Posted on

Common Security Lapses That Empower Cybercriminals

Over the past 12 months, the number of successful ransomware attacks has increased alarmingly. Many attacks have been headline news due to the disruption they have caused and the high cost of remediation.

The healthcare industry in the United States has been targeted, with the attacks disrupting patient care and putting patient safety at risk. Recently there was an attack on Colonial Pipeline that resulted in the shutdown of the main fuel pipeline serving the East Coast of the United States, while JBS suffered an attack that threatened food production at its U.S. plants. 

Posted on

Executive Order Signed By President Biden

On May 13, 2021, President Biden signed a comprehensive Executive Order that seeks to appreciably strengthen cybersecurity protections for federal systems, enhance threat information sharing between the private sector, the government, and law enforcement, and present a cyber threat response playbook to speed up the response to incidents and their mitigation.

The important components of the Executive Order on Enhancing the Nation’s Cybersecurity are:

Posted on

Web Filtering Appliance for Battling Spam

A web filtering appliance is an internet content filter that obstructs web-borne threats such as malware, ransomware, and phishing from impacting a database. It also allows network administrators control over what online content can be viewed by network users. Therefore, as well as keeping networks and the devices that link to them safe from viruses, a web filtering appliance can also help enhance productivity in the workplace.

Every time a network user visits a link or enters a URL into a browser bar, the web filtering appliance compares the request to open a web page against blacklists of websites and IP addresses. The blacklists are kept up to date with details of websites and IP addresses known to store malware or linked with spam emails, spam emails being a high-risk vector for phishing attacks.

Posted on

Malware Distributed in Spoofed Passwordstate Breach Notification Letters

After a supply chain attack that saw the software update feature of the Passwordstate password manager hijacked the threat group developed a convincing phishing campaign targeting enterprise users of the password manager solution.

The attack only lasted 28 hours before it was identified and blocked, but in order to remove the malware from customers’ devices, Click Studios, the developer of the password app, emailed customers and encouraged them to apply a hotfix to remove the malware.

Posted on

SAP and Onapsis Warn of Ongoing Attacks Exploiting Vulnerabilities in Mission-Critical SAP Applications

Six cybersecurity vulnerabilities in mission-critical SAP applications are being actively exploited by threat actors according to cybersecurity firm Onapsis. Exploitation of the flaws could result in the theft of sensitive data, financial fraud, and disruption of mission-critical systems, including malware and ransomware attacks. Researchers at Onapsis have recorded more than 300 successful attacks exploiting the flaws from mid-2020 until April 2021.

SAP systems are used by many organizations for managing critical business processes, including product lifecycle management, customer relationship management, enterprise resource planning, and supply chain management. SAP issued a warning to organizations using SAP systems on April 6, 2021 in coordination with Onapsis to alert them to the risk of attack.

Posted on

Importance of Using an Email Filter Security Measure

Most email platforms, including Office 365, incorporate a basic email filtering service that blocks most spam emails and many phishing threats. These services also incorporate antivirus protection which blocks all known malware threats. They can be viewed as the first line of defense that will keep businesses reasonably well protected, but they are usually not sufficiently advanced and fail to identify and block zero-day threats such as new phishing emails and malware that has not previously been classified as malicious.

Office 365 and EOP

Office 365 is a good example, being the most widely adopted cloud-based email service. The basic level of protection comes from Exchange Online Protection or EOP. EOP is effective at blocking spam, known malware, and basic phishing attacks, but falls short when it comes to advanced threats such as spear phishing, BEC attacks, and zero-day threats. These threats often pass through unimpeded and land in inboxes where they can be clicked by employees.