What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-12-04 14:00:00 | Is Cybersecurity Insurance on Your Holiday Shopping List? (lien direct) |
Three simple steps to protecting your small business
Continued news reports of large-scale data breaches and the steady increase of cyber fraud like spam calls, identity fraud and unauthorized account access should be enough to scare anyone. So-called nation-state hackers attempting to infiltrate government entities and universities, massive data breaches, and new Ransomware threats are constantly in the headlines. So why doesn’t this encourage more small business owners to take cybersecurity more seriously?
Many small businesses are currently going digital and moving data, applications and services to the cloud. In fact, the most innovative small businesses have embraced digital transformation as an integral part of their growth plans. This evolution makes their business more vulnerable to a lurking hacker. And perhaps too trustingly, many small business owners think that because of their size, they are not a target. Hackers don’t discriminate. Malware doesn’t discriminate. Everyone is a target, and in fact, hackers see the data that small businesses have as a gateway to attacking larger businesses. And Malware essentially looks for open doors (i.e. unpatched machines) to infect.
As we look to the start of a new year, there is no better time to assess your business’s cybersecurity posture – or in some cases start from scratch – to ensure you are prepared and can respond to cyberattacks. Here are a few affordable and simple recommendations that can improve your cybersecurity posture and help protect your business from the inevitability of a cyberattack in 2019:
Stay Aware: The simplest thing you can do is to stay current on trends and threats affecting small businesses. We’ve seen unprecedented levels of attacks on small business in 2018, especially with Ransomware (where your device is essentially taken hostage for a fee). It’s essential to understand the types of attacks that could put your business at risk as well as the current cybersecurity landscape. Visit AT&T Cyber Aware for the latest news, information to report fraud associated with your AT&T Business account.
Hire a consultant: A consultant can take a holistic look at your business, identify the gaps and help you understand how to improve your cybersecurity posture. While some see consultants as an added expense, their role is essential for small businesses that don’t have an IT or cybersecurity expert on staff. A consultant can help you develop and implement a plan for monitoring for threats, incident response and remediation that’s within your budget.
Buy Cyber Insurance: Cybersecurity insurance isn’t new. Large enterprises have had a cybersecurity insurance policy in place for decades now. However, 2019 is going to be the first year that it’s accessible and affordable to businesses of all sizes. For AT&T Business customers, this is made possible through policies, underwritten by CNA, with Lockton Affinity serving as the insurance broker.
A recent Ponemon Institute Report found that in 2017, cyberattacks cost small and medium-sized businesses an average of $2,235,000. That’s a staggering number that will only continue to increase as hackers become more sophisticated and continue to target the most vulnerable.
My advice to |
Ransomware Spam Malware | ||
 |
2018-12-03 19:47:04 | Printeradvertising.com Spam Service Claims It Can Print Anywhere (lien direct) | In order to prevent this type of mischief, network enabled printers should never be connected to the Internet. Allowing them to do so only allows malicious actors to send any type of print document to your network, including pornography that could land you in trouble. [...] | Spam | ||
 |
2018-12-03 17:30:00 | New online service will hack printers to spew out spam (lien direct) | PewDiePie hack has spawned a new web service over the weekend: Printer-Spam-as-a-Service. | Spam Hack | ||
 |
2018-11-23 13:12:00 | Black Friday special by Emotet: Filling inboxes with infected XML macros (lien direct) | Emotet starts another massive spam campaign just as Black Friday begins to pick up steam | Spam | ||
 |
2018-11-21 19:15:00 | FCC Addresses Robocalling – But Questions Remain (lien direct) | The FCC will consider a proposal to combat robocalls and text spam in December. | Spam | ||
 |
2018-11-20 13:26:01 | Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign (lien direct) | Security researchers at F-Secure have recently uncovered a small spam campaign aimed at delivering spyware to Mac users that use Exodus wallet. Security experts at F-Secure have recently spotted a small spam campaign aimed at Mac users that use Exodus cryptocurrency wallet. The campaign leverages Exodus-themed phishing messages using an attachment named “Exodus-MacOS-1.64.1-update.zip.” The messages were […] | Spam | ||
|
2018-11-19 14:00:00 | Is the Internet of Things Threatening Your Company\'s Security? (lien direct) |
The internet of things (IoT) is changing nearly every industry. Smart devices that can collect and process data, and even make decisions based on that data, though artificial intelligence promises to disrupt business as we know it for years to come.
However, there are some legitimate concerns. The more connected devices your company has, the more potential vulnerabilities are out there. As business owners we want to be able to access the data we collect through the IoT, but we also need to be able to protect that data, and we bear the responsibility for keeping that data secure.
This, like many areas of business, is a time for brutal honesty. If you have vulnerabilities, you need to fix them. You don’t want to be part of the headlines about companies who acted too late or not at all. Your security must adapt to the IoT, and it needs to do so now.
Is the internet of things threatening your company’s security? There are a few questions you will need to ask yourself and your IT department to truly determine the answer:
How do I know?
Most experts agree that the weakness in any network is the devices that make up the IoT. For example, if you have smart light bulbs in your home, they are likely controlled by a hub which not only provides you with more flexibility in controlling them, but also provides security so they do not become a weak point in your network.
This is why an intrusion detection system (IDS) is so important. Technologies from companies like AlienVault allow you to monitor for threats and even give you advice on how to prevent harm from them. Remember there is more than one area of vulnerability in any system. Cloud-based IDS, network IDS, and host-based IDS, along with file integrity management systems, are all essential parts of your strategy.
These alerts tell you there is an attack and can even reveal threats to you, which allows you to put remediation and prevention strategies in place. But what are the threats you should be aware of?
What are the threats?
Why don’t we have houses that are completely smart and controlled by IoT devices? What about our cars? Part of the reason is that a hacker with the right tools could potentially take over control of a house or even a connected car from the owner or driver. For example, the Bangladesh National Bank lost $81 million due to an IoT-based attack.
What are these types of attacks? There are actually several, and they mirror other types of cyberattacks.
Distributed Denial of Service (DDoS): Chrysler/Jeep was vulnerable to this type of attack. Essentially, control of devices or a system is taken by a hacker. Sometimes this comes with ransomware, where the owner or user has to pay to get that control back.
Malware: IoT devices can be used by an attacker to spread malware, sometimes to more than one devic |
Spam Tool Vulnerability | LastPass | |
|
2018-11-09 14:11:00 | Emotet launches major new spam campaign (lien direct) | The recent spike in Emotet activity shows that it remains an active threat | Spam Threat | ||
|
2018-11-09 07:56:03 | BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers (lien direct) | Security researchers at 360 Netlab have discovered a new spam botnet, dubbed BCMPUPnP_Hunter, that likely already infected around 400,000 machines to date. Security experts from 360 Netlab security firm have recently discovered a new spam botnet, dubbed BCMPUPnP_Hunter, that mainly targets routers that have the BroadCom UPnP feature enabled. The BCMPUPnP_Hunter was first spotted in September, but researchers […] | Spam | ||
 |
2018-11-08 18:25:03 | New Spam Botnet Likely Infected 400,000 Devices (lien direct) | A newly discovered botnet that appears designed to send spam emails likely infected around 400,000 machines to date, 360 Netlab security researchers warn. | Spam | ||
|
2018-11-07 16:07:00 | IoT botnet infects 100,000 routers to send Hotmail, Outlook, and Yahoo spam (lien direct) | Botnet infects routers and uses them to relay connections to webmail services. | Spam | Yahoo | |
 |
2018-11-02 17:56:04 | Spam campaign targets Exodus Mac Users (lien direct) | We've seen a small spam campaign that attempts to target Mac users that use Exodus, a multi-cryptocurrency wallet. The theme of the email focuses mainly on Exodus. The attachment was “Exodus-MacOS-1.64.1-update.zip” and the sender domain was “update-exodus[.]io”, suggesting that it wanted to associate itself to the organization. It was trying to deliver a fake Exodus […] | Spam | ||
|
2018-10-30 05:58:04 | Compression File Formats of the past Come Haunting in Spam Campaigns (lien direct) | Some ancient filetypes are making a comeback due to unwanted attention from cybercriminals looking for more effective ways to hide malware distributed through spam campaigns. [...] | Spam Malware | ||
 |
2018-10-15 17:40:05 | (Déjà vu) Cryptojacking : la France sur le podium des pays les plus ciblés au 1er semestre 2018 (lien direct) | Un nouveau rapport montre que les attaques par ransomware ont diminué au premier semestre 2018. La sécurité des systèmes et le renforcement des technologies antivirus expliquent cette baisse, obligeant les pirates à se tourner vers le spam et le cryptojacking. Cryptojacking : la France sur le podium des pays les plus ciblés au premier semestre […] L'article Cryptojacking : la France sur le podium des pays les plus ciblés au 1er semestre 2018 est apparu en premier sur Data Security Breach. | Ransomware Spam | ||
 |
2018-10-15 14:30:01 | Fake Accounts And Political Spam (lien direct) | Preparing for the upcoming midterm elections, Facebook has removed 800 fake accounts and pages of bogus political ads. The company is cracking down on fake ads and other pages where spammers try to drive consumers to ad farms with authentic looking content. Chris Olson, CEO at The Media Trust: “Facebook’s efforts to purge fake accounts is … The ISBuzz Post: This Post Fake Accounts And Political Spam | Spam | ||
|
2018-10-11 19:10:02 | Facebook Purges 251 Accounts to Thwart Deception (lien direct) | Facebook on Thursday said it shut down 251 accounts for breaking rules against spam and coordinated deceit, some of it by ad farms pretending to be forums for political debate. The move came as the leading social network strives to prevent the platform from being used to sow division and spread misinformation ahead of US elections in November. | Spam Guideline | ★★★★ | |
 |
2018-10-11 12:04:00 | La France sur le podium des pays les plus ciblés au premier semestre 2018 (lien direct) |  Le nouveau rapport de F-Secure montre que les attaques par ransomware ont diminué au premier semestre 2018. La sécurité des systèmes et le renforcement des technologies antivirus expliquent cette baisse, obligeant les pirates à se tourner vers le spam et le cryptojacking. Dans son nouveau rapport basé sur le premier semestre 2018, F-Secure observe d'importants changements […] |
Ransomware Spam | ||
 |
2018-10-10 14:05:02 | The Many Faces of Necurs: How the Botnet Spewed Millions of Spam Emails for Cyber Extortion (lien direct) | >IBM X-Force researchers observed the Necurs botnet spewing millions of spam emails from more than 30,000 malicious IPs to extort bitcoin from victims who may or may not have viewed adult content. | Spam | ||
 |
2018-10-08 16:39:03 | Avoid these Doctor Who Series 11 scams (lien direct) |
Doctor Who Series 11 is upon us, and so too are the dubious streams and links promising fresh content. We take a look at what's currently on offer, separating the spam from the timey-wimey wibbly wobbly.
Categories:
Cybercrime
Social engineering
Tags: bestv(dot)onlinedoctor whomoviessign upstreamingyoutube
(Read more...)
|
Spam | ||
|
2018-10-02 20:30:01 | Browser Spam (lien direct) | Scam websites luring users to browser notification spam are becoming a popular method to promote unwanted extensions, fake software, adware bundles and more. Chris Olson, CEO at The Media Trust: “Domain spoofing shows no sign of abating in programmatic advertising. They can quickly make the leap from annoying to malicious. If anything, it’s a growing … The ISBuzz Post: This Post Browser Spam | Spam | ||
|
2018-09-30 14:38:03 | Sites Trick Users Into Subscribing to Browser Notification Spam (lien direct) | Sites that try to trick users into subscribing to browser notification spam are increasingly becoming a method used to promote unwanted extensions, fake software, adware bundles, adult sites, and scam sites. [...] | Spam | ★★★★★ | |
|
2018-09-24 17:13:04 | Adwind RAT Scurries By AV Software With New DDE Variant (lien direct) | The spam campaign mostly targets victims in Turkey and Germany. | Spam | ||
|
2018-09-24 08:00:02 | Adwind Trojan circumvents antivirus software to infect your PC (lien direct) | A spam campaign spreading the RAT uses a number of tricks to fool signature-based antivirus solutions. | Spam | ★★ | |
|
2018-09-23 08:43:00 | New Virobot malware combines ransomware and botnet capabilities (lien direct) | Security experts from Trend Micro discovered a new malware tracked as Virobot that combines ransomware and botnet capabilities. Virobot encrypts files on infected machines and is also implements spam botnet abilities and leverages it target other systems. Virobot was first spotted on September 17, 2018, experts pointed out that it is not associated with any known ransomware […] | Ransomware Spam Malware | ||
|
2018-09-21 22:55:01 | Emotet on the rise with heavy spam campaign (lien direct) |
Over the last few days, we've noticed a large increase in malicious spam spreading Emotet, as well as a higher number of detections from our customers. Looks like we're in the middle of an active Emotet campaign.
Categories:
Cybercrime
Malware
Tags: campaignemotetEternalBluemalicious documentsmalicious spamthreat statisticstrickbotWannaCry
(Read more...)
|
Spam | Wannacry | |
|
2018-09-21 15:55:00 | New Virobot ransomware will also log keystrokes, add PC to a spam botnet (lien direct) | Virobot will use locally installed Outlook instances to spam other users and spread a copy of itself. | Ransomware Spam | ||
|
2018-09-19 15:00:04 | A month of giveaway spam on Twitter (lien direct) |
We've observed a low level spam campaign working its way through Twitter, with just under 2,000 posts visible on public search since September 1. What're they trying to sell this time? Some CBD oil!
Categories:
Cybercrime
Privacy
Tags: free CBD oilgiveaway spaminvitespamtweetstwitter
(Read more...)
|
Spam | ||
 |
2018-09-17 12:36:01 | Top 5 ways to block spam calls (lien direct) | Those annoying spam calls are on the rise, but TechRepublic's Tom Merritt has 5 solutions | Spam | ||
 |
2018-09-11 11:28:00 | Ransomware campaign targets businesses with fake invoice message (lien direct) | A concentrated spam campaign pushing ransomware is targeting businesses in Europe, encrypting files and demanding victims pay a ransom in order to retrieve them. View full story ORIGINAL SOURCE: ZDNet | Ransomware Spam | ||
 |
2018-09-06 10:24:04 | NEW TECH: Critical Start applies \'zero-trust\' security model to managed security services (lien direct) | All companies today are exposed to intense cyber-attacks. And yet the vast majority simply do not have the capability to effectively defend their networks. That's where managed security services providers, or MSSPs, come in. MSSPs monitor and manage cybersecurity systems as a contracted service. This can include spam filtering, malware detection, firewalls upkeep, vulnerability management […] | Spam Malware Vulnerability | ★★★★★ | |
|
2018-09-05 12:26:02 | Threat Actors Peddling Weaponized IQY Files Via Necurs Botnet (lien direct) | >Threat actors have taken a liking to IQY files, which are foreign to most users and appear benign to many spam filters. | Spam Threat | ||
|
2018-09-02 07:28:02 | Kaspersky warns of a new Loki Bot campaign target corporate mailboxes (lien direct) | Security experts from Kaspersky Lab have uncovered a new spam campaign leveraging the Loki Bot malware to target corporate mailboxes. The Loki Bot attacks started in July and aimed at stealing passwords from browsers, messaging applications, mail and FTP clients, and cryptocurrency wallets Loki Bot operators employ various social engineering technique to trick victims into opening weaponized attachments that […] | Spam Malware | ||
|
2018-08-30 13:53:02 | Loki Bot Attacks Target Corporate Mailboxes (lien direct) | Loki Bot's operators have been targeting corporate mailboxes with their spam messages, Kaspersky Lab reports. | Spam | ||
|
2018-08-29 19:07:03 | The Expected Spike in Post-GDPR Spam Activity Hasn\'t Happened (lien direct) | For many months it was expected that privacy protections afforded to consumers by GDPR would also benefit the bad guys. | Spam | ||
|
2018-08-29 10:10:02 | GDPR hasn\'t sparked rise in spam – so far (lien direct) | The arrival of the http://www.itpro.co.uk/it-legislation/27814/what-is-gdpr-everything-you-need-to-know has not caused spam to increase, despite experts predicting otherwise following the introduction of the EU law, research by Recorded Future has revealed. View full story ORIGINAL SOURCE: IT PRO | Spam | ||
|
2018-08-20 13:35:02 | Necurs Campaign Targets Banks (lien direct) | A recently observed spam campaign powered by the infamous | Spam | ||
|
2018-08-20 13:01:00 | Beware of Spam with Fake Invoices Pushing Hermes 2.1 Ransomware and AZORult (lien direct) | A malspam campaign is underway that pretends to be an invoice for an outstanding payment. When these invoices are opened they install the AZORult information stealing Trojan and the Hermes 2.1 Ransomware onto the recipient's computer. [...] | Ransomware Spam | ||
 |
2018-08-20 11:27:03 | Spam Campaign Targeting South Korean Users With GandCrab v4.3 Ransomware (lien direct) | A group of digital attackers are staging a spam email campaign to target South Korean users with GandCrab v4.3 ransomware. On 7 August, researchers at Trend Micro first came across instances of the spam campaign. The attack emails arrived under the guise of an online business violation. The messages themselves used Hangul, an alphabet system […]… Read More | Ransomware Spam | ||
|
2018-08-17 14:08:02 | Necurs botnet launches fresh assault against banks (lien direct) | The spam botnet has been harnessed in order to compromise close to 3,000 financial institutions. | Spam | ||
|
2018-08-17 10:34:00 | Necurs Botnet Pushing New Marap Malware (lien direct) | Security researchers from Proofpoint have discovered a new malware strain that they named Marap and which is currently distributed via massive waves of spam emails carrying malicious attachments (malspam). View full story ORIGINAL SOURCE: Bleeping Computer | Spam Malware | ||
|
2018-08-16 11:13:01 | Google expands bug bounty program to include fraud protection bypass, free purchases (lien direct) | External attack vectors and techniques which bypass spam and fraud systems are now part of the program. | Spam | ||
|
2018-08-15 11:56:04 | Link – What happens when you reply to spam email (Veitch) (lien direct) | >There are people who enjoy messing with scammers by replying to scam, or implementing the Jolly Roger Telephone company. While its a few years old, I just watched a couple of James Veitch Ted Talks on what happens when you reply to spam email. Its hilarious. | Spam | ||
|
2018-08-03 10:48:01 | Hacking group combines spear-phishing with mass malware campaign (lien direct) | A hacking group is attempting to carry out targeted attacks against nation states while at the same time using the same infrastructure to carry out spam campaigns with the intention of delivering malware. Active since at least February 2018, the attackers are using phishing attacks to target governmental organizations of the UK, Spain, Russia, and ... | Spam Malware | ||
|
2018-08-01 01:15:00 | Just Five File Types Make Up 85% of All Spam Malicious Attachments (lien direct) | Despite a lone report claiming that online piracy is the primary source of malware, spam still reigns supreme as today's main infection vector and the go-to tool of online criminals, according to a report published yesterday by Finnish cyber-security firm F-Secure. [...] | Spam Tool | ||
|
2018-07-31 15:00:02 | What\'s in the spam mailbox this week? (lien direct) | Read more...) | Spam | ||
|
2018-07-30 07:25:04 | FELIXROOT Backdoor is back in a new fresh spam campaign (lien direct) | Security experts from FireEye have spotted a new spam campaign leveraging the FELIXROOT backdoor, a malware used for cyber espionage operation. The FELIXROOT backdoor was first spotted by FireEye in September 2017, when attackers used it in attacks targeting Ukrainians. The new spam campaign used weaponized documents claiming to provide information on a seminar on environmental protection efforts. […] | Spam | ||
 |
2018-07-25 22:20:04 | LifeLock Bug Exposed Millions of Customer Email Addresses (lien direct) | Identity theft protection firm LifeLock -- a company that's built a name for itself based on the promise of helping consumers protect their identities online -- may have actually exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its Web site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company. The upshot of this weakness is that cyber criminals could harvest the data and use it in targeted phishing campaigns that spoof LifeLock's brand. Of course, phishers could spam the entire world looking for LifeLock customers without the aid of this flaw, but nevertheless the design of the company's site suggests that whoever put it together lacked a basic understanding of Web site authentication and security. The upshot of this weakness is that cyber criminals could harvest the data and use it in targeted phishing campaigns that spoof LifeLock's brand. Of course, phishers could spam the entire world looking for LifeLock customers without the aid of this flaw, but nevertheless the design of the company's site suggests that whoever put it together it lacked a basic understanding of authentication and security. | Spam Vulnerability | ||
 |
2018-07-24 18:31:03 | Twitter Continues Cleanup and Cracks Down on Malicious Apps (lien direct) | The move is part a wider push to make Twitter “healthier,” which includes ridding the platform of spam and abuse. | Spam | ||
|
2018-07-13 10:58:05 | Spambot aims at targets WordPress sites in World Cup-Themed spam scam (lien direct) | Imperva observed a spambot targeting WordPress sites aimed at tricking victims into clicking on links to sites offering betting services on FIFA World Cup Security experts from Imperva recently observed a spike in spam activity directed at WordPress websites, attackers aimed at tricking victims into clicking on links to sites offering betting services on the 2018 FIFA […] | Spam | ||
|
2018-07-13 10:40:03 | WordPress Sites Targeted in World Cup-Themed Spam Scam (lien direct) | Spammers using a ‘spray & pray’ approach to post comments on WordPress powered blogs, forums, says Imperva. WordPress-powered websites are being targeted in a comment spam campaign designed to get users to click on links to sites offering betting services on the 2018 FIFA World Cup games. View Full Story ORIGINAL SOURCE: Dark Reading | Spam |
To see everything:
Our RSS (filtrered)
