Breach At Georgia Tech University Exposes Personal Info

Breach At Georgia Tech University Exposes Personal Info

If you’ve ever been a student or employee of the Georgia Institute of Technology, be advised that any personally identifiable information the university had on you may have been compromised. Recently, the university reported an instance of unauthorized access into databases connected to its web app. They first discovered evidence of the unauthorized access in mid-December of 2018 and have been investigating since.  To date, however, it remains unclear exactly how long a time the unidentified hackers had access to their databases or what specific information may have been taken. The formal statement issued by the university says, in part: “The information illegally accessed by an unknown outside entity was located on a central database.  Georgia Tech’s cyber security team is conducting a thorough forensic investigation to determine precisely what information was extracted from the system, which may include names, addresses, social security numbers and birth dates.” The fact that the university’s investigation is now several months old indicates that the hackers were quite skilled. Given the information that the University fears was compromised, it’s more than enough to create a false identity. If you have ever been employed at Georgia Tech, or if you’ve ever taken classes there, be mindful that enough of your personal information may have been compromised to steal your identity.  If you haven’t yet used a service that helps protect you against such things, it may be time to consider doing so.  In any case, vigilance is the order of the day. We don’t yet know how many records may have been compromised, but it’s better to be safe than sorry.  If you’ve been...
Several Popular Restaurants Had Credit Cards Stolen

Several Popular Restaurants Had Credit Cards Stolen

If you frequent any of the following restaurants and paid them a visit between May 23, 2018 through March 18, 2019, your credit card data may have been compromised. The parent company of these chains, Earl Enterprise, recently announced that an unspecified number of store locations were found to have been infected by PoS malware. When taken together, they managed to harvest more than two million credit card numbers nationwide.  These were later found for sale on the Dark Web. The list of restaurants includes: Chicken Guy! Mixology Tequila Taqueria Earl of Sandwich Planet Hollywood Buca di Beppo If you’ve been to any of the restaurants named above in that range of time, you may have already received a notification from the company.  If you want to confirm whether the location near you was one that was compromised, Earl Enterprise has a lookup tool on their website allowing you to drill down and find out definitively. The company was made aware of the issue in late February when they were contacted by private security researcher Brian Krebs. He discovered a large cache of credit card numbers on the Dark Web that belonged to the company’s customers. Once they were informed, they launched their own internal investigation, duly notified law enforcement, and brought in a third-party firm to assist them with the investigation.  Upon confirming Krebs’ findings, they made a public announcement to their customers. Exercising an abundance of caution, Earl Enterprise is encouraging all its customers to keep a watchful eye on their credit and debit card statements and to stay alert for any suspicious activity. If you notice...
Windows Defender Security Comes To Mac Devices

Windows Defender Security Comes To Mac Devices

If you’re a Mac user and looking for next-level antivirus protection, we’ve got some potentially good news. Microsoft recently announced that their enterprise security platform, (Windows Defender Advanced Threat Protection) is now available for macOS. To reflect the product’s move away from offering protection exclusively to Windows-based systems, the company tweaked the name of the product.  It is now called simply “Microsoft Defender ATP.” The newly minted version of the software is currently available for Macs in limited preview form, and represents the latest in an ongoing expansion effort.  Last month, the company rolled out a version that extended its impressive protection to both Windows 7 and Windows 8.1.  Future plans will include a further expansion to also provide protection to Linux-based machines. At this point, Admins can install Microsoft Defender ATP on the following macOS versions: Mojave High Sierra Sierra Individual users will have the option to configure advanced settings in the software unless their admins specifically disable that functionality.  The code also includes an auto-update feature that can be toggled by an Admin. If you’re an admin working in a Mac environment, you might not see a particular need for the new software. However, Microsoft pointed out in the bulletin they released with the announcement that Defender can detect KeRanger, which was the first ransomware strain to target the macOS. In any case, more security options are generally better than fewer, and Microsoft has long been a favorite target of the hacking world.  Love them or hate them, they do know a thing or two about security, especially at the enterprise level. Most insiders hail this move...
New Malware Hidden In Emails About Flu Protection

New Malware Hidden In Emails About Flu Protection

Fear is a fantastic way to spread malware, which is why hackers around the world are using the fear of a flu pandemic as a hook to install a nasty strain of ransomware. Researchers at MyOnlineSecurity have detected a cunning email campaign which spoofs the Centers for Disease Control and bears headlines warning of a Flu Pandemic. The message is short and to the point, explaining that a flu pandemic has been detected and urges recipients to read the attached document for further instructions to protect their families and help keep it from spreading.  The instructions also helpfully include the note that in order to view the document properly you’ll need to click the ‘Enable Editing’ button. The attachment bears the name “Flu Pandemic Warning,” which reinforces the message itself. It’s an excellent choice from the perspective of the hackers, because they know that a relatively high percentage of those who receive this message from what appears to be a trusted agency will open it. Unfortunately, the moment they open the file and click to enable editing, they doom themselves.  The word document is poisoned and contains scripts that will install the GrandCrab v5.2 ransomware on the victim’s machine, which will promptly lock their files and demand a hefty payment. While this is a nasty and especially effective campaign, it’s not the only one that the creators of Grand Crab are engaged in.  Recently, the Chinese government issued their own alert, stating that beginning on March 11, various government departments were bombarded with phishing-style emails intent on installing ransomware on their servers. All that to say, vigilance is more...
New Phishing Attack Targets Amex And Netflix Users

New Phishing Attack Targets Amex And Netflix Users

If you do business with either American Express (AMEX) or Netflix, be on the alert.  Windows Defender Security Intel has recently reported the detection of two major new phishing-style campaigns aimed at the customers of both businesses. Recipients have been receiving emails that appear identical to official Netflix and American Express communications. In both cases, the ultimate goal is to convince customers to hand over their credit or debit card information. Microsoft has sent a couple of different tweets out about the issue.  One of them assures customers that “Machine learning and detonation-based protections in Office 365 ATP protect customers against both campaigns.” And another warned that “The Netflix campaign lures recipients into giving away credit card and SSN info using a ‘Your account is on hold’ email and a well-crafted payment form attached to the email.” The unfortunate truth is that emails like the ones currently in play are extremely easy to craft and very compelling.  The hackers simply play on the fears of the customer, making it sound as though if they don’t take immediate action they’ll lose access to a valued service they’ve come to rely on. There’s essentially no cost to the hacker for pushing out hundreds, or even thousands of emails like the ones currently being used. For each victim that falls prey to the tactic, the costs can be enormous. As ever, the first best line of defense is education and awareness.  In addition to that, if there’s ever any question at all about the status of your account, the best thing you can do is to address the issue via another channel....