Will your actions after a successfully ransomware attack affect the outcome? Yes, without a doubt. Learn what to do and not do after a ransomware attack.
Insights
How to Make a Ransomware Attack Worse
Apple Ships Urgent Patch for FORCEDENTRY Zero-Days
This week Apple issued patches for the macOS and iOS platforms on vulnerabilities it said are currently being exploited.
Install new Apple patches ASAP
Microsoft Patches MSHTML Vuln Among 66 CVEs
Microsoft issued patches for 66 vulnerabilities. Some under active exploitation and considered severe. Be sure and update your systems.
Nearly 50% of On-Premise Databases Have Vulnerabilities
Nearly every company has databases. Recent research shows that almost half have multiple unpatched vulnerabilities, the average being 26 of them. Males you think twice about sharing private information if a company doesn’t even protect its own information.
Half of on prem databases have vulnerabilities
Ransomware Operators Ramp Up Pressure on Victims via Multiple Extortion Attacks
As if ransomware wasn’t enough, attackers are using data theft, denial of service attackers and even harassing the customers of the ransomware attack. All to get you to pay.
Multi Factor Authentication Is Not The Ultimate Answer
Multi Factor Authentication, MFA, is an important tool. But MFA by itself will not protect against two of the most successful attack methods, exploiting bugs, and social engineering. If you aren’t addressing those attack methods, then you are not serious about protecting your data.
Patch now! Microsoft Exchange is being attacked via ProxyShell
Three current vulnerabilities in Exchange are being exploited. Implementing the patches is essential but will not counter an attack that already took place. Many customers of Microsoft’s cloud based Exchange service don’t understand that they may still have an exchange server on premises making them vulnerable.
FBI Issues Advisory on 'OnePercent' Ransomware Group
This group has been targeting companies since Fall 2020 with two powerful exploits. One is the PowerShell exploit described in another Insight post. But both are being used to deliver ransomware and to cause widespread infections before the ransomware is triggered.
Microsoft Azure Cosmos Vulnerability: ChaosDB Exposure Details
Microsoft closed a vulnerability in the Azure database service that has been exploited for months. After implementing the fix, users of the service need to regenerate their databases to be on the safe side.
Tech giants pledge at least $30 billion to improve cybersecurity following White House meeting
A recent White House meeting of the major tech companies resulted in a commitment of significant money to combat cyber threats. Equally important is the recognized need for a coordinated effort to enable an effective cyber defense.
1st and 3rd Party Cyber Risks are Not the Same
Cyber insurance distinguishes between 1st and 3rd party cyber risks. Without understanding this critical difference, you may find that your policy doesn’t cover loses you have incurred.
3rd party risks may not be covered
Phishing Costs Nearly Quadrupled Over 6 Years
Phishing costs include more than the ransom. In fact, the ransom may be the smaller portion of the costs when compared with restoring systems and lost productivity.
T-Mobile: Breach Exposed SSN/DOB of 40M+ People
The breach recently announced by T-Mobile affected over 40 million people exposing some of the most private information, Social Security numbers and dates of birth. Key information used for identity theft.
Troubling New Disk-Level Encryption Ransomware Surfaces
A new strain of ransomware was found that is more insidious than the others. This one encrypts the drives on the servers instead of attacking end user systems. To make matters worse, it also uses a legitimate encryption tool and encrypts the decryption key and requires a password only the attackers have.
Video surveillance network hacked by researchers to hijack footage
A Chinese company called ThroughTec offers a cloud based service called Kalay for the automation of home automation devices. The pitch is instead of each home automation vendor building their own protocol and servers to simply build the Kalay offering into their devices. Kalay was found to have a way for unauthorized people to hack the system and monitor the home automation devices including cameras.