Recently, there was a rise in cybercrime related to the closing of Silicon Valley Bank (SVB). Threat actors go after businesses and sometimes use them in their illegal activities. SVB was the 16th largest bank in the U.S. The bank worked with tech giants like Buzzfeed, Roblox, and Roku. However, global inflation and a deposit run caused regulators to close the bank on Friday, March 10, 2023. Hackers are using SVB-related content to manipulate people’s emotions. Analysts are finding more phishing attacks connected to the SVB closure, and new threats appear daily. How Hackers Set Up SVB-related Attacks Cybercriminals started buying fake SVB domains shortly after SVB closed. This is how they set up their SVB-related attacks. The attackers then made and tested phishing flows before starting their campaigns. More than 62 new domains were set up for SVB-related attacks, and there were 200 phishing scams, most of which targeted businesses in the U.S. The public response helped hackers Unfortunately, the public’s response to the SVB crisis may have unwittingly aided cybercriminals. Attackers used websites that listed affected SVB customers to find targets. Also, emails from companies switching to new banks can look like phishing emails, which can cause confusion and increase the risks. Getting Ready for the Wave of SVB Fraud To counter SVB-related attacks and protect your business, you should: 1. Raise employee awareness about phishing and cyber threats. 2. Provide regular security training. 3. Implement email security solutions with anti-phishing features. 4. Use multi-factor authentication. 5. Keep software updated to prevent vulnerabilities. 6. Encourage strong, unique passwords and start using password managers. 7. Monitor the company’s online presence for fake domains or websites. 8. Develop and maintain an incident response plan. 9. Periodically review and update security processes. 10. Collaborate with cybersecurity experts for audits and vulnerability assessments. The recent failure of SVB has given cybercriminals a chance to take advantage of businesses and individuals. To protect yourself from SVB-related attacks and other cyber threats, you need to put cybersecurity at the top of your list of priorities. You can shield your company from these attacks by being proactive, improving security infrastructure, and using your resources wisely.
The United States government is alerting organizations about the Royal ransomware operation. The Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) said in a joint advisory that the Royal ransomware gang poses an increasing threat to the critical infrastructure of numerous sectors in the U.S. The Royal ransomware group has been targeting different sectors across the country and abroad. Among its victims are health care, education, communications, and manufacturing organizations. How the Royal Ransomware Gang Operates According to the FBI and CISA, Royal actors use phishing links to access an organization’s network. These links carry a malware downloader. The cyber threat actors then disable the network’s antivirus software, extract large amounts of data, and encrypt systems. Other than phishing links, the Royal ransomware gang also uses these other tools to get into an organization’s network, including: Remote desktop protocol (RDP) Initial access brokers The exploitation of public-facing applications Royal Ransomware Made Rounds Since 2022 The Royal ransomware gang first made rounds in early 2022. It used third-party ransomware like Zeon when it started. But it has since created its own ransomware and has been using it since September. It also uses other malicious tools to gather information and keep victims from restoring their data. In December, the U.S. Department of Health and Human Services announced that Royal ransomware targeted the healthcare sector. Royal’s leak page on the dark web listed two healthcare service providers as victims. Royal actors had also made ransom demands in Bitcoin. These demands range between $1 million and $11 million. The ransom notes do not state ransom amounts and payment details. But these contain instructions on how to contact the group. Royal Gang Is a Group of Experienced Cybercriminals Security experts believe that experienced cybercriminals make up the Royal ransomware gang. These cyber threat actors have worked together in previous operations. Cyber security experts noted similarities between the Royal operation and Conti – a Russian hacking enterprise. Conti disbanded in June 2022, giving rise to several cybercriminal groups. These groups applied the same phishing technique that the Royal gang now uses to deploy its ransomware. Organizations Should Have a Data Recovery Plan in Place The U.S. government advises businesses and organizations to have a data recovery plan in place. This plan ensures that organizations won’t lose their data in case Royal ransomware infiltrates their systems. Additionally, organizations can continue their operations in case of a ransomware attack. A recovery plan includes: maintaining multiple backups of data implementing multi-factor authentication securing accounts with unique and strong passwords using monitoring tools to detect suspicious activity in their network implementing network segmentation updating all software and operating systems auditing all accounts disabling unused services The Bottom Line: Businesses Should Be Ready for Ransomware Attacks Businesses and organizations could lose all their data, including customers’ personal information, from a ransomware attack. And this could incapacitate their business or at least disrupt operations. Their customers would also lose trust and confidence in them. As such, businesses and organizations should prepare themselves for possible cyberattacks. It is not enough to put measures in place to prevent it. They should also have a contingency plan in case they fall victim to a cybercrime.
Microsoft has decided to retire its MS Teams Free (classic) app. Released in 2017, MS Teams is a communication platform where users chat and call each other over the internet. While the primary concept is nothing new, the innovation comes with bells and whistles included. It is geared towards being a collaboration platform. The product is available in both paid and free versions. The company has recently announced it would be retiring the free version. When Is the MS Teams Free (Classic) Version Retiring? Microsoft is set to retire the MS Teams Free (classic) version on April 12, 2023. The app will no longer be available, and data will be erased. That means organizations using the program need a transition plan right now. What Should You Do? Organizations using MS Teams Free (classic) have several options to switch. The first and understandably most promoted option by Microsoft is upgrading your Teams plan. There are two paid versions available: Teams Essentials Microsoft 365 Business Basic Essentials is a straightforward option. It allows you to keep all your files, chats, teams, and meetings in one cloud storage. On top of that, you get 300 participants per meeting, 10 GB storage per user, and unlimited group meetings up to 30 hours long. Who meets for 30 hours straight? We do not want to be the ones to know. This upgrade costs $4 per user per month. The retirement of MS Teams Free could be an opportunity for your organization to switch to the MS 365 Business Basic. It is a complete productivity suite built for small to medium-sized businesses. At $6 per user per month, you get access to everything mentioned above, plus the following: Recordings with transcript MS 365 productivity apps like Word and Excel Manage customer appointments 1 TB cloud storage per user If your organization is not ready to invest in paid productivity platforms yet, you still have the option to download and use the new Microsoft Teams Free app. Yes, they will retain a free version, offering: Unlimited group meetings for up to an hour Up to a hundred participants 5 GB cloud storage per user The caveat is that it will use a new account. That means whatever data you have saved on your classic Teams would not be transferred to the new one.Whatever you choose, it is wise to start downloading and backing up all the data on your classic Teams after reading this part. If you are interested in alternatives to MS Teams, read on. Microsoft Teams Alternatives We would be remiss to discuss MS Teams alternatives without mentioning Zoom. It is a communication platform for chats and calls. Key features include meeting recording, instant messaging during video calls, and cloud phone solutions. It can link with your Google Calendar, too. If you are interested in Google products, their Meet platform integrates with other systems like Gmail, Calendar, and more. It is a web-based platform, meaning you can use it on any modern browser. Now, do not forget to back up your Teams data.
Hackers are baiting their victims with stolen financial data in a clever phishing scheme. Over 400,000 data points, including identity numbers, names, phone numbers, and payment records, are used to persuade consumers to click on a malicious link. This link downloads a potent virus called BitRAT that can steal passwords, spy on users, and install crypto mining software. In order to spread the remote access trojan known as BitRAT, the new campaign utilized confidential data taken from a bank as bait in phishing emails convincing victims to download a suspicious Excel file. BitRAT is a well-known remote access trojan (RAT) sold on dark web markets and forums used by cybercriminals. Because it costs $20 for a lifetime membership, it attracts all sorts of hackers and promotes the propagation of harmful payloads. In addition, the fact that BitRAT can be utilized in a range of activities, including phishing attacks, trojanized software, and watering hole attacks, makes it much more difficult to block. Although the hacker group responsible for the campaign is currently unknown, it is believed that they used SQL injection flaws to compromise the IT network of a Colombian cooperative bank. This is a typical method used by hackers to trick a database into producing an error message so they may discover the layout of the database. The exposed information includes, among other things, ID numbers (national resident identity), phone numbers, email addresses, customer names, income information, payment history, and residences. There are no indications that the information has been posted on any forums. However, this does not mean that consumers should not worry. The threat actors could use the obtained data to carry out phishing attacks themselves. The exfiltrated bank data file also has a macro embedded that downloads a second-stage DLL payload programmed to fetch and run BitRAT on the infected host. According to Qualys researcher Akshat Pradhan, the infected file downloads BitRAT embedded payloads from GitHub to the %temp% directory via the WinHTTP library. The GitHub repository, established in the middle of November 2022, stores encoded BitRAT loader samples, which are later decoded and launched to finish the infection chains. It’s crucial for business owners to be aware of these types of threats. Businesses can take proactive measures to protect their systems and sensitive data. Training employees to recognize and avoid suspicious emails and links and ensuring all systems are kept up-to-date with the latest security patches are just a couple of ways business owners can reduce the risk of falling victim to cyber-attacks.
Do you ever fell like your IT company doesn’t tell you everything you deserve to know?
Sunair Awnings is a family-owned sun product company based in Jessup, MD. They were originally founded in 1880, and are proudly American manufactured – a rarity this day and age.
Think your email archiving problems are solved with office 365? think again..
Cloud Server vs. In-house. Which is the best solution? Which will cost you less in the long run? These are questions that small-and medium-sized business owners have been asking themselves for several years now.
Many Business owners believe using cloud-based or onsite email means there’s no need to archive message because that’s already handled have – allowing you to rest assured knowing.
Email is the Single most important service to businesses today. The average users spends an hour and 7 minutes per day using mail.