Podcasts: https://podcasts.apple.com/us/podcast/ask-charly-leetham-online-business-manager/id1659738721
iHeartRadio: https://www.iheart.com/podcast/269-ask-charly-leetham-online-105944212/
Amazon Music: https://music.amazon.com/podcasts/662f1e44-115d-4094-862b-efe9307e0df4/ask-charly-leetham-online-business-manager
Music and Credits to:
Paradise Found is covered under Creative Commons.
"Paradise Found"
Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/
https://incompetech.com/music/royalty-free/licenses/
https://rumble.com/v75n3g8-why-this-office-exploit-needed-your-help-to-work-2026677.html
Life is busy and there's just so many things to remember. What tools do you use to help you keep on top of ALL the things?
It's easy to react or respond quickly to messages and the like. It's better to do that mindfully. That's why I try to Practice The Pause.
Most small business owners file IT security under “IT will handle it” and move on. But with nearly half of all cyber attacks targeting small businesses, treating security as someone else’s problem is a risk you cannot afford to take.
In this episode, Charly covers:
✅ Why IT security sits alongside building security, insurance and compliance as a core business function
✅ The staggering stat that over 40% of cyber insurance claims are denied because controls were not actually in place
✅ How your security posture directly affects your premiums, coverage terms and claim outcomes
✅ Three practical steps you can take right now: schedule regular reviews, document what is being done and know when to bring in expert help
If you would not leave your premises unlocked overnight, why leave your digital assets unprotected?
Book a Free 30 minute Breakthrough Session: https://askcharlyleetham.com/book-me
(1 per person only)
Follow us:
Locals: https://askcharlyleetham.locals.com
Rumble: ...
Google is quietly changing the legal terms behind reCAPTCHA, and after April 2nd, the liability for data collection shifts from Google to you as the website owner. If your site runs reCAPTCHA v3, it is already collecting visitor data on every page, and your privacy policy almost certainly does not reflect that.
In this episode, Charly covers:
✅ What the data controller and data processor roles mean for your website
✅ Why Google is handing you the legal accountability without the technical control
✅ How reCAPTCHA v3 collects data site-wide, not just on forms
✅ How to check if reCAPTCHA is active and what to update in your privacy policy
If you are running reCAPTCHA, you need to act before April 2nd or consider alternatives like Cloudflare Turnstile.
Book a Free 30 minute Breakthrough Session: https://askcharlyleetham.com/book-me
(1 per person only)
Follow us:
Locals: https://askcharlyleetham.locals.com
Rumble: https://rumble.com/askcharlyleetham
Odyssey: ...
You have set up SPF, DKIM, and DMARC for your domain, but how do you know they are actually doing their job? If you are using Cloudflare for your DNS, their DMARC management dashboard gives you a clear view of who is sending email on behalf of your domain and whether those emails are passing or failing authentication.
In this episode, Charly covers:
✅Where to find DMARC reports inside your Cloudflare dashboard
✅How to read the summary table and spot failures at a glance
✅What to do when an unknown service is sending email as your domain
✅The difference between monitor, quarantine, and reject DMARC policies
✅A real example of a misconfigured Mailgun setup caught by DMARC reporting
Even if you are not the one fixing it, knowing where to look means you can hold your tech team accountable and stay on top of your email security.
Book a Free 30 minute Breakthrough Session: https://askcharlyleetham.com/book-me
(1 per person only)
Follow us:
Locals: https://askcharlyleetham.locals.com
Rumble: ...
