Tag: microsoft

Microsoft Warns Almost All Ransomware Attackers Steal Data

Microsoft Warns Almost All Ransomware Attackers Steal Data

Information Security, IT Support
Microsoft Warns Almost All Ransomware Attackers Steal Data Almost all of ransomware attackers, even those that don’t threaten to leak data, steal data anyway, Microsoft Threat Protection Intelligence Team warned. In the blog post "Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk", Microsoft Threat Protection Intelligence Team said that “while only a few of these groups gained notoriety for selling data, almost all of them were observed viewing and exfiltrating data during these attacks, even if they have not advertised or sold yet.” Ransomware and Data Exfiltration Ransomware is a type of malicious software (malware) that encrypts computer or the files within, locking out legitimate users and demanding from victims ransom payment in exchange for the decryption keys. Many ransomware victims who were forced to…
Read More
Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company

Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company

Information Security
Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company A recently published decision by the High Court of Business and Property, a division of the High Court of England and Wales, revealed that the attacker or attackers behind the ransomware attack on a Canadian insurance company were paid nearly a million U.S. dollars. The ransomware attack at a Canadian insurance company and the issuing ransom payment, which were hidden from the public, only surfaced after the insurer of the Canadian insurance company, an insurance company based in the UK, filed a case in court to recover the ransom paid to the attackers. Ransomware is a type of malicious software (malware) that encrypts victims’ computers or data, locking out legitimate users from accessing these computers or…
Read More
Microsoft Confirms BlueKeep Attacks, Calls Users to Patch to Prepare for More Damaging Attacks

Microsoft Confirms BlueKeep Attacks, Calls Users to Patch to Prepare for More Damaging Attacks

Information Security, News
Microsoft Confirms BlueKeep Attacks, Calls Users to Patch to Prepare for More Damaging Attacks Microsoft recently confirmed the ongoing BlueKeep attacks and warned that future BlueKeep attacks will likely be more damaging as systems remain unpatched. What Is BlueKeep? On May 14, 2019, Microsoft released an out-of-the-schedule patch for the security vulnerability CVE-2019-0708, also known as BlueKeep. This security vulnerability affects older versions of Windows, specifically Windows 7, Windows Server 2008 and Windows Server 2008 R2. According to Microsoft, this security vulnerability, when left unpatched, is “wormable”, which means that any future malicious software (malware) that exploits this vulnerability could propagate from one vulnerable computer to another vulnerable computer in the same way that the WannaCry malware spread across the globe on May 12, 2017 – affecting hundreds of thousands…
Read More
Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks

Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks

Information Security, IT Support
Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks The newly released Microsoft Security Intelligence Report revealed that over the past few years, the increased number of supply chain attacks had become a primary source of concern in many IT departments. The Microsoft Security Intelligence Report Volume 24found that several cyberattacks were detected using compromised software supply chains in 2018. These supply chain attacks, Microsoft said, have affected a wide range of software and targeted organizations in different geographic locations and sectors. The Microsoft report compiled 6.5 trillion threat signals and was based on research and real-world experiences from thousands of security researchers and responders worldwide for the period of January 2018 to December 2018. What Is Supply Chain Attack?  In a supply chain attack, an attacker maliciously makes…
Read More
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

Information Security, Servers
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks Servers are the core of every organization’s I.T. operations. Many organizations, however, leave this core component open to cyberattacks through SMBv1. What Is SMBv1? SMBv1, which stands for Server Message Block version 1, was created by Barry Feigenbaum in the early 80s as a file sharing protocol for DOS. In the 90s, Microsoft started using SMBv1 in its operating systems as a protocol for sharing access to files, printers and other resources on a network. SMBv2, which stands for Server Message Block version 2, was introduced in Windows Vista and Windows Server 2008. SMBv3 was introduced in Windows 8 and Windows Server 2012. In 2014, Microsoft publicly regarded SMBv1 as obsolete and best avoided. SMBv1 isn’t installed by default in the…
Read More
Race to Patch Known Cybersecurity Vulnerabilities

Race to Patch Known Cybersecurity Vulnerabilities

Information Security, Security
Race to Patch Known Cybersecurity Vulnerabilities More than a month since Microsoft rolled out its April 30, 2018 update on Windows 10, the company said nearly 250 million or one-third of the nearly 700 million computers using Windows 10 have applied this update. This Microsoft data shows that nearly 450 million or two-thirds of machines using Windows 10 as their operating system (OS) haven’t applied the April 2018 patch. Prevalence of Delayed Patching A patch is a piece of code that’s inserted (or patched) into an existing software program. It’s meant to improve performance, usability or to fix known cybersecurity vulnerabilities. It’s a known fact that many organizations don’t patch immediately. Researchers at Renditionrevealed that more than a month after Microsoft released its March 2017 update, over 148,000 machines hadn’t…
Read More
Why Updating Your Organization’s Aging E-mail System is Important

Why Updating Your Organization’s Aging E-mail System is Important

Collaboration, Email, Information Security
The Importance of Updating an Aging E-mail System Despite the growth of short-form communication platforms, most businesses today still prefer the longer form, familiar e-mail. Messages, however, have morphed into something else that aging e-mail systems aren’t any more convenient and safe to use. E-mail Statistics in the Workplace According to market research firm The Radicati Group (PDF), the total number of business and consumer e-mails sent and received each day worldwide will hit 269 billion in 2017. This number is expected to increase at an average yearly rate of 4.4% over the next four years, hitting the 319.6 billion mark by 2021. The number of e-mail users in 2017 worldwide is expected to reach 3.7 billion – nearly half of the world’s population. By 2021, this number is projected…
Read More

Tag: microsoft

Microsoft Warns Almost All Ransomware Attackers Steal Data

Microsoft Warns Almost All Ransomware Attackers Steal Data

Information Security, IT Support
Microsoft Warns Almost All Ransomware Attackers Steal Data Almost all of ransomware attackers, even those that don’t threaten to leak data, steal data anyway, Microsoft Threat Protection Intelligence Team warned. In the blog post "Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk", Microsoft Threat Protection Intelligence Team said that “while only a few of these groups gained notoriety for selling data, almost all of them were observed viewing and exfiltrating data during these attacks, even if they have not advertised or sold yet.” Ransomware and Data Exfiltration Ransomware is a type of malicious software (malware) that encrypts computer or the files within, locking out legitimate users and demanding from victims ransom payment in exchange for the decryption keys. Many ransomware victims who were forced to…
Read More
Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company

Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company

Information Security
Cybercriminals Were Paid Nearly a Million Dollars After Ransomware Attack on Canadian Insurance Company A recently published decision by the High Court of Business and Property, a division of the High Court of England and Wales, revealed that the attacker or attackers behind the ransomware attack on a Canadian insurance company were paid nearly a million U.S. dollars. The ransomware attack at a Canadian insurance company and the issuing ransom payment, which were hidden from the public, only surfaced after the insurer of the Canadian insurance company, an insurance company based in the UK, filed a case in court to recover the ransom paid to the attackers. Ransomware is a type of malicious software (malware) that encrypts victims’ computers or data, locking out legitimate users from accessing these computers or…
Read More
Microsoft Confirms BlueKeep Attacks, Calls Users to Patch to Prepare for More Damaging Attacks

Microsoft Confirms BlueKeep Attacks, Calls Users to Patch to Prepare for More Damaging Attacks

Information Security, News
Microsoft Confirms BlueKeep Attacks, Calls Users to Patch to Prepare for More Damaging Attacks Microsoft recently confirmed the ongoing BlueKeep attacks and warned that future BlueKeep attacks will likely be more damaging as systems remain unpatched. What Is BlueKeep? On May 14, 2019, Microsoft released an out-of-the-schedule patch for the security vulnerability CVE-2019-0708, also known as BlueKeep. This security vulnerability affects older versions of Windows, specifically Windows 7, Windows Server 2008 and Windows Server 2008 R2. According to Microsoft, this security vulnerability, when left unpatched, is “wormable”, which means that any future malicious software (malware) that exploits this vulnerability could propagate from one vulnerable computer to another vulnerable computer in the same way that the WannaCry malware spread across the globe on May 12, 2017 – affecting hundreds of thousands…
Read More
Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks

Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks

Information Security, IT Support
Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks The newly released Microsoft Security Intelligence Report revealed that over the past few years, the increased number of supply chain attacks had become a primary source of concern in many IT departments. The Microsoft Security Intelligence Report Volume 24found that several cyberattacks were detected using compromised software supply chains in 2018. These supply chain attacks, Microsoft said, have affected a wide range of software and targeted organizations in different geographic locations and sectors. The Microsoft report compiled 6.5 trillion threat signals and was based on research and real-world experiences from thousands of security researchers and responders worldwide for the period of January 2018 to December 2018. What Is Supply Chain Attack?  In a supply chain attack, an attacker maliciously makes…
Read More
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks

Information Security, Servers
How SMBv1 Leaves Your Organization’s Server Open to Cyberattacks Servers are the core of every organization’s I.T. operations. Many organizations, however, leave this core component open to cyberattacks through SMBv1. What Is SMBv1? SMBv1, which stands for Server Message Block version 1, was created by Barry Feigenbaum in the early 80s as a file sharing protocol for DOS. In the 90s, Microsoft started using SMBv1 in its operating systems as a protocol for sharing access to files, printers and other resources on a network. SMBv2, which stands for Server Message Block version 2, was introduced in Windows Vista and Windows Server 2008. SMBv3 was introduced in Windows 8 and Windows Server 2012. In 2014, Microsoft publicly regarded SMBv1 as obsolete and best avoided. SMBv1 isn’t installed by default in the…
Read More
Race to Patch Known Cybersecurity Vulnerabilities

Race to Patch Known Cybersecurity Vulnerabilities

Information Security, Security
Race to Patch Known Cybersecurity Vulnerabilities More than a month since Microsoft rolled out its April 30, 2018 update on Windows 10, the company said nearly 250 million or one-third of the nearly 700 million computers using Windows 10 have applied this update. This Microsoft data shows that nearly 450 million or two-thirds of machines using Windows 10 as their operating system (OS) haven’t applied the April 2018 patch. Prevalence of Delayed Patching A patch is a piece of code that’s inserted (or patched) into an existing software program. It’s meant to improve performance, usability or to fix known cybersecurity vulnerabilities. It’s a known fact that many organizations don’t patch immediately. Researchers at Renditionrevealed that more than a month after Microsoft released its March 2017 update, over 148,000 machines hadn’t…
Read More
Why Updating Your Organization’s Aging E-mail System is Important

Why Updating Your Organization’s Aging E-mail System is Important

Collaboration, Email, Information Security
The Importance of Updating an Aging E-mail System Despite the growth of short-form communication platforms, most businesses today still prefer the longer form, familiar e-mail. Messages, however, have morphed into something else that aging e-mail systems aren’t any more convenient and safe to use. E-mail Statistics in the Workplace According to market research firm The Radicati Group (PDF), the total number of business and consumer e-mails sent and received each day worldwide will hit 269 billion in 2017. This number is expected to increase at an average yearly rate of 4.4% over the next four years, hitting the 319.6 billion mark by 2021. The number of e-mail users in 2017 worldwide is expected to reach 3.7 billion – nearly half of the world’s population. By 2021, this number is projected…
Read More