The challenge: lock down the most exposed part of the nation’s election system. … A ransomware attack in 2020 could prove devastating, preventing voters from registering or poll workers from confirming voter eligibility, officials say.
Cnet.com click the link to read the rest of the story. Our FREE Tools can help!
Are you concerned with this threat?
Ransomware attacks have more than doubled this year, as criminals turn to powerful new forms of file-locking malware and additional attack techniques to conduct campaigns that are more lucrative than ever before.
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Has your business been hit?
The threat actor behind the coordinated ransomware attack against multiple Texas local governments may have gained access to its computer systems via a third-party software provider. According to NPR, which first reported the development, the attackers want a collective ransom of $2.5 million. So far, there are no indications the amount has been paid.
What would you do, if hit by an attack?
Join the conversation on our Facebook Page!
Mention the dark web to security experts and their thoughts necessarily turn to its birthplace—Russia. From simple hack-sharing site origins, Russia’s cybercrime ecosystem has grown to rival that of its government. Ahead of releasing a report on the topic, Charity Wright, formerly with the NSA, and Ariel Ainhoren, Research Team Leader at IntSights, graciously summarized this evolution for us here at the Black Hat conference. …
PCmag.com click the link to read the rest of the story. Our FREE Tools can help!
Have you explored the dark web?
The number of local government entities in Texas affected by a ransomware attack is now up to 23. In a release Saturday afternoon, the Texas Department of Information Resources said the local governments reported the attacks Friday morning. The majority of them are smaller local governments. …The DIR said it is continuing to investigate the origin of the attack, but at the moment believes it came from a “single threat actor.”
How safe is your local government?Join the conversation on our Facebook Page!
More danger lurks around the corner as advanced techniques used by state-backed hackers, for example, to steal information, filter down to financially motivated attackers. This threat applies to the continuing growth of file-less malware, supply-chain attacks, and phishing. “We’re seeing the trend of advanced techniques being used to deliver commodity malware. Once the advanced technique becomes public knowledge…
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Are you confident your computers are viruses free?
The majority (66%) of business leaders at small to medium-sized businesses (SMBs) don’t believe they will fall victim to a cyberattack… While SMBs don’t think they are at risk, a previous study conducted by the Ponemon Institute for Keeper found otherwise: 67% of SMBs experienced cyberattacks within the past year. … The report found a major gap between the awareness and reality of cyberattacks in SMBs. Only 12% of respondents said they realize how likely an attack is on any size company.
Can you business survive the cost of a data breach?
A new family of ransomware designed to attack Google’s Android mobile operating system utilizes SMS messaging to spread, researchers say. On Monday, cybersecurity professionals from ESET revealed their investigation into the new malware, dubbed Android/Filecoder.C, that earmarks the end of a two-year decline in new Android malware detections.
Have you seen these SMS messages?
In an emergency meeting of the city council, the administration of Lake City, a small Florida city with a population of 65,000, voted to pay a ransom demand... The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month… Despite the city’s IT staff disconnecting impacted systems within ten minutes of detecting the attack, a ransomware strain infected almost all its computer systems… the unfortunate truth is that some organizations still won’t heed the lessons of the recent spate of attacks…
Do you agree with their decision to pay the ransom?
The US Department of Treasury’s Financial Crimes Enforcement Network (FinCEN) has run an analysis on suspect transactions in the past year and found that US businesses in 2018 wired around $301 million per month to business email compromise (BEC) scammers. The $301 million in average monthly losses is far higher losses than the FBI’s estimate…
How does your business rank on the list of targets? What are you doing to protect your business?
A newly discovered form of ransomware is targeting network storage devices by brute-forcing weak credentials and exploiting known vulnerabilities in their systems. …
How up to date is your network data protection?
Now that most of our daily procedures and activities are automatized and available for use on the Internet, we need to take the same level of precaution we did as children, crossing to the other side of the street… today we’re going back to basics — exploring and explaining the most common network security threats you may encounter while online…
How safe is your business from these threats?
This month, Microsoft patched 77 vulnerabilities, including two zero-days — security flaws that were being actively exploited in the wild. … The zero-day was discovered by ESET as part of the attack chain of a group of Russian state-funded hackers. The company told ZDNet it plans to publish an in-depth blog post about these attacks…
Do you think we are staying ahead of the threats?
Just over 10 years ago, a unique strain of malware blitzed the internet so rapidly that it shocked cybersecurity experts worldwide. Known as Conficker, it was and remains the most persistent computer worm ever seen, linking computers with Microsoft operating systems globally, millions of them, to create a vast illicit botnet, in effect, a black-market supercomputer. That much power controlled by its unknown maker posed an existential threat not just to any enterprise connected to the web, but to the internet itself. … Surely something bigger was coming. But it never did. Why? Who created Conficker, and why bother if they were not going to use it?
Who do you think was behind this?
US Cyber Command has issued an alert via Twitter today about threat actors abusing an Outlook vulnerability to plant malware on government networks. The vulnerability is CVE-2017-11774, a security bug that Microsoft patched in Outlook in the October 2017 Patch Tuesday. The Outlook bug, discovered and detailed by security researchers from SensePost, allows a threat actor to escape from the Outlook sandbox and run malicious code on the underlying operating system. …
Do you train your office how to identify dangerous emails?
Smuggling malware into the power grids of rival states risks making tensions higher, especially when the rules of the game are yet to be established. … The New York Times has reported that the US has escalated its plans to place malware in Russia power networks, in response to similar and ongoing online incursions by Russia-backed hackers. This is the latest development in online hostilities involving power grids; energy companies have long been the targets of cyber-espionage, but in recent years the intent has switched from spying to creating outages.
How are you preparing your business for cyber-ware attacks?
The Riviera Beach City Council voted unanimously this week to pay the hackers’ demands, believing the Palm Beach suburb had no choice if it wanted to retrieve its records, which the hackers encrypted. … According to the U.S. Department of Homeland Security, ransomware is the fastest growing malware threat…
CBSNews.com click the link to read the rest of the story. Our FREE Tools can help!
Have you or will you ever pay a ransom?
The group behind a malware campaign targeting both Windows and Android devices in an adware operation across both Europe and the US have altered its attack techniques and added new payloads including a cryptominer and a Trojan in an apparent bid to make more money from infected devices.
Have you checked to see if your security software blocks the latest version of Scranos?
ASCO, one of the world’s largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium. As a result of having IT systems crippled by the ransomware infection…
Any guess what this is costing the firm?
Sixty eight percent of people believe they’re doing all they can to protect themselves against cyberattacks. …Perhaps surprisingly, it’s the older generations which has more confidence about how they’re protecting themselves online, with three quarters of those over 45 confident that they’re doing all they can to protect against data loss. …the higher confidence among older web users could be based on a naivety about the malicious threats that are out there on the internet, while younger users are aware of cybersecurity issues – but still aren’t addressing them.
How confident are you that your security is sufficient?
When this attack was detected by Microsoft, it’s likely a large chunk of the world’s 500 million WinRAR users hadn’t updated… Israeli security firm Check Point revealed that a malicious ACE file could place malware anywhere on a Windows PC after being extracted by WinRAR. The social engineering used in the campaign was crafted to ensure full remote compromise of a machine…
Do you use Winrar?
The average ransom demand by hacker to release files encrypted by their ransomware attack has almost doubled in 2019. … The sharp increase in ransom payments is linked to the emergence of more expensive and more hands-on forms of ransomware… They’ll exploit vulnerabilities in remote desktop protocols or abuse stolen credentials to gain access to systems, moving around networks and laying the groundwork for their ransomware to encrypt as many PCs as possible for the maximum impact.
ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!
Has your company paid a ransom?
The scammers have been delivering the Trickbot Trojan by pretending to send emails from well-known payroll and HR firms such as Paychex and ADP. The emails will contain an attachment that’ll secretly load the malware.
PCmag.com click the link to read the rest of the story. Our FREE Tools can help!
Did you receive these scam emails?
With popular sporting events like March Madness, it’s easy for attackers to prey on human emotions with excitement running high and money on the line. With so many employees participating in office pools and brackets, it’s critical to avoid getting phished through fake sporting-themed websites, contests and offers around the games, or malicious browser extensions that claim to keep track of scores and stats.
SecurityBoulevard.com click the link to read the rest of the story. Our FREE Tools can help!
Has your company been hit with this attack?
The findings in the Identity Theft Resource Center (ITRC)’s “2018 End-of-Year Data Breach Report” serve as a stark reminder of why companies should take a layered approach to security.
SecurityIntelligence.com click the link to read the rest of the story.
How many layers of security do you have?
Criminal “products” from the underworld marketplace are part of a sophisticated and highly profitable global industry.. there’s a thriving underground economy online, a place where tools and techniques are advertised and sold — even given away — and where stolen data is laundered to facilitate online crime. What might surprise you is how many of these underground economies there are and how well-established they have become.
This is a sophisticated and highly profitable global industry. In 2016, ransomware alone generated more than $1 billion in profit for criminals. The FBI is now calling “business email compromise,” where scammers intercept suppliers and payment transfers, the $5 billion scam.
Medium.com click the link to read the rest of the story.
Have you been a victim of online criminals?
Almost half of all organisations have fallen victim to phishing attacks in the last two years, with larger businesses the most likely to been compromised, despite also being most likely to conduct cyber security training for staff.
ZDNet.com click the link to read the rest of the story.
How are you dealing with phishing attacks in your business?
Google has issued an urgent warning for Chrome users to update their browser… a security flaw is being actively exploited.
The flaw in question is referred to as a “zero-day exploit.”
Infopackets.com click the link to read the rest of the story.
Do you update your software immediately when updates are released?Join the conversation on our Facebook Page!
Researchers have discovered a new flaw affecting all Intel chips due to the way they carry out speculative execution for CPU performance gains. Like the Spectre and Meltdown attacks revealed in January 2018, Spoiler also abuses speculative execution in Intel chips to leak secrets. …Daniel (Ahmad) Moghimi, one of the paper’s authors, told The Register he doubts Intel will be able to patch the issue in the memory subsystem within the next five years.
ZDNet.com click the link to read the rest of the story.
Do you use Intel chips?Join the conversation on our Facebook Page!
The number of phishing attacks is on the rise, more than doubling in recent months, with one in 61 emails delivered to corporate inboxes found to contain a malicious URL. …
The emails are often designed to look like they come from legitimate senders – like a company, or a colleague – in order to gain the trust of the victim, before duping them into clicking the malicious link. …The purpose of the malicious URL could be to deploy malware onto the PC or it could encourage the victim to enter sensitive information into a fake version of a real service…
ZDNet.com click the link to read the rest of the story.
Have many do you think you get every day?Join the conversation on our Facebook Page!
