malware

Home/Tag: malware

New Prevention Tactics for Avoiding Malware

In an effort to combat the epidemic of ransomware attacks, the FBI identified key steps to help prevent a breach. There are over 4000 ransomware attacks per day, and the number is expected to increase. Individuals and businesses need to protect themselves against this insidious intrusion. Ransomware is a form of malware designed to extort money from businesses and individuals. It encrypts data on a home computer or business network, and in some cases seeks out connected backups to encrypt [...]

ISP Phishing Scam

The BBC is reporting cyber criminals are targeting users with a fake pop-up window designed to look like a legitimate message from the user’s ISP. The message states there is malware on the user’s system and please call the toll free number provided. It’s a scam. But as phishing campaigns go this one is particularly nasty. Criminals are using the credibility of real ISPs to attack consumers. http://www.bbc.com/news/technology-36084989 The attacks so far have occurred in the US, Canada, and Great [...]

Good advice can lead to bad cybersecurity choices

  Generation Y and Millennials have a skewed view of cybersecurity. They are told constantly “be careful what you post; once it’s on the web it’s there forever.” Good advice. Unfortunately this has given the impression to 16-34 year olds that they can retrieve their data from sources other than their PC, phone or tablet, namely the web! Ransomware in particular is not seen as a threat. Ransomware is malicious software designed to take over a PC or other Internet [...]

Why Spear Phishing and Social Engineering Work

Why Spear Phishing and Social Engineering Work People are the weakest link when it comes to cybersecurity. Why do they click on an embedded link contained in an email. Why do they open what looks like a suspicious email in the first place? Successful ransomware and spear phishing attacks continue to be on the rise; in February a Los Angeles hospital paid $17,000 to hackers in order to “free” their computers. http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html So far this year the FBI estimates $200 [...]

Tactics of the Attacker – New European Spear Phishing Campaign

Tactics of the Attacker - New European Spear Phishing Campaign Cyber criminals are taking ransomware to a new level. The BBC is reporting consumer personal information is being stolen from unsecured databases. See here for details: http://www.zdnet.com/article/new-phishing-attack-knows-your-address-and-brings-ransomware/ That data is then used to create carefully crafted spear phishing email. The emails have names, addresses, etc of the user. The email comes in the form of a collection letter,demanding money for an unspecified service or overdue bill. The email looks legitimate. [...]

Savvy New Android Malware – Buyer Beware

The FBI has identified two new kinds of Android Malware; SlemBunk and Marcher. These are  designed to target US financial institution customers.  These two bugs are phishing for specified US financial institutions’ customer credentials. The malware monitors the infected phone for the launch of a targeted mobile banking application to inject a phishing overlay over the legitimate application’s user interface. The malware then displays an indistinguishable fake login interface to steal the victim’s banking credentials. The malware defeats two factor [...]

Speeding Ticket Spear Phishing

There is a new email scam that hits close to home: fake speeding tickets! The Spear Phishing email appears to be a speeding ticket. Several people in Tredyffrin Township, Pennsylvania received the emails which appeared to be from a local police department. The email contained accurate driving information: date and time, speed, license number, street address. Even more frightening, the drivers were actually speeding on the date and time listed in the email. The email demands payment through an attached [...]

Police Pay Ransom

Looks like CNN’s prediction that 2016 will be ‘The Year of the Ransomware’ is coming true, and in spectacular fashion. Cyber criminals are targeting the most unlikely of victims: local U.S. police departments!  (http://www.nbcnews.com/news/us-news/ransomware-hackers-blackmail-u-s-police-departments-n561746)   The attacks are based out of Eastern Europe. Since 2013 departments in seven states have reported attacks. NBC News reports that five Maine police departments were locked out of their records management systems last year. Departments in Alabama and New Hampshire were also breached, but [...]

Gone Phishing

      CNN has declared 2016 ‘Year of the Ransomware.’ In a recent report from Ponemon, 90% of US companies surveyed have been breached at least once. (http://www.computerworld.com/article/2509366/security0/90--of-companies-say-they-ve-been-hacked--survey.html) Criminal Phishing and Spear Phishing campaigns continue to be successful. They extort millions of dollars from government agencies, companies and non-profit organizations. Businesses need to know how vulnerable they are; and to define a metric, use internal Phishing campaigns to determine risk.   Companies are not disclosing specific internal phishing campaign [...]

China Is Cutting the Legs Out from Under American Businesses (but please don’t stop them?)

Businesses and their executives everywhere should be aware of this story run by 60 Minutes on Jan 17, and the blog Jeff Lipson wrote about here. The fact that China is stealing U.S. companies’ intellectual property is not news. The fact that President Obama worked with the Western District of Pennsylvania to indict five Chinese officers of theft of intellectual property is not news. So, what is the real news bite here? Some companies and Americans want to fight back and stop [...]