XSolutions On Security vol 7

XSolutions scours the internet and brings you the cybersecurity news you need to know to protect your business.

Our mission: “Deliver true Managed IT Services by putting people first. Because, there is no time, for downtime.”

Check Your WordPress Website For Fake Ransomware Messages!

KnowBe4 mentioned that attackers are defacing hundreds of websites. They are exploiting a plugin called Directorist.

Attacked websites are defaced with the message, “SITE ENCRYPTED. FOR RESTORE SEND 0.1 BITCOIN.”

It is not clear whether an update for the vulnerability has been issued. But, it is always a good idea to make sure your WordPress is up-to-date.

BEC Cost $1.8 Billion last Year

It seems that ransomware gets most of the press these days. Each year, hackers scam multi-billion dollar corporations, Government entities, and large healthcare institutions.

According to SoS Daily News, Business Email Compromise (BEC) attacks account for $1.8 billion in losses . Yet, BEC fraud doesn’t make dramatic headlines.

BEC starts with a spear-phishing attack against employees in the financial department. They impersonate the boss and attempt to get their target to wire large sums of money.

To protect yourself:

Educate your employees. Every company should have a Security Awareness program in place.
Put policies in place and ensure that every employee knows not to circumvent them.
Make sure that wire transfers need extra approvals.
Confirm all changes to wire instructions with vendors, using confirmed contact information.
Use multifactor authentication on all applications that allow it, especially on financial accounts.

Fraudsters Use Chameleon Tactics To Keep The Party Going

Fact: As many Government assistance programs end, cybercriminals are parlaying their pandemic-fraud experience into other schemes designed to separate you from your money.

Here’s how:

Despite the end of Government programs, fraudsters are still hawking Pandemic Unemployment Assistance guides, etc., hoping to catch unaware people.
Criminal marketplaces have sprouted throughout the Dark Web, selling stolen Government Assistance credentials to wannabe-cybercriminals. Unfortunately, many victims use the same credentials for other accounts, such as banking, credit cards, etc.
Identity theft is becoming more prevalent as the Dark Web gets flooded with newly stolen data.
Hackers are now targeting social media platforms more than ever to harvest credentials.

Folks, don’t help the hackers. Take precautions:

1) NEVER click on links or open attachments in unexpected emails, even if you think you know the sender.

2) If you receive an email asking you to click a link to log in — DON’T. Instead, directly log into your account from your browser. Then, if there is something wrong, it will be noted there.

3) Do not have your browser “remember” passwords. ALWAYS use a Password Manager to keep all of your passwords safe.

4) NEVER click on a short link in a social media post (or anywhere else, for that matter). If you must, always check it out using a short-link expander.

5) Do not enter accurate answers for test questions when signing up for a service. Instead, use your Password Manager’s generator to create nonsense responses. That way, responses to the test questions will have no relation to factual information about you, adding another layer of security.

6) ALWAYS use multi-factor authentication whenever available on all accounts.

2021 Zero-Day Mayhem

In a recent post, McAfee experts say that 2021 is the worse year so far for zero-day exploitations.

Notable 2021 breaches:

ProxyLogon
ProxyShell
Kaseya VSA

Cybercriminals continue to weaponize exploits and infecting systems in unprecedented numbers. It is so bad, even the Federal Government acted (Binding Operational Directive 22-01). They are now requiring Federal Agencies to remediate known vulnerabilities within two weeks.

Folks, it will get worse in 2022. The criminal element is on the march. Make sure you have a consistent patching policy. Don’t forget to harden your cyber defenses–systems and human.