Your address will show here +12 34 56 78
Blog

A new vishing (voice phishing) attack is scamming victims by scaring them with fake Microsoft Defender invoices in an attempt to take over control of their computers.


The campaign was first detected by security researcher Barak Tawily, who shared his findings Thursday via a blog post and on Twitter:


“Scam alert: vishing-scammers spoofed Microsoft’s ‘Microsoft Defender’ and send voice messages pretending to be bills,” he wrote on Twitter .


Tawily said the vishing scam begins with a phone call that offers “Microsoft support.” Victims are then persuaded into opening remote desktop connections so the scammers can access their PCs. From there, malware is downloaded, meaning criminals could potentially lock down devices and demand a ransom in return for a decryption key.


Tawily said vishing scammers have been using similar tactics in recent weeks to target Chrome and Firefox users. Reports indicate that victims are receiving automated messages telling them their browsers are infected with the Dvmap malware , claiming it must be removed immediately or else data will be encrypted and held for ransom (i.e., “we will block your browser”). The messages claim that support is available via vishing, which encourages people to call numbers listed in Florida and Texas .


It’s unclear if the vishing scam described by Tawily is related to the Dvmap malware attack, but vishing continues to gain momentum as a top method of cybercrime: Earlier this year, security specialist Symantec said vishing attacks are surging in popularity among extortionists, including the infamous Business Email Compromise (BEC) vishing scam.


The latest vishing campaign discovered by Tawily uses a “voice message pretending to be a bill,” he told ZDNet via Twitter .


“It has been observed over the last few days that vishing-scammers spoofed Microsoft’s ‘Microsoft Defender’ and send voice messages pretending to be bills,” Tawily wrote in his post. “This is not an automated attack but humans doing vishing.”


Tawilyn also posted two audio samples of the vishing attack, which use Microsoft support numbers listed in Texas and New Mexico . Both recordings say visitors are subject to a $100 fee before the vishing attack will stop.


“We are very sorry, but there seems to be some kind of technical problem with your device,” the vishing message states. “To solve this issue, we’ve detected that you need troubleshooting assistance from our Microsoft support team . You can call on (866) 576-1810 x99 to fix the error.”


The vishing scam is similar in nature to another vishing campaign reported by BleepingComputer earlier today , which claims victims must pay an immediate $200 fine or risk having their social security number blocked for life. The vishing scheme uses phone numbers listed in Texas and Washington state , according to BleepingComputer’s Lawrence Abrams .


Tech support vishing scams are extremely common, and vishing attacks often use scare tactics to convince victims into giving up personal information. A vishing attack , for example, might inform users that their system is infected with ransomware; if people call the phone number listed in the vishing message, attackers will instruct them on how to pay the ransom (and pocket victims’ money).


Another vishing scam that made headlines last week told Chrome users their browsers were infected with malware and asked people to call a Google-listed phone number to receive assistance. Once called, however, criminals locked devices down so they could demand a ransom in return for a decryption key.


Technology news site BleepingComputer has published several vishing awareness guides over the past year. If you need help with cybersecurity contact MicroPac today to schedule a consultation.

0

Blog

Cyberattacks are on the rise. For some time, the U.S Cybersecurity and Infrastructure Security Agency (CISA) has been warning about the risks in using a VPN for personal cybersecurity purposes; they’ve now released guidance on how best to harden your virtual private network solutions so you can stay safe online!


The two agencies have created a report to help organizations defend themselves against attacks from nation-state adversaries. These are the kinds of hackers that can take advantage when you use an encrypted VPN system because they’ll be able execute code on your computer or read sensitive data without any protection whatsoever!


“Multiple nation-state advanced persistent threat (APT) actors have weaponized common vulnerabilities and exposures (CVEs) to gain access to vulnerable VPN devices,” the U.S. National Security Agency


It’s important for organizations to have a plan in place when it comes to patching known vulnerabilities. Organizations should also choose products from reputable vendors with an active history of quickly acting on patches, since we know that some attackers will exploit these holes as soon they’re found by looking at how often hackers use them themselves.


The two agencies recommend users improve VPN security and reduce their server’s attack surface by:

  1. Configuring strong cryptography and authentication

  2. Running on strictly necessary features

  3. Protecting and monitoring access to and from the VPN


With the rise of state-sponsored hackers, it is more important than ever to ensure your data stays secure and you are protecting . VPN vulnerabilities have been used recently by both financially motivated and backed assailants in an effort to penetrate networks belonging not only private companies but also defense firms all over Europe with a goal of gaining access for financial gain or geopolitical advantage on behalf their countries.


This year in April, cybersecurity company FireEye published a report about two state-backed groups who used an unknown vulnerability to compromise the Pulse Connect Secure (PCS) VPN appliance. 


The National Security Agency (NSA) has warned that Russian hackers are exploiting security flaws in certain firewalls and VPN providers. The NSA also reported this information to Congress around the same time, warning them about potential cyber attacks by these foreign agents who have been going under names like “APT29”, Cozy Bear or even just ‘The Dukes’.


Ransomware gangs are not only targeting computers and mobile devices. They’re also interested in network access, as evidenced by seven attacks on VPN solutions from Fortinet, Ivanti (Pulse), SonicWall. At least 7 operations exploiting flaws in these products have been reported since 2017- including two that successfully encrypted user data within the organization’s firewall perimeter.


If you need help with cybersecurity contact MicroPac today!

0

Blog

In an exciting announcement, Microsoft announced that they are rolling out passwordless login support over the coming weeks. This means customers will be able to sign in with their regular account and not have a password requirement!


This new feature will be particularly useful for those who can’t or don’t want to remember their credentials due to ease of use and security concerns. The company first allowed commercial customers access earlier this year when they reported that during 2020 alone there were 150 million users logging into Azure AD/MSA & MC licenses via federated authentication with no need for passwords!


Starting today, you can finally stop typing your password. In order to log into their Microsoft accounts, users can choose from a variety of different options including the app called “Microsoft Authenticator”, Windows Hello (a form of biometric authentication), security key or verification codes that are sent by mail.


“This feature will help to protect your Microsoft account from identity attacks like phishing while providing even easier access to the best apps and services like Microsoft 365, Microsoft Teams, Outlook, OneDrive, Family Safety, Microsoft Edge and more,” said Liat Ben-Zur, Microsoft Corporate Vice President.


The Microsoft Corporate Vice President for Security, Compliance and Identity Vasu Jakkal added that threat actors use weak passwords as the initial attack vector in most attacks. The company detects 579 password breaches every second with 18 billion incidents each year- a number which is growing rapidly!


“One of our recent surveys found that 15 percent of people use their pets’ names for password inspiration. Other common answers included family names and important dates like birthdays,” Jakkal said.


“We also found 1 in 10 people admitted reusing passwords across sites, and 40 percent say they’ve used a formula for their passwords, like Fall2021, which eventually becomes Winter2021 or Spring2022.”


How to go passwordless


To log in into your Microsoft account without a password install the Microsoft Authenticator app and link it to your personal Microsoft account.


Then go to your Microsoft account page, sign in, and turn on the ‘Passwordless Account” under Advanced Security Options > Additional Security Options.


Last, follow the on-screen prompts and approve the notification displayed by the Authenticator app.


“Passwordless solutions such as Windows Hello, the Microsoft Authenticator app, SMS or Email codes, and physical security keys provide a more secure and convenient sign-in method,” Microsoft explains.


“While passwords can be guessed, stolen, or phished, only you can provide fingerprint authentication, or provide the right response on your mobile at the right time.”


If you need assistance with cybersecurity call Micropac today!

 

Source: Microsoft

0

Blog

Patching is supposed to keep our data secure. However, bad patching may be giving businesses a false sense of security and giving hackers a field day. People live with the assumption that when a software vendor issues a security update to fix a vulnerability, that the problem has been taken care of. Unfortunately, far too often, this simply isn’t true. In fact, insufficient research and a limited patching effort may lead to further security issues and other potential exploits hackers can easily take advantage of.

 

Research from Google’s Project Zero hacking team demonstrates that one in four zero-day exploits were related to previously patched vulnerabilities. The exploits could have been avoided with more thorough research and a more detailed patching process. This is good news and bad news. On a positive note, it highlights the many exploits that could be avoided by simply paying more attention to patching. The bad news is that there are still vulnerabilities out there that should have already been taken care of.

 

In some cases, after patches were implemented, attackers only needed to change a line or two of code to bypass the new security. Sloppy patching is too often focused on the symptom of an exploit, instead of a core vulnerability in the code. A more comprehensive approach to software security needs to be worked into the patching process to avoid temporary fixes that leave our data vulnerable.

If you need help with cybersecurity for your business contact Micropac today: https://bit.ly/35P3Nta

0

Blog

If there’s anything 2020 has shown the cybersecurity scene, it’s that everything and everyone is fair game. From vaccine centers to hospitals and all the way to government buildings – no one was safe.

 

On top of this, COVID-19 has ramped up remote workforces, making inroads for cyber-attacks. In fact, a study by data collected by RiskBase, shows that breaches exposed 36 billion records in the first half of 2020.

 

So severe was the situation that Joe Biden has already amassed a team of world-class cybersecurity specialists to see him through his tenure.

 

Why is Cybersecurity more important in 2021 than ever before?

 

It would be easy to say that the main risks revolve around the ever-growing security gaps that arise with a decentralized workforce. In reality, the situation is much worse. In fact, we could see a total failure of cybersecurity on the horizon.

 

For the first time, hospitals and other medical facilities witnessed attacks on their systems ‘en masse.’ The sector is particularly at risk due to the massive economic and operational impacts it is currently suffering. 

 

Moreover, as sensitive data and information is increasingly being moved into cloud services by corporations – customers are asking for stringent data protection measures to be implemented, fearing identity theft, fraud, and much more.

 

What can be done to curb fraud and data breaches?

 

Numerous trends have sprouted within the cybersecurity industry that are a direct reaction to the new digital landscape formed due to COVID-19. All in all, entirely novel trends appeared, and some that were long coming down the pipeline. Let’s take a look at what we can expect to see over the coming year: 

 

Remote working 

 

As we witnessed a large-scale migration towards working from home in 2020, a network of newly connected devices sprung up worldwide. Most of the home computers and personal laptops that sensitive work data was now hosted on were not adequately protected.

 

As a result, corporation networks that continued to be based out of a data center suffered. On the other hand, those who made the quick transition to the cloud flourished. 

 

We can expect to see a change in security architecture by which corporations will adopt microservices and cloud-native applications.

 

Moreover, emphasis will be put on authentication systems that restrict access to authorized devices, apps, and individual users.

 

Automation, Artificial Intelligence, and Machine Learning

 

Defensive applications of AI are expected to have their moment in 2021, driving a trend of hyper-automation. A study undertaken by Cybnit estimates that 95% of cybersecurity breaches are caused by human error. Consequently, automation is seen as necessary.

 

Hyper-automation is a process by which businesses automate as many IT or business processes as possible using AI, robotic process automation, machine learning, and many alternative tools. In short, they take the human out of the system.

 

While this shift was already well underway, the burgeoning threat of potentially devastating cyberattacks throughout 2020 sped it up.

 

As of now, it’s clear that manpower alone can’t handle all incoming attacks without help – automation is sorely needed.

 

Platform security 

 

Tying into the increasing adoption of automation systems is the fact that they’re more efficient if implemented across the board. Companies are expected to adopt a unified solution approach to proactive security rather than resorting to ineffective traditional point solutions.

 

The ability to address security attacks systematically across all company systems is key in maintaining data protection standards and ensuring that no threat can creep in.

 

Zero Trust 

 

Zero Trust has become one of cybersecurity’s latest buzzwords. Zero Trust is a strategic initiative aimed at preventing data breaches by eliminating the concept of trust from an organization’s network architecture.

 

By leveraging locked passways, the system should ask users for a form of identification such as a password and username as they go from one section of the system to another.

 

 

Mobile threats 

 

Mobile threats were accelerated in the backdrop of the COVID-19 pandemic. Threats ranged from specialized spyware designed to snoop on encrypted messaging applications to criminals exploiting Android security vulnerabilities. Fraud was a particular weak spot during this time.

 

This trend is expected to continue alongside the development of security software patches to block such attacks.

 

Final word

 

In a world where the threat of attack looms around every corner online or in data systems – every precaution must be taken. Never has this been more true than in 2021 when we’re learning the extent that cyber-attackers will go to just to gain access to corporation networks or simply a hospital’s system.

 

The cybersecurity needs to have not only preventative measures in place to combat this onslaught but also be ready to adapt to any tactical changes. The trends outlined above are aiming at achieving that end and optimizing performance in a unique and untrodden cyber landscape. Contact MicroPac today for a secure solution.

0