Article Roundup – Week Ending 10/06/17

XSolutions posts to social media almost on a daily basis. Readers of our blog and newsletter see only a small portion of the information we share. Below are articles from various sources and experts that we shared this past week:

  1. Source: Deloitte Breach Affected All Company Email, Admin Accounts
    Global accounting firm, Deloitte experienced a breach dating back to the fall of 2016. Apparently, the attack went undetected for some time. It appears that client email addresses, company plans and other data were stolen.
  2. Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards
    The Sonic fast food chain with over 3,000 locations within the U.S. acknowledged a breach of an unknown number of store payment systems affecting millions of credit and debit card accounts.
  3. Scam of The Week: “Fake-tortion” Phishing Attacks
    A new form of email attack is underway, first appearing in Australia and now in the U.S. Cyber-extortionists are using email with pornography and adult dating links followed by extortion attempts.
  4. Massive Spam Campaigns Push New Locky Ransomware With Doubled Ransom
    Locky Ransomware is alive and well! A massive campaign is underway to spread a new variant and the bad guys have doubled the ransom amount from $900 in bitcoin to $1800.
  5. Ex-NSA hacker drops macOS High Sierra zero-day hours before launch
    An EX-NSA hacker created a MAC OS app that steals the contents of a Keychain without the need for a password—hours before Apple’s rollout of its macOS High Sierra operating system.
  6. Sophisticated threats? It’s usually the basic ones that get you
    Everyone is worried about the next zero-day exploit. But most attacks are from basic “off-the-shelf” exploits that have been around for years.
  7. Pragmatism and computing security
    Security expert, Rodolfo Saccani believes that a more pragmatic approach to email security needs to be taken, like blocking all executables and other types of file attachments.
  8. The Equifax Breach And What You Need To Know
    Find out how the Equifax breach may affect you and what to do about it.
  9. New Ransomware Strain Evades Machine Learning Security Software
    The bad guys have come up with a new strain of ransomware that evades machine Learning Security Software.
  10. ‘Critical’ zero-day bug found in three popular WordPress plugins
    WordPress is one of the most popular web creation software around but outdated versions are vulnerable to a critical zero-day exploit. Find out what to do.
  11. People are the weakest link: Leaked passwords allowed anyone to hijack online radio broadcasts
    A security flaw was found in a popular broadcast platform that could allow attackers to hijack online radio stations.
  12. Yahoo! and Equifax adjust breach numbers: 2 billion+ more victims than originally reported
    Initial reports of the magnitude of both data breaches were wrong. It’s much worse—try 2 billion+ worse!
  13. Apple fixes flaw that displayed actual password rather than password hint
    Are you running macOS High Sierra? If so, stop right now and apply the latest patch from Apple to plug a serious security flaw.
  14. Uber app can silently record iPhone screens, researcher finds
    Your Uber app may be spying on you! The code in the app can record what is on your iPhone screen even when closed.

In the war against cyber-crime, knowledge is power—but only if you use it to protect yourself and your company. The bad guys count on user complacency to keep their scams alive. Don’t become a victim.


XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 250+ Petabytes of data with over 800 employees around the globe. Call (845) 362-9675 and lets discuss your specific needs.