Cyborg Ransomware Delivers Via Fake ‘Windows Update’ Email

December 9th, 2019

52e6d0424d5ba414ea898675c6203f78083edbe256587141732b7c 1280 Cyborg

Researchers at Trustwave recently discovered a malicious spam campaign.  The email comes as an executable file via email with a tell-tale two sentence subject line that reads “Install Latest Microsoft Windows Update now! Critical Microsoft Windows Update!” There is only one sentence to the actual email itself. Disguised as a .jpg, the file really contains […]

Looting Adds Insult to Injury for Durham Clinic

November 19th, 2019

57e1d3454f57aa14ea898675c6203f78083edbe25753714875297d 1280 Robbery

Looters broke into a Durham health clinic sometime after the downtown gas explosion on April 10th that affected over 20 businesses, injured 25 people, and caused the death of two people. The subsequent theft of clinic property has prompted the clinic to notify patients that their information, including diagnoses and treatment information may have been […]

PureBasic-based Ransomware Discovered

November 14th, 2019

54e6d6434e5ba414ea898675c6203f78083edbe25056774a732f7c 1280 Locker

PureLocker, an unusual form of ransomware that attacks enterprise servers, has gone undetected for some time but has recently been revealed by cybersecurity analysts at Intezer and IBM X-Force.  What makes PureLocker so unique is that it’s written in PureBasic programming language.  Malicious software written in PureBasic is difficult for most security systems to detect.  […]

HIPAA Violations Top $100 Billion

November 13th, 2019

57e5d1414f5ba514ea898675c6203f78083edbe25057794f702772 1280 Violation

HIPAA Violations have been making headlines recently, and for good reason. Fines for violations can be crippling to companies, and the more mobile our data becomes, the greater the risk for security breech. According to the Health and Human Services website, as of September 30, 2019 the OCR has settled or imposed a civil money […]

“Project Nightingale” Raises Data Security Concerns

November 13th, 2019

52e4d2424355ae14ea898675c6203f78083edbe25057794f71297c 1280 Nightingale 1

Ascension is sharing private healthcare information with Google.  The project, dubbed “Project Nightingale,” was put into play to help Ascension centralize its patient database for the over 2600 hospitals in its healthcare system.  Patient information, including names, test results, and dates of birth are also being collected by Google to help develop a new software […]

Social Media Ad Spend Rising to Third Largest Advertising Channel

November 13th, 2019

54e7d7474856ad14ea898675c6203f78083edbe25057794d732a7e 1280 Finances

Global social media ad spending is projected to grow by as much as 20% this year, bringing it up to the number three slot of largest advertising channels according to Zenith’s Advertizing Expenditure Forecast. Zenith is a media ad agency parented by Publicis Media. $84 billion is slated for global social media spending, exceeding print […]

Encryption Breaking Malware “Reductor” Threatens Windows Users

October 8th, 2019

MSPs are targeted by hackers

Researchers at Kaspersky have uncovered a new highly sophisticated, high impact malware threat that breaks encryption:  Reductor.  According to the researchers, the malware “compromises encrypted web communications in an impressive way” and gives the threat actors behind it “capabilities that few other actors in the world have.” Reductor compromises the encrypted HTTPS communication, which enables […]

FBI Releases Malware Threat Warning

October 5th, 2019

57e4d0474e55b114a6da8c7ccf203163143ad9e551597740772d 1280 Fbi

The Federal Bureau of Investigation (FBI) released a warning to U.S. businesses and organizations Wednesday regarding high-impact threats across the country.  Numerous cyberattacks have been documented recently involving ransomware.  Despite the ever-evolving attack strategies, the FBI highlights three main attack techniques that are being used by criminals to avoid detection and infiltrate businesses and organizations: […]

Autumn Aperture: Don’t Enable Macros

October 5th, 2019

57e7d6414d5bad14ea898675c6203f78083edbe25353794f742d7e 1280 Stop

According to Danny Adamitis and Elizabeth Wharton from Prevailion, spear phishing emails have been targeting the U.S. utilizing an obscure file format to beat antiviral software.  They call this campaign “Autumn Aperture”.  Attackers are sending word documents to recipients with content specialized to the victim’s recent activities.  This level of specialization results in a significantly […]

Malware Attack Closes Alabama Hospitals

October 2nd, 2019

55e3d14a4252aa14ea898675c6203f78083edbe253517240762e7e 1280 Wow

Not one but THREE hospitals in the DCH Health System in Alabama are unable to accept new patients today due to ransomware: DCH Regional Medical Center in Tuscaloosa, Northport Medical Center in Northport, and Fayette Medical Center.  Cybercriminals have demanded an undisclosed amount of money for the unlock code. “A criminal is limiting our ability […]

‘Checkm8’: A Permanent Bootrom Vulnerability

September 30th, 2019

57e8d1454e52ac14ea898675c6203f78083edbe35a59764e702d7c 1280 Checkmate

A security researcher who goes by the Twitter handle “axi0mX” announced on Friday that there is a permanent Bootrom vulnerability “checkm8” in Apple iOS.  The flaw enables bypassing the security protections present in most Apple mobile devices.  Downside: cannot be patched.  Upside: physical access is needed  to exploit it and a system restart erases any […]

Airbus Victim of Multiple Attacks

September 30th, 2019

5fe9d45e5703ae01f6d08c7bda2932781c37d9e7565173 1280 Aerospace

Airbus, a European aerospace company, had found itself the victim of several possible Chinese hacker attacks searching for proprietary data and insider secrets. According to sources, AFP spoke to seven security and industry sources, all of whom confirmed a spate of attacks in the past 12 months but asked for anonymity because of the sensitive nature […]

NOT Your Prince Charming: Old Scam Makes Updated Revival

September 30th, 2019

54e5d746435aa514ea898675c6203f78083edbe35a59764873267d 1280 Prince

“Advance fee” or “419” scams have been around for years.  The scam works via an attempt to contact the victim so they can be gifted an exuberant amount of funds left unclaimed by a deceased individual who has the same last name as the victim or is their long-lost relative.  Or in the case of […]

Snowden & Publisher Sued for Book Proceeds

September 18th, 2019

14977200077 3d4ccce2d0 B Edward Snowden

The Justice Department is suing Edward Snowden and his publisher MacMillan and Holtzbrinck. Snowden, a former contractor for the CIA and NSA government agencies, released his book Permanent Record today.  The Justice Department says that Snowden failed to “clear” the book with them, and they are now attempting to recover “all proceeds earned by Snowden […]

Microsoft Security Patch Released 9/10/19

September 11th, 2019

57e5dc424a53a414ea898675c6203f78083edbe35b53724d7c287b 1280 Cyber

Microsoft issued security updates yesterday to plug roughly 80 security issues holes in its Windows operating systems and software. Over 25% of those updates are critical.  This is the fourth time this year that Microsoft has had to fix bugs in its Remote Desktop Feature. Two of the bugs resolved in this month’s patch batch […]

Over 400 Million Facebook Users’ Phone Numbers Found Online

September 11th, 2019

57e2d642425aa514ea898675c6203f78083edbe35b53724d702773 1280 Phone Number

A server without password protection gave anyone access to more than 419 million Facebook users’ private information globally.   Each accessible record contained a user’s Facebook ID, phone number, and location.  Some even had the user’s name. This latest in a long string of incidents for Facebook exposed millions of users to significant risk to spam […]

Chrome Security Fix

September 4th, 2019

51e7d6414b54b114a6da8c7ccf203163143ad8e25552764d7126 1280 Google Chrome

Justin Schuh, Google Chrome’s security lead and Engineering Director, has issued a warning that all Chrome users need to run an update NOW.  Google Threat Analysis Group has identified a zero-day vulnerability that is actively being exploited: CVE-2019-5786. Although information remains limited on CVE-2019-5786, it is suspected to be a UAF vulnerability in FileReader.  The […]

Google Researchers Warn iPhone Users to Keep Security Up

September 3rd, 2019

iPhone, MacBook

  Google researchers released a report earlier today that warns your iPhone can be hacked just by visiting one innocent-looking website. A previous iPhone hacking campaign discovered by Google’s ProjectZero had identified at least five unique iPhone exploit chains that were capable of remotely jailbreaking an iPhone and loading spyware on it. Those exploit chains were […]

Cyber-Insurance Companies: Are They Fueling Ransomware Frequency Spikes?

September 3rd, 2019

Managed Services Raleigh is like IT insurance

ProPublica says cyber-insurance companies are making the push to pay ransom demands because it saves them money in the long run.  A $500,000 payout makes better financial sense than  a recovery campaign that could cost millions.  The recent even in Lake City, Florida is a good example.  Ransomware attacks were covered under the city’s cyber-insurance […]

Surge in Ransoms Expected Due to MegaCortex 2.0

September 3rd, 2019

57e9dc464f51a514ea898675c6203f78083edbe35454734c722a78 1280 Cyber

  According to researchers from Accenture’s iDefense team, this newer version is ready for wide-scale attacks, with increased ability to kill a number of security products, and a main payload run directly from memory. “The password requirement…prevented the malware from being widely distributed worldwide and required the attackers to install the ransomware mostly through a […]