SamSam Ransomware Infected Thousands of LabCorp Systems Via Brute Force RDP

“LabCorp, one of the largest clinical labs in the U.S.”, said the SamSam ransomware attack that forced their systems offline was contained quickly and didn’t result in a data breach. However, in the brief time between detection and mitigation, the ransomware was able to encrypt thousands of systems and several hundred production servers. The wider public first learned about the LabCorp incident on Monday when the company disclosed it via an 8-K filing with the SEC. Since then, as recovery efforts continue, the company said they’re at about 90-percent operational capacity. According to sources familiar with the investigation, the SamSam…

Read More »

New Sleeper Strain of SamSam Ransomware Bypasses AV And Stays Hidden On Your Network

The ransomware strain that crippled several cities and school districts in the U.S. earlier this year is back with more tricks up its sleeve to avoid detection. If you haven’t heard of SamSam, you haven’t been paying attention. Just one example of the kind of destruction they can cause is the recent attack on the Colorado Department of Transportation which caused downtime for 2,000+ systems. This new SamSam strain adds a human element to its already devious mix of evasive techniques to keep antivirus, endpoint, and even more advanced security software from detecting it. SamSam avoids being discovered using sophisticated…

Read More »

Ransomware Mid-Year Update: It’s Worse Than Ever

Ransomware is alive and well. SonicWall recently released a mid-year update to their 2018 Cyber Threat Report. In it, they cover increases in malware attacks, encrypted attacks, and cryptojacking attacks. But one of the most prominent attacks remains a constant threat – ransomware. It feels like ransomware is old news – with so many stories in the news, and vendors claiming to have a handle on it, it’s natural to feel like it’s no longer a really-real threat. But the truth is ransomware is alive and kicking. The SonicWall report brings to light the reality of just how serious you…

Read More »

Remote Access Charges Spiraling Higher and Higher. We’ve Got A Solution.

As many of you have noticed and commented on the reputable remote access solutions available have been increasing exponentially over the years. We at MTBW Services have a solution for this costly, but invaluable capability. Many of our existing clients have already taken advantage of our offering. As an MSP we procure bulk licenses of these solutions and thus can offer remote access at a fraction of the cost when contrasted to purchasing a single or small block of licenses. It is the same solution you would have if you purchased directly. Contact an MTBW representative about deploying a remote…

Read More »

Cloud Based Email Solutions Need Anti-SPAM Help

Microsoft and other cloud-based email providers offer basic email security features to provide hygiene services. More and more cloud email users are finding that the anti-SPAM and other protection services included in the offerings aren’t sufficient. They rely on traditional filtering techniques such as IP reputation, volume, and signature-based anti-virus scans. More is needed to protect against modern-day attacks, particularly as email is the most reliable way for threats to reach your users. Proofpoint takes a next generation approach to deliver industry-leading email security protecting organizations against known and new attacks. Proofpoint has solutions starting at as low as $2.75…

Read More »

MTBW Services Receives Over 98% Client Satisfaction Rating

In an anonymous survey of our clients here at MTBW Services we are very pleased to announce we received an over 98% Client Satisfaction Rating. Every team member of MTBW Services strives to provide all our clients with unparalleled responsiveness, solutions, consultations, and services. For over two decades MTBW Services has provided IT Services to businesses both large and small in the Washington DC, Baltimore and Northern Virginia regions. Not only with the perpetual educational efforts exerted from all our team members during that time frame, but what we have learned from every client we have serviced, we continue to…

Read More »

Definition of Ransomware

Ransomware is a subset of malware in which the data on a victim’s computer is locked, typically by encryption, and payment is demanded before the ransomed data is decrypted and access returned to the victim. The motive for ransomware attacks is nearly always monetary, and unlike other types of attacks, the victim is usually notified that an exploit has occurred and is given instructions on how to recover from the attack. Payment is often demanded in a virtual currency, such as bitcoin so that the cybercriminal’s identity isn’t known. View full article: What is Ransomware by TechTarget

Cloud Storage a Regular Target for Ransomware Infections

The State of the Channel Ransomware Report From 1,700 Managed Service Providers of Datto supplied some interesting in the trenches findings. Of the 1,700 MSP’s responding 26% report Cloud-based targets such as Dropbox, Office365 and G Suite infections. In addition, 5% of all SMB’s have had a Ransomware infection, with 30% reporting the Ransomware remained on the system if it wasn’t completely reinitialized. This means that the same perpetrator could infect the system again even after payment had been made. Some other interesting findings are that the Cryptolocker variant is still the most prevalent. The leading industry targets for Ransomware…

Read More »

MTBW Services Inc Passes ISO 9001 Auditing Process

MTBW Services is pleased to announce, in its continuing efforts to provide premier IT Services, it has passed its annual ISO 9001 Audit. The ISO 9001 certification provides empirical evidence of a Quality Management System, that insures operations are designed and executed with a client first mentality. The arduous certification and auditing process demonstrates the commitment MTBW Services has to every firm and person we deal with.

Datto New Recovery Agent

Datto has released a new version of their Recovery Agent that allows for a more efficient and streamlined restoration. As the backup process occurs in the background, the operation doesn’t cause any business interruptions. The time-sensitive operation is the restoration process. The new Recovery Agent provides a noticeable reduction in the restore process, thus it is a definite improvement. Unfortunately, there isn’t an in-place upgrade process, so what is necessary is that the existing agent is uninstalled, the new agent installed, the current backups removed and then the initial seeding of all the data before the incremental backups can occur….

Read More »