Security Archives - Page 2 of 5

Aug92019 by genxwordadminNo Comments

Compromised VoIP Phones: New Path to Intrusion

Compromised VoIP Phones: New Path to Intrusion Security researchers at Microsoft Threat Intelligence Center disclosed that they discovered an infrastructure of a known cyber adversary that used the popular office IoT Voice over Internet Protocol (VoIP) as a new path to gain initial access to corporate networks. Researchers at Microsoft Threat Intelligence Center (MSTIC)reported that in April this year, the threat group known as “STRONTIUM” compromised 3 popular office IoT devices, VOIP phone, office printer and video decoder, across multiple customer locations to gain initial access to corporate networks. The researchers found that the said IoT devices were either compromised because the latest security update hadn’t been applied or the default manufacturer’s login details hadn’t been changed. Once the threat group gained initial access to the corporate network via these…

Jul62019 by genxwordadminNo Comments

Human Error Drives Cyber Insurance Claims, Data Shows

Information Security, News

Human Error Drives Cyber Insurance Claims, Data Shows Insurance company CFC Underwriting, which conducts business in over 80 countries, reported that human error plays a part in the vast majority of cyber insurance claims. CFC Underwritingreported that in 2018 the company responded to over 1,000 cyber insurance claims comprised of data breaches, theft of funds, ransomware and extortion, malware and more. In Canada alone, CFC Underwriting said that 32% of cyber insurance claims were about ransomware and extortion, 24% about non-malicious data breach, 20% about malicious data breach, 9% about theft of funds, 9% about malware and 6% referring to other cyber incidents. "Whether a business suffers a data breach, a ransomware attack, or accidentally sends money to a fraudulent bank account, human error plays a part…

May312019 by genxwordadminNo Comments

Cybercriminals Target Another Legitimate Tool: MYSQL Servers

Information Security, IT Support

Cybercriminals Target Another Legitimate Tool: MYSQL Servers The recent discovery by researchers at Sophos that attackers are scanning the internet to find vulnerable MYSQL servers for the purpose of infecting them with the GandCrab ransomware shows that attackers are increasingly targeting legitimate tools as a means to sneak into organizations’ networks. MySQL server is a database platform that uses tables to store data and indexes to sort data and speed up performance. This database platform supports desktop and web applications and runs on either Linux or Windows operating system. GandCrab ransomware, meanwhile, is a particular type of malicious software (malware) designed to lock out legitimate users from their computer system or data until a ransom is paid. Researchers at Sophossaid that they set-up a mocked up insecure MySQL server for…

May172019 by genxwordadminNo Comments

Microsoft Calls on Users to Patch Older Windows Operating Systems to Prevent WannaCry-like Cyberattack

IT Support, Security

Microsoft Calls on Users to Patch Older Windows Operating Systems to Prevent WannaCry-like Cyberattack Microsoft recently released a patch for older Windows operating systems and calls on users to apply this patch as soon as possible to prevent a disaster similar to the WannaCry cyberattack in 2017. In the blog post “Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)”, Simon Pope, Director of Incident Response at Microsoft Security Response Center (MSRC), said that a security vulnerability was discovered on Remote Desktop Services, formerly known as Terminal Services, in older Windows operating systems. The security vulnerability, Pope said, allows remote code execution – the ability of an attacker to access someone else's computing device regardless of where this device is geographically located. In addition to the remote code execution capability,…

Mar282019 by genxwordadminNo Comments

Software Updates: Gateway for Supply Chain Attacks

Information Security, IT Support, Security

Software Updates: Gateway for Supply Chain Attacks The confirmation by Taiwan-based tech giant ASUS that its software update was hijacked by cybercriminals to install malicious software (malware) on its customers’ notebook computers highlights the threat of supply chain attacks via software updates. A supply chain attack attempts to exploit the security vulnerability in a third-party service or software to compromise a final target. Hijacked software update is one of the most common forms of supply chain attack. Last March 26, ASUS, ranked by Gartner as the world's 5th-largest PC vendor in the 3rd quarter of 2018, asked its notebook computer customers to install the latest software update (version 3.6.8) after acknowledging that ASUS Live Update, a pre-installed software in ASUS notebook computers to ensure that the system always benefits from…

Feb272019 by genxwordadminNo Comments

More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows

Information Security, IT Support, Security

More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows A study conducted by IBM showed that more than half of cyberattacks exploit common administration tools or tools that already exist on targeted computers. IBM’s 2019 X-Force Threat Intelligence Indexshowed that more than half or 57% of cyberattacks leveraged common administration tools and in the process, evading detection, maintaining persistence and achieving their objectives. Living Off the Land The phrase “living off the land” is the term used for cyberattacks that leverage tools that already exist on targeted computers. This type of cyberattack blends in with common administration work, making detection more difficult. According to IBM, one of the common administration tools that’s often used by cyberattackers is PowerShell. What Is PowerShell? PowerShell is a…

Feb112019 by genxwordadminNo Comments

How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

Information Security, Servers

How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks Servers are the core of every organization’s I.T. operations. Many organizations, however, leave this core component open to cyberattacks through SMBv1. What Is SMBv1? SMBv1, which stands for Server Message Block version 1, was created by Barry Feigenbaum in the early 80s as a file sharing protocol for DOS. In the 90s, Microsoft started using SMBv1 in its operating systems as a protocol for sharing access to files, printers and other resources on a network. SMBv2, which stands for Server Message Block version 2, was introduced in Windows Vista and Windows Server 2008. SMBv3 was introduced in Windows 8 and Windows Server 2012. In 2014, Microsoft publicly regarded SMBv1 as obsolete and best avoided. SMBv1 isn’t installed by default in the…

Jan282019 by genxwordadminNo Comments

How to Stop the Costliest & Destructive Malware Emotet

Information Security

How to Stop the Costliest & Destructive Malware Emotet In the history of malicious software (malware) development, the malware called “Emotet” has emerged to be among the most costly and destructive. According to the United States Computer Emergency Readiness Team (US-CERT), Emotet costs the U.S. state, local, tribal, and territorial (SLTT) governments up to $1 million per incident to clean up. Emotet victims are, however, not limited to the U.S. territory alone as this malware targets everyone regardless of location and affecting both in the private and public sectors. What is Emotet? How It Works? Emotet is a malware that was first detected by Trend Microin June 2014. Emotet first appeared as a banking trojan – a malware that’s designed to steal critical information stored or processed through online banking…

Jan152019 by genxwordadminNo Comments

When Cyberattacks Force Organizations to Use Paper

Information Security, Security

When Cyberattacks Force Organizations to Use Paper Computers revolutionized the way we do business, to the point that reliance on computers is almost total for many organizations. This almost total reliance on computers, however, makes many organizations vulnerable to cyberattacks, such as ransomware attacks. The recent ransomware attack on the City Hall of Del Rio, Texashighlights the downside of the digital age. The City Hall of Del Rio succumbed to a ransomware attack resulting in the “transactions at City Hall … being done manually with paper”, the City of Del Rio said in a statement. The City of Del Rio said that its City Hall was attacked by a ransomware last January 10, which prompted the city’s IT department in disabling the city’s servers, the shutting off of the internet…

Nov122018 by genxwordadminNo Comments

Canadian University Shuts Down IT Network After Cryptojacking Attack

Information Security

Canadian University Shuts Down IT Network After Cryptojacking Attack St. Francis Xavier University, one of Canada’s oldest universities, was forced to temporarily disable all its network systems in response to a cryptojacking attack. The university, in a statement, said that a malicious software (malware) infected its network which then attempted to utilize the university’s collective computing power in order to mine the cryptocurrency Bitcoin. The university added that it's bringing its IT systems back online in a staggering process to minimize potential risk. This cyber incident at St. Francis Xavier Universityhighlights the dangers of a cryptojacking attack. What Is Cryptojacking? Cryptojacking happens when a cyberattacker uses without consent the computing power of another for the purpose of mining a cryptocurrency such as Bitcoin. Mining a cryptocurrency like Bitcoin is similar…