Invincia Blog

Author: Invincia Technologies

  • Attack Campaign Using Fake Browser Updates to Deliver Ransomware and Banking Malware

    Researchers observed an attack campaign distributing fake browser updates to infect website visitors with ransomware and banking malware.

    Sucuri reported that the attackers inject either links to an external script or the entire script code into a compromised webpage. In both cases, this code creates a message box informing the user that a critical error resulted from an outdated version of the web browser. It then prompts the visitor to update his or her browser version while displaying garbled text in the background to legitimize the appearance of a critical browser vulnerability.

    If the user clicks the “Update” button within the message box, the computer downloads a ZIP archive. This resource harbors a JavaScript file with a name that mentions “browser” and “components,” an apparent attempt to further convince the user that it is legitimate.

    Once run, the file tries to download browser.jpg, which is actually a Windows EXE file containing ransomware. By comparison, the Android version of this campaign downloads banking malware onto the infected device.

    A Long History of Fake Browser Updates

    The tactic of using fake browser updates to deliver malware goes back to at least 2012, when Trend Micro discovered several websites offering fake, malware-laden updates for popular web browsers. A year later, ThreatTrack Security Labs came across fake upgrades hosted on an online repository.

    The tactic has also been active in recent years. In 2017, for example, Proofpoint discovered a malvertising attack that used fake browser updates to deliver the Kovter ad fraud malware. Malwarebytes Labs came across something similar when it uncovered the FakeUpdates malware campaign in November 2018.

    How to Defend Against Banking Malware and Ransomware

    Security professionals can help defend against banking malware and ransomware by taking a risk-based approach to patch management, which can help them decide whether to patch known component vulnerabilities or replace at-risk items with more secure ones. Security teams should also invest in a solution that delivers phishing intelligence about ongoing attack campaigns, which helps responders determine which indicators pose the greatest risk to the organization’s environment.

    Contributing Editor

    David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley..
    https://securityintelligence.com/news/attack-campaign-using-fake-browser-updates-to-deliver-ransomware-and-banking-malware/

  • Private, Public, Hybrid, or Multi-Cloud: What’s the Difference Between Them?

    No two clouds are exactly alike. That being said, many clouds are very similar and essentially have the same functionality. The difference lies in the way they’re used by each individual business. Every company has different cloud needs and, therefore, will build or alter their cloud technology to work for whatever those needs are. Here’s where different types of cloud environments come in. There are four of them to consider for your business:

    1. Public Cloud

    When people think of the cloud, they’ll often have their minds on a public cloud. That’s because the big cloud providers are considered public clouds – think Microsoft Azure, G Suite, and Amazon Web Services. Basically, as the name suggests, these clouds are available for public use. Though often the first little bit of storage or signing up for an account is free, there is usually some form of subscription fee involved to unlock larger storage capacities.

    From a security standpoint, public clouds come with advanced security features, but often, they’re not enough to really keep your data safe. Generally, enhanced encryption and security methods should still be used on top of public cloud securities.

    Things to note:

    • Low starting costs and fees over time
    • Little to no maintenance, as it’s carried out by the provider
    • Unlimited or almost unlimited scalability to increase storage capacity as you need
    • Limited flexibility to meet specific business IT needs
    • Added security is always recommended

    1. Private Cloud

    If your business has developed its own cloud services to use in-house, or a third-party provider has built one specifically for your business, you’re using private cloud technology. Private clouds are hosted on private servers which means users tend to have more control over security. Plus, meeting a business-specific IT requirement is an easier task with a private cloud, as you have total control over all the functionality.

    Things to note:

    • High start-up costs but low maintenance fees
    • High flexibility to create personalized functionality and scalability to add or remove storage capacity as needed
    • Potential for improved security, as you have control of security features from the get-go

    1. Hybrid Cloud

    As its name suggests, a hybrid cloud is a mix of private and public cloud resources to create a more varied cloud environment. By accessing in-house and public cloud technologies at the same time, users can reap the benefits of both. More vulnerable and private documents may be stored on the private cloud, for example, while documents with less privacy required may be kept on the public cloud. Generally, less secure, more high-volume tech needs like web-based email are hosted on the public cloud, whereas client files and the like are maintained on the private cloud.

    Things to note:

    • Higher costs than just using public but lower costs than only using a private cloud, as you have cheaper scalability with help from the public cloud
    • High level of control with options for where you can store your data
    • Easy to migrate as you can choose to transition gradually over time

    Article from Storage Craft
    https://blog.storagecraft.com/private-public-hybrid-multi-cloud/

  • Finally – A Complete Email Protection Plan

    Finally – A Complete Email Protection Plan

    Email Protection

    email security

    Complete Email Protection Requires a Layered Defense

    Between 75% and 90% of targeted cyber-attacks start with an email. Email-borne attacks interrupt business operations, cause financial damage, and compromise business integrity. Barracuda protects you by extending traditional email security with a multi-faceted approach that protects all aspects of your email infrastructure.

    Gateway Defense Layer

    Stop Advanced Threats Before They Reach Your Mail Server

    Email Resiliency Layer

    Ensure Compliance and Continuity with Archiving and Backup

    Fraud Protection Layer

    Stop Social Engineering Attacks with A.I.-Based Fraud Detection and DMARC

    User Security Awareness Layer

    Build Your Human Firewall with Advanced Phishing Simulations and Training

    Next-Generation Email Security

    As email-borne attacks have become more prevalent and sophisticated, traditional email security gateways can no longer protect users and data. Many threats, such as spear phishing attacks or emails directed at users via their personal email, bypass gateways.

    While a secure gateway is still necessary, complete email protection also requires a multi-layered defense that stops advanced attacks and protects email data. Barracuda is the only company that combines award-winning email security that can identify phishing emails with user awareness training, archiving, and backup.

    Defense Starts with the Email Security Gateway

    Inbound Filtering Stops Spam and Protects Users

    • Anti-spam technologies that block analyze several aspects of email messages with granular policy controls
    • Advanced Threat Protection (ATP) that combines behavioral, heuristic, and sandboxing technologies to protect against zero-hour and targeted attacks
    • Protection against sender spoofing, and domain name validation
    • Link Protection and Typo-squatting protection that automatically rewrites URLs I emails so they can be validated at click time to block malicious links

    Outbound Filtering and Encryption Protect Your Data and Reputation

    • Prevent your organization from being put on spam block lists
    • Prevents outbound attacks originating from inside your network
    • DMARC, DKIM, and SPF authentication to validate emails and prevent others from spoofing your domain
    • Data Leakage Protection (DLP) that prevents sensitive data such as credit card numbers, social security numbers, HIPAA data, and customer lists from being sent by email
    • Email Encryption that ensures secure email transmissions

    “We found Barracuda Essentials to be the perfect solution for our customers using Exchange or Office 365. Being able to prevent problems before they happen saves our customers and us more time to focus on what really matters.”

    David Rolleri
    Systems Engineer | INTERDEV Managed Security
    Barracuda email protection products are offered as SaaS subscriptions or appliance-based products for protecting Office 365, Microsoft Exchange, and other email servers. All products and services are offered with 30-Day Free Trials.
    Don’t let online threats be the downfall of your business or government agency. Email & Spam Protection from Invincia assures your email is working to benefit your enterprise, and not leaving you vulnerable to security problems.
  • Microsoft Office 365 outage?

    Microsoft Office 365 outage?

    Ensure business continuity during downtime

    Yesterday, Office 365 experienced a significant outage for more than a day across Europe, leaving customers unable to log in to Exchange Online to read, respond, send, or receive new emails. This isn’t the first time that Microsoft has experienced outages. Just a few months ago, in November 2018, Office 365 users experienced issues trying to log in to their accounts.

    With email being a primary communication tool for most organizations, email outages mean losses in employee productivity, communication, and revenue. Organizations that migrated to the cloud with Office 365 gave up control of their uptime and failover. When Office 365 goes down, their email communication goes down with it.

    How Email Continuity Service can help

    But it doesn’t always have to be this way. While the most recent Office 365 outage is unfortunate, organizations that have Barracuda’s Email Continuity Service in place have nothing to worry about. In the event of an Exchange server failure, or in this case an Office 365 outage, our Email Continuity Service allows IT administrators to failover to third-party cloud-based email servers to continue email operations until services are restored.

    During this failover time, Barracuda’s Email Continuity Service allows end users to send, receive, compose, and forward emails when email services are unavailable. This keeps the company moving and employees productive so that orders can be processed, customer and vendor communication can continue, and any other operations that require email continue seamlessly.

    Barracuda Essentials includes Email Continuity Service, which ensures that email operations continue. An emergency mailbox lets users continue to send and receive emails, staying productive until your primary servers are back online.

    Contact Invincia Technologies to get your Email Continuity Service setup today!

    Article from: https://blog.barracuda.com/blog/

     BY 

  • Firewall Security Solutions

    Firewall Security Solutions

    Any business with an internet and intranet that allows its employees access to the Internet and corporate resources, implement firewall security solutions to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to. For ideal network security, a firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources. A firewall, working closely with other networking infrastructure, examines each network packet to determine whether forward it toward its destination. Threats have evolved much through the years but firewall security is still one of the most fundamental network protection for network of any size.

    Go Beyond Next-Generation Firewalls to Protect Your Network in the Cloud and On-Premises

    Barracuda’s Cloud Generation Firewalls redefine the role of the Firewall from a perimeter security solution to a distributed network optimization solution that scales across any number of locations and applications, connects on-premises and cloud infrastructures, and helps organizations transform their business.

    From the Next Generation Firewall to a Cloud Generation Solution

    In the cloud era, network firewalls must do more than secure your network. They must also ensure you have uninterrupted network availability and robust access to cloud-hosted applications.

    In today’s constantly evolving threat landscape, your organization faces zero-hour malware exploits and advanced persistent threats that routinely bypass traditional, signature-based IPS and antivirus engines. Barracuda Advanced Threat Protection gives your security infrastructure the ability to identify and block new, sophisticated threats-without affecting network performance and throughput.

    Advanced Threat Protection is available on all Barracuda CloudGen Firewall models.