Insights

How to Make a Ransomware Attack Worse

Will your actions after a successfully ransomware attack affect the outcome? Yes, without a doubt. Learn what to do and not do after a ransomware attack. 

 

What you do after matters


Apple Ships Urgent Patch for FORCEDENTRY Zero-Days

This week Apple issued patches for the macOS and iOS platforms on vulnerabilities it said are currently being exploited. 

 

Install new Apple patches ASAP

 


Microsoft Patches MSHTML Vuln Among 66 CVEs

Microsoft issued patches for 66 vulnerabilities. Some under active exploitation and considered severe. Be sure and update your systems. 

 

Install MS Patches ASAP


Nearly 50% of On-Premise Databases Have Vulnerabilities

Nearly every company has databases. Recent research shows that almost half have multiple unpatched vulnerabilities, the average being 26 of them. Males you think twice about sharing private information if a company doesn’t even protect its own information. 

 

Half of on prem databases have vulnerabilities

 


Ransomware Operators Ramp Up Pressure on Victims via Multiple Extortion Attacks

As if ransomware wasn’t enough, attackers are using data theft, denial of service attackers and even harassing the customers of the ransomware attack. All to get you to pay. 

 

Ransomware operators up the pressure


Multi Factor Authentication Is Not The Ultimate Answer

Multi Factor Authentication, MFA, is an important tool. But MFA by itself will not protect against two of the most successful attack methods, exploiting bugs, and social engineering. If you aren’t addressing those attack methods, then you are not serious about protecting your data. 

 

MFA won't protect against 2 popular attack types


Patch now! Microsoft Exchange is being attacked via ProxyShell

Three current vulnerabilities in Exchange are being exploited. Implementing the patches is essential but will not counter an attack that already took place. Many customers of Microsoft’s cloud based Exchange service don’t understand that they may still have an exchange server on premises making them vulnerable. 

 

MicroSoft Exchange under serious attack


FBI Issues Advisory on 'OnePercent' Ransomware Group

This group has been targeting companies since Fall 2020 with two powerful exploits. One is the PowerShell exploit described in another Insight post. But both are being used to deliver ransomware and to cause widespread infections before the ransomware is triggered. 

 

FBI Issues Warning About Serious Attacks


Microsoft Azure Cosmos Vulnerability: ChaosDB Exposure Details

Microsoft closed a vulnerability in the Azure database service that has been exploited for months. After implementing the fix, users of the service need to regenerate their databases to be on the safe side. 

 

Microsoft Azure database being exploited


Tech giants pledge at least $30 billion to improve cybersecurity following White House meeting

A recent White House meeting of the major tech companies resulted in a commitment of significant money to combat cyber threats. Equally important is the recognized need for a coordinated effort to enable an effective cyber defense. 

 

Tech Giants Join Forces to Improve Cybersecurity


1st and 3rd Party Cyber Risks are Not the Same

Cyber insurance distinguishes between 1st and 3rd party cyber risks. Without understanding this critical difference, you may find that your policy doesn’t cover loses you have incurred. 

 

3rd party risks may not be covered

 

 


Phishing Costs Nearly Quadrupled Over 6 Years

Phishing costs include more than the ransom. In fact, the ransom may be the smaller portion of the costs when compared with restoring systems and lost productivity. 

 

Phishing Costs Skyrocket


T-Mobile: Breach Exposed SSN/DOB of 40M+ People

The breach recently announced by T-Mobile affected over 40 million people exposing some of the most private information, Social Security numbers and dates of birth. Key information used for identity theft.

 

T-Mobile Breach reveals highly personal information


Troubling New Disk-Level Encryption Ransomware Surfaces

A new strain of ransomware was found that is more insidious than the others. This one encrypts the drives on the servers instead of attacking end user systems. To make matters worse, it also uses a legitimate encryption tool and encrypts the decryption key and requires a password only the attackers have. 

 

New ransomware strain attacks servers


Video surveillance network hacked by researchers to hijack footage

A Chinese company called ThroughTec offers a cloud based service called  Kalay for the automation of home automation devices. The pitch is instead of each home automation vendor building their own protocol and servers to simply build the Kalay offering into their devices. Kalay was found to have a way for unauthorized people to hack the system and monitor the home automation devices including cameras. 

 

Home Automation Service Hacked