Tag Archives: Security

Posted on

Warshipping: new hack tools shipped to your business

Researchers have described a new technique which could be used by cyber attackers to infiltrate corporate setups — with a little help from your friendly neighborhood delivery workers. … Dubbed warshipping, the technique is the result of the researchers’ investigation into possible infiltration methods through package deliveries to the office mail-room — or an individual victim’s front door. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you found odd electronics in packages to your office?

Join the conversation on our Facebook Page!

Posted on

Microsoft alert: Hackers using IoT to breach business networks

One of Russia’s elite state-sponsored hacking groups is going after IoT devices as a way to breach corporate networks, from where they pivot to other more high-value targets.  Attacks have been observed in the wild said the Microsoft Threat Intelligence Center…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you secured all your IoT devices?

Join the conversation on our Facebook Page!

Posted on

How businesses can reduce the financial impact of data breaches

The financial impact of a data breach can devastate companies of all sizes but especially small and mid-sized businesses. The study found that organizations with fewer than 500 employees were hit by losses of more than $2.5 million on average… But there are actions that organizations can take to lessen the financial impact, as outlined in the report. …

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

How many of their recommendations have you implemented?

Join the conversation on our Facebook Page!

Posted on

Capital One’s breach was inevitable

Another day, another massive data breach.  This time it’s the financial giant and credit card issuer Capital One, which revealed on Monday a credit file breach affecting 100 million Americans and 6 million Canadians. Consumers and small businesses affected are those who obtained one of the company’s credit cards dating back to 2005.  That includes names, addresses, phone numbers, dates of birth, self-reported income and more credit card application data — including over 140,000 Social Security numbers in the U.S., and more than a million in Canada.

TechCrunch.com click the link to read the rest of the story. Our FREE Tools can help!

Should government do more?

Join the conversation on our Facebook Page!

Posted on

66% of SMBs don’t believe they are vulnerable to cyberattacks

The majority (66%) of business leaders at small to medium-sized businesses (SMBs) don’t believe they will fall victim to a cyberattack… While SMBs don’t think they are at risk, a previous study conducted by the Ponemon Institute for Keeper found otherwise: 67% of SMBs experienced cyberattacks within the past year. … The report found a major gap between the awareness and reality of cyberattacks in SMBs. Only 12% of respondents said they realize how likely an attack is on any size company.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Can you business survive the cost of a data breach?

Join the conversation on our Facebook Page!

Posted on

Capital One Data Theft – What it means for you

Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breach played out publicly over several months on social media and other open online platforms.  … That data included approximately 140,000 Social Security numbers and approximately 80,000 bank account numbers on U.S. consumers…

Krebsonsecurity.com click the link to read the rest of the story. Our FREE Tools can help!

What do you do to protect yourself?

Join the conversation on our Facebook Page!

Posted on

This new Android ransomware infects you through SMS messages

A new family of ransomware designed to attack Google’s Android mobile operating system utilizes SMS messaging to spread, researchers say.   On Monday, cybersecurity professionals from ESET revealed their investigation into the new malware, dubbed Android/Filecoder.C, that earmarks the end of a two-year decline in new Android malware detections.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you seen these SMS messages?

Join the conversation on our Facebook Page!

Posted on

Should the U.S. Government Fight Back When Businesses Are Cyberattacked?

Keith Alexander of the venture-backed cybersecurity start-up IronNet is unequivocal in his belief that private companies protecting themselves from nation-state threats is not working. “I flipped through this before you arrived,” he told us, dropping a pocket copy of the Constitution on the table. “It still says that the purpose of the Union is to provide for the common defense. There is no parenthetical that says ‘except in cyberspace.’” …

Medium.com click the link to read the rest of the story. Our FREE Tools can help!

What should the government do?Join the conversation on our Facebook Page!

Posted on

Ransomware: Why cities are now big targets for cyberattacks – and why it’ll get worse

In an emergency meeting of the city council, the administration of Lake City, a small Florida city with a population of 65,000, voted to pay a ransom demand... The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month… Despite the city’s IT staff disconnecting impacted systems within ten minutes of detecting the attack, a ransomware strain infected almost all its computer systems…  the unfortunate truth is that some organizations still won’t heed the lessons of the recent spate of attacks

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you agree with their decision to pay the ransom?

Join the conversation on our Facebook Page!

Posted on

Here’s how you can still get a free Windows 10 upgrade

Microsoft’s much-hyped free upgrade offer for Windows 10 ended in 2016, right? Not exactly. … In this post, I’ll cover the basics of a Windows 10 upgrade. I’ll also talk about the licensing issues involved, which are (as always) confusing. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you still waiting to upgrade?  What is your biggest concern?

Join the conversation on our Facebook Page!

Posted on

Microsoft Warned 10,000 Users Targeted By State-Sponsored Hackers

Microsoft is warning customers that they are being targeted by state-sponsored hackers. Over the last year, the software giant said it had notified 10,000 users that they had been targeted by adversaries working for foreign governments. Some people had also been compromised as a result of these attempts…

Forbes.com click the link to read the rest of the story. Our FREE Tools can help!

Has your business been targeted by foreign governments?  Are you sure?

Join the conversation on our Facebook Page!

Posted on

Strange new phishing attack uses a surprise bill to trick you

Banks and financial institutions around the world are being targeted by a new email phishing campaign which uses an unusual technique as part of its attacks.  The phishing emails come with server-parsed HTML (SHTML) file attachments that are typically used by web servers. If users open the attachments, they’re immediately redirected to a malicious site requesting sensitive information, which if entered, falls directly into the hands of cyber-criminals …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Does you company test employee phishing id skills?

Join the conversation on our Facebook Page!

Posted on

Email scammers are now cost businesses $301 million monthly

The US Department of Treasury’s Financial Crimes Enforcement Network (FinCEN) has run an analysis on suspect transactions in the past year and found that US businesses in 2018 wired around $301 million per month to business email compromise (BEC) scammers.  The $301 million in average monthly losses is far higher losses than the FBI’s estimate…

fincen.gov click the link to read the rest of the story. Our FREE Tools can help!

How does your business rank on the list of targets? What are you doing to protect your business?

Join the conversation on our Facebook Page!

Posted on

Cybersecurity: Do these six things to protect your company online

Of those companies surveyed … over half of companies (53%) reported losses of between 3% and 10% following a cyber-attack or data breach. But the losses can also be much worse: 6% of businesses consulted in the report said they lost between 11% and 25% of revenue as the result of an incident. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

How good is your cyber insurance, training and security?

Join the conversation on our Facebook Page!

Posted on

Israel issues warning of a new type of cyber attack

Israel issued a warning warning of a new type of cyber attack, using artificial intelligence (AI) technology to impersonate senior company executives. In this method, instructions are given to the companies staff members to perform transactions such as money transfer to perform transactions such as money transfers, as well as malicious activity on the company’s network. …

Gadgetsnow.com click the link to read the rest of the story. Our FREE Tools can help!

How are you protecting your office from such attacks?

Join the conversation on our Facebook Page!

Posted on

Top 10 Common Network Security Threats Explained

Now that most of our daily procedures and activities are automatized and available for use on the Internet, we need to take the same level of precaution we did as children, crossing to the other side of the street… today we’re going back to basicsexploring and explaining the most common network security threats you may encounter while online…

Securitytrails.com click the link to read the rest of the story. Our FREE Tools can help!

How safe is your business from these threats?

Join the conversation on our Facebook Page!

Posted on

Microsoft fixes zero-day flaw exploited by Russian hackers

This month, Microsoft patched 77 vulnerabilities, including two zero-days — security flaws that were being actively exploited in the wild. … The zero-day was discovered by ESET as part of the attack chain of a group of Russian state-funded hackers. The company told ZDNet it plans to publish an in-depth blog post about these attacks…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you think we are staying ahead of the threats?

Join the conversation on our Facebook Page!

Posted on

Microsoft adds OneDrive Personal Vault to secure your critical files

Microsoft’s OneDrive Personal Vault locks down a portion of your OneDrive cloud storage with time-limited two-factor authentication.  Personal Vault is designed for files you really hold dear: tax information, scanned passports, that sort of thing.  … Microsoft says that Personal Vault applies an extra layer of protection, essentially by reducing the timeout period. …

PCWorld.com click the link to read the rest of the story. Our FREE Tools can help!

Will you use the Personal Vault?

Join the conversation on our Facebook Page!

Posted on

Ransomware attacks: Why and when it makes sense to pay the ransom

Whether you pay ransomware actors or not really comes down to some straightforward business calculations. Sometimes the ransom is worth it. … Yet another city is deciding to pay ransomware gangs to get their IT infrastructure back and you can almost feel the consternation among officials. That consternation may also be good business. Simply put, it can make good sense to pay ransomware.  In a recent research report, Forrester Research argued that paying ransomware should be viewed as a viable option…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Would your business pay a ransom?

Join the conversation on our Facebook Page!

Posted on

The Worm That Nearly Ate the Internet

Just over 10 years ago, a unique strain of malware blitzed the internet so rapidly that it shocked cybersecurity experts worldwide. Known as Conficker, it was and remains the most persistent computer worm ever seen, linking computers with Microsoft operating systems globally, millions of them, to create a vast illicit botnet, in effect, a black-market supercomputer. That much power controlled by its unknown maker posed an existential threat not just to any enterprise connected to the web, but to the internet itself. … Surely something bigger was coming. But it never did. Why? Who created Conficker, and why bother if they were not going to use it?

NYTImes.com click the link to read the rest of the story. Our FREE Tools can help!

Who do you think was behind this?

Join the conversation on our Facebook Page!

Posted on

US Cyber Command Issues Alert! Hackers Attacking Outlook

US Cyber Command has issued an alert via Twitter today about threat actors abusing an Outlook vulnerability to plant malware on government networks.  The vulnerability is CVE-2017-11774, a security bug that Microsoft patched in Outlook in the October 2017 Patch Tuesday.  The Outlook bug, discovered and detailed by security researchers from SensePost, allows a threat actor to escape from the Outlook sandbox and run malicious code on the underlying operating system. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you train your office how to identify dangerous emails?

Join the conversation on our Facebook Page!

Posted on

Protect your online identity now: Stop hackers in 5 steps

Having your identity stolen can be a nightmare, and cleaning up the mess can take months. You can make life difficult for a would-be identity thief by locking down these five key aspects of your online life. … [In a recent case] hackers were able to convince T-Mobile to issue a replacement SIM that gave them access to his primary phone number. That in turn allowed them to reset passwords on his Gmail account, which pretty much gave them unfettered access to his entire identity. They then proceeded to shut down his Twitter account, wipe out everything associated with his Google account, and even access his online banking accounts.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you been the victim of a SIM hack?

Join the conversation on our Facebook Page!

Posted on

Cyberwarfare escalation just took a new and dangerous turn

Smuggling malware into the power grids of rival states risks making tensions higher, especially when the rules of the game are yet to be established. … The New York Times has reported that the US has escalated its plans to place malware in Russia power networks, in response to similar and ongoing online incursions by Russia-backed hackers.  This is the latest development in online hostilities involving power grids; energy companies have long been the targets of cyber-espionage, but in recent years the intent has switched from spying to creating outages.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

How are you preparing your business for cyber-ware attacks?

Join the conversation on our Facebook Page!

Posted on

Florida city pays $600,000 to hackers unlock their computers

The Riviera Beach City Council voted unanimously this week to pay the hackers’ demands, believing the Palm Beach suburb had no choice if it wanted to retrieve its records, which the hackers encrypted. … According to the U.S. Department of Homeland Security, ransomware is the fastest growing malware threat

CBSNews.com click the link to read the rest of the story. Our FREE Tools can help!

Have you or will you ever pay a ransom?

Join the conversation on our Facebook Page!

Posted on

How hackers can permanently lock you out of your accounts

A young woman recently contacted me for help: a hacker gained access to her Instagram and Snapchat and started sending her friends “nudes” she  had taken. She tried many times to regain access to her account – often arduous efforts requiring she send social media companies selfies with dates and codes – but every time she regained access, the intruder locked her out again and forced her to start from scratch.

When I heard her story I was surprised; in these cases a password reset is usually sufficient. After digging a bit deeper I was astounded by the brutal effectiveness of the hacker’s strategy – so complete it left his victim with no recourse to regain her accounts.

TheGuardian.com click the link to read the rest of the story. Our FREE Tools can help!

Could your business survive this?

Join the conversation on our Facebook Page!

Posted on

Scranos Malware Returns With New Data Stealing Features

The group behind a malware campaign targeting both Windows and Android devices in an adware operation across both Europe and the US have altered its attack techniques and added new payloads including a cryptominer and a Trojan in an apparent bid to make more money from infected devices.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have you checked to see if your security software blocks the latest version of Scranos?

Join the conversation on our Facebook Page!

Posted on

Ransomware stops production at major airplane parts manufacturer

ASCO, one of the world’s largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium.  As a result of having IT systems crippled by the ransomware infection

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Any guess what this is costing the firm?

Join the conversation on our Facebook Page!

Posted on

Devastating Title Insurance Records Leak – First American

Orange County based real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003… The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser. … this would potentially include anyone who’s ever been sent a document link via email by First American.

Krebsonsecurity.com click the link to read the rest of the story. Our FREE Tools can help!

Have you done business with First American Financial?

Join the conversation on our Facebook Page!

Posted on

Why Traditional Antivirus Can’t Stop Next Generation Threats [Infographic]

There is a reason why 60% of computers are breached each year.  Traditional solutions no longer even see the newest threats.  The info-graphic below helps explain why this is.

Ingenious.News click the link to read the rest of the story. Our FREE Tools can help!

How are you protecting yourself against next generation threats?

Join the conversation on our Facebook Page!