Archive

These days, companies spend significant sums of money to protect themselves from cyber criminals.  The threat matrix is vast, and attacks can come from almost any quarter. That is why many companies not only spend heavily on antivirus software, but also on a wide range of tools that IT security professionals can leverage to intercept attacks "at the gates" and prevent attackers from ever breaching their defenses. Further, many companies will engage with third-party specialists to [...]

Read more

Top quality talent can be difficult to find in any field, if you have spent any time looking for and hiring people, you know the challenge can be an especially daunting one.  There's tremendous competition for talented folks. Given the cost of hiring and training new people, it's something you want to get right the first time as often as possible. The question is: how? The good news is that there are multiple things you can do to take the guesswork out of the equation. The [...]

Read more

Do you receive healthcare of any kind from Kaiser Permanente?  If so, be aware that they recently published a data breach notification indicating that an unidentified attacker accessed an email account that contained personal health information on April 5th, 2022. Based on the investigation to this point, it appears that sensitive health information belonging to more than 69,000 individuals was exposed.  For context, Kaiser Permanente provides a wide range of health care [...]

Read more

According to research conducted by the cybersecurity firm PIXM, there is a massive phishing campaign that peaked in April and May of this year (2022) and it is still ongoing. The campaign has lured millions of unsuspecting users to phishing pages by abusing Facebook and Facebook Messenger and tricking users into entering their account credentials. Worse, the hackers then used those credentials to send additional phishing messages to friends of the affected users, luring them in as [...]

Read more

Researchers at HP have discovered a new malware loader that they've dubbed SVCReady.  While new malware strains are common, this one is distinct for a couple of different reasons. Like many malicious programs, this spreads primarily via phishing email campaigns.  One way that this new strain differs however, is the fact that the malware is loaded onto the target machine via specially crafted Word documents attached to the email. The idea is that these Word documents [...]

Read more

It's never a good thing when well-organized groups of hackers start working together, but that's what appears to be happening. Recently, evidence has emerged that the Black Basta ransomware gang has begun tight-knit cooperation with the infamous QBot malware operation. They share the specific goal of inflicting maximum damage on corporate targets. While many different groups make use of QBot for initial infection, Black Basta's use is somewhat different. The group is leveraging it to [...]

Read more

If you're involved in information security in any capacity, you're probably quite familiar with the infamous Emotet botnet.  It's one of the most dangerous and prolific botnets out there and it is a dire threat to organizations of all sizes. The bad news is that the botnet is still being actively enhanced and is gaining new capabilities at regular intervals. Most recently, its developers have added a new credit card stealing module that is designed to harvest saved credit card [...]

Read more

Depending on where you live, you may have received medical care from the Shields Health Care Group (Shields), or from a provider associated with them. If so, be aware that the Massachusetts-based medical provider specializing in PET/CT scans, MRIs, radiation oncology, and ambulatory surgical services has been hacked. The unknown hackers gained access to their network and stole data relating to more than 2 million users. According to the breach notification that the company [...]

Read more

Are you a WhatsApp user?  If so, be aware that hackers have worked out a means of hijacking a user's WhatsApp account and gaining access to a user's contact list and personal messages. The attack relies on mobile carriers' automated service to forward calls to different phone numbers, which is a service every major mobile carrier offers. Unfortunately, it can be exploited by hackers by tricking users into forwarding their calls to a number that the hackers control. So when [...]

Read more

Teams was "just another Microsoft application" before the pandemic.  Thanks to Covid-19 though, demand for video conferencing solutions shot through the roof, and suddenly Teams found its groove. Microsoft had been gamely trying to bolster its popularity and the pandemic certainly helped. For more than two years, the Redmond giant has been pouring an increasing number of resources into polishing Teams and really making it shine. Recently (May of this year), Microsoft made a [...]

Read more