IT Security From Our Perspective

News, Updates & Insights

Recent Posts

15 10, 2021

Bank of America Insider BEC Scam, FontOnLake Malware, New Findings About Ransomware Costs, Python-based ESXi Server Attack, Office365 Password Spraying

2021-10-15T09:50:36-07:00October 15th, 2021|

1. Bank of America employee charged with insider BEC scam  A Bank of America employee and two other perpetrators were accused of money laundering, aggravated identity theft, and alleged involvement in Business Email Compromise (BEC) scams. The three actors targeted small and large companies across the globe, but mainly in the United States.   By using phishing techniques ...

28 09, 2021

3 Reasons to Run a Tabletop Exercise To Determine Your IT Budget

2021-10-08T08:23:58-07:00September 28th, 2021|

Who knew that creating an IT budget for the upcoming year would require a crystal ball? In these unpredictable times, planning an IT budget is challenging at best. Your organization likely isn’t going back to “normal” anytime soon. Between remote work and an increase in crafty cybersecurity attacks, creating an IT budget is daunting when ...

17 09, 2021

Malware Samples Target Windows OS from Linux Subsystem, New Findings About Cloud-Based Attacks, AUKUS Pact, U.S. Hacking on Behalf of UAE, Master Decryptor for REvil Victims

2021-09-17T15:11:07-07:00September 17th, 2021|

1. Malware samples target Windows operating systems from its Linux subsystem  Security researchers discovered a strain of malware samples developed to compromise the Windows subsystem in Linux and then laterally move to the native Windows enclave. Threat actors created the malware samples using Python code. They run on Debian systems and have a low detection rate for traditional security controls.   The malware ...

10 09, 2021

Ransomware Gang Threatens to Leak Stolen Data, REvil Back in Action, New Zero-Day Attack in Microsoft Office, Atlassian Confluence Exploit, Fortinet VPN Password Leak

2021-09-10T09:42:41-07:00September 10th, 2021|

1.  Ransomware gang threatens to leak stolen data if victims contact law enforcement During a ransomware attack, one of the most notorious ransomware groups, Ragnar Locker, threatened to leak complete data of victims who seek help from law enforcement agencies, including the Federal Bureau of Investigation (FBI). The ransomware group claims that incident investigators and ...

3 09, 2021

Turn to Microsoft Endpoint Manager to Save Your Company

2021-09-03T11:12:39-07:00September 3rd, 2021|

Remote Monitoring and Management systems (RMMs), like Kaseya, SolarWinds, ConnectWise Automate, and NinjaRMM, are useful for maintaining control over your IT systems until, of course, they become the vector through which your IT systems are destroyed. Last month, attackers associated with REvil--a Russian ransomware-as-a-service (RaaS) group--breached a large Florida-based RMM company called Kaseya. It was, ...

3 09, 2021

Cybercriminal recruitment, House of Representatives Debate Cybersecurity, Attackers Sale Internet Bandwidth, Dropper-as-a-Service Attacks, Insight into the Conti ransomware

2021-09-03T10:41:33-07:00September 3rd, 2021|

1.  Cybercriminals Recruit English Speakers for Business Email Compromise Administrative and technical security controls have helped to reduce the effects of business email compromise (BEC). However, as a result, some BEC threat actors struggle to develop compelling phishing email messages for English corporate audiences. According to security researchers, said threat actors are now recruiting native ...

2 08, 2021

Banning Ransomware Payments, BlackMatter Hackers, Kubernetes Vulnerabilities, Kenetic Warfare, Windows 11 Malware

2021-08-02T11:05:30-07:00August 2nd, 2021|

1.  FBI Cautions Congress Against Banning Ransomware Payments Senior FBI officials advised the U.S. Congress not to mitigate ransomware threats by making ransom payments illegal. While the FBI cautioned organizations against sending ransomware payments to cybercriminals, the assistant director of the FBI (cyber division) argues that if Congress were to ban ransom payments, it could ...

23 07, 2021

Printer Vulnerability CVE-2021-3438, China Attacks Microsoft, Pulse Secure VPN Cyberattack, Pegasus Spyware Compromised, Kaseya Ransomware Decryption Key

2021-07-23T12:38:08-07:00July 23rd, 2021|

1.  A 16-year-old Printer Vulnerability CVE-2021-3438 (CVSS score: 8.8) Impacts Millions of Infrastructures A 16-year-old vulnerability was discovered in popular corporate printers that allow hackers to gain administrative rights to perform several activities on systems, including the ability to install rogue programs, view, change, encrypt or wipe data. This critical vulnerability is prevalent in HP, Samsung, ...

9 07, 2021

The Kaseya Ransomware Attack SME Breakdown, DOD Data Left Unprotected, Morgan Stanley Data Breach & Email Exploitation

2021-07-09T09:58:45-07:00July 9th, 2021|

1.  Kaseya Ransomware Attackers Demand A $70 Million Ransom An affiliate of the notorious REvil ransomware gang compromised Kaseya’s virtual systems administrator (VSA) software. The Russian-linked attackers compromised the backend architecture of the IT infrastructure management tool. They used its notification capability to send a malicious update to VSA servers running on client environments. Thus, ...

2 07, 2021

LinkedIn Data Breach, Ransomware Payment Legislation, US Payment Processing Data Security, Google Compute Engine Vulnerability, NIST Critical Software

2021-08-02T08:37:59-07:00July 2nd, 2021|

1.  700 million LinkedIn Users Impacted By a Data Breach The corporate social network, LinkedIn, experienced a significant data breach that affected 92% of its user base. This incident was announced by the malicious actors, who successfully accessed sensitive user data by misusing API functionalities to conduct unauthorized data scraping activities. According to security researchers, ...

Go to Top