Blog

Blog

Phishing Attack Uses Punycode to Try to Steal Office 365 Credentials

To convey language, the computing industry relies on American Standard Code for Information Interchange (ASCII), or 7-bit binary numbers used to depict every letter, number, and special character. ASCII doesn't allow for the straightforward representation of Unicode, or all the characters and symbols which factor into the computing industry's...
Blog

BlackEnergy Group Conducted Malware Attacks against Ukraine Banks

Researchers believe the BlackEnergy group launched malware attacks against the Ukrainian financial sector in the second half of 2016. ESET malware researcher Anton Cherepanov says the malware attacks started off with spear-phishing emails. Attached to the messages were Microsoft Excel documents containing malicious macros as an initial infection...
Blog

Eyes Wide Open with the Internet of Things

Vacuums, refrigerators and thermostats – OH MY! Take a stroll through the homewares section of your favorite store and you are likely to find that nearly all home appliances lighting, and thermostats have a “smart” model or feature. Such is the reality of the Internet of Things (IoT). With two IT professionals in our household, we run it a bit...
Blog

Cyber Security Risk: You Can't Secure It If ...

In the course of working with our clients to improve their security posture, I have come across several common themes that often limit a business's ability to assess and mitigate cyber security risk. Let's take a look at some of these themes and real-world examples of how they apply. You can't secure it if... You Don't Know It's There As wireless...
Blog

.Osiris Locky Ransomware: the Afterlife of Your Files

In the past, Osiris was mostly known as an Egyptian god of the afterlife, the underworld, and the dead. Now it's known as the latest extension of the Locky ransomware menace, as its creators decided to switch from a Norse mythology theme to an Egyptian one. .osiris Locky Gets Better at Avoiding Detection No user wants to see the .osiris file...
Blog

VERT Threat Alert: December 2016 Patch Tuesday Analysis

Today’s VERT Alert addresses 12 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-703 on Wednesday, December 14th. Ease of Use (published exploits) to Risk Table Automated Exploit Easy ...
Blog

KFC Urges Users to Change Passwords After Attack against Website

Kentucky Fried Chicken (KFC) has told members of its Colonel's Club to change their passwords following an attack against its website. The fast food giant confirmed that the attack affected only Colonel's Club users. The loyalty program allows its 1.2 million registered members to collect Chicken Stamps and exchange them for rewards like meals. KFC...
Blog

Festive Phishing in the Workplace

It’s that most wonderful time of the year again – for cyber-criminals and all manner of online miscreants, that is. Whilst next-gen malware samples may be finding new and inventive ways of delivering their payloads, the tried and tested phishing scam isn’t going anywhere just yet. Especially during this distracting and emotive season when even the...
Blog

7 Online Tools for Security Managers

Protecting the company’s servers and online presence is a task that requires a lot of effort. As a result, the reality of securing the online environment is hitting companies hard because hackers and malware constantly find new ways to compromise their online security and privacy. Following a hack or breach, days, months and even years of work could...
Blog

Just How Much Home Security Do You Need Right Now?

When it comes to home security, technology provides us with plenty of solutions for all needs and budgets. The problem is the same technology also provides burglars and perpetrators with the similar means of bypassing your fancy security systems. Long gone are the days when burglars would brutally force their way into your home with a lever. Now...
Blog

Nearly Half of UK Users Concerned about Identity Fraud, Reveal Studies

Nothing says the holidays like spending time with friends and family. To celebrate this special time of year, many of us purchase gifts for our loved ones. Doing so can become quite expensive, especially if we have large social circles. For that reason, we go through the holidays looking for sales on items we think our dear ones will love. But don't...
Blog

Beware of "Your Amazon.com Order Cannot Be Shipped" Scam!

Holiday shoppers who use Amazon.com to purchase gifts will want to look out for a new scam claiming their order can't ship. Around the beginning of December, users first caught wind of a scam that's dampening the holiday cheer for users in the United Kingdom and Australia. The bogus emails state "Your Amazon.com Order Cannot Be Shipped" in the...
Blog

Hackers Stole Research from ThyssenKrupp Steel in "Professional Attack"

Hackers stole technical trade secrets from some of the business areas of ThyssenKrupp Steel in a "professional attack." On 8 December, the German industrial group published a statement confirming the incident:"thyssenkrupp has been the target of a cyber-attack. It has been a professional attack, apparently from the Southeast Asian region. According to...
Blog

November 2016: The Month in Ransomware

Ransomware authors kept trying to break new ground with their attacks last month, just like they did in October. One of the cybercriminal rings blatantly compromised San Francisco Municipal Transit Agency, demonstrating that critical infrastructure isn’t much of a moving target. Also, a slew of low-impact screen lockers and .NET-based ransomware...
Blog

Windows XP Still Used By 90% of NHS Hospital Trusts

The overwhelming majority of NHS hospital trusts in England are continuing to use Microsoft’s unsupported Windows XP operating system, putting patients and their organizations at risk. According to new research conducted by software company Citrix, nine out of ten NHS trusts questioned confirmed they still have PCs running the outdated software....
Blog

POS Malware Activity Quadrupled over Thanksgiving Weekend

Point-of-sale (POS) malware activity, specifically network traffic for data exfiltration, quadrupled over Thanksgiving weekend. For their ongoing threat analysis, researchers at Proofpoint use network sensors deployed by its Emerging Threats group to track POS malware contact with command and control (C&C) servers. They had expected increased...
Blog

Patch Your Sony Security Cameras Against Backdoor Attacks!

If you have a Sony network-connected CCTV camera, you may have a security problem. Researchers at SEC Consult uncovered a backdoor in Sony IP cameras that could allow a hacker to remotely execute malicious code, spy on users, brick devices, or recruit them into a DDoS botnet. As the vandal-resistant Sony IPELA Engine IP cameras at the centre of the...