Archive for the ‘Security Updates’ Category

Two C-Level Execs Fall Victim to 21 Million Dollar Phishing Fraud Email Scheme

A movie chain company’s Managing Director and CFO were ensnared in a Phishing Email Scheme that cost their company 21 million dollars and them their jobs. As Phishing email scams become more prevalent and their content/appearance more authentic, it is imperative that all those involved in the financial transactions of any firm be aware of the threat and educated about detecting these nefarious campaigns. Every firm should have protection mechanisms to not only block these emails, but procedures to determine the validity of any request for monetary transfers. If you need any assistance with your security posture and/or your Business…

Read More »

DNC Contacts FBI After Its Voter Database Comes Under Attack

The FBI received a report from the US Democratic National Committee (DNC) that unknown actors sought access to a voter database through a phishing campaign. Security firm Lookout was reported to have warned the DNC Tuesday that it had found a fake login page for VoteBuilder, a tool the party uses so its campaigns can better target voters. The apparent attackers’ apparent aim was to obtain credentials they could use to access the party’s voter information. The DNC’s Chief Security Officer Bob Lord briefed party officials on the attack yesterday, then made a public statement denouncing the current US Administration for not…

Read More »

Rackspace Notification and Tips About Phishing Email Attempts

This information was provided to all Rackspace partners though it applies to any email environment. In addition there are some great tips included that again apply to all email environments. “Our team identified emails which were sent to random users on our hosted email environment.  These emails state that the email address has been flagged for suspicious activity and the user is required to click a link to authenticate the account. Please note that these emails are NOT legitimate emails sent by our email hosting service.  If you notice emails that contain suspicious links or attachments, please remind your users…

Read More »

Recent Real World Experience: Combating Ransomware Infection Part I Principle of Least Privilege

Just this past weekend MTBW Services was called upon to assist in the recovery from a Ransomware infection. Though never a pleasant way to spend a weekend, from our experience assisting scores of other companies infected with this insidious Malware, we were able to clean and recover the data affected. We have released an extensive checklist regarding protections in the battle against Ransomware – Ransomware Evolutions and Derivatives – but there are a few from this most recent battle that merit reiteration. The Principle of Least Privilege is a critical component in combating the ravages of Ransomware. The Principle of…

Read More »

Ransomware Hits Close to Home as DC Police Suffers Infection

As reported in the Washington Post, “hackers infected 70 percent of storage devices that record data from D.C. police surveillance cameras…… forcing major citywide reinstallation efforts, according to the police and the city’s technology office.” In addition, the report included the following description of the attack, “City officials said ransomware left police cameras unable to record between Jan. 12 and Jan. 15. The cyberattack affected 123 of 187 network video recorders in a closed-circuit TV system for public spaces across the city, the officials said late Friday.” As MTBW has been documenting over the last year or so, the pervasive…

Read More »

Ransomware Year in Review 2016

As we have been doing all year with our notices regarding the scourge of Ransomware, industry giants Symantec and Kaspersky have released their latest statistics on the state of this Malware. I would like to pass along that the plight of Ransomware has been mitigated, but as you will see below just the opposite is true. Kaspersky reported that ransomware attacks on businesses increased three-fold: which represents a change from an attack every 2 minutes in January to one every 40 seconds by October. For individuals, the rate of increase went from every 20 seconds to every 10 seconds. With…

Read More »

Ransomware Evolutions And Derivatives

With the latest CyberheistNews Volume being released on the 15th of August, we at MTBW Services thought it would be beneficial to provide a summary of the latest Ransomware activities and a link to the full report. Some of the more worrisome findings in the report: The FBI projected that the losses caused by ransomware infections could reach a billion dollars in 2016 alone. Late July, thousands of legit WordPress business sites were hijacked by a botnet named SoakSoak to deliver ransomware to anyone who visits their website. Ransomware upgraded strains and rebranded versions sold cheaply on the Dark Web….

Read More »

Ransomware Infections Continue To Make Headline News

As the ransomware infections continue to make headline news, we are striving to provide pertinent information to all we have business dealings. Though there is no one silver bullet to protect a network from these insidious infections, there are multiple configurations that applied in a Defense in Depth approach can substantially reduce the likelihood. First, as we have done at the majority of our clients with Unified Threat Managements firewalls the detection and blocking of Botnet Command and Control servers is critical. In conjunction with the detection and blocking, application control at the gateway perimeter is a necessity. Then at…

Read More »

Ransomware Notice To Clients

The recent news of the Hollywood Presbyterian Medical Center in Los Angeles paying $17,000 to cyber attackers and a recent recovery situation for a client has prompted MTBW to reiterate recommendations to all those we have business dealings. Read the full article. Ransomware is different than conventional viruses, Trojans and Malware, for it encrypts data that requires a specific encryption key to decrypt the information. The cyber attackers use the same technology that encrypts and protects financial and other confidential information transactions via the Internet. As you’ll read in the article the hospital was down for 10 days, while law…

Read More »