Top Most Exploited Vulnerabilities in the COVID-19 Era

Information Security, IT Support
Top Most Exploited Vulnerabilities in the COVID-19 Era Year 2020 is a strange year. As a result of the COVID-19 pandemic, many organizations have hastily made a transition from office work to work from home model with little time to put in place the needed cybersecurity measures. Here are the top most exploited vulnerabilities (in no particular order) based on the alerts issued by the national cybersecurity centers and agencies in multiple countries, including Canada (Canadian Centre for Cyber Security), US (Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation) and UK (National Cyber Security Centre), as well as a report from a computer security company (McAfee Labs): RDP Vulnerabilities RDP, which stands for Remote Desktop Protocol, is a proprietary protocol developed by Microsoft for Windows operating systems,…
Read More
Microsoft Warns Almost All Ransomware Attackers Steal Data

Microsoft Warns Almost All Ransomware Attackers Steal Data

Information Security, IT Support
Microsoft Warns Almost All Ransomware Attackers Steal Data Almost all of ransomware attackers, even those that don’t threaten to leak data, steal data anyway, Microsoft Threat Protection Intelligence Team warned. In the blog post "Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk", Microsoft Threat Protection Intelligence Team said that “while only a few of these groups gained notoriety for selling data, almost all of them were observed viewing and exfiltrating data during these attacks, even if they have not advertised or sold yet.” Ransomware and Data Exfiltration Ransomware is a type of malicious software (malware) that encrypts computer or the files within, locking out legitimate users and demanding from victims ransom payment in exchange for the decryption keys. Many ransomware victims who were forced to…
Read More
Work-from-Home Intensifies Network Compromises, Study Shows

Work-from-Home Intensifies Network Compromises, Study Shows

Information Security
Work-from-Home Intensifies Network Compromises, Study Shows A recent study conducted by Finnish company Arctic Security found that the massive work-from-home movement as a result of the COVID-19 crisis has resulted in the intensification of network compromises. According to Arctic Security, between January and March of this year, it observed an uptick in the number of organizations experiencing network compromises. Arctic Security said that for a small country, Finland's normal number of organizations that experience network compromise is approximately 200. Starting in the third week of March of this year, the company said, the number of organizations that experienced network compromise jumped to 800. This uptick of the number of organizations that experienced network compromise, Arctic Security said, was also observed in eight other countries in Europe, including Sweden, Norway, Denmark,…
Read More
Manitoba Law Firms Hit by Maze Ransomware

Manitoba Law Firms Hit by Maze Ransomware

Information Security
Manitoba Law Firms Hit by Maze Ransomware The Law Society of Manitoba recently revealed that two Manitoba-based law firms have been hit by Maze ransomware. Over the past two weeks, the Law Society of Manitoba said, in a statement, that the two Manitoba-based law firms had told the Society that as a result of the attack, they haven’t been able to access their emails, computer files, accounting software and backups, including cloud backups. The Law Society of Manitoba added that the group behind the Maze ransomware asked the victims to pay an “enormous ransom” in order for the victims to regain access to any of their work. “At this point, we do not know when or if they will ever regain complete access to their kidnapped data,” the Society said.…
Read More
Marriott Discloses 2nd Data Breach in Less than 2 Years

Marriott Discloses 2nd Data Breach in Less than 2 Years

Information Security
Marriott Discloses 2nd Data Breach in Less than 2 Years Marriott International, Inc., the world's largest hotel chain, recently disclosed a second data breach in a span of less than two years. Marriott, which owns over 7,300 hotels and licenses vacation ownership resorts in 134 countries and territories, in a statement, said that it became aware of this new data breach at the end of February 2020. The company believes that this latest data breach started way back in mid-January 2020. Marriott said this latest data breach affected 5.2 million guests and the following information may have been breached: Contact details (e.g., name, mailing address, email address, and phone number); Loyalty account information (e.g., account number and points balance, but not passwords); Additional personal details (e.g., company, gender, and birthday…
Read More
Microsoft Warns of Windows Zero-Day Exploitation

Microsoft Warns of Windows Zero-Day Exploitation

Information Security, IT Support
Microsoft Warns of Windows Zero-Day Exploitation Microsoft has revealed that it’s aware of on-going targeted cyberattacks exploiting two zero-day vulnerabilities found in the Windows Adobe Type Manager Library and impacting all supported versions of Windows. What Is Zero-Day? Zero-day is a security vulnerability in a software that’s known to the software vendor but the vendor doesn’t have a security update, also known as a patch, to fix the security vulnerability. If this zero-day vulnerability is known by malicious actors, this vulnerability has the potential to be exploited. According to Microsoft, two zero-day remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. Successful exploitation of this collective vulnerability in Windows Adobe Type Manager…
Read More
How to Secure Your Organization’s VPN for Remote Workers

How to Secure Your Organization’s VPN for Remote Workers

Information Security
How to Secure Your Organization’s VPN for Remote Workers Securing your organization’s virtual private network (VPN) is vital especially in today’s growing number of remote workers brought about by government-mandated quarantine, amidst the on-going threat of the Coronavirus disease 2019 (COVID-19). COVID-19, now affecting over a hundred thousand individuals in more than 100 countries and described as a pandemic by the World Health Organization (WHO), has prompted some individuals who believed that they’ve been exposed to the virus to opt for self-imposed quarantine. National and local governments in different parts of the world, meanwhile, have imposed different levels of movement restriction, from community quarantine to lockdown. With the growing number of quarantined individuals worldwide, remote work or telework has become, not just an option but a necessity. Remote work requires…
Read More
How to Secure Your Organization’s Network Following a Remote Work Adoption

How to Secure Your Organization’s Network Following a Remote Work Adoption

Information Security
How to Secure Your Organization’s Network Following a Remote Work Adoption The COVID-19 disease, now observed in a significant number of countries, has opened a new awareness to remote work for workers and employers wanting to avoid physical gatherings. What Is Remote Work? Remote work is the practice of working for an extended period outside the formal office. This practice, also known as telecommuting, teleworking and work from home, is nothing new. Fast internet connections, high-speed computers and more sophisticated applications have propelled the growth of remote work. Data from Canada’s General Social Survey (GSS) in 2016 showed that 2.3 million paid workers or 12.7% of the total workforce of Canada telework at least an hour a week. Out of the total number of Canadians who work from home for…
Read More
How to Protect Cloud Data

How to Protect Cloud Data

Information Security
How to Protect Cloud Data The recently disclosed data breach at MGM Resorts, exposing millions of the personal details of former hotel guests, highlights the importance of protecting your organization’s data stored in the cloud. An MGM spokesperson told ZDNet, "Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts." The company said it promptly notified all impacted former hotel guests in accordance with applicable state laws. The company added that no financial, payment card or password data was involved in the data breach. While the unauthorized access to MGM’s cloud server happened months ago, details of this data breach only surfaced when a malicious actor published on a hacking forum last week the personal details of…
Read More
In Focus: Backdoor Malware Targeting SSH Keys

In Focus: Backdoor Malware Targeting SSH Keys

Information Security
In Focus: Backdoor Malware Targeting SSH Keys A backdoor malware that targeted SSH keys previously used by the most sophisticated and well-financed threat groups has trickled down to ordinary cybercriminals as this malware is now being sold to anyone with access to the dark web, a new report showed. “SSH keys can be potent weapons in the wrong hands,” Yana Blachman, threat intelligence specialist at Venafi, told Infosecurity. “But until recently, only the most sophisticated, well-financed hacking groups had this kind of capability. Now, we’re seeing a ‘trickle-down’ effect, where SSH capabilities are becoming commoditized.” What Is SSH? SSH, which stands for Secure Shell, is a protocol used to secure remote login from one computer to another. The SSH protocol is used for many applications across many platforms, including Linux,…
Read More