Insights

Is Ransomware Preventable?

Ransomware has become way more than a nuisance. It can bring a company to its knees or even put it out of business. Ransomware attacks are growing in frequency and in the amount demanded. What can be done to protect against ransomware attacks?

 

https://apscdn.nyc3.cdn.digitaloceanspaces.com/resources/pdf/insights/Is%20Ransomware%20Preventable?%20v1%202021-01-15.pdf  

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


How the Shady Zero-Day Sales Game Is Evolving

Many companies pay a “bug-bounty” to researchers for discovering bugs in their software. Sadly, the bug hunters find they can make significantly more money selling access to systems using the bugs they discovered. They can also sell the access as a service so they retain the “secret” of the bug they discovered but monetize it to many buyers who are out to do harm. 

 

https://www.darkreading.com/edge/theedge/how-the-shady-zero-day-sales-game-is-evolving-/b/d-id/1339843

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


An Absurdly Basic Bug Let Anyone Grab All of Parler's Data

Parler gained prominence as the “Free-Speech” social network. But they made a mistake in configuring the service that allowed all their data to be stolen. 

 

https://www.wired.com/story/parler-hack-data-public-posts-images-video/

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


XDR 101: What's the Big Deal About Extended Detection & Response?

EDR, End Point Detection and Response is a well-established protection approach. It looks at what is happening on a company’s end points, analyzes that, and takes automated action. But EDR doesn’t look at the servers, cloud, applications, or the network. XDR covers all of it. 

 

https://www.darkreading.com/edge/theedge/xdr-101-whats-the-big-deal-about-extended-detection-and-response-/b/d-id/1339734

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

 


Ransomware Victims' Data Published via DDoSecrets (Distributed Denial of Secrets)

The double threat of ransomware is encrypting your data to prevent you from getting to it and stealing the data first with the threat of releasing it if you do not pay the ransom. The second part of this threat has come true for many companies with an activist group called Distributed Denial of Secrets publishing over 1 terabyte of data stolen in multiple ransomware attacks. 

 

https://www.darkreading.com/risk/ransomware-victims-data-published-via-ddosecrets/d/d-id/1339848

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


The Holidays Are Over-Cybercrime Isn’t

With the end of the holidays comes a welcome rest from the stress. And the pandemic added to the stress. But cybercrime doesn’t end after the holidays. It’s expected to increase this year, so it is essential to remain vigilant. 

 

https://apscdn.nyc3.cdn.digitaloceanspaces.com/resources/pdf/insights/The%20Holidays%20Are%20Over-Cyber%20Crime%20Isn%27t%202021-01-08-2.pdf

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways

A backdoor account provides access to the administration of a device or application. In the case of Zyxel the backdoor was of the worst type, hard coded. This means it is not changeable by an administrator. And this one provides access at the highest administrative levels. Zyxel makes security products intended to keep networks and devices safe. 

 

https://www.zdnet.com/article/backdoor-account-discovered-in-more-than-100000-zyxel-firewalls-vpn-gateways/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=13224373&cid=2201587059

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Microsoft Source Code Exposed: What We Know & What It Means

Source code is the human readable programming of a product or service. It is highly protected as it represents the intellectual property of a company. Having their source code exposed represents multiple risks for Microsoft and all its customers. The first is that others can then copy the software to compete with Microsoft and the second is that evil actors can determine better ways to attack it. 

https://www.darkreading.com/threat-intelligence/microsoft-source-code-exposed-what-we-know-and-what-it-means/d/d-id/1339822?_mc=NL_DR_EDT_DR_daily_20210105&cid=NL_DR_EDT_DR_daily_20210105&elq_mid=101374&elq_cid=34773767

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Severe SolarWinds Hacking: 250 Organizations Affected?

Much has been written about the SolarWinds attack because it achieved a new level of penetration. Malware was installed in a SolarWinds software module that went undetected and was distributed to customers of that software. The malware then invaded all those companies. The initial reports said few companies had received the compromised software. Now it is coming out that many companies received it and had their own systems compromised. 

 

https://www.inforisktoday.com/severe-solarwinds-hacking-250-organizations-affected-a-15699?rf=2021-01-06_ENEWS_SUB_IR__Slot1_ART15699&mkt_tok=eyJpIjoiTlRNNU0yRmtNbVV5T1RjeSIsInQiOiJDdDBcLys3Y2xMMTR3SkpPWXE5a2FxV1dMMjFTQmkxSk5jWUF1TGlUdGNzcnpueEI4MDJZUERLM0d1Zk52aFQ2RHVTQlBQS1kyd2NDZjJ5c0txNFN6amlCOVg5R3lQSUlSREMwNTVPWThGemFMdlwvamRVT2ROd2ZrN1htTjJScVVCIn0%3D

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic

Healthcare has been a cyber target for a while. But the rate of cyberattacks against healthcare organizations rose 45% in the last two months. And this is more than double the rate in other industries. The intent is to shut down healthcare organizations or at least hamper efforts to provide care during the pandemic. 

 

https://www.darkreading.com/risk/healthcare-organizations-bear-the-brunt-of-cyberattacks-amid-pandemic/d/d-id/1339844

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Don’t Give A Gift To Cybercriminals

The holidays are a time when we are rushed and looking for that last present or pandemic news, or even the latest weather report. Cybercriminals seek to take advantage of that by sending phishing emails and other techniques hoping you will let you guard down and click their links. Don’t fall for their scams. 

 

https://apscdn.nyc3.cdn.digitaloceanspaces.com/resources/pdf/insights/Don%27t%20Give%20a%20Gift%20to%20Cybercriminals%20v1%202020-12-24.pdf

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Microsoft, McAfee, Rapid7, and Others Form New Ransomware Task Force

Sometimes cyber news all seems to be bad. Here is some positive news. The named companies are working together to create ways to combat ransomware. Their ideas will be presented to the new administration in Spring 2021. This is good news as ransomware is a major source of problems earning $11.5 billion for cyber criminals in 2019 with the total expected to be higher in 2020 . 

 

https://www.darkreading.com/vulnerabilities---threats/microsoft-mcafee-rapid7-and-others-form-new-ransomware-task-force-/d/d-id/1339802?_mc=NL_DR_EDT_DR_daily_20201224&cid=NL_DR_EDT_DR_daily_20201224&elq_mid=101318&elq_cid=34773767 

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


A Second Hacking Group Has Targeted SolarWinds Systems

Last week we heard about the devastating breach that installed malware in a SolarWinds IT management product that was then distributed as a product update to all their clients. IT has now come to light that there was a second unrelated group that used SolarWinds to distribute another form of malware.

 

https://www.zdnet.com/article/a-second-hacking-group-has-targeted-solarwinds-systems/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=13209529&cid=2201587059 

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Law Enforcement Takes Down Three Bulletproof Virtual Private Network Providers

VPNs are tools used by companies and individuals to secure their network traffic. But they are also used by cybercriminals and other disreputable types to keep their information encrypted and away from the eyes of law enforcement. This article describes a coordinated effort by law enforcement to take over the servers of VPNs that cater to criminals. 

 

https://www.zdnet.com/article/law-enforcement-take-down-three-bulletproof-vpn-providers/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=13210876&cid=2201587059 

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Why Even The Best Free Virtual Private Networks Are Not a Risk Worth Taking

Virtual Private Networks, VPNs, are designed to provide a secure network path when people are out of the office. With the pandemic shift to working from home the VPNs became a necessary tool for many. VPNs require substantial infrastructure to work. So if they are free where is the money for that infrastructure coming from?

 

https://www.zdnet.com/article/why-even-the-best-free-vpns-are-not-a-risk-worth-taking/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=13210876&cid=2201587059

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.