XSolutions On Security vol 4

XSolutions scours the internet and brings you the cybersecurity news you need to know to protect your business.

Our mission: “Deliver true Managed IT Services by putting people first. Because, there is no time, for downtime.”

Ransomware Is A Business

See this short video (under a minute) to get up to speed.

Urgent – Update Apple iPhone & iPads Now!

Apple just released an urgent update for their iPhone and iPad devices to address a critical zero-day vulnerability, known with the identifier CVE-2021-30883.

CVE-2021-30883 is a memory corruption exploit that could allow an attacker to execute code with kernel privileges.

This latest update is one of 17 zero-day exploits addressed by Apple in 2021, putting a dent in Apple’s “more secure” armor.

Fact: it doesn’t matter what type of device you have, Apple, Windows, or Linux. If there are enough users for hackers to monetize, then they will be targets.

Have A Peloton? Make Sure You’re Not Being Spied On

According to McAfee, hackers may be able to access your Peloton through the Android-based tablet it is equipped with.

Once in, hackers can spy on you via the camera that you look into and listen via the microphone.

Peloton did push a mandatory update earlier this year to fix this vulnerability. However, cybercriminals are persistent, so who knows what other Android vulnerabilities they’ve found.

Remember, everything today is connected to the internet in some fashion — and if it is online, it can be hacked.

Make sure you update ALL systems regularly.

ALERT – Yanluowang Ransomware Also Threatens Targets

A recent ZDNet post disclosed that researchers discovered a new ransomware that not only encrypts your data but threatens to harass employees and customers, delete your data, and launch DDoS attacks against you if they’re not paid.

Called Yanluowang, this new form of attack is a disturbing escalation of cybercriminal tactics.

Researchers are not sure how the cybercriminals breached the network but found they may have used the AdFind command line to exploit the target’s Active Directory.

Fortunately, the attackers were discovered due to suspicious activity within the network. Thus, they were ultimately thwarted by the good guys.

This is a new type of attack that appears to be in Beta mode, so be on the lookout for revised and updated versions to increase future infection rates.

Please note that this attack failed because the target company recognized suspicious activity within its network and recognized a pending ransomware attack.

Basic security, such as antivirus software and data-only backups, are no longer effective in today’s dangerous cyber-world. You need real-time protection.

How To Respond To A Ransomware Attack

Do you know how to respond if you are suddenly attacked by ransomware? This short video (2 min) will show you what to do.

XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection. Call (845) 362-9675 for a free consultation.