Tag Archives: cybercrime

Posted on

WAV audio files are now being used to hide malicious code

Two reports published in the last few months show that malware operators are experimenting with using WAV audio files to hide malicious code. …  All previous instances where malware used steganography revolved around using image file formats, such as PNG or JPG.  The novelty in the two recently-published reports is the use of WAV audio files, not seen abused in malware operations until this year. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

How are you keeping up with all the latest threats?

Join the conversation on our Facebook Page!

Posted on

FBI Warning: Multi-Factor Authentication Is Being Defeated

The FBI has now warned that it “has observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks.” … But according to the FBI, this use of secondary tokens or one-time codes to back-up usernames and passwords still isn’t enough. Unless companies employ “biometrics or behavioral information—such as time of day, geolocation, or IP address,” there is a risk that an attack can either trick a user into disclosing a multi-factor authentication code or use technical interception to create one for themselves. …

Forbes.com click the link to read the rest of the story. Our FREE Tools can help!

What additional security measures do you use?Join the conversation on our Facebook Page!

Posted on

California’s new privacy law gets teeth with proposed regulations

California proposed regulations on Thursday to dictate how the state will enforce its tough, new privacy law. The law, known as the California Consumer Privacy Act, gives consumers more control over how companies collect and manage their personal data. It goes into effect on Jan. 1.  The CCPA, seen as establishing the most stringent data privacy protections in the nation, allows people to request that data be deleted and gives them the opportunity to opt out of having their information sold to a third party. …

Cnet.com click the link to read the rest of the story. Our FREE Tools can help!

How will this affect your business?

Join the conversation on our Facebook Page!

Posted on

SIM Swapping Is the Biggest Security Threat You Face, and Almost No One Is Trying to Fix It. Here’s Why It Matters

Imagine you try to log into your bank account one day to setup a payment on your mortgage. You realize that something’s wrong when the bank’s website tells you you’ve entered the wrong password. That’s strange, you think as you click the link to “reset your password.”  It’s an easy process, but first, the bank requires that you prove you’re actually you, by sending a simple text message with a six-digit code to the mobile phone number on file. But when you request your code, the text never comes. …

Inc.com click the link to read the rest of the story. Our FREE Tools can help!

Are you using your phone for security authentication?

Join the conversation on our Facebook Page!

Posted on

Ransomware incident to cost Danish company a whopping $95 million

Demant, one of the world’s largest manufacturers of hearing aids, expects to incur losses of up to $95 million following what appears to be a ransomware infection that hit the company at the start of the month.  This marks one of the most significant losses caused by a cyber-security incident outside of the NotPetya ransomware outbreak…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

What would it cost your business, if it took weeks to recover?

Join the conversation on our Facebook Page!

Posted on

Silicon Valley is terrified of California’s privacy law. Good.

In a little over three months, California will see the widest-sweeping state-wide changes to its privacy law in years. California’s Consumer Privacy Act (CCPA) kicks in on January 1 and rolls out sweeping new privacy benefits to the state’s 40 million residents — and every tech company in Silicon Valley.  California’s law is similar to Europe’s GDPR. …

TechCrunch.com click the link to read the rest of the story. Our FREE Tools can help!

How are you preparing your business for the new laws?Join the conversation on our Facebook Page!

Posted on

The ultimate smartphone guide to killing spyware and stalkerware

This guide will run through what spyware is, what the warning signs of infection are, and how to remove such pestilence from your mobile devices. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Did you find anything on your smartphone?

Join the conversation on our Facebook Page!

Posted on

Simjacker attack exploited in the wild to track users for at least two years

Simjack exploits a technology residing on the SIM card, the attack also works independently of the user’s device type.  “We have observed devices from nearly every manufacturer being successfully targeted to retrieve location: Apple, ZTE, Motorola, Samsung, Google, Huawei, and even IoT devices with SIM cards,” researchers said.  The only good news is that the attack doesn’t rely on regular SMS messages…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you suspect that you have been compromised?

Join the conversation on our Facebook Page!

Posted on

Scammers find powerful way to impersonate you and empty your bank accounts

Criminals are using AI-generated audio to impersonate a CEO’s voice and con subordinates into transferring funds to a scammer’s account.  … The Wall Street Journal reports that the CEO of an unnamed UK-based energy company thought he was talking on the phone with his boss, the CEO of the German parent company, who’d asked him to urgently transfer €220,000 ($243,000) to a Hungarian supplier. However, the UK CEO was in fact taking instructions from a scammer who’d used AI-powered voice technology to impersonate the German CEO.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

How will you protect yourself from this?

Join the conversation on our Facebook Page!

Posted on

States preparing for ransomware voter assaults

The challenge: lock down the most exposed part of the nation’s election system.  … A ransomware attack in 2020 could prove devastating, preventing voters from registering or poll workers from confirming voter eligibility, officials say.

Cnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you concerned with this threat?

Join the conversation on our Facebook Page!

Posted on

Ransomware hits hundreds of dentist offices in the US

Hundreds of dental practice offices in the US have had their computers infected with ransomware this week, ZDNet has learned from a source. The incident is another case of a ransomware gang compromising a software provider and using its product to deploy ransomware on customers’ systems.  In this case, the software providers are The Digital Dental Record and PerCSoft…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Was your dentist hit?

Join the conversation on our Facebook Page!

Posted on

Phishing attacks jump by 21% in latest quarter, says Kaspersky

The number of worldwide phishing attacks detected by Kaspersky hit 129.9 million during the second quarter of 2019, according to a new report from the security vendor.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Have you been hit this year?

Join the conversation on our Facebook Page!

Posted on

Ransomware attacks have more than doubled this year

Ransomware attacks have more than doubled this year, as criminals turn to powerful new forms of file-locking malware and additional attack techniques to conduct campaigns that are more lucrative than ever before.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Has your business been hit?

Join the conversation on our Facebook Page!

Posted on

Hackers Want $2.5 Million Ransom for Texas Ransomware Attacks

The threat actor behind the coordinated ransomware attack against multiple Texas local governments may have gained access to its computer systems via a third-party software provider.  According to NPR, which first reported the development, the attackers want a collective ransom of $2.5 million. So far, there are no indications the amount has been paid.

TheNextWeb.com click the link to read the rest of the story. Our FREE Tools can help!

What would you do, if hit by an attack?Join the conversation on our Facebook Page!

Posted on

The Evolution of Russia’s Dark Web

Mention the dark web to security experts and their thoughts necessarily turn to its birthplace—Russia. From simple hack-sharing site origins, Russia’s cybercrime ecosystem has grown to rival that of its government.  Ahead of releasing a report on the topic, Charity Wright, formerly with the NSA, and Ariel Ainhoren, Research Team Leader at IntSights, graciously summarized this evolution for us here at the Black Hat conference. …

PCmag.com click the link to read the rest of the story. Our FREE Tools can help!

Have you explored the dark web?

Join the conversation on our Facebook Page!

Posted on

Ransomware Attack Hits 20+ Local Governments In Texas

The number of local government entities in Texas affected by a ransomware attack is now up to 23. In a release Saturday afternoon, the Texas Department of Information Resources said the local governments reported the attacks Friday morning. The majority of them are smaller local governments. …The DIR said it is continuing to investigate the origin of the attack, but at the moment believes it came from a “single threat actor.”

Kut.org click the link to read the rest of the story. Our FREE Tools can help!

How safe is your local government?Join the conversation on our Facebook Page!

Posted on

New cryptojacking malware uses a sneaky trick to remain hidden

A newly-discovered form of cryptocurrency- mining malware is capable of remaining so well-hidden that researchers investigating it found that it had spread to almost every computer at a company that had become infected. … The Monero-cryptomining campaign was uncovered after Varonis’ security platform spotted suspicious network alerts and abnormal file activity on systems within organisations that had reported unstable applications and network slowdown. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you confident your computers are viruses free?

Join the conversation on our Facebook Page!

Posted on

Top Windows Defender expert: These are the threats security hasn’t yet solved

More danger lurks around the corner as advanced techniques used by state-backed hackers, for example, to steal information, filter down to financially motivated attackers. This threat applies to the continuing growth of file-less malware, supply-chain attacks, and phishing. “We’re seeing the trend of advanced techniques being used to deliver commodity malware. Once the advanced technique becomes public knowledge…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you confident your computers are viruses free?

Join the conversation on our Facebook Page!

Posted on

Warshipping: new hack tools shipped to your business

Researchers have described a new technique which could be used by cyber attackers to infiltrate corporate setups — with a little help from your friendly neighborhood delivery workers. … Dubbed warshipping, the technique is the result of the researchers’ investigation into possible infiltration methods through package deliveries to the office mail-room — or an individual victim’s front door. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you found odd electronics in packages to your office?

Join the conversation on our Facebook Page!

Posted on

Microsoft alert: Hackers using IoT to breach business networks

One of Russia’s elite state-sponsored hacking groups is going after IoT devices as a way to breach corporate networks, from where they pivot to other more high-value targets.  Attacks have been observed in the wild said the Microsoft Threat Intelligence Center…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you secured all your IoT devices?

Join the conversation on our Facebook Page!

Posted on

How businesses can reduce the financial impact of data breaches

The financial impact of a data breach can devastate companies of all sizes but especially small and mid-sized businesses. The study found that organizations with fewer than 500 employees were hit by losses of more than $2.5 million on average… But there are actions that organizations can take to lessen the financial impact, as outlined in the report. …

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

How many of their recommendations have you implemented?

Join the conversation on our Facebook Page!

Posted on

Capital One’s breach was inevitable

Another day, another massive data breach.  This time it’s the financial giant and credit card issuer Capital One, which revealed on Monday a credit file breach affecting 100 million Americans and 6 million Canadians. Consumers and small businesses affected are those who obtained one of the company’s credit cards dating back to 2005.  That includes names, addresses, phone numbers, dates of birth, self-reported income and more credit card application data — including over 140,000 Social Security numbers in the U.S., and more than a million in Canada.

TechCrunch.com click the link to read the rest of the story. Our FREE Tools can help!

Should government do more?

Join the conversation on our Facebook Page!

Posted on

66% of SMBs don’t believe they are vulnerable to cyberattacks

The majority (66%) of business leaders at small to medium-sized businesses (SMBs) don’t believe they will fall victim to a cyberattack… While SMBs don’t think they are at risk, a previous study conducted by the Ponemon Institute for Keeper found otherwise: 67% of SMBs experienced cyberattacks within the past year. … The report found a major gap between the awareness and reality of cyberattacks in SMBs. Only 12% of respondents said they realize how likely an attack is on any size company.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Can you business survive the cost of a data breach?

Join the conversation on our Facebook Page!

Posted on

Capital One Data Theft – What it means for you

Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breach played out publicly over several months on social media and other open online platforms.  … That data included approximately 140,000 Social Security numbers and approximately 80,000 bank account numbers on U.S. consumers…

Krebsonsecurity.com click the link to read the rest of the story. Our FREE Tools can help!

What do you do to protect yourself?

Join the conversation on our Facebook Page!

Posted on

This new Android ransomware infects you through SMS messages

A new family of ransomware designed to attack Google’s Android mobile operating system utilizes SMS messaging to spread, researchers say.   On Monday, cybersecurity professionals from ESET revealed their investigation into the new malware, dubbed Android/Filecoder.C, that earmarks the end of a two-year decline in new Android malware detections.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you seen these SMS messages?

Join the conversation on our Facebook Page!

Posted on

Should the U.S. Government Fight Back When Businesses Are Cyberattacked?

Keith Alexander of the venture-backed cybersecurity start-up IronNet is unequivocal in his belief that private companies protecting themselves from nation-state threats is not working. “I flipped through this before you arrived,” he told us, dropping a pocket copy of the Constitution on the table. “It still says that the purpose of the Union is to provide for the common defense. There is no parenthetical that says ‘except in cyberspace.’” …

Medium.com click the link to read the rest of the story. Our FREE Tools can help!

What should the government do?Join the conversation on our Facebook Page!

Posted on

Ransomware: Why cities are now big targets for cyberattacks – and why it’ll get worse

In an emergency meeting of the city council, the administration of Lake City, a small Florida city with a population of 65,000, voted to pay a ransom demand... The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month… Despite the city’s IT staff disconnecting impacted systems within ten minutes of detecting the attack, a ransomware strain infected almost all its computer systems…  the unfortunate truth is that some organizations still won’t heed the lessons of the recent spate of attacks

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you agree with their decision to pay the ransom?

Join the conversation on our Facebook Page!

Posted on

Microsoft Warned 10,000 Users Targeted By State-Sponsored Hackers

Microsoft is warning customers that they are being targeted by state-sponsored hackers. Over the last year, the software giant said it had notified 10,000 users that they had been targeted by adversaries working for foreign governments. Some people had also been compromised as a result of these attempts…

Forbes.com click the link to read the rest of the story. Our FREE Tools can help!

Has your business been targeted by foreign governments?  Are you sure?

Join the conversation on our Facebook Page!

Posted on

Strange new phishing attack uses a surprise bill to trick you

Banks and financial institutions around the world are being targeted by a new email phishing campaign which uses an unusual technique as part of its attacks.  The phishing emails come with server-parsed HTML (SHTML) file attachments that are typically used by web servers. If users open the attachments, they’re immediately redirected to a malicious site requesting sensitive information, which if entered, falls directly into the hands of cyber-criminals …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Does you company test employee phishing id skills?

Join the conversation on our Facebook Page!

Posted on

Email scammers are now cost businesses $301 million monthly

The US Department of Treasury’s Financial Crimes Enforcement Network (FinCEN) has run an analysis on suspect transactions in the past year and found that US businesses in 2018 wired around $301 million per month to business email compromise (BEC) scammers.  The $301 million in average monthly losses is far higher losses than the FBI’s estimate…

fincen.gov click the link to read the rest of the story. Our FREE Tools can help!

How does your business rank on the list of targets? What are you doing to protect your business?

Join the conversation on our Facebook Page!