CyberheistNews Vol 7 #17
And Just When You Thought Locky Ransomware Had Disappeared...
Locky ransomware reappeared with a vengeance Friday, this time not using Office documents combined with social engineering to have the user enable macros, but with a PDF that has a Word file hidden within, which executes a macro script when opened by the user. This scenario allows the phishing email to bypass sandboxes.
Our friends at Malwarebytes blogged that the criminal hacker group controlling the Necurs botnet just opened the spam floodgates again and is pumping out fake documents that deliver the nasty Locky ransomware.
The ransomware is dropped following a distribution method we have been seeing more of recently with Dridex which involves embedding a Word document within a PDF file.
When the user clicks the OK button, the rogue Word document is displayed. The attack relies on users opening up malicious attachments that will appear legitimate. Many studies have shown that users are often the weakest link in an attack chain and criminals know that too well.
Malwarebytes protects against this attack at various layers including macro and ransomware mitigation, and neither of those required any signature update.
And obviously, trained end-users can spot the red flags related to this and would never open the PDF to begin with, let alone then open the Word file hidden within.
You need defense-in-depth, meaning layered defenses and it's urgent to create your human firewall by stepping your users through new-school security awareness training and frequently test them with simulated phishing emails. Don't wind up with a ransomware infection: "All locked up and no place to go."
Get a quote for your organization and find out how affordable this is. You simply have got to start training and phishing your users ASAP. If you don't, the bad guys will, because your filters never catch all of it.
Get a quote and you will be pleasantly surprised:
https://info.knowbe4.com/kmsat_get_a_quote_now-chn
And in related news--since Locky is run by Russian organized cybercrime-- a U.S. Court sentenced a Russian hacker to a record-setting 27 years. Finally some justice!
https://blog.knowbe4.com/u.s.-court-sentences-russian-hacker-to-a-record-setting-27-years
Locky ransomware reappeared with a vengeance Friday, this time not using Office documents combined with social engineering to have the user enable macros, but with a PDF that has a Word file hidden within, which executes a macro script when opened by the user. This scenario allows the phishing email to bypass sandboxes.
Our friends at Malwarebytes blogged that the criminal hacker group controlling the Necurs botnet just opened the spam floodgates again and is pumping out fake documents that deliver the nasty Locky ransomware.
The ransomware is dropped following a distribution method we have been seeing more of recently with Dridex which involves embedding a Word document within a PDF file.
When the user clicks the OK button, the rogue Word document is displayed. The attack relies on users opening up malicious attachments that will appear legitimate. Many studies have shown that users are often the weakest link in an attack chain and criminals know that too well.
Malwarebytes protects against this attack at various layers including macro and ransomware mitigation, and neither of those required any signature update.
And obviously, trained end-users can spot the red flags related to this and would never open the PDF to begin with, let alone then open the Word file hidden within.
You need defense-in-depth, meaning layered defenses and it's urgent to create your human firewall by stepping your users through new-school security awareness training and frequently test them with simulated phishing emails. Don't wind up with a ransomware infection: "All locked up and no place to go."
Get a quote for your organization and find out how affordable this is. You simply have got to start training and phishing your users ASAP. If you don't, the bad guys will, because your filters never catch all of it.
Get a quote and you will be pleasantly surprised:
https://info.knowbe4.com/kmsat_get_a_quote_now-chn
And in related news--since Locky is run by Russian organized cybercrime-- a U.S. Court sentenced a Russian hacker to a record-setting 27 years. Finally some justice!
https://blog.knowbe4.com/u.s.-court-sentences-russian-hacker-to-a-record-setting-27-years
The Three ‘B’s’ of Cybersecurity for Small Businesses
I just found a great article by Scott Shackelford, Associate Professor of Business Law and Ethics at IU Bloomington, Indiana University.
This is excellent ammo for higher-ups that are not familiar (enough) with IT security, and need understandable language that explains the risks.
The article was posted at The Conversation, an independent source of news and views from the academic and research community, delivered direct to the public, that I can warmly recommend. You should check it out. What follows is a cross-post of his article, with grateful acknowledgement.
Scott wrote: "Large-scale cyberattacks with eye-watering statistics, like the breach of a billion Yahoo accounts in 2016, grab most of the headlines. But what often gets lost in the noise is how often small and medium-sized organizations find themselves under attack.
Many small companies are just one fraudulent wire transfer away from going out of business.
In the last year, half of American small businesses have been breached by hackers. That includes Meridian Health in Muncie, Indiana, where 1,200 workers’ W-2 forms were stolen when an employee was duped by an email purporting to come from a top company executive. Many small companies are just one fraudulent wire transfer away from going out of business.
There’s lots of advice available about how to fight cybercrime, but it’s hard to tell what’s best. I am a scholar of how businesses can more effectively mitigate cyber risk, and my advice is to know the three “B’s” of cybersecurity: Be aware, be organized and be proactive.
Here’s how more companies can boost their cybersecurity preparedness without breaking the bank.
Be Aware
Almost any company can be vulnerable to a range of cyberattacks. A company manager or network security professional needs to know about the various types of digital threats and how to limit vulnerability.
There are some attacks that every employee should know about. The most common attacks use a method called “phishing,” or a variant that specifically targets one potential victim, called “spearphishing.” These typically take the form of email messages that appear to be sent by coworkers or supervisors asking for sensitive information.
That’s what happened to the health care company in Muncie. These messages can contain instructions that a victim might follow, believing them legitimate – such as clicking a link that installs malware or captures login information, or even making a wire transfer to another business’s account.
The best defenses against these types of attacks involve skepticism and vigilance. Attackers can be very clever and persistent: If just one person has one weak moment and clicks on one malicious link, an entire network can be compromised.
Be Organized
Most companies go to great lengths to protect their physical assets and personnel. But many do not take similar precautions with their digital information. A key computer may be kept disconnected from the internet, but if it accepts flash drives or rewriteable CDs, or if its password is easy to guess, the information is just as vulnerable.
Small business owners need to prioritize cybersecurity. Without proper preparation, even large companies can find themselves unprepared for cyberattacks. When Sony was hacked in 2011, it did not have an executive focused solely on information security. But hiring someone did not prevent another hack in 2014.
Be Proactive
Planning ahead is vital, instead of just being reactive. The National Institute for Standards and Technology Cybersecurity Framework lists five main functions of cybersecurity efforts: Identify vulnerabilities, protect against attacks, detect anyone who gets through, respond to the attack quickly and recover after the attack has been stopped.
Some companies are already receiving advice that following the NIST guidelines can reduce legal liability if cybersecurity problems arise or are discovered. Companies can also work with colleges and universities to create cybersecurity clinics, or even consider buying cyber risk insurance.
There’s no way to avoid being the target of a cyberattack, but that doesn’t mean becoming a victim. Simple steps can have huge results: The Australian government reported resisting 85 percent of cyberattacks by taking three basic steps: restricting which programs can run on government computers, keeping software updated regularly and minimizing the number of people who have administrative control over networks and key machines.
Cybersecurity doesn’t have to be rocket science; it’s just computer science."
This article was originally published on The Conversation. Links and the original article here:
https://blog.knowbe4.com/the-three-bs-of-cybersecurity-for-small-businesses
I just found a great article by Scott Shackelford, Associate Professor of Business Law and Ethics at IU Bloomington, Indiana University.
This is excellent ammo for higher-ups that are not familiar (enough) with IT security, and need understandable language that explains the risks.
The article was posted at The Conversation, an independent source of news and views from the academic and research community, delivered direct to the public, that I can warmly recommend. You should check it out. What follows is a cross-post of his article, with grateful acknowledgement.
Scott wrote: "Large-scale cyberattacks with eye-watering statistics, like the breach of a billion Yahoo accounts in 2016, grab most of the headlines. But what often gets lost in the noise is how often small and medium-sized organizations find themselves under attack.
Many small companies are just one fraudulent wire transfer away from going out of business.
In the last year, half of American small businesses have been breached by hackers. That includes Meridian Health in Muncie, Indiana, where 1,200 workers’ W-2 forms were stolen when an employee was duped by an email purporting to come from a top company executive. Many small companies are just one fraudulent wire transfer away from going out of business.
There’s lots of advice available about how to fight cybercrime, but it’s hard to tell what’s best. I am a scholar of how businesses can more effectively mitigate cyber risk, and my advice is to know the three “B’s” of cybersecurity: Be aware, be organized and be proactive.
Here’s how more companies can boost their cybersecurity preparedness without breaking the bank.
Be Aware
Almost any company can be vulnerable to a range of cyberattacks. A company manager or network security professional needs to know about the various types of digital threats and how to limit vulnerability.
There are some attacks that every employee should know about. The most common attacks use a method called “phishing,” or a variant that specifically targets one potential victim, called “spearphishing.” These typically take the form of email messages that appear to be sent by coworkers or supervisors asking for sensitive information.
That’s what happened to the health care company in Muncie. These messages can contain instructions that a victim might follow, believing them legitimate – such as clicking a link that installs malware or captures login information, or even making a wire transfer to another business’s account.
The best defenses against these types of attacks involve skepticism and vigilance. Attackers can be very clever and persistent: If just one person has one weak moment and clicks on one malicious link, an entire network can be compromised.
Be Organized
Most companies go to great lengths to protect their physical assets and personnel. But many do not take similar precautions with their digital information. A key computer may be kept disconnected from the internet, but if it accepts flash drives or rewriteable CDs, or if its password is easy to guess, the information is just as vulnerable.
Small business owners need to prioritize cybersecurity. Without proper preparation, even large companies can find themselves unprepared for cyberattacks. When Sony was hacked in 2011, it did not have an executive focused solely on information security. But hiring someone did not prevent another hack in 2014.
Be Proactive
Planning ahead is vital, instead of just being reactive. The National Institute for Standards and Technology Cybersecurity Framework lists five main functions of cybersecurity efforts: Identify vulnerabilities, protect against attacks, detect anyone who gets through, respond to the attack quickly and recover after the attack has been stopped.
Some companies are already receiving advice that following the NIST guidelines can reduce legal liability if cybersecurity problems arise or are discovered. Companies can also work with colleges and universities to create cybersecurity clinics, or even consider buying cyber risk insurance.
There’s no way to avoid being the target of a cyberattack, but that doesn’t mean becoming a victim. Simple steps can have huge results: The Australian government reported resisting 85 percent of cyberattacks by taking three basic steps: restricting which programs can run on government computers, keeping software updated regularly and minimizing the number of people who have administrative control over networks and key machines.
Cybersecurity doesn’t have to be rocket science; it’s just computer science."
This article was originally published on The Conversation. Links and the original article here:
https://blog.knowbe4.com/the-three-bs-of-cybersecurity-for-small-businesses
NIST Releases Update to Cybersecurity Framework
Speaking about NIST, The National Institute of Standards and Technology has issued a draft update to the Framework for Improving Critical Infrastructure Cybersecurity, also known as the Cybersecurity Framework.
Providing new details on managing cyber supply chain risks, clarifying key terms, and introducing measurement methods for cybersecurity, the updated framework aims to further develop NIST’s voluntary guidance to organizations on reducing cybersecurity risks.
The Cybersecurity Framework was published in February 2014 following a collaborative process involving industry, academia and government agencies, as directed by a presidential executive order.
The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation’s critical infrastructure, such as bridges and the electric power grid, but the framework has been widely adopted by many types of organizations across the country and around the world. The Cybersecurity Enhancement Act of 2014 calls for NIST to continue its work on the framework.
But How Do You Keep Track of These Hundreds of Controls?
Here is a great way to get through audits in half the time and at half the cost. The KnowBe4 Compliance Manager (KCM) simplifies the complexity of getting compliant and eases your burden of staying compliant year round:
https://www.knowbe4.com/demo_kcm
Speaking about NIST, The National Institute of Standards and Technology has issued a draft update to the Framework for Improving Critical Infrastructure Cybersecurity, also known as the Cybersecurity Framework.
Providing new details on managing cyber supply chain risks, clarifying key terms, and introducing measurement methods for cybersecurity, the updated framework aims to further develop NIST’s voluntary guidance to organizations on reducing cybersecurity risks.
The Cybersecurity Framework was published in February 2014 following a collaborative process involving industry, academia and government agencies, as directed by a presidential executive order.
The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation’s critical infrastructure, such as bridges and the electric power grid, but the framework has been widely adopted by many types of organizations across the country and around the world. The Cybersecurity Enhancement Act of 2014 calls for NIST to continue its work on the framework.
But How Do You Keep Track of These Hundreds of Controls?
Here is a great way to get through audits in half the time and at half the cost. The KnowBe4 Compliance Manager (KCM) simplifies the complexity of getting compliant and eases your burden of staying compliant year round:
- Quick Implementation with Compliance Templates - Pre-built requirements templates for the most widely used regulations like NIST.
- Enable Users to Get the Job Done - You can assign responsibility for controls to the users who are responsible for maintaining them.
- Dashboards with Automated Reminders - Quickly see what tasks have been completed, not met, and past due. With automated email reminders, your users can stay ahead of any gaps in compliance.
https://www.knowbe4.com/demo_kcm
Top Industry Threat: Employee Healthcare Data Security Awareness
A new study conducted by HIMSS Analytics found that lacking employee education and awareness are top healthcare data security threats.
Approximately 80 percent of surveyed health IT executives and professionals report that employee security awareness is their greatest concern regarding healthcare data security.
The 2017 Level 3 Healthcare Security Study was conducted by HIMSS Analytics and sponsored by Level 3 Communications, Inc. HIMSS interviewed 125 individuals who worked in or alongside the IT department at a healthcare provider organization.
Exposure from partners or third-parties was the top concern for nearly 69 percent of those surveyed, followed by securing wireless or BYOD devices (54 percent of respondents) and a lack of actionable intelligence (36 percent of respondents).
HIMSS Analytics Senior Director of Research Services Bryan Fiekers maintained that security “cannot become an out-of-sight, out-of-mind problem." Good article in HealthITSecurity:
http://healthitsecurity.com/news/employee-healthcare-data-security-awareness-top-industry-threat
A new study conducted by HIMSS Analytics found that lacking employee education and awareness are top healthcare data security threats.
Approximately 80 percent of surveyed health IT executives and professionals report that employee security awareness is their greatest concern regarding healthcare data security.
The 2017 Level 3 Healthcare Security Study was conducted by HIMSS Analytics and sponsored by Level 3 Communications, Inc. HIMSS interviewed 125 individuals who worked in or alongside the IT department at a healthcare provider organization.
Exposure from partners or third-parties was the top concern for nearly 69 percent of those surveyed, followed by securing wireless or BYOD devices (54 percent of respondents) and a lack of actionable intelligence (36 percent of respondents).
HIMSS Analytics Senior Director of Research Services Bryan Fiekers maintained that security “cannot become an out-of-sight, out-of-mind problem." Good article in HealthITSecurity:
http://healthitsecurity.com/news/employee-healthcare-data-security-awareness-top-industry-threat
Webinar: Will You Pay the Price for the Next Ransomware Attack?
Ransomware attacks are on the rise and not only are attacks increasing in numbers. They are increasing in craftiness. Are you truly prepared to defend your turf and your data when (not if) the attackers come after you?
How should you be preparing beyond just having an endpoint security solution in place? Join security and disaster recovery experts from KnowBe4 and Arcserve to find out how you should be crafting a holistic approach to ransomware.
Time: 1:00 pm EDT
Register Now! https://truthinit.lpages.co/arc-gen/?AFFID=KB4
Ransomware attacks are on the rise and not only are attacks increasing in numbers. They are increasing in craftiness. Are you truly prepared to defend your turf and your data when (not if) the attackers come after you?
How should you be preparing beyond just having an endpoint security solution in place? Join security and disaster recovery experts from KnowBe4 and Arcserve to find out how you should be crafting a holistic approach to ransomware.
- Find out how to mitigate your weakest link (your users)
- Discover how to assure recovery of your data when disaster does strike
- Learn the 5 “must have” tips for a complete ransomware plan
Time: 1:00 pm EDT
Register Now! https://truthinit.lpages.co/arc-gen/?AFFID=KB4
Warm Regards,
Stu Sjouwerman
Quotes of the Week
"Human greatness does not lie in wealth or power, but in character and goodness. People are just people, and all people have faults and shortcomings, but all of us are born with a basic goodness." - Anne Frank
"The task of leadership is not to put greatness into humanity, but to elicit it, for the greatness is already there." - John Buchan
Thanks for reading CyberheistNews
"The task of leadership is not to put greatness into humanity, but to elicit it, for the greatness is already there." - John Buchan
Thanks for reading CyberheistNews
Security News
7 Steps to Avoid Getting Hooked by Phishing Scams
Here is a useful article if you want to send a link to your road warriors to remind them that they need to be careful while traveling.
Michelle Drolet at NetworkWorld wrote: "High-profile hacking attacks might dominate the headlines, but one of the biggest risks to your security isn’t software vulnerabilities or malware, it’s phishing attacks.
There were more than 1.2 million phishing attacks last year alone, up 65 percent over 2015, according to the Anti-Phishing Working Group (APWG)
Victims click the link in an email and get taken to a website that looks just like the real thing, but in reality, it has been created to steal information. Here are the seven steps:
http://www.networkworld.com/article/3189044/security/7-steps-to-avoid-getting-hooked-by-phishing-scams.html
Here is a useful article if you want to send a link to your road warriors to remind them that they need to be careful while traveling.
Michelle Drolet at NetworkWorld wrote: "High-profile hacking attacks might dominate the headlines, but one of the biggest risks to your security isn’t software vulnerabilities or malware, it’s phishing attacks.
There were more than 1.2 million phishing attacks last year alone, up 65 percent over 2015, according to the Anti-Phishing Working Group (APWG)
Victims click the link in an email and get taken to a website that looks just like the real thing, but in reality, it has been created to steal information. Here are the seven steps:
http://www.networkworld.com/article/3189044/security/7-steps-to-avoid-getting-hooked-by-phishing-scams.html
Ransomware-as-a-Service Being Sold for 175 Dollars on Dark Web
Researchers from IT Security company Recorded Future blogged about a member of the underground forum “Exploit” named “Dereck1” who mentioned a new ransomware variant called “Karmen.”
Karmen malware is a RaaS derived from “Hidden Tear,” an open source ransomware building toolkit.
Two developers behind Karmen RaaS
Work on this new RaaS started late last year, when a Russian-speaking hacker named DevBitox joined forces with an unknown German partner and created Karmen.
The two divided tasks between them and the German partner created the core ransomware code, modifying a version of the Hidden Tear ransomware, while DevBitox used his web coding skills to create the Karmen RaaS backend.
When their new service was ready, they started advertising Karmen which has a notable feature that it automatically deletes the decryptor if a sandbox environment or analysis software is detected on the victim's computer.
The Karmen interface allows users to change the malware's settings using a control panel that requires minimal technical knowledge. The “Clients” page tracks computers infected with the virus.
The dashboard gives the user an overview of relevant information including the number of clients they have, how much money they've earned and updates to the Karmen software.
When a user's computer is infected with Karmen, they get a message warning them not to interfere with the malware or they might lose all their files.
In reality, the ransomware isn't as secure as its authors believe, and security researcher and long-time Bleeping Computer forum user Michael Gillespie has already found a way to help users and decrypt files.
Researchers from IT Security company Recorded Future blogged about a member of the underground forum “Exploit” named “Dereck1” who mentioned a new ransomware variant called “Karmen.”
Karmen malware is a RaaS derived from “Hidden Tear,” an open source ransomware building toolkit.
Two developers behind Karmen RaaS
Work on this new RaaS started late last year, when a Russian-speaking hacker named DevBitox joined forces with an unknown German partner and created Karmen.
The two divided tasks between them and the German partner created the core ransomware code, modifying a version of the Hidden Tear ransomware, while DevBitox used his web coding skills to create the Karmen RaaS backend.
When their new service was ready, they started advertising Karmen which has a notable feature that it automatically deletes the decryptor if a sandbox environment or analysis software is detected on the victim's computer.
The Karmen interface allows users to change the malware's settings using a control panel that requires minimal technical knowledge. The “Clients” page tracks computers infected with the virus.
The dashboard gives the user an overview of relevant information including the number of clients they have, how much money they've earned and updates to the Karmen software.
When a user's computer is infected with Karmen, they get a message warning them not to interfere with the malware or they might lose all their files.
In reality, the ransomware isn't as secure as its authors believe, and security researcher and long-time Bleeping Computer forum user Michael Gillespie has already found a way to help users and decrypt files.
The History of Fileless Malware – Looking Beyond the Buzzword
Lenny Zeltser wrote: "What’s the deal with “fileless malware”? Though many security professionals cringe when they hear this term, lots of articles and product brochures mention fileless malware in the context of threats that are difficult to resist and investigate. Below is my attempt to look beyond the buzzword, tracing the origins of this term and outlining the malware samples that influenced how we use it today.
The notion of fileless malware has been gaining a lot of attention at industry events, private meetings and online discussions. This might be because this threat highlights some of the deficiencies in old-school endpoint security methods and gives new approaches an opportunity to highlight their strengths.
Indeed, according to Google Trends, people’s interest in this term blipped in 2012 and 2014, began building up toward 2015 and spiked in 2017."
You should read this interesting article:
https://zeltser.com/fileless-malware-beyond-buzzword/?
Lenny Zeltser wrote: "What’s the deal with “fileless malware”? Though many security professionals cringe when they hear this term, lots of articles and product brochures mention fileless malware in the context of threats that are difficult to resist and investigate. Below is my attempt to look beyond the buzzword, tracing the origins of this term and outlining the malware samples that influenced how we use it today.
The notion of fileless malware has been gaining a lot of attention at industry events, private meetings and online discussions. This might be because this threat highlights some of the deficiencies in old-school endpoint security methods and gives new approaches an opportunity to highlight their strengths.
Indeed, according to Google Trends, people’s interest in this term blipped in 2012 and 2014, began building up toward 2015 and spiked in 2017."
You should read this interesting article:
https://zeltser.com/fileless-malware-beyond-buzzword/?
Top "In the Wild" Attacks
And here are this week's Top 10 "In the Wild" phishing attacks that we received from our customers by employees clicking the Phish Alert Button and sending the email to us for analysis.
We "defang" these attacks and have them updated real-time in a campaign that customers can run regularly to test employees against the "real thing".
Note that these attacks have made it through all the filters and into the inbox of the user. That is one of the reasons we continue to remind you that creating and maintaining a human firewall is crucial, because it is your very last line of defense:
And here are this week's Top 10 "In the Wild" phishing attacks that we received from our customers by employees clicking the Phish Alert Button and sending the email to us for analysis.
We "defang" these attacks and have them updated real-time in a campaign that customers can run regularly to test employees against the "real thing".
Note that these attacks have made it through all the filters and into the inbox of the user. That is one of the reasons we continue to remind you that creating and maintaining a human firewall is crucial, because it is your very last line of defense:
- "Chase/JP Morgan: Online Access Restricted" - Spoofed bank email asks users to click malicious link to restore account access.
- "WhatsApp: Missed Voicemail Notification" - Fake WhatsApp voicemail notification delivers malicious link.
- "Uber: Update Your Account" - Fake Uber software update notification invites users to click malicious link.
- "Sharepoint Security Alert - Action Required" - Spoofed Sharepoint email asks users to click malicious link to restore account access.
- "ShareFile/Citrix: Urgent Info regarding your Sharefile Portal" - Fake Sharefile email offers malicious link for users to click.
- "NatWest: You sent a payment of 2939.00 GBP to Best EBuyer Limited" - Spoofed bank email offers details on an alleged payment via a malicious link.
- "De-activation of Email In Process" - Users are required by fake IT admin email to click a malicious link in order to preserve account.
- "Payoff Authorization" - Email delivers malicious attachment presented as a mortgage payoff authorization.
- "VAT Return and Payment Overdue" - Fake VAT return and payment form delivered as attachment to a spoofed bank email.
- "FW: Confidential" - "Confidential" notification tells user to click a malicious link or open an HTML attachment to obtain a "secure" message.
KnowBe4 Customer Success: "College Cyber-Attacks -- Don’t Take the Bait"
UniversityBusiness wrote: "Technology can block social engineering scams, and awareness in higher ed adds a deeper level of protection.
Colleges and universities now launch simulated attacks against subsets of people across campus to teach students, faculty, and staff how to detect an actual phishing email.
North Dakota State University, for example, sends out its own phishing messages with embedded links. Recipients who click land on a page full of information about spotting fraudulent emails, says Marc Wallman, vice president for information technology.
Other institutions have hired private companies to send simulated phishing messages. The State University of New York at Geneseo works with KnowBe4, which offers customized phishing security tests to help employees recognize and resist clicking on dangerous links.
“It’s a just-in-time teachable moment when someone falls for it, and then you can immediately teach someone what they should be looking for and why it was a phishing attempt,” says Susan Chichester, chief information officer and director of computer information technology at SUNY Geneseo." Full Article:
https://www.universitybusiness.com/article/college-cyber-attacks-don-t-take-bait
UniversityBusiness wrote: "Technology can block social engineering scams, and awareness in higher ed adds a deeper level of protection.
Colleges and universities now launch simulated attacks against subsets of people across campus to teach students, faculty, and staff how to detect an actual phishing email.
North Dakota State University, for example, sends out its own phishing messages with embedded links. Recipients who click land on a page full of information about spotting fraudulent emails, says Marc Wallman, vice president for information technology.
Other institutions have hired private companies to send simulated phishing messages. The State University of New York at Geneseo works with KnowBe4, which offers customized phishing security tests to help employees recognize and resist clicking on dangerous links.
“It’s a just-in-time teachable moment when someone falls for it, and then you can immediately teach someone what they should be looking for and why it was a phishing attempt,” says Susan Chichester, chief information officer and director of computer information technology at SUNY Geneseo." Full Article:
https://www.universitybusiness.com/article/college-cyber-attacks-don-t-take-bait
Other Interesting News Items This Week
We often run into articles that may be good ammo to support budget requests, but we cannot cover them all. Here are this week's possibly useful articles:
This Phishing Attack is Almost Impossible to Detect On Chrome, Firefox and Opera:
http://thehackernews.com/2017/04/unicode-Punycode-phishing-attack.html
Critical VMware Flaw Opens Virtual Infrastructures to Attack:
https://www.infosecurity-magazine.com/news/critical-vmware-flaw-opens-virtual/
The BBB runs Scam Tracker, a site that lets the public report and search for scams by keyword and location. Check out your own city!:
https://www.bbb.org/scamtracker/us
MasterCard introduces cards that work with fingerprints instead of PINs:
https://www.helpnetsecurity.com/2017/04/20/mastercard-fingerprint/
Microsoft users can ditch password-based logins for phone sign-in 2FA:
https://www.helpnetsecurity.com/2017/04/20/microsoft-phone-sign-in/
Breaches Continue to Surpass 2016’s Record Pace:
http://www.cutimes.com/2017/04/14/breaches-continue-to-surpass-2016s-record-pace?
Hajime is a ‘white worm’ that infects and secures vulnerable IoT devices:
http://www.digitaltrends.com/computing/hajime-code-infects-iot-devices-and-secures-them/
We often run into articles that may be good ammo to support budget requests, but we cannot cover them all. Here are this week's possibly useful articles:
This Phishing Attack is Almost Impossible to Detect On Chrome, Firefox and Opera:
http://thehackernews.com/2017/04/unicode-Punycode-phishing-attack.html
Critical VMware Flaw Opens Virtual Infrastructures to Attack:
https://www.infosecurity-magazine.com/news/critical-vmware-flaw-opens-virtual/
The BBB runs Scam Tracker, a site that lets the public report and search for scams by keyword and location. Check out your own city!:
https://www.bbb.org/scamtracker/us
MasterCard introduces cards that work with fingerprints instead of PINs:
https://www.helpnetsecurity.com/2017/04/20/mastercard-fingerprint/
Microsoft users can ditch password-based logins for phone sign-in 2FA:
https://www.helpnetsecurity.com/2017/04/20/microsoft-phone-sign-in/
Breaches Continue to Surpass 2016’s Record Pace:
http://www.cutimes.com/2017/04/14/breaches-continue-to-surpass-2016s-record-pace?
Hajime is a ‘white worm’ that infects and secures vulnerable IoT devices:
http://www.digitaltrends.com/computing/hajime-code-infects-iot-devices-and-secures-them/
Cyberheist 'Fave' Links
This Week's Links We Like, Tips, Hints and Fun Stuff
- World's First Electric Vertical Takeoff And Landing Jet Completes Maiden Flight. I want one!:
http://www.flixxy.com/worlds-first-electric-vertical-takeoff-and-landing-jet-maiden-flight.htm?utm_source=4
- A hilarious video of a wide-eyed intense kitten watching a scary scene from Alfred Hitchcock’s movie 'Psycho.':
http://www.flixxy.com/cat-watching-scary-movie.htm?utm_source=4
- Richard Hammond has to climb Claerwen dam in a sixty four year old Land Rover. Can he do it?
http://www.flixxy.com/climbing-a-dam-in-a-land-rover-top-gear.htm?utm_source=4
- From the weird Japanese video department: Japanese Table Tennis Trick Shots:
http://www.flixxy.com/japanese-table-tennis-trick-shots.htm?utm_source=4
- What's so special about 5 kids dancing in front of a mirror? Oh, wait a minute ... it's not what it seems!
http://www.flixxy.com/japanese-mirror-dance.htm?utm_source=4
- Some idiot left a coastal wall right in front of a ferry:
https://youtu.be/Ti-zq4azB_8 - For the kids. The cute animals department: With bouncing baby goats, happy lamb tails and snoozing piglets, this video is bound to bring plenty of smiles:
http://www.flixxy.com/happy-animals.htm?utm_source=4