Your address will show here +12 34 56 78
Blog

A hacker gang claims to be selling data on 70 million AT&T customers, including individual call records and account PIN codes. The alleged AT&T data was posted for sale on the dark web last week by an entity known as “Gnosticplayers.” An advertisement for the stolen data states that it comes in two parts—a smaller one with basic subscriber information such as customer names, addresses, e-mail addresses, account numbers, and payment information; and a bigger one that includes more detailed records of phone calls.  


AT&T confirmed to Motherboard on Friday that the data is real. “We’re aware of the situation and we’ve notified law enforcement,” an AT&T spokesperson said in a brief statement.


The account PIN codes mentioned in the advertisement refer to those used for some corporate accounts, according to Motherboard’s anonymous sources. It’s not clear what these numbers would allow attackers to do with stolen corporate accounts, but it may go beyond just hijacking calls and messages: AT&T reportedly uses them as security tokens for other services such as email and VPN access.


AT&T has been notified of the hacked data and told Motherboard it’s working on a statement, which will be added once available. For now, anyone who thinks they might have an AT&T account should read this post by security expert Brian Krebs on how to protect yourself.


While data breaches are unfortunately common, the claimed 70 million AT&T records make it one of the biggest in recent years. Earlier this year, credit reporting agency Equifax admitted that hackers stole the personal details (including names and social security numbers) on 143 million US customers—almost half of all Americans. It later revised the number up to 145.5 million people.


An advertisement for the stolen data states that it comes in two parts—a smaller one with basic subscriber information such as customer names, addresses, e-mail addresses, account numbers, and payment information; and a bigger one that includes more detailed records of phone calls.


Source: https://www.pcmag.com/news/361399/hacker-gang-claims-to-be-selling-data-on-70m-att-customers

0

Blog

A new vishing (voice phishing) attack is scamming victims by scaring them with fake Microsoft Defender invoices in an attempt to take over control of their computers.


The campaign was first detected by security researcher Barak Tawily, who shared his findings Thursday via a blog post and on Twitter:


“Scam alert: vishing-scammers spoofed Microsoft’s ‘Microsoft Defender’ and send voice messages pretending to be bills,” he wrote on Twitter .


Tawily said the vishing scam begins with a phone call that offers “Microsoft support.” Victims are then persuaded into opening remote desktop connections so the scammers can access their PCs. From there, malware is downloaded, meaning criminals could potentially lock down devices and demand a ransom in return for a decryption key.


Tawily said vishing scammers have been using similar tactics in recent weeks to target Chrome and Firefox users. Reports indicate that victims are receiving automated messages telling them their browsers are infected with the Dvmap malware , claiming it must be removed immediately or else data will be encrypted and held for ransom (i.e., “we will block your browser”). The messages claim that support is available via vishing, which encourages people to call numbers listed in Florida and Texas .


It’s unclear if the vishing scam described by Tawily is related to the Dvmap malware attack, but vishing continues to gain momentum as a top method of cybercrime: Earlier this year, security specialist Symantec said vishing attacks are surging in popularity among extortionists, including the infamous Business Email Compromise (BEC) vishing scam.


The latest vishing campaign discovered by Tawily uses a “voice message pretending to be a bill,” he told ZDNet via Twitter .


“It has been observed over the last few days that vishing-scammers spoofed Microsoft’s ‘Microsoft Defender’ and send voice messages pretending to be bills,” Tawily wrote in his post. “This is not an automated attack but humans doing vishing.”


Tawilyn also posted two audio samples of the vishing attack, which use Microsoft support numbers listed in Texas and New Mexico . Both recordings say visitors are subject to a $100 fee before the vishing attack will stop.


“We are very sorry, but there seems to be some kind of technical problem with your device,” the vishing message states. “To solve this issue, we’ve detected that you need troubleshooting assistance from our Microsoft support team . You can call on (866) 576-1810 x99 to fix the error.”


The vishing scam is similar in nature to another vishing campaign reported by BleepingComputer earlier today , which claims victims must pay an immediate $200 fine or risk having their social security number blocked for life. The vishing scheme uses phone numbers listed in Texas and Washington state , according to BleepingComputer’s Lawrence Abrams .


Tech support vishing scams are extremely common, and vishing attacks often use scare tactics to convince victims into giving up personal information. A vishing attack , for example, might inform users that their system is infected with ransomware; if people call the phone number listed in the vishing message, attackers will instruct them on how to pay the ransom (and pocket victims’ money).


Another vishing scam that made headlines last week told Chrome users their browsers were infected with malware and asked people to call a Google-listed phone number to receive assistance. Once called, however, criminals locked devices down so they could demand a ransom in return for a decryption key.


Technology news site BleepingComputer has published several vishing awareness guides over the past year. If you need help with cybersecurity contact MicroPac today to schedule a consultation.

0

Blog

Cyberattacks are on the rise. For some time, the U.S Cybersecurity and Infrastructure Security Agency (CISA) has been warning about the risks in using a VPN for personal cybersecurity purposes; they’ve now released guidance on how best to harden your virtual private network solutions so you can stay safe online!


The two agencies have created a report to help organizations defend themselves against attacks from nation-state adversaries. These are the kinds of hackers that can take advantage when you use an encrypted VPN system because they’ll be able execute code on your computer or read sensitive data without any protection whatsoever!


“Multiple nation-state advanced persistent threat (APT) actors have weaponized common vulnerabilities and exposures (CVEs) to gain access to vulnerable VPN devices,” the U.S. National Security Agency


It’s important for organizations to have a plan in place when it comes to patching known vulnerabilities. Organizations should also choose products from reputable vendors with an active history of quickly acting on patches, since we know that some attackers will exploit these holes as soon they’re found by looking at how often hackers use them themselves.


The two agencies recommend users improve VPN security and reduce their server’s attack surface by:

  1. Configuring strong cryptography and authentication

  2. Running on strictly necessary features

  3. Protecting and monitoring access to and from the VPN


With the rise of state-sponsored hackers, it is more important than ever to ensure your data stays secure and you are protecting . VPN vulnerabilities have been used recently by both financially motivated and backed assailants in an effort to penetrate networks belonging not only private companies but also defense firms all over Europe with a goal of gaining access for financial gain or geopolitical advantage on behalf their countries.


This year in April, cybersecurity company FireEye published a report about two state-backed groups who used an unknown vulnerability to compromise the Pulse Connect Secure (PCS) VPN appliance. 


The National Security Agency (NSA) has warned that Russian hackers are exploiting security flaws in certain firewalls and VPN providers. The NSA also reported this information to Congress around the same time, warning them about potential cyber attacks by these foreign agents who have been going under names like “APT29”, Cozy Bear or even just ‘The Dukes’.


Ransomware gangs are not only targeting computers and mobile devices. They’re also interested in network access, as evidenced by seven attacks on VPN solutions from Fortinet, Ivanti (Pulse), SonicWall. At least 7 operations exploiting flaws in these products have been reported since 2017- including two that successfully encrypted user data within the organization’s firewall perimeter.


If you need help with cybersecurity contact MicroPac today!

0

Blog

It’s a common problem that affects businesses of all shapes and sizes—cybersecurity attacks are on the rise faster than budgeting can be accommodated for IT spend. All IT leaders are facing the challenge of addressing privacy concerns, protecting data, validating their IT spend and securing the fortress. As long as you don’t get hacked or sued it seems the job is successful—but how do you define the true ROI of IT security?


In this 2021 paradigm, a few trends among IT leaders are emerging:


Metrics
: Businesses are requiring more proof of spend. This means IT leaders are moving towards heavier analytics and reporting. How is the infrastructure measured in relationship to it’s effectiveness towards compliancy, business continuity and value in the business framework.


Cloud Spend
: As more businesses move to cloud-based solutions to secure critical digital assets, they are also demanding cloud providers demonstrate the efficacy and integrity of their security systems and controls. This has created a new market for AI driven Cloud Optimization which minimizes waste on overall spend.


Regulatory Compliance is 
Increasing: What began with the EU’s GDPR (public data and privacy protections) has expanded into many states passing their own laws. California’s CCPA and Vermont passed similar legislation protecting user’s and fining businesses for poor safety measures and identity disclosure.  Many states are following with privacy and protection laws in the in the initial drafting stages hot on the heels of California’s legislative lead.


To avoid penalties (and customer attrition), businesses will need to demonstrate compliance with state, federal and sector-specific protections (like HIPAA and the Financial Privacy Act). Privacy-industry watchers also anticipate that leaders from areas of business not traditionally focused on cybersecurity, like finance and HR will have more authority in their firm’s cybersecurity investments and spend.


If your business needs assistance with IT and cybersecurity best practices contact MicroPac today.

0

Blog

Patching is supposed to keep our data secure. However, bad patching may be giving businesses a false sense of security and giving hackers a field day. People live with the assumption that when a software vendor issues a security update to fix a vulnerability, that the problem has been taken care of. Unfortunately, far too often, this simply isn’t true. In fact, insufficient research and a limited patching effort may lead to further security issues and other potential exploits hackers can easily take advantage of.

 

Research from Google’s Project Zero hacking team demonstrates that one in four zero-day exploits were related to previously patched vulnerabilities. The exploits could have been avoided with more thorough research and a more detailed patching process. This is good news and bad news. On a positive note, it highlights the many exploits that could be avoided by simply paying more attention to patching. The bad news is that there are still vulnerabilities out there that should have already been taken care of.

 

In some cases, after patches were implemented, attackers only needed to change a line or two of code to bypass the new security. Sloppy patching is too often focused on the symptom of an exploit, instead of a core vulnerability in the code. A more comprehensive approach to software security needs to be worked into the patching process to avoid temporary fixes that leave our data vulnerable.

If you need help with cybersecurity for your business contact Micropac today: https://bit.ly/35P3Nta

0

PREVIOUS POSTSPage 1 of 2NO NEW POSTS