We Got Hacked

We Got Hacked

US bank Morgan Stanley has posted letters to an unknown amount of customers, notifying them of potential data breaches involving sensitive personal information left on servers and storage sent to recyclers and on an encrypted drive lost at a branch office.

(Tom: In my personal opinion, having my info in the hands of banks and others with whom I do business is risky enough, as this story illustrates only too well, but storing personal or business data in the cloud takes the risk of loss to a whole new level. That is why I continue to use the accounting and business software I created myself hosted on an inhouse computer.

As an additional note, ransomware, phishing and hacking scams are costing businesses obscene amounts of money. Travel giant CWT pays $6.3m ransom to cyber criminals https://www.itnews.com.au/news/travel-giant-cwt-pays-63m-ransom-to-cyber-criminals-551133

Do some homework and formulate firm policy with which you (and any staff) deal with your emails and web sites you visit. For instance I:

Use strong malware protection, currently Emisoft Enterprise Security Suite.

Never click on links in an email from unknown senders.

Even from known senders I sometimes receive emails with just a link, no explanatory text. I do not click on those. I will sometimes email the sender to ask what it is about.

Never download from file transfer sites unless I expect a link from that person and

Always check the displayed and hidden URL match the expected domain as miscreants will sometimes use what is called a sub-domain or sub-folder to make it look more legitimate. For instance last week I got one allegedly from wetransfer.com but when I held my mouse over the link it was not the wetransfer.com domain, that was used as a folder name like this:
www.somethingelse.com/wetransfer/qweoxflkwefow
A valid name used as a sub-domain for a hacker site looks like this:
wetransfer.hackerdomain.com/as/dkfjswlk

So, just because it has a recognisable name somewhere in the URL, that is a trick to fool those not fully tech savvy. Now you are informed, don’t fall for it.)

https://www.itnews.com.au/news/morgan-stanley-customer-data-left-on-decommissioned-servers-551094

AirPod Radiation May Cause Brain Damage, Leading Scientist Warns

airpod Radiation

Apple says the AirPod satisfies FCC requirements for close-range radiation levels. But a UC Berkeley scientist is now warning that AirPods might result in irreversible brain damage, including an erosion of the blood-brain barrier.

As wireless headphone sales start to surge, serious concerns over close-range radiation effects and possible brain damage are surfacing. Those concerns are now hitting overdrive as Apple prepares the release of the AirPod, which promise a torrent of non-stop wireless communications just millimeters from the brain.

‘You are putting a microwave-emitting device next to your brain.’

Those AirPods, which complement a wireless-only iPhone 7, could shift users from traditional earbud-based voice communications and listening towards Bluetooth-powered communication and audio. That could pose serious, long-term dangers, with the AirPod stuffing high-tech radiation right into your ear.

New remote code execution Windows zero days actively exploited

Adobe Opentype

Microsoft is warning users that new, critical remote code execution bugs affecting all current versions of Windows is being actively exploited.

The vulnerabilities lies in the Windows Adobe Type Manager Library, and can be exploited with malicious Adobe Type 1 Postscript format multiple master fonts, now superseded by OpenType fonts.

Attackers can exploit the vulnerabilities in several ways, by embedding the Type 1 fonts into documents and convincing users to open them or look at them in the Windows Explorer preview pane, Microsoft said.

Windows version 7, 8.1, RT 8.1, 10 are vulnerable to the remote code execution flaws, along with Windows Server 2008 service pack 2 onwards.

https://www.itnews.com.au/news/new-remote-code-execution-windows-zero-days-actively-exploited-539730

This new Android malware comes disguised as a chat app

A new form of mobile malware designed to snoop on calls, texts and other communications is targeting Android users by duping them into downloading a fake chat application.

The trojan malware, dubbed CallerSpy, has been discovered and detailed by cybersecurity researchers at Trend Micro, who believe the malware attacks are part of a cyber espionage campaign.

https://www.zdnet.com/article/this-new-android-malware-comes-disguised-as-a-chat-app

How to prevent business email compromise attacks

How-to-prevent-business-email-compromise-attacks.png

Business email compromise (BEC) scams are low-tech attacks that use social engineering techniques to exploit natural human tendencies.

While they may not get as much attention from the press as high-profile ransomware attacks, BEC scams are considered one of the biggest threats facing companies today. Between June 2016 and July 2019, there were 32,367 successful BEC scams in the U.S., which cost U.S. businesses more than $3.5 billion, according to figures from the FBI.

Fortunately, there are some very effective and easy-to-implement strategies for stopping BEC attacks. In this post, we’ll show you how you can combine staff training, process implementation and authentication technology to protect your organization from BEC attacks.

State of Ransomware in the U.S.: 2019 Report for Q1 to Q3

In the first nine months of 2019, at least 621 government entities, healthcare service providers and school districts, colleges and universities were affected by ransomware. The attacks have caused massive disruption: municipal and emergency services have been interrupted, medical practices have permanently closed, ER patients have been diverted, property transactions halted, the collection of property taxes and water bills delayed, medical procedures canceled, schools closed and data lost.

Email and attachments and RDP continue to be the attack vectors of choice. The latter is vulnerable to ransomware via exploitation on unpatched systems, misconfigured security settings and brute force attacks on weak login credentials.

“There is no reason to believe that attacks will become less frequent in the near future,” said Fabian Wosar, CTO at Emsisoft. “Organizations have a very simple choice to make: prepare now or pay later.”

Peace!

Peace!

Wishing you the peace and serenity of the countryside, the patience of nature, the drive of the rivers and oceans and the wisdom to know when to apply each.