DNC Contacts FBI After Its Voter Database Comes Under Attack

The FBI received a report from the US Democratic National Committee (DNC) that unknown actors sought access to a voter database through a phishing campaign. Security firm Lookout was reported to have warned the DNC Tuesday that it had found a fake login page for VoteBuilder, a tool the party uses so its campaigns can better target voters. The apparent attackers’ apparent aim was to obtain credentials they could use to access the party’s voter information. The DNC’s Chief Security Officer Bob Lord briefed party officials on the attack yesterday, then made a public statement denouncing the current US Administration for not…

Read More »

Employees Sue Company For W-2 Phishing Scam. Federal Court Decides Triple Damages

According to a recent federal court decision, an employee who is tricked into sharing personal information in response to a phishing email can be seen as committing an intentional disclosure under the North Carolina Identity Theft Protection Act (NCITPA). As a result, the employer could face treble damages for the employee’s mistake, adding a new element to potential exposure for businesses. Employees who fall for CEO Fraud commit an “intentional disclosure”. Poyner Spruill’s J.M Durnovich was right to highlight this development, which was also picked up by the nationwide Law360 site. The failure to train employees may quickly become more…

Read More »

SamSam Ransomware Infected Thousands of LabCorp Systems Via Brute Force RDP

“LabCorp, one of the largest clinical labs in the U.S.”, said the SamSam ransomware attack that forced their systems offline was contained quickly and didn’t result in a data breach. However, in the brief time between detection and mitigation, the ransomware was able to encrypt thousands of systems and several hundred production servers. The wider public first learned about the LabCorp incident on Monday when the company disclosed it via an 8-K filing with the SEC. Since then, as recovery efforts continue, the company said they’re at about 90-percent operational capacity. According to sources familiar with the investigation, the SamSam…

Read More »

New Sleeper Strain of SamSam Ransomware Bypasses AV And Stays Hidden On Your Network

The ransomware strain that crippled several cities and school districts in the U.S. earlier this year is back with more tricks up its sleeve to avoid detection. If you haven’t heard of SamSam, you haven’t been paying attention. Just one example of the kind of destruction they can cause is the recent attack on the Colorado Department of Transportation which caused downtime for 2,000+ systems. This new SamSam strain adds a human element to its already devious mix of evasive techniques to keep antivirus, endpoint, and even more advanced security software from detecting it. SamSam avoids being discovered using sophisticated…

Read More »

Ransomware Mid-Year Update: It’s Worse Than Ever

Ransomware is alive and well. SonicWall recently released a mid-year update to their 2018 Cyber Threat Report. In it, they cover increases in malware attacks, encrypted attacks, and cryptojacking attacks. But one of the most prominent attacks remains a constant threat – ransomware. It feels like ransomware is old news – with so many stories in the news, and vendors claiming to have a handle on it, it’s natural to feel like it’s no longer a really-real threat. But the truth is ransomware is alive and kicking. The SonicWall report brings to light the reality of just how serious you…

Read More »

Remote Access Charges Spiraling Higher and Higher. We’ve Got A Solution.

As many of you have noticed and commented on the reputable remote access solutions available have been increasing exponentially over the years. We at MTBW Services have a solution for this costly, but invaluable capability. Many of our existing clients have already taken advantage of our offering. As an MSP we procure bulk licenses of these solutions and thus can offer remote access at a fraction of the cost when contrasted to purchasing a single or small block of licenses. It is the same solution you would have if you purchased directly. Contact an MTBW representative about deploying a remote…

Read More »

Cloud Based Email Solutions Need Anti-SPAM Help

Microsoft and other cloud-based email providers offer basic email security features to provide hygiene services. More and more cloud email users are finding that the anti-SPAM and other protection services included in the offerings aren’t sufficient. They rely on traditional filtering techniques such as IP reputation, volume, and signature-based anti-virus scans. More is needed to protect against modern-day attacks, particularly as email is the most reliable way for threats to reach your users. Proofpoint takes a next generation approach to deliver industry-leading email security protecting organizations against known and new attacks. Proofpoint has solutions starting at as low as $2.75…

Read More »

MTBW Services Receives Over 98% Client Satisfaction Rating

In an anonymous survey of our clients here at MTBW Services we are very pleased to announce we received an over 98% Client Satisfaction Rating. Every team member of MTBW Services strives to provide all our clients with unparalleled responsiveness, solutions, consultations, and services. For over two decades MTBW Services has provided IT Services to businesses both large and small in the Washington DC, Baltimore and Northern Virginia regions. Not only with the perpetual educational efforts exerted from all our team members during that time frame, but what we have learned from every client we have serviced, we continue to…

Read More »

Definition of Ransomware

Ransomware is a subset of malware in which the data on a victim’s computer is locked, typically by encryption, and payment is demanded before the ransomed data is decrypted and access returned to the victim. The motive for ransomware attacks is nearly always monetary, and unlike other types of attacks, the victim is usually notified that an exploit has occurred and is given instructions on how to recover from the attack. Payment is often demanded in a virtual currency, such as bitcoin so that the cybercriminal’s identity isn’t known. View full article: What is Ransomware by TechTarget

Cloud Storage a Regular Target for Ransomware Infections

The State of the Channel Ransomware Report From 1,700 Managed Service Providers of Datto supplied some interesting in the trenches findings. Of the 1,700 MSP’s responding 26% report Cloud-based targets such as Dropbox, Office365 and G Suite infections. In addition, 5% of all SMB’s have had a Ransomware infection, with 30% reporting the Ransomware remained on the system if it wasn’t completely reinitialized. This means that the same perpetrator could infect the system again even after payment had been made. Some other interesting findings are that the Cryptolocker variant is still the most prevalent. The leading industry targets for Ransomware…

Read More »