Skype Phishing Attack Targets Remote Workers’ Passwords

This is yet another example of the cybercriminal bad guys taking advantage of a crisis situation and attempting to catch us with our collective guards down.  I know many in the business world are now nearly completely reliant upon Skype, Teams, WebEx, and Zoom to function on a daily basis, but that need to stay connected cannot supersede the sound security practices that protect data and keep us safe.

Remember this simple truth – if you get an email message regarding an issue with an online service or tool, stop and don’t click any email links.  Go directly to the website you know and trust from a browser.  Any messages or alerts sent via email will be there on the website waiting for you.  President Reagan’s montra is applicable and not cliché, Trust but verify.

https://threatpost.com/skype-phishing-attack-targets-remote-workers-passwords/155068/

Maze Ransomware – What You Need to Know

This is the logical evolution of the ransomware threat in terms of data loss.  No longer is the fear only the loss of access to data.  Now we need to fear data being stolen and sold or leveraged in new and frightening ways.  Please be aware!

https://www.tripwire.com/state-of-security/featured/maze-ransomware-what-you-need-to-know/

 

DHS Warns of Potential Iranian Cyberattacks

We often want to approach IT security from a detached and somewhat clinical position, evaluating threats and vulnerabilities with an objective logic devoid of an understanding of the motivations employed by the cyber criminals involved.  Now is not the time to take that approach to IT security.

Our nation faces a very real and immediate threat in the form of cyberattacks from foreign nations motivated by anger and revenge.  As IT security professionals, we cannot prepare and defend our networks and computer resources in a vacuum.  We must remain aware of the sociopolitical situation in order to understand the potential nature of the attacks to come and timing of those attacks relative to political decisions and military actions taking place around the world.

Financial institutions has begun to receive alerts from the Federal Reserve based on information provided by the Department of Homeland Security concerning potential threats from Iran and Iranian proxies motivated to disrupt networks, services and social feeds in the United States.  Specific IP address information is being provided as a first step to content filtering and threat identification.

Please remain diligent in your defensive posture during this period of immanent threats.  Educate your users as to the situation and the possibility of social engineering attacks associated with these threats.  Stay abreast of the situation and monitor multiple news sources.  Be cognizant of the fact that a week from now, Windows 7 and Windows Server 2008 will reach end of life and security patching for those products will cease.  Devices running those operating systems will, for all practical purposes, have large targets painted on their chassis.  If you find yourself with devices that you have not been able to update yet, take steps to properly isolate these devices and restrict access to the Internet.

Now is not the time to assume that you or your organization will not be a target. Be prepared and aware.

https://www.darkreading.com/attacks-breaches/dhs-warns-of-potential-iranian-cyberattacks/d/d-id/1336741

Top 10 Breaches and Leaky Server Screw Ups of 2019

This post is intended to be a little more than simply a stroll down memory lane in the IT security world of 2019.  Take a moment to consider each one of these incidents and how each could affect you and your organization.  Have you executed on any lessons learned?  Have you mitigated or remediated all associated vulnerabilities?  Are you monitoring for future activity?  We need to learn from these types of incidents and strive to continually get stronger.  Enjoy the read.

https://threatpost.com/top-10-breaches-leaky-server-2019/151386/

Office 365 Admins Targeted in Ongoing Phishing Scam

This is not unexpected.  Cybercriminals are fairly smart and they are motivated to target the resources with the greatest and/or most effective access.  As more and more of the world moves their respective Exchange and Active Directory resources to the cloud, O365 and Azure administrators move up the valued target list.

This article simply points out something we have known for some time.  We must take phishing threats and associated awareness training seriously.  This must become a priority for every organization, large and small.  This issue also places a brighter spotlight on the security associated with service providers and 3rd party administrators.  Make sure your security controls take those resources into consideration as well.

https://threatpost.com/office-365-admins-phishing/150352/

A New Attack Category is Born: You Now Need to Also Worry About Evasive Spear Phishing

Spear phishing has long been a serious concern for organizations battling the constant onslaught of social engineering attacks pointed at their users.  This post from the team at KnowBe4 sheds some light on a new form of spear phishing that often focuses in on technology firms and other high value targets.  The depth and level of sophistication associated with these attacks should raise red flags.  The more accurate and relevant the phishing content, the higher the likelihood the end user will fall into the trap and click the link.

Please be diligent in your awareness training and notifications to end users.  These threats are very real!

https://blog.knowbe4.com/a-new-attack-category-is-born-you-now-need-to-also-worry-about-evasive-spear-phishing

Web scraping doesn’t violate anti-hacking law, appeals court rules

This is an intriguing legal development that may have far reaching implications on intellectual property and privacy fronts.  The fact that current legal standards cannot appropriately address web scraping means that our US laws are woefully outdated and unable to tackle the challenges of a highly technical and quickly evolving society.  Agility should be an important component to all future legislative processes.

https://arstechnica.com/tech-policy/2019/09/web-scraping-doesnt-violate-anti-hacking-law-appeals-court-rules/

Wikipedia, World of Warcraft Downed By Weekend DDoS Attacks

This article discusses yet another series of DDOS attacks targeting well known websites.  Based on the article, these DDOS attacks are an example of a hacking group trying to validate skills and work toward larger attacks which will in turn inspire other attacks against new targets by other new hacking groups.  This is a systemic problem that will continue to grow and plague businesses and organizations worldwide.

It is important to consider the potential damage that can be caused by a DDOS attack and how your organization would remediate or mitigate such an attack.

https://threatpost.com/wikipedia-world-of-warcraft-ddos-attacks/148121/