Tech Support Scam

How Not to Fall for Phishing as an IT Pro

CyberheistNews Vol 7 #31   |   Aug 8th., 2017 How Not to Fall for Phishing as an IT Pro  OK, here is a new spear phishing scheme that attacks your development team. Cyber criminals with IPs resolving to Russia hijacked an extension for Google Chrome and abused their illegal access to push out spam to unsuspecting users. The security incident happened to Copyfish, a type of Optical Character Recognition software which allows users to extract text from images, video, and/or PDF documents. Only the program's Chrome extension suffered as a result of the attack, the Firefox component was not affected. Copyfish's developer, a company known known as a9t9 software, revealed it traced the trouble back to a phishing attack that occurred on 28 July: "A team member received an email from Google' saying that we need to update our Chrome extension (Copyfish) otherwise it would be removed from the store. "Click here to read more details" the email said. The click opened the 'Google' password dialog, and the unlucky team member entered the password for our developer account. This looked all legit to the team member, so we did not notice the phishing attack as such at this point. Phishing for Chrome extensions was simply not on our radar screen." [emphasis added] The upshot? Enable 2-factor authentication on all your critical accounts. Oh, and get some security awareness training for *everyone* in the organization, especially the people that think they do not need it... PS: by the way, there is a new spearphishing technique, relying entirely on social engineering: a targeted mail that contains no links or exploits, but mentions an interesting report title. Googling the title leads to the exploit site. Devious, huh?  Cerber Ransomware Can Now Steal Bitcoin Wallet Data and Browser Passwords The Russian 800-pound gorilla Dridex Banking Trojan gang who are also behind the Cerber ransomware have just upped their game. Cerber is part of the small set of professional ransomware families that gets updated at a furious pace in an attempt to gain (criminal) market share. Cerber now comes with new capabilities that allow the Dridex gang to steal data from three Bitcoin wallet apps — the Bitcoin Core wallet, the Electrum wallet app and the Multibit wallet app. This new Cerber flavor is also able to steal saved passwords from popular web browsers, including Internet Explorer, Google Chrome, and Mozilla Firefox. Trend Micro security researchers said that while stolen browser passwords may help the cyber criminals hijack victims' accounts, the stolen data from Bitcoin wallets is only the first step: "Theft of these files does not assure that the stored Bitcoins can be stolen. The thief would still need to get the password that protects the wallet in question," Trend Micro researchers said in a blog. Cerber's criminal coders have been working hard to avoid detection. Last year, just a day after a Cerber decryption tool was issued out by Check Point security experts, they updated Cerber which made the decryptor useless. Trend Micro also said that just in May this year, Cerber underwent six different upgrades. "Cerber ransomware has acquired the reputation of being one of the most rapidly evolving ransomware families to date. This new feature shows that attackers are trying out new ways to monetize ransomware." Some details of Cerber haven't changed, though. It still arrives via phishing emails with an attached file. Solutions and Best Practices Trend Micro noted: "Cerber's entry vector onto systems didn't change, so known best practices against it would still work. Educating users against opening attachments in emails from external or unverified sources would lower the risks; system administrators should also consider email policies that strip out such attachments." We could not agree more.  Employees Pose Bigger Threat to Cybersecurity Than Hackers This article by Tim Crosby in ReadITQuick is great ammo if you need more IT security budget. "In a Harvey Nash/KPMG survey, 4,500 CIOs and technology leaders from around the world indicate that the insider threat is the fastest growing security risk of all. Employees and contractors, who are often provided with access to a company's network infrastructure without proper risk management training, pose a significant risk to businesses. While some employees act maliciously against their organization, many cybersecurity breaches are due to negligence or inadvertent error. In fact, 60% of businesses admit their employees have no knowledge of security risks." He introduces the concept of "stale employee training" which I like a lot. "With a rapidly changing cyber criminal landscape, static assessments, stale employee training and protocols will not keep up with the dynamics of cybersecurity today. Training and system evaluation must be ongoing and respond to the ever-changing environment." Full article: https://www.readitquik.com/articles/personal-security/employees-pose-bigger-threat-to-cybersecurity-than-hackers/

Peter's Here

I'm back off my holidays - just working through the requests and arranging appointments - if you have emailed me or booked appointments and have not heard anything in the next hour then please recontact me and we will get you booked in.

Any and all outstanding issues on the helpdesk have been sorted so you should all be working fully now.

Any new customers wanting to get on board now would be your best time, as when everything is dealt with there is a price rise coming (our annual one) but you can lock in todays prices by signing up now.

Help Me

Off on holiday for a bit so lets see when i come back how many of you have liked and shared as many of the posts on Pete's PC Repaired Facebook page and see who got the most people to like the page as well.

see you on the other side of the holiday

Peter

article is now live

Russia bans VPNs, and Swedish Transport Agency leaks millions of details A daily dose of today's top tech news, in brief. You need to hear this. Vladimir Putin signs law banning VPNs in Russia Russian President Vladimir Putin has signed a law that bans the use of virtual private networks (VPNs) and other anonymizing technology that allows users to access banned websites. The law had already passed through the Dama, Russia's lower House of Parliament, and will be put into practice November 1. The Dama's information policy committee said the law was not designed to restrict law-abiding citizens, and is only intended to block access to "unlawful content," RIA news agency reported. The decision comes just one day after Apple removed VPN apps from its China App Store following a government request. Technical details on the ban are still pending, and how companies using VPNs for productivity purposes will respond is yet to be seen. AMD unveils Radeon RX Vega cards Following months of sparse details, AMD has unveiled its Radeon RX Vega cards. The company will offer three RX Vega cards: the Vega 64 Liquid, Vega 64, Vega 56, and R9 Fury X. All three cards are based on the Vega 10 CPU. Performance numbers so far are limited, with numbers for the Vega 64 Liquid and Vega 56 remaining unreported. "What we've been told is to expect the Vega 64 to 'trade blows' with NVIDIA's GeForce GTX 1080," Anandtech writes. "In terms of numbers, the few numbers that the company has published have focused on minimum frame rates over average frame rates, opting to emphasize smoothness and the advantage they believe to have over the aforementioned [NVIDIA] GTX 1080." Full specifications can be seen at Anandtech here, and the Radeon RX Vega is expected to launch on August 14. Swedish Transport Agency outsourced database management, exposing millions of personal details In one of the largest government technical blunders in history, the Swedish government exposed the personal documents of millions of its citizens by outsourcing database management to companies in the Czech Republic and Serbia. The entire Sweden Transport Agency database was uploaded onto cloud servers, of which some employees at foreign companies had full access. The exposure was discovered in March 2016 by the Swedish Secret Service, which promptly warned other government agencies that unauthorized parties now have access to classified systems. The decision to bypass necessary security checks was reportedly made to expedite the transition to outsourced IT staff, as the STA wanted to fire local staff as soon as possible. According to Bleeping Computer, exposed information includes: The official responsible for the leak was reportedly fined just $8,500 and will continue to head the agency, a sentence many in Sweden feel is far too light. But there's more going on in the world than that. No More Ransom aims to combat the rapid spread of ransomware attacks An organization called No More Ransom was launched jointly last year by Europol, the Dutch National Police, McAfee, and Kaspersky Lab, and aimed to create a united front to combat the growing problem of ransomware, a digital plague that cost victims over $1 billion last year. The organization provided decryption tools for four major ransomware families, and provides methods to better secure systems against cyberattacks. It also provides the decryption keys for several known ransomware strains. The creation of the agency has been considered wildly successful, with millions of visitors and an expanded network consisting of dozens of auxiliary partners. "Law enforcement agencies have restrictions that criminals don't — they have the logistics of paperwork," David Emm, principal security researcher at Kaspersky Lab, told ZDNet. "Whereas at least under the umbrella of a project like this, there's nothing to slow it down." The number of decryptions that have occurred thanks to tools offered by No More Ransom is not known, but the organization estimates that the number is close 28,000 decryptions. And you can't not know this. Scientists have discovered a way to reverse aging in cells Scientists have discovered a way to stop aging in cells, which is a critical step in the search for longer lives, and ultimately, immortality. Researchers at the Houston Methodist Research Institute say they have found a way to "make aged cells younger." The research focuses on telomeres, the caps at the ends of chromosomes whose length is believed to correspond with age. "Cooke's team used a technology called RNA therapeutics, which delivers RNA directly into cells, to spur cells to produce telomerase, a protein that lengthens telomeres," Motherboard writes. "The technique improved cells' lifespan and function." The research is undoubtedly significant, but reversing age in a lab is far from reversing age in a living being. That said, the project's head researcher, Dr. John Cooke, says that he is optimistic that the research has the potential to combat age-related disease.

Call us Today

Holidays

Reclaim your Weekend