Threat Detected

XSolutions’ LinkedIn Post Roundup: Feb 22, 2021

Here are a select few of this week’s LinkedIn posts by XSolutions:

Disaster – When The Digital World Collides With Reality (Posted 2/19/2021)

The FBI recently issued a warning about the dire consequence of denial-of-service attacks against emergency service telephone systems. Blocking calls to first responder organizations can deny life-saving treatment to our most vulnerable citizens and lead to countless deaths.

The FBI calls this tactic a “threat to emergency services across the nation.”  They’ve posted a list of recommendations for emergency service providers on their site, www(dot)ic3(dot)gov.

For us civilians, the FBI suggests that you:

* Contact local emergency services and find out how to request assistance if there is a 911 outage. Do that right now!

* Always have a written list of emergency contact info, as well as web and social media sites, in case 911 is not working.

* Sign up for automated notifications (phone call, text, or email) for your area, if available.

Folks, attacking emergency service organizations in any way is the lowest of the low. But, it is the world in which we live. Prepare for outages BEFORE they happen.

How Attackers Easily Create Look-A-Like Website Addresses (Posted 2/19/2021)

Ever wonder how hackers create those look-a-like website addresses that fool thousands of people daily?

Crooks use a tool called Homoglyph Generators. These tools create look-a-like characters for domain names. Only one character needs to be changed to make a spoofed domain name.

For example, using an “rn” (an r and n) in place of the character, “m” in an URL can bring a user to a fake website where the attack begins.

Security blog, SOS Daily News found that these generators sell for around $1,000 on the dark web, making any novice crook into a full-fledged cybercriminal overnight.

Don’t be fooled! NEVER click on links in emails, open attachments from non-trusted sources, or blindly click on website links.

Be attentive to what you’re clicking while on the web. Ensure you visit only trusted sites that you entered directly into your browser, NEVER from an email.

New Phishing Attack Uses Code To Avoid Detection (Posted 2/18/2021)

You have to give cyber-crooks credit. They are a smart, if not devious, bunch.

The security firm, KnowBe4 recently put out a post identifying a new mode of phishing attack, using Morse Code.

You read that right – Morse Code! Here’s how it works:

* They use a typical phishing attack vector, like, “you have an unpaid invoice,” with an HTML attachment.

* The attachment uses javascript, assigning each letter and number a Morse Code value.

* Once opened, the infected attachment executes a decoding function, delivering the malware.

The java code hides the malicious content from security applications when scanning the document, bypassing cyber-defenses.

Folks, all of our readers should know by now to NEVER click on links or open attachments in emails. If you get an email from a known vendor, check it out directly with them by logging onto your account using verified URLs. You can also call your vendor using verified contact info.

If you receive such an email from an unknown vendor, it’s a scam. Delete it.

Security Alert: Vulnerable Android App With 1 Billion Downloads (Posted 2/17/2021)

Folks, this is serious. An Android App called SHAREit is full of flaws, allowing hackers to overwrite files, execute code, and launch attacks on devices.

The kicker is that according to Threatpost, the App maker knew about the issues three months ago!

My advice: if you have this app on your phone, get rid of it immediately until you can verify that the developer has fixed all issues.

This is a problem all over the net, namely developers creating apps without sufficient testing BEFORE unleashing them on the public.

Cell phones are an essential part of life now. People depend on them each day and store confidential information that is at risk when programmers don’t take care with their creations.

ALWAYS be suspicious of any app BEFORE you load it onto your phone. Do your homework beforehand.

Windows Defender Vulnerability Went Undetected For 12 Years! (Posted 2/16/2021)

Did you know that a vulnerability existed in Microsoft Defender (formerly Windows Defender) for the last 12 years and possibly left millions of Windows machines open to hackers?

The exploit involves a driver that removes malicious files and supposedly replaces them with a harmless placeholder file. However, researchers found that Windows did not verify the newly created file, leaving the process open to an attacker inserting links, directing the driver to overwrite other files, or run infected code.

Here’s the problem:

* The Windows OS ships with every PC, making it the default Operating System for millions of PCs and servers worldwide.

* Since Microsoft Defender is a highly trusted program, compromised code could lurk within Microsoft Defender without detection.

* The vulnerability could allow a hacker to get elevated privileges and wreak havoc.

SentinelOne discovered the flaw in late 2020, and Microsoft just recently patched it.

This is why EVERYONE needs to make sure that patches are applied to Operating Systems regularly. Unpatched systems are a BIG security risk.

Make sure your business has a program to regularly patch workstations, servers, and third-party applications.

XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions. We provide Disaster Recovery as a Service (DRaaS), Backup as a Service (BaaS), Cloud Data Protection (CDP), and Managed I.T. Services (MSP). Call (845) 362-9675 for a free consultation. Backup & Disaster Recovery| Cloud Data Protection |Managed I.T. Services