Wednesday, December 30, 2020

Millions Downloaded Malware Infected Chrome And Edge Extensions


Avast are the makers of popular antivirus software. Their researchers, recently found a total of twenty-eight different Google Chrome and Microsoft Edge extensions that were laced with malware.

Worse, they found the extensions have been downloaded by more than 3 million users around the world. All of the extensions were designed to help facilitate the download of pictures and video from platforms like Spotify, Vimeo, Instagram and Facebook.

According to the researchers, the malware is JavaScript-based and is designed to display ads or direct users to phishing sites where their personal information may be collected for later use.

Avast's research team had this to say about their findings:

"Users have also reported that these extensions are manipulating their Internet experience and redirecting them to other websites. Any time a user clicks on a link, the extensions send information about the click to the attacker's control server, which can optionally send a command to redirect the victim from the real link target to a new hijacked URL before later redirecting them to the actual website they wanted to visit. User's privacy is compromised by this procedure since a log of all clicks is being sent to these third-party intermediary websites."

As malware goes, that's certainly not the worst thing we've seen, but it is a genuine threat that puts your privacy, and potentially your personal information at risk.

If you rely on a number of browser extensions, especially those that facilitate easier and more convenient downloading of images and videos, and you use either Edge or Explorer, it pays to purge your existing collection of extensions and reinstall clean copies. This is especially true if you've been noticing aberrant behavior in your browser.

Unfortunately, many users tend to download and forget about extensions, so it may not be obvious at first glance that the two (your extensions and the malware) are connected. In light of that, it pays to conduct a thorough review of your system.

Keeping up with the latest internet and software updates can be daunting. Stay protected from hackers by utilizing the IT Services of SpartanTec Inc.  We have a plan to fit any size business.

SpartanTec Inc.
Fayetteville, NC 28304
910) 745-777
http://manageditservicesfayetteville.com

Tuesday, December 22, 2020

Pentagon, DHS, State Dept., 18,000 others possibly hacked by Russia


 Around 18,000 organizations and individuals who use SolarWinds software are believed to have been hacked along with multiple U.S. companies and government agencies for months. The full extent of those affected in the hack is not known, but the Pentagon, Department of Homeland Security (DHS) and the State Department are among known SolarWinds users.

The hack was first reported on Sunday, and SolarWinds has since determined the widespread hacks were carried out after hackers “inserted a vulnerability” into the company’s Orion line of software products.

The U.S. Securities and Exchanges Commission (SEC) also issued a report estimating the full range of users compromised by the hack. The SEC report noted SolarWinds has over 300,000 customers, but only about 33,000 users of the Orion product line that was targeted by hackers. SolarWinds notified all 33,000 of its Orion users, but the SEC said the insertion of malicious software into the Orion product line took place between March and June of this year. Based on that timeline and its list of potentially affected products, SolarWinds believes the actual number of customers who updated their Orion products with the malicious software was less than 18,000 users.

 

 

SolarWinds said the list of its Orion products that could have been affected during the hacking period include:

  • Application Centric Monitor (ACM)
  • Database Performance Analyzer Integration Module* (DPAIM*)
  • Enterprise Operations Console (EOC)
  • High Availability (HA)
  • IP Address Manager (IPAM)
  • Log Analyzer (LA)
  • Network Automation Manager (NAM)
  • Network Configuration Manager (NCM)
  • Network Operations Manager (NOM)
  • Network Performance Monitor (NPM)
  • NetFlow Traffic Analyzer (NTA)
  • Server & Application Monitor (SAM)
  • Server Configuration Monitor (SCM)
  • Storage Resource Monitor (SRM)
  • User Device Tracker (UDT)
  • Virtualization Manager (VMAN)
  • VoIP & Network Quality Manager (VNQM)
  • Web Performance Monitor (WPM)

U.S. authorities have not determined definitively who was responsible for the hacking Fayetteville NC, but it suspected to be the work of a foreign government-backed hacking group and the New York Times reported the hackers may have been sponsored by the Russian government.

While targets of the SolarWinds hack included the U.S. Treasury Department and the National Telecommunications and Information Administration (NTIA), there is no complete list of the government departments and agencies and U.S. companies compromised in the hack.

Bloomberg reported U.S. government departments targeted included the Department of Homeland Security (DHS), the State Department, the National Institute of Health (NIH) as well as some parts of the Department of Defense were targeted in the hack. The New York Times reported SolarWinds products are used throughout nearly all Fortune 500 companies, including the New York Times itself. The New York Times also reported SolarWinds is used by the Los Alamos National Laboratory, which designs nuclear weapons, and by Boeing, a major U.S. defense contractor.

Following the hack, the Verge reported SolarWinds deleted a list of high profile clients from its website, though an archived copy of the client page states 425 of the Fortune 500 companies use their products, as well as all branches of the U.S. military, the National Security Agency (NSA), and even the Office of the President of the United States. The company’s software is also used by all of the top five U.S. accounting firms and hundreds of colleges and universities around the world. It is not immediately clear if these SolarWinds clients specifically used the affected products listed.

 

Reposted from https://americanmilitarynews.com/2020/12/pentagon-dhs-state-dept-18000-others-possibly-hacked-by-russia-reports-say/

 

Call SpartanTec, Inc. now and let our team of IT experts help secure your business against potential online threats.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

SpartanTec, Inc.
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Serving: Myrtle BeachNorth Myrtle BeachColumbiaWilmingtonFayettevilleFlorence

Friday, December 18, 2020

Email Security Trends You Need To Watch Out For In 2021


 Now is the time to predict the email security threats that can be expected in 2021. Here are some insights as provided by IT professionals.

Threat Hijacking Will Be On The Rise

Threat hijacking is threat to email security that will become more prominent in 2021. This technique involves using current email conversations with current victims so they can spread it to other victims. Cybercriminals will use various tools like Outlook Scraper to get email threats on computers that they have infected.

Threat hijacking is successful because the infected email will come from a reliable sender who doesn’t know that his email is infected, and the content of the mail can lower the guard of the targets. There will be an increase in the techniques utilized in Emotet campaigns.

Remote Image Based Threats Will Test The Limits of Email Securiy Filters

Cybercriminals will store their infected textural content in remote images. Unlike those that are imbedded in emails, remote image based threats need to be fetched over a network. It is a time consuming, complex, and cannot be performed real time.

 

 

Compromised Accounts Will Give Hackers New Opportunities

Threat hijacking focuses on compromised accounts during this year’s attacks, which were carried out through Emotet. But they can also be exploited through other means such as massive spam waves. This method can send as many as 300,000 spam emails. It allows hackers to bypass the email filters and without any post remediation capability, it is extremely difficult to block.

Business Email Compromise Will Be A Global Problem

The growth in BEC or Business Email Compromise as well as the difficulty in detecting this problem has resulted into new advancements in the content analysis through artificial intelligence. But most algorithms find it difficult to detect BEC especially when it is in a foreign language.

The BEC typologies will grow too. In the past, BEC scams focused on W2 harvesting, gift card scams, and CEO fraud. But other typologies will become more prominent such as banking fraud, lawyer, and payroll.

Vendor Impersonation

Users trust emails, links, or attachments sent through Microsoft as well as other Microsoft services. Even if the email look suspicious, people’s curiosity will push them to check the attachment. Because of that, they become more at risk to vendor impersonation.

Hackers Will Get Personal

Social tensions, elections, wildfires, and pandemic fatigue. These global events cause stress and anxiety, which take a toll on the citizens all over the globe. Hackers exploited this fact this year and they will continue in 2021. More cybercriminals will use psychological tricks on different subjects to leverage the emotional fragility of internet users.

Hackers are not the only people who see the value of the human behaviour when it comes to cybersecurity. Although people are thought of as the weakest link when it comes to email security, if a vendor isn’t capable of blocking the attempt, then people will be the final line of defence. That’s why vendors will focus more on human centric cybersecurity strategies in 2021.

 

Call SpartanTec, Inc. now and let our team of IT experts prepare your company for 2021. We will help boost your cybersecurity  and email security Fayetteville NC so your business is protected against online threats.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

SpartanTec, Inc.
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Serving: Myrtle BeachNorth Myrtle BeachColumbiaWilmingtonFayettevilleFlorence

Monday, December 7, 2020

People Pay Ransomware Attackers In Large Numbers In 2020


 Hackers have increasingly gravitated to ransomware attacks in 2020, as being one of the best and most reliable paths to a payday.

That brings to mind an interesting question though. Naturally, the viability of this type of attack comes down to what percentage of victims are willing to actually pay the ransom, and what is that number as of right now?

Crowdstrike recently took a deep dive into the best available data to find out. They discovered that slightly more than one in four (27 percent) of companies that fall victim to a ransomware attack wind up paying the toll, rather than restoring from backup, and the average ransom demanded is now slightly higher than $1 million USD.

Given the steady rise in popularity of this type of attack, and how easy it is to avoid paying the ransom, one might wonder why such a high percentage of business owners opt to pay up. There are two parts to the explanation.

 

 

First, although it does seem that on the surface of things, it's easy to set the conditions that would make it easy to recover from such an attack (have regular backups). However, unfortunately in practice, that's easier said than done. Few companies back up their entire network from end to end, so even if they've got current backups, there's going to be lost data and it's going to take quite some time to restore full functionality, figure out what's missing, try and recreate that data, etc. Always remember, you can always hire IT services Fayetteville NC for expert assistance.

The other issue is that in a surprising number of cases, a company's backup and recovery plan isn't as robust or as complete as they imagined it was. We've seen instances where the company's CEO thought they were doing backups on a weekly basis, only to discover that the last good backup they had available was from six months before.

When you suffer from a ransomware attack and then find out your last backup is six months old, you don't really have any other moves to make. You pay up and hope the hackers deliver on their promise to unlock your files.

Given the prevalence of ransomware attacks, if you're not preparing for one, you should be. When was your company's last backup taken? How sure about that are you?

 

SpartanTec Inc’s IT Services in Fayetteville NC can help to prevent your company’s data from being the victim of a ransomware attacked. Call us today for a free analysis of your current network firewall and backup procedures.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

SpartanTec, Inc.
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Serving: Myrtle BeachNorth Myrtle BeachColumbiaWilmingtonFayettevilleFlorence