The recent discovery of four flaws in Microsoft’s Exchange Server software came too late to prevent a rash of stolen emails, but that doesn’t mean you need to remain vulnerable to this attack. Let’s go over the story so far, and how you can help protect your business.
True to form, 2020 has given us a final parting gift: the news that the United States was targeted this year by the biggest cyberespionage attack ever. Let’s go into the ramifications of this attack, and what it should teach us going forward.
Intel recently found itself (once again) in hot water, mere months after many flaws were discovered in the firmware that enables all of their chips to do their job. This time, the issue could have potentially caused a permanent dip in the CPU’s capacity to function properly. This has come to be known as the Meltdown vulnerability.
Email scams have become a sort of punchline, often featuring Nigerian princes or wealthy, unknown relatives in need of funds to get home. However, another email scam is anything but amusing, as it uses a unique possession of the target to entice them to comply: their life.
The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.
Students generally love it when classes are cancelled for whatever reason, but thanks to a cybercriminal group called TheDarkOverlord Solutions, a school in Flathead Valley, Montana was disrupted for an extended period of time. This downtime resulted in a disruption of operations for over 30 schools, as well as the threat to the personal information of countless teachers, students, and administrators due to a ransomware attack.
Ransomware is a tricky piece of malware that locks down the precious files located on a victim’s computer, then (in theory) will return access to them when a ransom has been paid. Depending on the files stored on a victim’s computer, they might simply blow it off and not worry too much about losing access to a couple of pictures or videos--but what if this ransomware threatened to expose your web browsing history?
The branch of malware known as Ghost Push now has a new component, Gooligan, and it certainly lives up to its name. Google was struck by an attack that infected over one million Android users, with over 13,000 additional devices adding to that total on a daily basis.
If you have the most recent addition to Samsung’s growing collection of smartphones, we hope you haven’t grown too attached to it. The company is recalling the Galaxy Note 7 on reports that the batteries explode. This event is largely considered one of the more high-profile recalls in the history of consumer technology.
Hackers continue to innovate and cause trouble for businesses of all industries and sizes. One of the more interesting recent tactics includes utilizing a malicious Twitter account to command a botnet of Android devices to do its bidding. Twitoor is considered to be the first real threat to actively use a social network in this manner, making this a major cause for concern.
The ransomware machine keeps moving forward, despite significant opposition. In particular, the ransomware tag-team duo of Petya and Mischa have steamrolled most attempts to block them from accessing critical systems, always finding ways to outsmart security professionals. Now, these ransomwares have adopted a Ransomware as a Service model, which has made significant changes to the way that this ransomware is distributed.
In the latest round of security patches released by Microsoft, 27 vulnerabilities were fixed. Affected software includes major titles like Windows, Microsoft Office, Internet Explorer, and the new Edge browser. It’s imperative that you apply these security patches as soon as you can, or else your system will be exposed to some serious threats.
Users of Acer’s online store between May 12th, 2015, and April 28th, 2016, may be in for a rude awakening. Acer may be attempting to contact you to relay that your credit card’s credentials have been lifted by hackers. The breach in question resulted in 34,500 customers having their credentials stolen, including the user’s name, address, credit card number, expiration date, and security code.
In light of a recent zero-day vulnerability discovered with Adobe Flash, along with the wide adoption of the alternative rich media player HTML5, Google has put into motion plans to stop supporting Flash for its popular web browser, Google Chrome. By all accounts, this move may be the final nail in the coffin for the Internet stalwart, which means that your business should cease using it.
You’ve heard about a ton of high-profile hacks over the past few years, and it’s important to note that these numbers will only continue to climb. A recent incident involving Time Warner Cable, a large ISP in the United States, shows the world that even huge companies that specialize in providing Internet for users can suffer the embarrassment of a data breach.
With many organizations heavily relying on mobile computing, malicious operators have begun targeting the “low-lying fruit” of a business’ IT infrastructure, which is often a company’s mobile devices. Kemoge, a malicious adware strain designed to corrupt Android mobile operating systems, is the latest mobile threat that your business needs to protect itself against.
There’s an intrusive malware on the Internet that locks a user out of their PC and directs them to a fake IT support phone number. In addition to being inconvenient, it can lead to the theft of sensitive information. If this happens to you, whatever you do, don’t call the fake phone number.
One would assume that software preinstalled on a new PC is secure and has been properly vetted by the manufacturer. This is the case 99 percent of the time, but an exception has recently been discovered with the Superfish app, which came installed on new Lenovo computers sold between September and December of 2014. How can you protect your PC from this fishy security threat?
Last year, Microsoft pulled the plug on Windows XP’s support. Now, one year later, Windows Server 2003 is scheduled to meet its demise. If your servers are still running Windows Server 2003 as their operating system, it’s important to upgrade before the end of support date of July 14th. Otherwise, you could be running a server operating system without necessary patches and security updates.
The latest threats can put a damper on your business plan and put your company at risk. Therefore, it's only natural to protect yourself from them. This new threat in particular, Cryptowall 2.0, has the potential to do plenty of heavy-duty damage to your business's network, if given the opportunity.
