Artificial Intelligence (AI) is becoming a cybersecurity team’s best defense against hackers, reports suggest. Moreover, as we continue to progress with technology, the dependency on AI to help protect our personal and business technology is increasing. More and more businesses and cybersecurity companies are turning to artificial intelligence as a means of bolstering their defenses against cyber-attacks, and with ever-increasing positive results. According to Capgemini’s article, Reinventing Cybersecurity with Artificial Intelligence, artificial intelligence is becoming a necessary factor in a business cybersecurity defense. As much as 66% of cybersecurity firms believe that they would be unable to detect cyber-attacks without the assistance of their AI. As much as 75% of cybersecurity firms are beginning to test artificial intelligence. 60% believe that artificial intelligence has dramatically improved the accuracy and efficiency of cybersecurity technicians and analysists. With over half of all cybersecurity firms and businesses opting for AI for their cyber defense, artificial intelligence is not only becoming more sought after but also more dependable. With the globe becoming more dependent on technology each day, it should be no surprise that criminals would turn to technology as a means of exploiting and stealing from others. To protect your data, money, and sensitive information from criminals, ensure that your cybersecurity partner is using only the most advanced and up-to-date standards and practices. Hammett Technologies is well-versed in cybersecurity and can guarantee your information’s safety from hackers and criminals.
While the holidays are a time for family and celebrating, that does not mean that scammers won’t try to spoil all that holiday cheer! With each year, the threats online have only increased, and it has become such a large issue for unsuspecting consumers that the US Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has issued a statement, asking consumers to be more aware of their online surroundings; “…[CISA] encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online,” said CISA. Therefore, making sure you are knowledgeable in simple cybersecurity tactics can ensure that scammers and other malicious online threats cannot steal your holiday cheer! The Scammer’s Holiday Christmas time is fun for everyone, including the criminals, unfortunately. BleepingComputer reported on a scam last year that targeted Amazon shoppers! This online scam was designed to appear to be an Order Confirmation email telling the recipient that their order had shipped and to click for more details regarding the order From BleepingComputer If the recipient clicked “Order Details” a Word document would be downloaded, asking the user to “Enable Content”. If done, the document would execute code that would keylog and steal anything the user typed, stealing personal information! Making sure you are aware of your online surroundings is vital to making sure your personal information is not leaked online or stolen! Protecting Yourself Online The holiday season is the perfect time for scammers to take advantage of unsuspecting consumers. Many people who shop online are unaware of the risks and are unaware of the signs of a trap. Here are some helpful tips from CISA to make sure you stay safe online: Avoid clicking on suspicious emails and email attachments ( Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams). Use caution when shopping online (Shopping Safely Online). Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information. While each of these helpful tips are from CISA, if that is not enough to make you believe, Hammett Technologies also fully endorses each of these statements! Criminals will do whatever they can to steal your personal information over the holiday season. Therefore, remaining aware and cautious while you shop online will not only save you a lot of stress, it will save your money too! If you have any questions regarding anything above, please feel free to give us a call, or visit the What We Do page to learn more! We are happy to assist you, or your company, with all your cybersecurity needs!
Ransomware is one of the most dangerous computer viruses in the computer world today. It would not be surprising if many of you, regardless of your background knowledge of computers, have heard of ransomware to some extent. Perhaps it has been through the numerous cities that have been hit, or maybe it was because of the few schools that have begun to be targeted by this disastrous virus. With ransomware on the rise, more and more businesses are being targeted. In order to keep your business’s sensitive information safe, taking preventative measures immediately is the best course of action to ensure your computer systems are not held for ransom. Setting up your Defenses Running Backups One of the most important steps, one often disregarded by many businesses, is ensuring that all computer systems are backed up daily. In the event that your network becomes infected with ransomware, having backups of critical information systems and configurations can save millions of dollars in lost revenue. Educate and Reinforce Basic Cybersecurity Awareness Ransomware needs a human element in order to infect a computer system or network. Therefore, proper and regular training of staff on how to spot phishing emails and suspicious files is essential to a business’s overall cybersecurity. Ensure that staff understands “think before click” and the dangers of downloading attachments from unknown senders. Make sure staff are browsing safely as well and know how to spot fake websites. Fake websites can look strikingly similar to the real ones but often have variations in their URL, which give away their true identities. Make sure employees are suspicious of anyone on the phone or email asking for sensitive information. Always ensure you are communicating with a trusted individual before divulging sensitive information. Have a Plan in Place in the Event of an Attack Make sure a clear plan is established in the event an attack does occur. Ensure response plans outline how to request outside assistance from cyber first responders (state agencies, CISA, and MS-ISAC). Update and Patch Systems Regularly updating and patching computer systems not only keeps the systems running smoothly, but it also protects against viruses such as ransomware. Additional Resources Once all the above is completed, consider reviewing the following articles: MS-ISAC Security Primer – Ransomware CISA Tip Sheet on Ransomware NGA Disruption Response Planning Memo NASCIO Cyber Disruption Planning Guide Each article outlines further steps you can take to protect yourself from ransomware. A Trusted Defense If any of the above worries you, consider calling Hammett Technologies. We are a trusted IT company and are well versed in the dangers of all computer viruses, not just ransomware. We use only the latest technology to ensure your business’s safety, regularly backup all your systems, and train your staff on safety procedures when handling information online. When you partner with Hammett Technologies you do not become just a partner, you become a priority. If you want more information as to what we can do to assist your company, click here!
“Mass Logger,” a new keylogger on the market, has the potential to become extremely dangerous for businesses and individuals. Keyloggers are a type of malware, usually found within phishing campaigns, that store all information you type into your computer. These malicious programs can lead to many of your passwords becoming compromised. Why is This Key Logger so Dangerous? Mass Logger is different from other key loggers. The developer of Mass Logger is frequently updating this key logger to help it remain undetected through automated antivirus solutions. Furthermore, support from the developer allows other cybercriminals to assist with and make requests for the malware. Cofense Intelligence has already identified a phishing campaign hiding Mass Logger. Emails loaded with GuLoader, a popular malware delivery mechanism that downloads encrypted payloads hosted on legitimate file-sharing platforms is also being used to deliver Mass Logger. A New Kind of Keylogger Additions and features, such as the ability to spread itself through USB ports, set Mass Logger apart from other key loggers. Mass Logger is also able to search for specific file extensions and exfiltrate them. These “features,” and the key loggers continued support from its developer, could see Mass Logger being adopted by a large portion of cybercriminals. Defending Yourself from Mass Logger Defending yourself from malware is tiresome but a necessary task when online. Ensure that you are watching out for suspicious emails from unknown senders. Never open attachments from people you are unfamiliar with or do not know. Merely opening an infected attachment is all malicious programs need to begin infecting your system. Ensure that you trust the sites you are downloading programs from and that they are reputable. If you are worried about your company and want your employees to understand the importance of practicing cybersecurity daily, call Hammett Technologies. We are certified experts and will ensure your business runs at top speed without cutting corners on cybersecurity.
What should not come as much of a surprise to anyone, criminals are using COVID-19 as a jumping point for new scam call campaigns and phishing email attacks. These attacks have become so prevalent that the CDC has released a statement and some helpful tips on how to make sure your sensitive information stays safe. Phone Scams There are many apps and websites that allow people to disguise their phone number and identity. Phone scammers are using these apps and websites to make it appears as if their phone call is originating from within the CDC. Either through direct conversation or by leaving a voicemail, these scammers attempt to have you reveal sensitive information about yourself (credit card information, social security, etc.). These kinds of acts are considered “impersonation fraud” but are challenging to track down and pursue due to how they originate. To keep yourself safe, avoid picking up the phone when you do not recognize the number. If you do happen to pick up, do not reveal any sensitive information over the phone to someone you do not know, regardless of who they claim to be affiliated with. If you find yourself on the phone with someone to suspect to be a scammer, hang up on them immediately, block the number they called from, and report them to the Federal Communications Commission (FCC). Phishing Attacks Phishing emails are malicious emails created by cybercriminals in an attempt to steal your sensitive information. Phishing attacks have always been around, but with COVID-19, cybercriminals have a convincing means of scaring and persuading some people to either give out confidential information or access their machine by clicking malicious links. Phishing emails, similar to the scam phone calls, are disguising themselves as emails sent from the CDC. These emails contain attachments regarding infection-prevention measures. These attachments are usually embedded with viruses that can steal your information and track your online browsing. Protecting yourself from phishing attacks in simple but must be continuously practiced when online. Here are a few safety tips: Never open emails from someone you do not know Be careful when obtaining information regarding COVID-19 from third parties. Go directly to the government website for official updates and safety tips. If links are embedding within the email, hover over them before clicking on them to see where they will take you. If the email comes from someone you do not know, do not open attachments. Never provide sensitive information over email, to anyone. Staying Safe; Online and Offline Coronavirus has caused Americans many issues regarding work and general health safety. Unfortunately, people out there have sought to take advantage of this situation and cause more havoc. We hope that this information finds you and your data safe and well during these trying times. If you have any questions or concerns, give us a call! We are happy to assist!
Windows and Linux users are once again the targets of a new string of ransomware: Tycoon. First discovered in 2019, the new strain of ransomware was created to attack educational institutes and software industries. Once inside, Tycoon proceeds to encrypt file servers, demanding a ransom for decryption. What makes this ransomware different from its predecessors is its use of code to help disguise its presence on networks. Uncovering Tycoon Ransomware Discovered by researchers and security analysts at Blackberry and KPMG, Tycoon is quite unusual compared to other ransomware. Utilizing Java, Tycoon deploys using Java Runtime Environment (JRE) and compiles itself into a Java image file (Jimage) to hide its malicious payload. What Tycoon Does The ransomware infiltrates a network using unsecured internet-facing remote desktop protocol (RDP) servers. When the system is compromised, antivirus solutions are rendered useless due to Tycoon’s ability to elevate its privileges and disable them. Once executed, Tycoon ransomware encrypts all files connected with the network, adding filename extensions such as .redrum, .grinch, and .thanos. Like other ransomware, once all files are encrypted, users are prompted to pay a ransom (in the form of bitcoin) to obtain their data back safely. Staying Safe RDP is a common way for many malicious attack campaigns to infiltrate networks. Ports should only face outward towards the internet for extreme cases, and users accessing these ports should have strong, unique passwords. Regularly updating your system’s security is another good way to ensure your network remains safe. Regularly backing up your network and storing those backups offsite or off the network is another crucial step to take. Should the worst case scenario happen, a backup will save you time and money. Worried your network may be compromised or at risk to attackers? Wondering when the last time you backed up your network was? Hammett Technologies can take care of all your business’s technological needs without the headache. Give us a call and secure your data today!
After the death of Iran’s General Qassem Solelmani, the United States may end up dealing with some serious cyber-attacks. Since 1984, the United States has recognized Iran as a nation that supports terrorism and terrorist organizations, which has led to previous conflicts between the two nations. However, after the recent assassination of General Qassem Solelmani, the United States may face fierce retaliation. We have already seen government sites become hacked and defaced with Pro-Iran propaganda. Therefore, while we are unsure which shape their “revenge” will take, it is important that all US citizens prepare for all aspects, especially cyber. The Department of Homeland Security has issued the following statement urging US citizens to be cautious when browsing online over the next couple of weeks. Many of us are aware of the basics when it comes to browsing online safely, but it is important to review. Be cautious of suspicious emails It is better to be safe than sorry. Do not download any attachments, or click any links, from emails unless you are 100% certain the email originated from a trusted sender. Be aware of suspicious websites If a website seems off or is asking for your credentials where it has not before, close the browser and attempt to navigate to the proper website. Fraudulent banking websites are extremely common and usually appear due to simple typos. For businesses, make sure your cybersecurity team has your network locked down and protected against cyber-attacks. It is extremely important that one’s network is protected at all times. This is especially important if you are a business that transports customer confidential data or uses credit card transactions. If you are worried that your business’s network may be easily accessible by criminals, do not hesitate to reach out to Hammett Technologies. With over 20 years of IT and Cybersecurity experience we will help identify flaws that allow attackers to enter your network ensuring your network is protected. Our team will ensure your company’s and customer’s data is secure and encrypted, without interrupting the day to day processes. Contact us today and figure out why we are the #1 growing MSP in Maryland!
With the holidays fast approaching, everyone is looking for a way to make a few extra dollars. However, some of us are doing it in a less than legal way, making the holidays tougher for others. Dexphot has been on a crime spree as of late, infecting upwards of 80,000 computers with cryptocurrency miners. The good news is that its crime spree, since 2018, has begun to decline. What is Dexphot? Considered to be unnecessarily complex for its task, Dexphot is a malware strain that uses your machine to mine for cryptocurrency. Its complexity lies within its ability to hide from security solutions. According to Microsoft, Dexphot uses “obfuscation, encryption and the use of randomized file names [to hide] the installation process.” As well as being designed to “fly under the radar”, through hijacking legitimate system processes, Dexphot was also designed to reinstall itself, should its location within the victim’s machine become compromised. How Dexphot Spreads Microsoft describes Dexphot as a second-stage payload – a type of malware that is dropped on systems already infected with other malware. The most common of these malware strains which assist Dexphot’s ability to spread was ICLoader, “a malware strain that’s usually side-installed as part of software bundles, without the user’s knowledge, or when users download and install cracked or pirated software,” says ZDnet.com. Once infected with ICLoader, Dexphot would then be remotely installed on the victim’s computer, further compromising the machine. Once inside, Dexphot would use legitimate Windows system processes to avoid detection from antivirus solutions. But that is not the only ace Dexphot has up its sleeve. Through a technique called polymorphism, Dexphot would be able to change used file names and URLs in regular intervals, making it extremely hard for traditional antivirus solutions to lock onto the virus. Another sneaky technique used by Dexphot was its ability to reinstall itself on the victim’s machine. Not only did this serve as a safeguard to avoid deletion, but it also means that the attackers could update the malware and have the updated version automatically installed on the victim’s machine, helping to further its ability to avoid detection. How to Stay Safe From Cryptocurrency Miners As unfortunate as it is, malware like Dexphot is more common then you may think. Cryptocurrency miners are a common malware cybercriminals install on machines so that they can generate revenue. These kinds of malware work in the background, generating revenue while you use your computer. Thankfully, there is hope when it comes to Dexphot. Microsoft, through their Microsoft Defender Advanced Threat Protection, is able to detect and stop viruses like Dexphot before they become an issue. As always, if you are worried about your company’s virus protection contact Hammett Technologies. We ensure all your technology needs are met. If you have any questions regarding anything above, please feel free to give us a call. We are happy to assist you, or your company, with all your cybersecurity needs! To learn more about what we can do to assist your company, visit our What We Do page!
Pitney Bowes, the e-commerce and tech-shipping company, has suffered a ransomware attack. On October 14th, the company disclosed that they were victims of a malware attack that resulted in the encryption of information systems and disabled customer access to some services. As of now, Pitney Bowes has confirmed that it is working with third-party security experts and consultants. However, the identity of these experts is still unknown. The company has also disclosed that, as of now, it does not appear that customer data or any other sensitive information had been accessed. While this is reassuring, it is important to air on the side of caution. Ransomware attacks are not known to be a form of heckling someone. Pitney Bowes has yet to disclose whether the attack was directed at a certain employee, or if it was transported to them through a third-party service provider. Furthermore, it is unknown if the company’s MSP was monitoring the security network before the attack occurred. We expect to learn more information and will keep you apprised of the situation as the story develops. What’s Next? If you believe you were affected by this attack, we recommend following the developments on Pitney Bowes’s Twitter as well as there webpage that is posting live updates of the situation as it develops. The company has stated that it plans on keeping its users as up-to-date on the situation as possible. It is important that you, as a business owner, trust your MSP to monitor your network and keep your customer’s and employee’s sensitive information out of the hands of criminals. Hammett Technologies has proven time and time again that we are able to handle ourselves in the event of a crisis and secure all sensitive information before it falls into the hands of thieves. To learn more about what we do, visit the What We Do page, or give us a call today!
New ransomware, Nemty, has been discovered according to the report from BleepingComputer. Nemty, as security researchers are calling it, has the possibility to spread using compromised Remote Desktop Protocol (RDP) connections. Nemty, like all other ransomware, holds the victim’s files hostage, deleting all shadow versions of the files while disabling the victim from any attempted recovery options. Payment is then required via bitcoins, which average about $1,000. Those infected will be prompted with this message: Unfortunately, being so new, a known fix is not available, but security researchers are working diligently to find a fix. While RDP is suspected to be the method of distribution for the ransomware, researchers have not yet confirmed this finding. Most ransomware is distributed through phishing emails. If RDP is the method of distribution, confirming hackers have gained higher access to the machine, cutting out the middleman, and giving them full control of the computer. If you would like to find out more about how Hammett Technologies can keep your company safe, click here!
- 1
- 2