Businesses always look for ways to protect their sensitive data. But have you considered the growing threat of AI cracking your passwords? Recent studies show that AI can crack many passwords in less than a minute. This poses a significant risk to businesses of all sizes. Let’s discuss why you need stronger passwords and offer tips for creating more secure ones. AI Cracking Passwords Faster Than Ever Before Cybersecurity researchers have been testing the capabilities of AI platforms to crack passwords. One of these platforms is PassGAN, which uses machine learning to create guesses. In a recent experiment, researchers from Home Security Heroes input millions of passwords from a leaked dataset into PassGAN. Home Security Heroes wanted to see how quickly it could crack the codes. The results were revealing. 51% of common passwords were cracked in under a minute. PassGan even cracked seven-character passwords in less than six minutes. Why Stronger Passwords Matter for Your Business These findings should be a wake-up call for business owners. Weak passwords can leave your company’s sensitive data vulnerable to cybercriminals. If your employees use easily cracked passwords, it is only a matter of time before a hacker exploits this weakness, leading to potential data breaches and financial loss. Tips for Creating Secure Passwords It’s vital to use strong passwords to protect your business. Experts recommend passwords with at least 15 characters. Mix lowercase and uppercase letters, numbers, and symbols. These types of passwords would take an estimated 14 billion years to decode, making them virtually uncrackable. Here are some additional tips for creating secure passwords: Avoid using common words, phrases, or patterns. Don’t use personal information in your passwords, such as names or birthdays. Use a unique password for each account. Consider using a passphrase – a series of random words or sentences – instead of a single phrase. Update your passwords regularly and never reuse old ones. Strengthen Your Business’s Password Security In light of the growing threat of AI cracking passwords, it is more important than ever for business owners to focus on password security. Implement best practices and follow the tips above. Doing so can significantly reduce the risk of data breaches and protect your company’s valuable information. Remember, a secure password – and your knowledge – is a crucial defense against online threats.
Simplifying Cybersecurity: Microsoft’s Security Copilot AI Assistant Microsoft released a game-changing way to protect against cyberattacks. This AI-powered assistant, called Security Copilot, can find threats faster than ever. It could revolutionize how businesses keep their digital assets safe. Security Copilot uses OpenAI’s GPT-4. Microsoft’s “security-specific” AI model is also part of its structure. Security Copilot is designed to better summarize and make sense of threats than any tool before. How Security Copilot Does Its Job Some elements in Security Copilot come from other Microsoft security tools. With the help of AI, Security Copilot can give customized advice to any business. With Security Copilot, Microsoft aims to simplify identifying and organizing threat intelligence. As a result, analysts will be able to spot malicious behavior more quickly. Through a Chat GPT-like interface, users answer security questions. These interactions provide Security Copilot information to work on. It can be adjusted to fit each business environment and give custom advice. Benefits for Security Microsoft has made Security Copilot work well with cybersecurity teams. It gives defenders more ways to keep track of intelligence. The AI assistant helps them learn from the information they already have and compare the threats they face. This can lead to faster decision-making. This tool aids security teams in many ways: It catches what others may miss by correlating and summarizing attack data. It also prioritizes incidents and recommends the best course of action. This ensures timely remediation of diverse threats. Security Copilot can also learn and improve over time. This ensures that security teams stay up to date. They get the newest information about attackers, tactics, and procedures. Collaboration and Communication Features Security Copilot has features that make it easier for teams to work together. It can track what a user has done in the past to map out potential problems and create summaries. Colleagues can learn about the project and get up to speed. The system can also make presentation materials automatically. Then, teams can share information with people outside of their department. Use Security Copilot to Your Advantage You can use Security Copilot to improve your security. Consider these steps: Keep an eye on the latest advancements in cybersecurity tools like Security Copilot. Check your current security measures. Consider integrating Microsoft’s security ecosystem to enhance protection and threat response capabilities. Encourage training and education on cybersecurity best practices and their benefits. AI tools like Security Copilot help companies identify and address cyber threats. They provide vital threat information so that you can take the appropriate action. In addition, they automate tasks and enable wider collaboration between security teams. What does this mean to you as a business owner? With cybercrime increasing, focusing on security is essential more than ever. AI tools provide another layer of defense against attacks. In this regard, embracing AI tools is a wise decision for any business owner.
Bitdefender released its 2023 Cybersecurity Assessment report Wednesday, which surveyed more than 400 IT and security professionals located in the U.S., U.K., Germany, France, Italy and Spain. The report found that 42% of surveyed respondents said they were told to keep a breach confidential when they should have reported it, and nearly 30% said they had kept a breach confidential knowing it should have been reported. When it comes to U.S.-based organizations, those percentages only increased. The report also addressed the legal backlash of maintaining breach confidentiality. The primary threat concerns for surveyed respondents last year were software vulnerabilities and zero-day exploits, followed closely by phishing campaigns and supply chain attacks. Ransomware came in at No. 4. Bitdefender noted that patching software vulnerabilities in a timely manner is an ongoing problem that attackers increasingly leverage. Bitdefender released its 2023 Cybersecurity Assessment report Wednesday, which surveyed more than 400 IT and security professionals located in the U.S., U.K., Germany, France, Italy and Spain. The report found that 42% of surveyed respondents said they were told to keep a breach confidential when they should have reported it, and nearly 30% said they had kept a breach confidential knowing it should have been reported. When it comes to U.S.-based organizations, those percentages only increased. The report also addressed the legal backlash of maintaining breach confidentiality. The primary threat concerns for surveyed respondents last year were software vulnerabilities and zero-day exploits, followed closely by phishing campaigns and supply chain attacks. Ransomware came in at No. 4. Bitdefender noted that patching software vulnerabilities in a timely manner is an ongoing problem that attackers increasingly leverage. Bitdefender released its 2023 Cybersecurity Assessment report Wednesday, which surveyed more than 400 IT and security professionals located in the U.S., U.K., Germany, France, Italy and Spain. The report found that 42% of surveyed respondents said they were told to keep a breach confidential when they should have reported it, and nearly 30% said they had kept a breach confidential knowing it should have been reported. When it comes to U.S.-based organizations, those percentages only increased. The report also addressed the legal backlash of maintaining breach confidentiality. The primary threat concerns for surveyed respondents last year were software vulnerabilities and zero-day exploits, followed closely by phishing campaigns and supply chain attacks. Ransomware came in at No. 4. Bitdefender noted that patching software vulnerabilities in a timely manner is an ongoing problem that attackers increasingly leverage.
Recently, there was a rise in cybercrime related to the closing of Silicon Valley Bank (SVB). Threat actors go after businesses and sometimes use them in their illegal activities. SVB was the 16th largest bank in the U.S. The bank worked with tech giants like Buzzfeed, Roblox, and Roku. However, global inflation and a deposit run caused regulators to close the bank on Friday, March 10, 2023. Hackers are using SVB-related content to manipulate people’s emotions. Analysts are finding more phishing attacks connected to the SVB closure, and new threats appear daily. How Hackers Set Up SVB-related Attacks Cybercriminals started buying fake SVB domains shortly after SVB closed. This is how they set up their SVB-related attacks. The attackers then made and tested phishing flows before starting their campaigns. More than 62 new domains were set up for SVB-related attacks, and there were 200 phishing scams, most of which targeted businesses in the U.S. The public response helped hackers Unfortunately, the public’s response to the SVB crisis may have unwittingly aided cybercriminals. Attackers used websites that listed affected SVB customers to find targets. Also, emails from companies switching to new banks can look like phishing emails, which can cause confusion and increase the risks. Getting Ready for the Wave of SVB Fraud To counter SVB-related attacks and protect your business, you should: 1. Raise employee awareness about phishing and cyber threats. 2. Provide regular security training. 3. Implement email security solutions with anti-phishing features. 4. Use multi-factor authentication. 5. Keep software updated to prevent vulnerabilities. 6. Encourage strong, unique passwords and start using password managers. 7. Monitor the company’s online presence for fake domains or websites. 8. Develop and maintain an incident response plan. 9. Periodically review and update security processes. 10. Collaborate with cybersecurity experts for audits and vulnerability assessments. The recent failure of SVB has given cybercriminals a chance to take advantage of businesses and individuals. To protect yourself from SVB-related attacks and other cyber threats, you need to put cybersecurity at the top of your list of priorities. You can shield your company from these attacks by being proactive, improving security infrastructure, and using your resources wisely.
Essendant, a Staples-owned wholesale distributor of office supplies and stationery, paused its operations recently because of a multi-day, network-wide outage. The system disruption has prevented customers from placing orders online or contacting the company’s customer care unit. While Essendant has yet to disclose the reason behind the outage, many think someone had hacked into the company’s system. Customers are expressing their frustration over the company’s lack of transparency. Essendant’s Outage Is Preventing Fulfillment of Orders The network-wide outage started on the night of March 6, 2023. Essendant then began notifying customers about it the following day. Because of the disruption, the company can’t accommodate new online orders or fulfill existing ones. Aside from customers and suppliers, the incident also affects freight carriers. The company has told them to postpone pickups for now. Essendant carries more than 160,000 items and caters to around 30,000 resellers. The disruption has a significant impact on its supply chain. What Is Essendant Doing to Address the Issue? Since March 20, 2023, Essendant has taken significant steps to recover its operations. The company has restored at least a hundred systems and performed end-to-end testing. It is currently in the pilot stages of its pick, pack, and ship efforts. Here’s what customers can expect from Essendant at this point of its recovery: Empower users now have new login credentials and can place orders through the portal. Aside from Empower, customers can access other Solution Central applications. That includes List Assistant, ICAPS, Essendant Marketing Studio, and Market Xpert. Essendant’s customer care team is only accessible through email. Request volumes are high, and turnaround time will be longer.There will be longer shipment times because of higher order volumes. The Bottom Line The Essendant outage highlights the importance of data backups. Losing large amounts of information, whether employee, customer, or systems data, can cripple a business. But with a data backup strategy, you have a duplicate of your systems and can recover faster. Secondly, it’s a reminder for business owners to have a contingency plan. If your supplier can’t deliver for whatever reason, having a backup plan will save your business.
The United States government is alerting organizations about the Royal ransomware operation. The Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) said in a joint advisory that the Royal ransomware gang poses an increasing threat to the critical infrastructure of numerous sectors in the U.S. The Royal ransomware group has been targeting different sectors across the country and abroad. Among its victims are health care, education, communications, and manufacturing organizations. How the Royal Ransomware Gang Operates According to the FBI and CISA, Royal actors use phishing links to access an organization’s network. These links carry a malware downloader. The cyber threat actors then disable the network’s antivirus software, extract large amounts of data, and encrypt systems. Other than phishing links, the Royal ransomware gang also uses these other tools to get into an organization’s network, including: Remote desktop protocol (RDP) Initial access brokers The exploitation of public-facing applications Royal Ransomware Made Rounds Since 2022 The Royal ransomware gang first made rounds in early 2022. It used third-party ransomware like Zeon when it started. But it has since created its own ransomware and has been using it since September. It also uses other malicious tools to gather information and keep victims from restoring their data. In December, the U.S. Department of Health and Human Services announced that Royal ransomware targeted the healthcare sector. Royal’s leak page on the dark web listed two healthcare service providers as victims. Royal actors had also made ransom demands in Bitcoin. These demands range between $1 million and $11 million. The ransom notes do not state ransom amounts and payment details. But these contain instructions on how to contact the group. Royal Gang Is a Group of Experienced Cybercriminals Security experts believe that experienced cybercriminals make up the Royal ransomware gang. These cyber threat actors have worked together in previous operations. Cyber security experts noted similarities between the Royal operation and Conti – a Russian hacking enterprise. Conti disbanded in June 2022, giving rise to several cybercriminal groups. These groups applied the same phishing technique that the Royal gang now uses to deploy its ransomware. Organizations Should Have a Data Recovery Plan in Place The U.S. government advises businesses and organizations to have a data recovery plan in place. This plan ensures that organizations won’t lose their data in case Royal ransomware infiltrates their systems. Additionally, organizations can continue their operations in case of a ransomware attack. A recovery plan includes: maintaining multiple backups of data implementing multi-factor authentication securing accounts with unique and strong passwords using monitoring tools to detect suspicious activity in their network implementing network segmentation updating all software and operating systems auditing all accounts disabling unused services The Bottom Line: Businesses Should Be Ready for Ransomware Attacks Businesses and organizations could lose all their data, including customers’ personal information, from a ransomware attack. And this could incapacitate their business or at least disrupt operations. Their customers would also lose trust and confidence in them. As such, businesses and organizations should prepare themselves for possible cyberattacks. It is not enough to put measures in place to prevent it. They should also have a contingency plan in case they fall victim to a cybercrime.
Having a password for online accounts is not enough protection. Hackers and cybercriminals have found a way to crack passwords and hijack emails, bank accounts, social media pages, and other digital real estates. Through password mass attacks, cyber threat actors no longer have to spend a long time trying to guess your online credentials. Understanding a Password Mass Attack A password mask attack is a technique cybercriminals use to crack passwords. While a conventional brute-force attack tries to guess your password by entering every possible letter, number, and symbol combination, a mask attack is more targeted and takes less time. It is also more systematic. With a mask attack, cybercriminals check passwords for a specific pattern. Knowing this pattern allows them to skip character combinations that are not necessary. Threat actors will use information about your password creation behavior, including your composition patterns. They will then start cracking a subset of your password’s format or entire length. How Does a Password Mask Attack Work? Websites and online apps do not store their users’ passwords verbatim. Instead, they use a process called hashing. Hashing uses an encryption algorithm to turn passwords and other data into a string of letters and numbers. Hashing improves the security of your password. So, if attackers hack a website, they won’t be able to access your password as is. Instead, they will get the encrypted “hash” that the algorithm had created. If cybercriminals get a hold of password hashes from a site, they can start a password mask attack. They will put the character combinations into a hashing function and wait until they get valid hits or until it creates a hash that matches yours. These cybercriminals can calculate hashes for common words and often-used combinations. Cybercriminals don’t crack each password within the data set they obtained from a website. They only need to crack enough passwords to get an initial foothold on the website and go deeper into their attack. How to Prevent Password Mask Attacks It is important for businesses with websites to take steps to prevent password mask attacks. Their websites must encourage customers or individual users to create strong passwords. Strong passwords contain a combination of uppercase and lowercase letters, numbers, and special characters. With stronger passwords, cybercriminals would find it hard to guess the patterns and calculate hashes. Businesses and organizations with websites can also use password managers. These tools help prevent network security threats by storing and managing users’ credentials. Moreover, they address password security issues like weak passwords and password reuse. The Bottom Line: Protect Business Sites and Customers From Mask Attacks Password mask attacks on a business website put customer data at risk. Once cybercriminals crack passwords, they can also extract personal data and use them to access bank accounts. Or they can launch smaller attacks targeted at individuals. Customers will lose confidence in a business if this happens. A mask attack can also disrupt business operations. As such, businesses should encourage their users to create strong passwords. They should also use password managers to protect passwords and customer credentials.
A new malware campaign on Facebook and YouTube is making headlines. S1deload Stealer hijacks these social media accounts, mines cryptocurrency, and spreads itself. Discover what business owners need to know about this malware. How the Malware Installs Itself S1deload Stealer is hidden within photo files with adult themes. The attackers use social engineering to post download links to these files on Facebook comments. When someone downloads one of the relevant files and then unzips the folder, they will see a signed executable file. That file includes the malicious DLL with the payload and a valid Western Digital signature. Users may not even know they have malware on their computers. The file that contains the DLL also has real images, reducing suspicion. What Happens After Installation After installation, the hackers’ command and control server instructs the S1deload Stealer. It can run and download various components. One of these is a headless Chrome browser. As a headless browser, it runs in the background without the user knowing. This is a common way to boost YouTube and Facebook views. The malware also uses a stealer to access passwords and other credentials saved in the browser. It also accesses exfiltration and cookie decryption. From there, the attacker uses the credentials to post more comments on social media via additional social engineering attacks, expanding its reach. S1deload Stealer also deploys a BEAM cryptojacker, which allows for cryptomining. By mining BEAM, the attackers get another financial benefit from this malware. The Malware’s Reach To date, S1deload Stealer has affected at least 600 unique users, infecting their computers. Official Suggestions Bitdefender broke the news of this new malware. The cybersecurity company says that you should never click on an EXE file that comes from an unknown or untrusted source. It also suggests paying attention to any security alerts your computer issues. Conclusion – And What Business Owners Can Learn S1deload Stealer is just one recent example of the increase in malware targeting both businesses and consumers. Businesses are an especially appealing target because they store credit card information. Business owners should protect their companies and their customers by checking for unexpected purchases and canceling affected cards. They should also implement safeguards within their systems and train employees on best practices, such as not downloading EXE files.
As a business owner, you realize the necessity of being competitive in a rapidly evolving industry. One method is to use technology to simplify your operations. The proper strategies and tools can boost productivity, cut expenses, and help you provide better customer service. A few strategies for achieving these objectives are: Automate repetitive tasks: Many IT activities, such as server configuration and software installation, are repetitive and time-consuming. These tasks may be handled by automation systems with little involvement from you, freeing up your time to concentrate on other crucial work. Scripts, macros, and integrations are just a few of the various automation solutions that may be tailored to your company’s needs. Use project management software: Managing a small IT firm requires managing several clients and projects simultaneously. You may access project management software from any device with an internet connection to keep track of tasks, deadlines, and resources. This will assist you in staying organized and fulfilling your obligations while also providing better teamwork and communication. Adopt cloud computing: There are several advantages to moving your company’s data and apps to the cloud. Thanks to cloud computing, you may access your data from any device with an internet connection, which can lessen the requirement for on-premises infrastructure and software. This can reduce the cost of maintenance and updates while also making it simpler to scale your business as it grows. By implementing these technologies, you can streamline your business’s operations and improve its efficiency. Automating repetitive tasks and using project management software can save you time and reduce the risk of mistakes. Another advantage is that adopting cloud computing can save you money and make it easier to scale your business. By taking advantage of these tools, you can better serve your clients and stay competitive in a rapidly changing industry.
Hackers are baiting their victims with stolen financial data in a clever phishing scheme. Over 400,000 data points, including identity numbers, names, phone numbers, and payment records, are used to persuade consumers to click on a malicious link. This link downloads a potent virus called BitRAT that can steal passwords, spy on users, and install crypto mining software. In order to spread the remote access trojan known as BitRAT, the new campaign utilized confidential data taken from a bank as bait in phishing emails convincing victims to download a suspicious Excel file. BitRAT is a well-known remote access trojan (RAT) sold on dark web markets and forums used by cybercriminals. Because it costs $20 for a lifetime membership, it attracts all sorts of hackers and promotes the propagation of harmful payloads. In addition, the fact that BitRAT can be utilized in a range of activities, including phishing attacks, trojanized software, and watering hole attacks, makes it much more difficult to block. Although the hacker group responsible for the campaign is currently unknown, it is believed that they used SQL injection flaws to compromise the IT network of a Colombian cooperative bank. This is a typical method used by hackers to trick a database into producing an error message so they may discover the layout of the database. The exposed information includes, among other things, ID numbers (national resident identity), phone numbers, email addresses, customer names, income information, payment history, and residences. There are no indications that the information has been posted on any forums. However, this does not mean that consumers should not worry. The threat actors could use the obtained data to carry out phishing attacks themselves. The exfiltrated bank data file also has a macro embedded that downloads a second-stage DLL payload programmed to fetch and run BitRAT on the infected host. According to Qualys researcher Akshat Pradhan, the infected file downloads BitRAT embedded payloads from GitHub to the %temp% directory via the WinHTTP library. The GitHub repository, established in the middle of November 2022, stores encoded BitRAT loader samples, which are later decoded and launched to finish the infection chains. It’s crucial for business owners to be aware of these types of threats. Businesses can take proactive measures to protect their systems and sensitive data. Training employees to recognize and avoid suspicious emails and links and ensuring all systems are kept up-to-date with the latest security patches are just a couple of ways business owners can reduce the risk of falling victim to cyber-attacks.