Chat with us, powered by LiveChat
More Scammers Are Using Social Media To Target Victims

More Scammers Are Using Social Media To Target Victims

An increasing number of scammers are using social media to target victims and relying on social engineering tricks to convince people to part with their personal information or money.  The problem has grown serious enough that the FTC (Federal Trade Commission) has issued a formal warning to consumers. According to a recently released FTC report: “More than 95,000 people reported about $770 million in losses to fraud initiated on social media platforms in 2021.  Those losses account for about 25 percent of all reported losses to fraud in 2021 and represent a stunning eighteen-fold increase over 2017 reported losses. Reports are up for every age group, but people 18 to 39 were more than twice as likely as older adults to report losing money to these scams in 2021. More than half of people who reported losses to investment scams in 2021 said the scam started on social media. Reports to the FTC show scammers use social media platforms to promote bogus investment opportunities and even to connect with people directly as supposed friends to encourage them to invest.  People send money, often cryptocurrency, on promises of huge returns, but end up empty-handed.” Overall cryptocurrency scams are regarded as the number one threat for investors in 2022, according to a new report from the North American Securities Administrators Association (NASAA). However, the FTC is cautioning all users to exercise caution and develop better habits when scrolling through their favorite social media platform. They recommend setting limits on who can see your posts, taking advantage of increasingly robust privacy controls, opting out of targeted advertising, and doing more due diligence...
Microsoft Defender Adds Cross Platform Mobile Protections

Microsoft Defender Adds Cross Platform Mobile Protections

Microsoft recently announced an important upgrade to Microsoft Defender. It now supports vulnerability management for both Android and iOS. The company’s announcement reads in part as follows: “With this new cross-platform coverage, threat and vulnerability management capabilities now support all major device platforms across the organization - spanning workstations, servers, and mobile devices. Threat and vulnerability management in Microsoft Defender for Endpoint continuously monitors and identifies impacted devices, assesses associated risks in the environment, and provides intelligent prioritization and integrated workflows to seamlessly remediate vulnerabilities.” Although the new feature was introduced with very little fanfare, this is a significant change. This will make the lives of network admins much easier by significantly decreasing the surface attack area of mobile endpoints. This is part of Microsoft’s broader strategy to expand the security platform’s capabilities across all platforms to provide endpoint users with a unified security solution.  Previous upgrades to Microsoft Defender’s capabilities included adding support for Linux users back in 2020. Just one month later, the company added a “Microsoft Secure Score for Devices” feature. This is a feature that that allows network security professionals to evaluate the state of security of all devices connected to the enterprise network. It also includes a “recommended actions” section to further bolster security. Then in October 2020 the company added another new feature that automatically generated reports to assist with the tracking of vulnerable Windows and macOS devices on the network. These included vulnerability severity levels, exploit availability, vulnerability age, and vulnerable devices sorted by OS. All these changes are superb when evaluated individually but taken together they demonstrate just how serious Microsoft...
Mac Malware Is Becoming A Bigger Threat For Users

Mac Malware Is Becoming A Bigger Threat For Users

In late 2020 a new strain of malware called UpdateAgent appeared and began infecting Mac users. Initially the strain wasn’t all that worrisome.  It stole system information but it was by no means the worst threat on a Mac user’s radar. Since that time, the hackers behind the malicious code have been busy. UpdateAgent has received a few developments, with each one adding a new element of danger to the equation.  As things stand now UpdateAgent should be considered a serious threat to Mac users. As of its latest iteration UpdateAgent installs an annoyingly persistent adware strain called Adload. It has gained capabilities that make it easy for UpdateAgent to install other even more threatening and damaging payloads in the future. Microsoft has been investigating and following the development of UpdateAgent.  The company has discovered that the hackers who created the strain are hosting a wide range of other payloads on Amazon Web Services’ S3 and CloudFront services. While these have not yet been tied to UpdateAgent, it’s a clear sign of the shape of things to come. In addition to that, the code is now capable of fetching compressed zip files instead of .dmg files. It has been modified to prevent Gatekeeper from displaying pop-up warnings to users.  It can also inject persistent code inside background processes that are invisible to the user. Microsoft had this to say about their study of the malware strain: “UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns.  Like many information-stealers found...
Additional Security Recently Added To Office 365

Additional Security Recently Added To Office 365

Back in September of 2020 Microsoft announced that it was experimenting with the addition of SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online. This was done in a bid to ensure the email communication and security of their Office 365 customers. In a recent statement by the company the Exchange Online Transport Team said: “We have been validating our implementation and are now pleased to announce support for MTA-STS for all outgoing messages from Exchange Online.” While it may not sound like a terribly exciting change, it truly is a big step forward.  Now that the feature is in place in Office 365, any emails sent by users via Exchange Online will be delivered using connections with both authentication and encryption protocols. This is for protecting them from interception and attack attempts and includes both man-in-the-middle and downgrade attacks. Again, per the Exchange Online Transport Team: “Downgrade attacks are possible where the STARTTLS response can be deleted, thus rendering the message in cleartext. Man-in-the-middle (MITM) attacks are also possible, whereby the message can be rerouted to an attacker’s server.  MTA-STS (RFC8461) helps thwart such attacks by providing a mechanism for setting domain policies that specify whether the receiving domain supports TLS and what to do when TLS can’t be negotiated, for example stop the transmission.” In addition to the feature addition Microsoft has also provided guidance on how to adopt MTA-STS. This includes where to host the policy file on your domain’s web infrastructure. Additionally, the Exchange Team announced that they’re in the process of rolling out SANE for SMPT (with DNSSEC support). That provides better protection...
New Android Malware Steals Data And Factory Resets Phones

New Android Malware Steals Data And Factory Resets Phones

BRATA malware was first spotted in the wilds by Kaspersky back in 2019. Its earliest incarnation saw it targeting e-banking users and it was designed to steal banking and login credentials of anyone infected.  That’s undeniably bad but according to researchers the latest version of BRATA has gotten downright nasty. Security professionals have discovered a dangerous new variant in the wild that adds a raft of new features. One of the features includes allowing BRATA to steal a wide range of user data before resetting the infected device back to factory defaults when it’s done. That means it is essentially wiping away most of a user’s data. Most users aren’t very good at backing up their data regularly and don’t always save their most cherished photos and videos to the cloud. So that could add a devastating personal loss on top of a hefty financial one. The even worse news is that the hackers behind BRATA seem to be branching out. In December of last year (2021) researchers started seeing BRATA pop up in Europe.  Based on recently analyzed code samples, the group behind BRATA is beginning to experiment with variants custom tailored to the country or region it is released in.  So far, researchers have found distinct variants targeting e-banking users in the UK, Poland, Italy, Spain, China, and Latin America. The bottom line is that BRATA is a serious threat and the group behind the code is clearly setting their sights far beyond Brazil.  This one is one to watch in 2022. If it’s not already on your employees’ radar it certainly needs to be. So make...