Chat with us, powered by LiveChat
BazarBackdoor Uses Compressed Files To Deliver Malware

BazarBackdoor Uses Compressed Files To Deliver Malware

Security researchers have spotted a new phishing campaign in the wild that you’ll want to make a note of. In this case the hackers are attempting to deliver a malware strain known as BazarBackdoor by using an innovative compression technique and then disguising the malware as an image file. Multi-compression isn’t a new technique but it has never been widely used. Although it does seem to be enjoying a surge in popularity lately among the hackers of the world. That is mostly because it’s pretty good at ‘tricking’ email security systems into thinking and flagging malicious attachments as clean. By itself BazarBackdoor isn’t harmful but it opens the door and installs a perfectly legitimate toolkit called Cobalt Strike. That then allows the hackers to do pretty much anything they like from moving laterally inside your network, to launching ransomware attacks, copying and exfiltrating files, deleting files, or launching some other type of malware. Even more disturbing is that earlier this year security researchers discovered a variant of BazarBackdoor written in a programming language called Nim which provides at least some evidence that this particular strain is increasing in popularity among hackers around the world. Education is the key just like it always has been. Let your employees know to be on their guard and not to download any attachment (no matter how innocent looking) that comes from an address they do not know and are not familiar with. Even that isn’t perfect protection but it’s certainly a powerful step in the right direction that will mitigate your risk. Campaigns like this are further evidence that hackers are evolving and...
Morgan Stanley Banking Latest To Get Hit By Data Breach

Morgan Stanley Banking Latest To Get Hit By Data Breach

Hacks continue to evolve as the hackers themselves get increasingly sophisticated. One of the most recent victims is investment banking giant Morgan Stanley. Their network was breached after the attackers stole personal information belonging to their customers by hacking into an Accellion FTA server belonging to a third-party vendor, then using that information to breach Morgan Stanley’s network. The third-party vendor in question, Guidehouse, provides account maintenance service to Morgan Stanley. They notified the banking giant back in May that they had been breached and that some information belonging to Morgan Stanley customers had been compromised. At this time it is unclear just how many of Morgan Stanley’s customers have been impacted, but the company is in the process of reaching out to all who were impacted to let them know. Although the company has not indicated as much, it’s fairly standard practice for firms to offer 1-2 years of credit protection to customers who have had their data compromised. Odds are excellent that this will be the case here. Although again, that has not been confirmed at this point. In any case, this is a serious breach, regardless of scope and scale, because the hackers were able to make off with both encrypted files and the decryption key to unlock them. The stolen data includes: Stock plan participants’ name Physical address Date of birth Social security number And company name, where applicable In other words, more than enough information to steal an individual’s identity. If you bank with Morgan Stanley, be on the lookout for a letter from the company and watch your credit statements like a hawk....
Microsoft Issues Patches For PrintNightmare Bug

Microsoft Issues Patches For PrintNightmare Bug

If you’re one of the legions of Windows users, you may be aware that the OS currently has some printer issues. In fact, they’re so severe that the bug has been dubbed “PrintNightmare,” and note that this flaw affects all versions of Windows. The good news is that Microsoft got to work just after the issue was initially reported, and began issuing patches to fix it. The bad news is that it turned out to be a bit more complicated than anybody realized at the time. In fact, despite already having issued a few new patches, the problem persists for some users. Microsoft is still at it, and has recently released additional patches for more versions of Windows impacted by the bug. These are Out of Band patches, so you may miss them if all you’re doing is updating via the “Patch Tuesday” series of security updates. The two issues at the root of the problem are being tracked as CVE-2021-1675 and CVE-2021-34527. If you’ve got one or more users who are still impacted by the bug, the Redmond giant has advised admins to disable the print spooler until a patch that takes care of the issue can be applied. In the company’s latest update regarding the matter, they write: “Microsoft identified a security issue that affects all versions of Windows and have expedited a resolution for supported versions of Windows that will automatically be applied to most devices.” As of now, the company has released patches that should solve the issue for Windows 10 1607 (Enterprise), Windows Server 2016, and Windows Server 2012. When these patches are applied,...
Ransomware Attackers May Target Industrial Machines Soon

Ransomware Attackers May Target Industrial Machines Soon

Government officials and some internet security researchers have been saying for quite some time now that the nation’s (and the world’s) core infrastructure is at risk. Some examples include the flow of water into cities, the flow of electricity, and the traffic lights that keep city streets relatively organized. All of these depend on the reliable function of Industrial Control Systems, and these, as it turns out, are incredibly easy to hack. A couple of years ago, hackers brought traffic to a standstill in a city in Texas by hacking the control system for signal lights. Other hackers have attacked water systems, with the effect of denying large numbers of citizens access to clean water for days at a time. We’ve also seen hackers overload transformers and cut power in limited areas of municipalities, and this is just the tip of the proverbial iceberg. So far, these attacks have been little more than experiments. Small forays into a new frontier designed to test the defenses of the perimeter and see what’s possible. The results of those initial attacks have revealed glaring weaknesses that, if exploited in a serious and large scale way, could paralyze entire cities, perhaps for weeks at a time. Those hacks, if and when they occur, will absolutely cost lives. As Bharat Mistry, the technical director of Trend Micro puts it: “The underground cyber crime economy is big business for ransomware operators and affiliates alike. Industrial Control Systems found in critical national infrastructure, manufacturing and other facilities are seen as soft targets, with many systems still running legacy operating systems and unpatched applications. Any infection on...
Google Calendar Adds Virtual Meeting For Hybrid Office Workers

Google Calendar Adds Virtual Meeting For Hybrid Office Workers

The pandemic is slowly fading from the headlines and releasing its grip on the world as the dominant factor in daily life. Now, businesses of all shapes and sizes are beginning to transition away from the pure “work from home” models that most have been employing over the past year. Based on the early, emerging trends, it doesn’t seem like work life will go back to the way it was before. Most companies seem to be gravitating toward a hybrid model, where significant percentages of their workforce will work both from home, and from their home offices, dividing their time between the two. Google certainly seems to think this is the shape of things to come, which is why they’ve recently announced some small but important changes to the RSVP options in Calendar that will be rolling out in the weeks to come. Using these new options, users will be able to accept meeting invitations and indicate whether they’ll be attending in person, or virtually. Here’s how it will work: If you plan to attend a meeting virtually, you’ll be able to specify that via a new addition to the drop down menu that’s viewable by the host and other invited guests. It’s not only convenient for invitees, but it’s also a handy bit of information for meeting and event organizers, giving them a better idea of what they can expect from the meeting and allowing them to plan accordingly. Google’s short-term plans involve making this functionality available in Google Calendar only, but longer term, it will be added to Gmail as well. The roll out of the new...