Robert Magio on LinkedIn: MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos (2024)

Global IT outages latest: Security firm CrowdStrike rules out cyber attack as world copes with tech 'disaster' | World News | Sky NewsGlobal IT Collapse Puts Cyber Firm CrowdStrike in Spotlight (msn.com)

The HealthEquity data breach underscores the critical need for proactive security measures. Don’t wait for a breach to occur. Regular penetration testing can help you identify and mitigate risks, protecting your business and its valuable data.At Watchkeep we specialize in comprehensive penetration testing services designed to uncover and address vulnerabilities in your IT infrastructure. How are you planning to fortify your cybersecurity defenses?#CyberSecurity #PenetrationTesting #DataProtection #HealthEquityBreach #BusinessSecurity #Compliance #ITSecurity #SMB https://lnkd.in/e2iDe74y

6

Feds issue another cybersecurity alert.Federal agencies have issued another cybersecurity alert warning on countries that pose national security threats to the U.S. are backing hackers who are targeting Americans.In a joint federal cybersecurity advisory, the Federal Bureau of Investigations, U.S. Department of State, and National Security Agency warned that the North Korean military intelligence agency, Kimsuky, is hacking email system vulnerabilities to “collect intelligence on geopolitical events, adversary foreign policy strategies, and any information affecting North Korean interests by gaining illicit access to targets’ private documents, research, and communications.”The phishing practice involves using fabricated emails that initiate a way for the target to click on a link or open an email that enables the hacker to gain access to their device and networks, the advisory explains. The hackers create tailored online personas to appear more realistic and may use content from emails of previously compromised email accounts to be more effective. They also use fake usernames and legitimate domain names to impersonate individuals from trusted think tanks and higher education institutions even though the emails are not coming from those institutions, the warning explains. Once they have access, hackers steal personal data to exploit their targets. Unfortunately, this cycle will never stop and there will always be a new threat to our proprietary information.To minimize your risk and the organizations reach out to Robert.s@nacsemi.com to schedule a free consultation. To read the full story go to Feds issue another cybersecurity alert (msn.com)

1

Ransomware attacks hijack Windows Quick Assist featureHackers have been observed combining spam, a classic IT tech support scam, and Windows built-in remote control and screen-sharing tool, Quick Assist, to deploy the Black Bastaransomwarevariant. Reports from both Microsoft, and cybersecurity researchers Rapid7 outlined how the attack is also quite creative and not something that’s often seen in the cybercrime space. Before the actual attack, the threat actors (which Microsoft identified as Storm-1811) need to obtain two things: the victim’s email address, and phone number. Deploying Black BastaAfter that, the attackers will sign the victim up for countless email subscription services. As a result, the victim’s inbox will get absolutely hammered with newsletters, email notifications, and similar unwanted messages. Then, they will call them on the phone, and impersonate either a Microsoft IT technician, or the IT help desk of the company the victim works for. They will offer to help sort out the problem and will ask the victim to grant them access to their Windows devices through Quick Assist. Once the victims grant access, it’s practically game over:"Once the user allows access and control, the threat actor runs a scripted cURL command to download a series of batch files or ZIP files used to deliver malicious payloads," Microsoft said. "In several cases, Microsoft Threat Intelligence identified such activity leading to the download of Qakbot, RMM tools like ScreenConnect and NetSupport Manager, and Cobalt Strike."These tools help the attackers move laterally throughout the target network, map it out, and ultimately - deploy the Black Basta ransomware variant.Besides deploying Black Basta, Rapid7 added that the attackers would also steal as many login credentials from the victim as they can."The credentials are gathered under the false context of the 'update' requiring the user to log in. In most of the observed batch script variations, the credentials are immediately exfiltrated to the threat actor’s server via a Secure Copy command (SCP)," Rapid7’s researchers said."In at least one other observed script variant, credentials are saved to an archive and must be manually retrieved."Having relationships with over 6,000 vendors we have solutions that will significantly reduce your odds of this happening to you. To find out more schedule a free consultation by emailing Robert.s@nacsemi.com Ransomware attacks hijack Windows Quick Assist feature (msn.com)

1

Don't Panic! Here's the Lowdown on the "Mother of All Breaches"Headline: 26 billion records exposed online, but it's mostly old leaks compiled together, not a fresh hack.The Good News:•This isn't a new breach, but rather a collection of previous breaches.•Most affected sites are Chinese, and many records are likely duplicates.•The threat is real, but you can take steps to protect yourself.What to Do:•Stay calm: Panicking won't help. Focus on proactive measures.•Check if you're affected: Use haveibeenpwned.com to see if your email appears in any breaches.•Change your passwords: Use strong, unique passwords for all your accounts.•Enable two-factor authentication: Add an extra layer of security to your accounts.•Be vigilant: Watch out for phishing scams and suspicious emails.Remember:•This is a serious issue, but don't overreact. Taking basic precautions can significantly reduce your risk.•Stay informed: Follow reputable news sources for updates and security advice.While the "Mother of All Breaches" sounds scary, it's important to stay calm and take preventive measures. By being proactive and vigilant, you can protect yourself from the potential fallout.#hacked #leaked #quantumevolve #monitoring #identityaccessmanagement 26 billion records have been leaked in 'Mother of all Breaches,' but don't freak out (msn.com)

3

2 Comments

Russian hackers have breached the routers of hundreds of households and small businesses in the US, according to the FBI. These hackers utilized a botnet to conceal and enable a variety of crimes, including vast spearphishing and credential harvesting campaigns against targets of intelligence interest to the Russian government. The hackers installed the Moobot malware on Ubiquiti Edge OS routers that still used publicly known default administrator passwords. The situation is a stark reminder of how critical it is to change default credentials to protect your business from cyber-espionage. As the saying goes, you can have the most "secure" facility, but if you leave the key (default credentials) in the front door, don't be surprised who is coming in. Stay vigilant and take proactive measures to protect your business from cyber-attacks.

2

In light of the recent #CrowdStrike outage, it’s crucial to reassess #cybersecurity strategies and disaster recovery plans. Kate Prouty said it best, “That’s a lesson: Have faith in your providers, but you can’t trust them wholesale. You need to do your own testing.” More oversight of automatic software updates is a great first step to ensuring #dataprotection and company resiliency. Let us embrace this chance to "assess the gaps in our ability to react and respond" and improve our resiliency in the future. #IT #futuretech #smartmanufacturing #dataprotectionWhat CIOs and CTOs plan to do differently after CrowdStrike’s massive tech outage (msn.com)

2

Windows PCs are now being hit by dangerous malware — here's the steps you need to take to stay safe (msn.com)

World's second-largest eyeglass lens-maker blinded by infosec incident.Japan's Hoya also makes components for chips, displays, and hard disks, and has spent four days groping for a fix. The value of Hoya shares has fallen five percent this week. "Compromised kit was isolated, forensic specialists hired, and the corporation has promised it "will take measures to restore the systems necessary for production and sales activities and to resume the supply system of products to customers as soon as possible."#cyber #business #disasterrecovery #cybersecurity

3

CyberTip of the day:Always look at the source of an email. If it is requesting to log into an account, a transaction, or even a job more than likely it's a phishing email. A real email will never use personal email accounts, such as gmail or msn.com. They will use the email associated with the business company. Secondly, watch for non-professional warnings, such as using emoji's in the header or body of the email. A real business will write with Business Communication and will not use such language in their emails.Be careful of emails sending information such as "Do x now or else x will happen". These happen to be phishing techniques were they try to scare the user into entering their information in a fraudulent email or bogus service.