Microtechs Blog

Major cyberattacks seem a dime a dozen these days, especially with businesses that might not seem like possible targets. For example, McDonald’s restaurants recently suffered a data breach. Let’s take a look at the situation, how it played out, and what we can learn from it.

Ransomware attacks are nothing new, but when was the last time they made headlines by instigating a gas crisis? A Russia-backed hacking collective called DarkSide targeted Colonial Pipeline, a company responsible for almost 45 percent of the fuel for the Southeastern United States, with a devastating ransomware attack. The attack led to a spike in fuel prices and spotty availability while also showing cracks in the nation’s energy infrastructure, and it has even sparked a renewed interest in cybersecurity.

Cyberattacks are spending less time on their victims’ networks before they are discovered, which sounds like good news, but the reality isn’t so straightforward. Let’s take a few moments and dig into the situation at hand, and what it means for your cybersecurity.

We’ve all seen advertisements for the websites that offer to connect you with the professionals ready to help you with a specialized task around your home, from repair work to childcare to cleaning services. Unfortunately, cybercriminals have adopted a similar tactic to help market their services, leading to the creation of a sort of hackers’ gig economy on the Dark Web.

It’s a bit of a nightmare scenario for a business, born of watching too many crime thrillers: a criminal syndicate hacks into their systems, wreaking havoc and stealing all their data, while also destroying that company’s reputation. Is this scenario a fantasy? To a point, yes—but not so much as you might think.

Bad news—thanks to four flaws in Microsoft Exchange Server software, over 60,000 individuals and organizations have had their emails stolen by a cyberespionage unit based in China, with over 30,000 of those targeted being in the United States. Let’s review what has taken place up to the time of this writing, and what can be done about it.

It was pretty evident from the start of the COVID-19 pandemic that many businesses were not prepared to pivot their operations offsite. Many of these company’s leaders spent the past several years convinced that allowing people to work remotely would sap productivity in unsustainable ways. Cybercriminals have taken advantage of many organizations since then. Today, we will talk about what needs to be done to secure your endpoints when supporting a remote workforce. 

With just shy of a month before the 2020 United States Election, there has been quite a bit of concern over the idea that external interests may try to sway the results—and it seems for good reason. Only recently, Microsoft interrupted a massive coordinated hacking plot that could have altered the very infrastructure needed to support a fair election. Let’s examine this plot, and what Microsoft did, in some more detail.

Right now, a lot of people have had a lot more time on their hands than they typically would, so many of them are spending a lot of time on the assorted streaming services to entertain themselves. Unfortunately, cybercriminals have taken note. In light of all this, it seems like an apt time to discuss a particular threat known as credential stuffing.

Since 2008, Verizon has released an annual report that details the cybersecurity incident trends from the beginning of the year. As usual, this year’s edition provided some insights into the patterns witnessed in 2019, hopefully giving us a greater appreciation for how cybercriminals are shaping their attacks. Let’s go over some of the trends that the Verizon Business 2020 Data Breach Investigations Report (DBIR) revealed to us.

As a greater proportion of the workforce is spending time at home working remotely, it is important to keep security even more in mind than usual. Not only are people apt to be online more, they will also be outside of the protections that your business provides. This gives scammers an opportunity to embrace.

The World Health Organization has been increasingly associated with cybercrime as of late, both as a target and as a spoofed entity. Naturally, this is to be somewhat anticipated, giving the continued global health crisis that we are all facing. Let’s go over some of the events that the WHO has been associated with as of late.

It isn’t exactly news that businesses of all sizes need to be concerned about cyberthreats - especially since, as time passes, these threats have become more serious and insidious. Up until this point, there have been tried-and-true methods that businesses could leverage to stop these threats, but hackers are very clever when it comes to their attacks. What can a business do?

Working in conjunction with the Ponemon Institute, IBM Security completed a report tracking trends in 2018’s data breaches. As you might imagine, much of the data contained in this report could be seen as troubling to a business.

The dark web has a bad reputation - and for quite a few good reasons. However, like any tool, there is a lot of good that the dark web can be used for as well. Here, we’ll review what the dark web is, how it can be used (and abused), and what the landscape is like.

Habits are hard to break - but there are some habits that simply have to be broken if your business is going to be secure. Many of these habits may have been developed by your employees, which means that it is important that you recognize them.

Malware is a commonality in today’s computing environment, though businesses do everything in their power to avoid encountering it. Some people have difficulty identifying threats, which makes for a dangerous situation whenever they actually have to handle them. We’ve put together a malware guide that will help your employees identify the most common types of threats out there, as well as how to respond to them.

Hackers aren’t the only ones out there developing malware tools, but sometimes, they get their hands on some of the others. This is precisely what happened when Double Pulsar, a malware that the NSA has used in the past, was paired with a Chinese hacking tool and used to attack Hong Kong and Belgium in 2016.

Ransomware is still going strong, and now more than ever it’s important to emphasize the danger that it poses for your organization. Even municipalities and other high-profile targets are at risk of being taken down by ransomware. Since 2013, over 170 government systems at the county, city, or state levels have been attacked.

Have you ever played the telephone game? One person in a group whispers a phrase to another, who then passes it to another, and the fun is had when the group shares what they heard and how the message was garbled along the way. In many ways, this activity is similar to a Man-in-the-Middle (MitM) attack - although the attack is a lot less fun than the game.