Attacks

Organizations should initiate proactive measures to ensure they are protected from ransomware. The US DHS website, stopransomware.gov, has links to resources that help organizations protect their systems from intrusions that lead to ransomware. To protect against ransomware attacks, organizations should: • Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.• Implement network segmentation.•…

Read More

Serving about 30,000 reseller customers, Essendant maintains inventories of more than 160,000 different products, including conventional office supplies, cleaning and break room supplies, office furniture, and technology. The systems outage will significantly impact the supply chain. Essendant has not yet disclosed the reason for this outage. It is unclear if it was a technical problem or the result of a cyber attack. Lately, we have seen different multi-day “outages,” including the incidents that happened in…

Read More

To combat the dissemination of disinformation, experts advise individuals to exercise caution when watching videos that seem too good to be true and verify information from multiple sources. They also urge social media platforms to proactively identify and remove fraudulent content. Employing multi-factor authentication as well as avoiding clicking suspicious links from unknown sources is advised. https://thehackernews.com/2023/03/warning-ai-generated-youtube-video.html

Read More

This new encryptor demonstrates the shift of many threat actors to target Linux systems. It is necessary for organizations to pivot to ensure that their Linux devices are adequately covered by behavioral as well as signature-based detections. One way that this could be done is by looking for a large number of file renames in quick succession, although this detection would be at the end of the kill chain. Overall, it is best to ensure…

Read More

To prevent BEC attacks, Microsoft recommends implementing security measures such as two-factor authentication, using machine learning to identify suspicious activity, and educating employees about the risks and warning signs of BEC attacks. The report also emphasizes the importance of swift action when an attack is detected, as time is a critical factor in preventing further damage. Source: https://www.bleepingcomputer.com/news/security/microsoft-business-email-compromise-attacks-can-take-just-hours/

Read More

Considering its current distribution channel, the Zombinder, users should be cautious with apps they install from Google Play, read reviews, and run background checks on the publisher. Generally, it is advisable to keep the number of apps running on your phone to the minimum possible and only install apps from known and trustworthy vendors. Source: https://www.bleepingcomputer.com/news/security/xenomorph-android-malware-now-steals-data-from-400-banks/

Read More

It is highly recommended to make sure all systems are fully up-to-date on patching, particularly systems that are externally facing. It appears that the threat actors are exploiting an Oracle WebLogic vulnerability from 2017, dubbed CVE-2017-10271, to establish an initial foothold in the environment. Newer versions of Oracle WebLogic are no longer vulnerable to this, so upgrading to the latest version is recommended to help prevent this attack. Likewise, implementing and maintaining endpoint security controls,…

Read More