Invincia Blog

Category: Malware attack

  • How Do Websites Use My Data?

    How Do Websites Use My Data?

    Understanding User Data: How Websites Collect, Share, and Protect Information

    Websites collect and use user data in various ways, primarily to personalize content, display targeted ads, and improve user experience. This information can range from basic details—such as browser type and IP address—to sensitive data like names and credit card numbers.

    Being informed about how websites gather, utilize, and share data is crucial for maintaining digital privacy. In this article, we’ll explore how data collection works, best practices for sharing information responsibly, and why safeguarding personal data matters.

    What Is Data Collection on Websites?

    Data collection is a standard practice that allows websites to gather insights about their visitors. This occurs through multiple methods, including:

    • Cookies – Small files stored on a user’s device that track browsing activity.
    • User Interactions – Websites analyze clicks, scroll patterns, and form submissions to improve content relevance.

    Websites typically collect two types of information:

    1. First-party data – Directly obtained from the site itself (e.g., past purchases, browsing history).
    2. Third-party data – Sourced from external platforms, such as advertisers, which may include demographic insights and behavioral patterns.

    Some websites integrate tracking codes from platforms like Google and Facebook, allowing them to monitor internet activity and refine ad targeting strategies.

    While data collection enhances user experience, it also raises privacy concerns. Users should be aware of how their information is stored and shared, as transparency fosters trust between websites and their visitors.

    How Does Data Sharing Work?

    Data sharing refers to the practice of making collected data accessible to multiple parties. Businesses and institutions often share data through:

    • APIs (Application Programming Interfaces) – Facilitate real-time data exchanges between systems.
    • Cloud Services – Provide centralized storage solutions for seamless access.
    • File Transfer Protocol (FTP) – Secure methods for data transfers.

    Challenges in Data Sharing

    While data sharing offers valuable insights, it also poses privacy risks if not properly managed. Some key concerns include:

    • Data security vulnerabilities – Encryption and access controls are crucial to prevent unauthorized exposure.
    • Regulatory compliance – Laws like GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act) require transparency and user consent.
    • Ethical considerations – Data must be used responsibly, ensuring that individuals retain control over their information.

    Responsible data sharing demands strict governance policies and comprehensive records to safeguard user privacy.

    How Should Websites Manage User Data?

    Effective data management is essential for maintaining user trust and ensuring regulatory compliance. Websites should collect only necessary information and implement secure storage solutions.

    Best Practices for Data Management

    1. Transparency and Consent – Websites must clearly disclose data collection methods and allow users to opt in or opt out.
    2. Data Minimization – Gathering only essential data reduces risks and simplifies compliance.
    3. Secure Storage Solutions – Encryption of data both at rest and in transit prevents unauthorized access.
    4. User Control – Providing tools for users to edit, download, or delete their data fosters accountability.

    These measures ensure responsible data handling while protecting user privacy.

    Why Is Data Privacy Important?

    Data privacy is a fundamental right that allows individuals to control their personal information. Organizations must implement strategies to protect user data, including:

    • Employee training – Ensuring awareness of privacy laws and security practices.
    • Encryption – Safeguarding stored information from cyber threats.
    • Transparent policies – Clearly outlining how data is used, stored, and shared.

    Ensuring Compliance with Privacy Regulations

    Legal frameworks such as GDPR and CCPA impose penalties for non-compliance, making it crucial for organizations to:

    • Regularly update privacy policies
    • Conduct security audits
    • Maintain accurate records of data processing activities

    Building Trust Through Transparency

    Open communication about how personal data is used fosters trust and encourages responsible data practices. Users should have easy access to consent settings, allowing them to adjust privacy preferences.

    In the final section, we’ll explore proactive steps that individuals can take to protect their data online.

    How Can Users Protect Their Data?

    Individuals can enhance their digital privacy by using tools designed to block data tracking and prevent unauthorized access.

    Essential Data Protection Strategies

    • Privacy-Focused Browsers – Tools like Brave or Firefox limit data tracking.
    • Regular Security Audits – Reviewing privacy settings on social media platforms reduces exposure risks.
    • Cautious Online Behavior – Avoid sharing unnecessary personal information on public forums.

    Recommended Privacy Tools

    • VPNs (Virtual Private Networks) – Mask IP addresses and encrypt internet traffic.
    • Password Managers – Secure login credentials and prevent weak passwords.
    • Software Updates – Keeping apps and browsers up to date eliminates security vulnerabilities.

    Educating yourself on data privacy and security best practices empowers you to make smarter choices online.

    Take Action to Protect Your Data

    Understanding how websites collect and share user data is essential for maintaining privacy in a digital landscape. Whether you’re an individual or a business, prioritizing data protection and ethical sharing ensures a safer online environment.

    If you’re concerned about your digital footprint, we specialize in privacy solutions to help safeguard your personal information. Contact us today to learn more about securing your online presence.

  • How to Spot Hidden Malware On Your Devices

    How to Spot Hidden Malware On Your Devices

    Hackers often send emails with malware attachments. It’s crucial to avoid opening emails from unknown senders.

    What Are Signs of Hidden Malware?

    Malware can be elusive, but there are some telltale signs to watch for:

    Sluggish Device

    If your device is unusually slow, it might be infected with malware.

    Suspicious Pop-ups

    Unexpected pop-ups can indicate malware is present.

    High Data Usage

    If your internet speeds are slower or you’re using more data than usual, malware could be the culprit.

    How Can You Check for Malware?

    There are several methods to detect malware on your device:

    Use Antivirus Software

    Antivirus programs can scan your device for malware, identifying and removing harmful software.

    Check Your Apps

    Review all the apps on your device and delete any you don’t remember installing.

    Look at Task Manager

    On a computer, open Task Manager and look for programs that use a lot of resources or have unfamiliar names.

    Check Your Browser

    Inspect your browser extensions and remove any you don’t use or recognize.

    What to Do If You Discover Malware?

    If you suspect malware, don’t panic. Here’s what to do:

    Run a Full Scan

    Use your antivirus software to perform a full scan of your device.

    Update Your Software

    Ensure all your programs and operating system are up to date.

    Change Your Passwords

    Update the passwords for all your important accounts.

    Backup Your Data

    Back up your essential files to a secure location, such as a cloud service.

    How to Avoid Malware?

    Preventing malware is better than dealing with an infection. Here’s how:

    Keep Everything Up-to-Date

    Regularly update your operating system and applications.

    Be Careful What You Click

    Avoid clicking on links or downloading files unless you’re sure they’re safe.

    Use Strong Passwords

    Create long, complex passwords and use different passwords for each account.

    Use Antivirus Software

    Maintain good antivirus software on your device and run regular scans.

    Stay Safe Online!

    Malware can be intimidating, but you can protect yourself. Always be cautious online and keep your devices secure. If you need help with malware or want to learn more about online safety, contact us today. We’re here to help you stay safe in the digital world!

  • How to Minimize Ransomware Damage

    How to Minimize Ransomware Damage

    Ransomware has become a significant problem for many individuals and businesses. It can lock up your files and demand payment to release them. This article will guide you on how to protect yourself from ransomware and what to do in case of an attack.

    What is Ransomware?

    Ransomware is a type of malicious software that infiltrates your computer, locks your files, and demands payment to unlock them. This can be both frightening and costly.

    How does ransomware work?

    Ransomware typically enters through email or malicious websites and can spread through networks. Once inside, it encrypts your files with strong codes, and you receive a message demanding payment.

    How does Encryption Work?

    Encryption uses algorithms and keys. An algorithm is a set of rules for solving problems, and a key is like a password that unlocks the encrypted message.

    How can you prevent ransomware attacks?

    There are several ways to prevent ransomware before it causes harm. Here are some key steps:

    Keep your software up to date

    Always keep your computer and programs updated. Updates often fix vulnerabilities that ransomware exploits.

    Use good antivirus software

    Invest in strong antivirus software, keep it turned on, and ensure it is updated. It can detect many types of ransomware.

    Be careful with emails

    Avoid opening emails from unknown senders and do not click on links or download files unless you are certain they are safe.

    Back up your files

    Regularly back up your most important files and store them on a separate device. This way, if ransomware locks your files, you will still have copies.

    What do you do if you get ransomware?

    If you suspect you have ransomware, don’t panic. Here’s what to do:

    Disconnect from the network

    Immediately disconnect your computer from the internet to prevent the ransomware from spreading or worsening.

    Don’t pay the ransom

    Experts advise against paying the ransom as there is no guarantee you will get your files back, and paying encourages more attacks.

    Report the attack

    Report the attack to the police and your country’s cybersecurity center. They can assist and use the information to prevent future attacks.

    Use your backups

    If you have backups, restore your files from them. That’s what backups are for, after all.

    How can businesses protect themselves?

    Businesses should take additional steps to stay safe. Here are some suggestions:

    Train your employees

    Educate your employees about ransomware, providing examples of what to watch out for and what to do if they encounter something suspicious.

    Limit access to key files

    Restrict access to essential files to only those who need it for their job. This can limit the spread of ransomware.

    Have a plan ready

    Develop a strategy in case of a ransomware attack and practice it. Preparation will help you respond swiftly and contain the damage.

    How is ransomware evolving?

    Ransomware is constantly developing new tricks. Be aware of these:

    Attacks on phones and tablets

    Ransomware can now target not only computers but also phones and tablets. Be cautious with all your devices.

    Double extortion

    Some ransomware now steals your data before locking it and then threatens to release your private information if you don’t pay, making the attack even worse.

    Attacks on cloud services

    As more people use cloud storage, ransomware has started targeting these services. Ensure your cloud accounts are secure.

    Stay Safe and Prepared

    Ransomware is a serious threat, but you can protect yourself by keeping your software updated, being cautious online, and always having backups. If you run a business, train your team and have a solid plan. Stay alert and ready.

    Don’t try to face ransomware alone. Contact us if you need help with ransomware or have additional questions.

  • Watch out for Google Searches – “Malvertising” Is On The Rise!

    Watch out for Google Searches – “Malvertising” Is On The Rise!

    There are many types of malware, and one increasingly common form is “malvertising.” This type of malicious advertising shows up everywhere—from social media to popular websites and even in Google search ads.

    Two trends are making malvertising more dangerous: hackers now use AI to make these ads more convincing, and it’s on the rise. Malwarebytes reports that malvertising jumped 42% month-over-month in late 2023.

    Knowing how to recognize and avoid malvertising is key to protecting yourself online. Below, we’ll explain what malvertising is and share tips on staying safe.

    What is Malvertising?

    Malvertising is when cybercriminals use online ads to carry out malicious activities. A prime example occurred during the PlayStation 5 launch when it was in high demand. Hackers placed fake ads in Google search results that looked like official PS5 retailers. But clicking on these ads led to lookalike sites designed to steal login credentials and payment information.

    Although Google works to catch and remove malicious ads, hackers can often keep these ads active for hours or even days before they’re detected. And malvertising doesn’t just appear on Google; it can also show up on hacked websites and social media platforms.

    Tips for Avoiding Malvertising

    1. Check URLs Closely

    Malvertising often relies on lookalike websites, just like phishing scams. Carefully check URLs in ads for minor misspellings or other irregularities. Small differences can reveal a scam.

    1. Go Directly to the Website

    For a foolproof way to avoid malvertising, don’t click on ads. Instead, go directly to the brand’s website. If there’s a legitimate sale or offer, you’ll find it there. This strategy works well for all types of phishing—skip the link and go straight to the source.

    1. Use a DNS Filter

    A DNS filter provides extra protection by blocking dangerous sites. If you accidentally click a malicious link, the filter will redirect you to a warning page, keeping you safe.

    1. Avoid Logging In After Clicking an Ad

    If you click an ad, avoid logging in on the site it takes you to. Malvertising often leads to fake sites with login pages designed to steal your credentials. Instead, open a new browser tab and navigate to the official site.

    1. Don’t Call Numbers in Ads

    Some malvertising ads display fake customer service numbers, which scammers use to trick people into giving away personal information over the phone. This method often targets seniors. If you see a number in an online ad, don’t call it. And if you do find yourself on a suspicious call, avoid sharing personal details and hang up.

    1. Don’t Download from Ads

    “Get a Free PC Cleaner!” or “Download MS Word for Free!”—these are common malvertising hooks that trick users into downloading malware. Avoid clicking download links in ads. If it’s a legitimate offer, you’ll find it directly on the official website.

    1. Spread the Word About Suspicious Ads

    If you spot a suspicious ad, warn others. Alerting colleagues, friends, or family can help keep them safe. A quick online search often confirms if an ad is part of a known scam. By fostering a cyber-aware community, you can help everyone stay safer online.

    Enhance Your Online Security

    Are your devices up to date with security patches? Do you have reliable anti-malware software? Is DNS filtering in place to block malicious websites?

    If you’re unsure, contact us. Our cybersecurity team can help you find affordable, effective solutions to secure your online world.

    Call or email us today to schedule a conversation about protecting your online security.

  • The Phantom Data Breach – A Tale of Unseen Threats

    On a dark and stormy night, as your business hums along quietly, an unseen force sneaks into your network, siphoning off valuable data. It’s the phantom of the data breach, a sinister specter that lurks in the shadows, waiting to strike when you least expect it. Unfortunately, this isn’t just a Halloween story—it’s a very real IT nightmare that can happen to businesses of all sizes. Let’s shine a flashlight on these creepy crawlers and uncover how to banish them before they haunt your system. 🔦🕷️

    The Nightmare
    Data breaches are like ghouls; you never know when they’ll appear. They’re sneaky, silent, and can wreak havoc on your business if you’re not prepared. Whether it’s stolen customer information, leaked trade secrets, or compromised financial data, a breach can result in financial loss, damaged reputation, and even legal penalties. Imagine waking up to find your data sold on the dark web—chilling, right? 🕸️

    How to Avoid the Curse

    1. Eerie Encryption: Keep data safe with strong encryption. If a hacker tries to grab your data, it’ll be as useless as an ancient scroll without a cipher key. 🗝️
    2. Beware the Phishing Zombies: Educate your staff to avoid suspicious links and attachments, no matter how tempting they may seem. Those emails promising free candy are just a trap! 🍬🧟‍♂️
    3. Ghostly Backups: Regularly back up your data and store it in a secure location. Even if your system is haunted by a breach, you’ll have the means to resurrect your data and carry on. 👻🔄
    4. Summon the Firewall: Ensure your firewall is up to date and strong enough to keep the monsters at bay. It’s your first line of defense against the undead of the cyber world. 🔥🧱

    Don’t let your business fall victim to the phantom data breach! At Invincia Technologies, we ward off digital ghouls and keep your data secure. Our cybersecurity experts are the ultimate ghost hunters, banishing breaches and keeping your IT environment safe from things that go bump in the night. 💻🔒

    Stay tuned for our next Halloween IT nightmare… if you dare. 😈🎃

  • Don’t Be a Victim – Common Mobile Malware Traps

    Don’t Be a Victim – Common Mobile Malware Traps

    Your smartphone is like a digital Swiss Army knife acting as your wallet, communication center, and personal assistant all in one. It holds valuable data, from bank details to private photos, making it a prime target for cybercriminals. Yet, mobile security often gets overlooked, with most people focusing on protecting their computers instead.

    In 2023, attacks on mobile devices surged by 50% compared to the previous year. Hackers haven’t ignored mobile devices they’re laying traps to infect them with malware. Let’s explore some common mobile malware traps and how to avoid them.

    Common Mobile Malware Traps

    Mobile malware, much like computer malware, is harmful software designed to damage your device or steal your data. It can appear in various forms, such as fake apps or malicious links. Awareness is key to protecting yourself from these threats.

    1. Phishing Attacks: The most common type of malware. You receive a convincing-looking email or text that tricks you into clicking a link or downloading an attachment, leading to malware infection.
    2. Malicious Apps: Not all apps are safe. Some hide malware designed to steal your data, show ads, or even take control of your device. Always research apps before downloading.
    3. SMS Scams (Smishing): These scams use text messages to trick you into sharing personal information or clicking malicious links. Be cautious of unexpected messages asking for sensitive info.
    4. Wi-Fi Risks: Public Wi-Fi networks are usually unsecured, making them easy targets for hackers. Avoid accessing sensitive information when connected to public Wi-Fi.
    5. Fake Apps: These are apps that mimic legitimate ones but are designed to steal your login credentials or personal information. Verify app authenticity before downloading.
    6. Adware: Though less harmful, adware can be annoying and might expose you to more threats. It often comes bundled with other apps.

    Protect Yourself: Key Tips

    • Stay Updated: Ensure your phone’s operating system and apps are always up-to-date by installing the latest security patches or enabling automatic updates.
    • Be Cautious with Links and Attachments: Avoid clicking on links or downloading attachments from unknown sources.
    • Use Strong Passwords: Create strong passwords for your phone and apps. A password manager can help you keep track of them.
    • Stick to Official App Stores: Download apps only from trusted sources like Google Play or the Apple App Store. Check reviews and app permissions before installing.
    • Avoid Public Wi-Fi: When connecting to public Wi-Fi, use a VPN to encrypt your data.
    • Regular Backups: Back up your phone regularly to prevent data loss.
    • Security Software: Consider installing a reliable mobile security app for added protection.

    Additional Steps to Secure Your Smartphone

    Physical Security

    • Lock Your Phone: Set a strong passcode, or use fingerprint or facial recognition. Avoid easy-to-guess patterns.
    • Avoid Public Charging Stations: These can be compromised and allow hackers to access your device.
    • Remote Wipe: If your phone is lost or stolen, remotely wipe its data to protect your sensitive information.

    App Permissions

    • Review App Permissions: Check the permissions apps request and deny any that seem unnecessary. For example, a flashlight app doesn’t need access to your contacts.
    • Conduct App Audits: Regularly go through the apps on your phone and uninstall any you no longer use to minimize vulnerabilities.

    Data Backup

    • Cloud Backups: Regularly back up your important files using cloud storage, ensuring you have copies even if your phone is lost or damaged.
    • Local Backups: Consider backing up your phone to your computer for an extra layer of protection.

    Take Control of Your Mobile Security

    By following these best practices, you can greatly improve the security of your smartphone. Remember, it’s always easier to prevent an issue than to fix one. Stay alert, informed, and proactive to keep your digital life safe.

    While smartphones offer incredible convenience, they’re also appealing targets for cybercriminals. By staying aware of the risks and taking protective measures, you can enjoy the benefits of mobile technology without compromising your security.

    Contact Us to Strengthen Your Mobile Security

    Many employees use their personal devices for work, which means mobile malware can affect more than just one individual it can lead to a company-wide data breach. Be proactive in securing mobile devices. Our experts can provide tailored solutions to protect all your devices.

    Reach out today to discuss mobile device protection for your home or office.

  • Beware of Deepfakes! Learn How to Spot the Different Types

    Have you ever seen a video of your favorite celebrity saying something outrageous? Then later, you find out it was completely fabricated? Or perhaps you’ve received an urgent email seemingly from your boss. But something felt off.

    Welcome to the world of deepfakes. This is a rapidly evolving technology that uses artificial intelligence (AI). It does this to create synthetic media, often in the form of videos or audio recordings. They can appear real but are actually manipulated.

    People can use deepfakes for creative purposes. Such as satire or entertainment. But their potential for misuse is concerning. Deepfakes have already made it into political campaigns. In 2024, a fake robocall mimicked the voice of a candidate. Scammers wanted to fool people into believing they said something they never said.

    Bad actors can use deepfakes to spread misinformation. As well as damage reputations and even manipulate financial markets. They are also used in phishing attacks. Knowing how to identify different types of deepfakes is crucial in today’s world.

    So, what are the different types of deepfakes, and how can you spot them?

    Face-Swapping Deepfakes

    This is the most common type. Here the face of one person is seamlessly superimposed onto another’s body in a video. These can be quite convincing, especially with high-quality footage and sophisticated AI algorithms.
    Here’s how to spot them:

    • Look for inconsistencies: Pay close attention to lighting, skin tones, and facial expressions. Do they appear natural and consistent throughout the video? Look for subtle glitches such as hair not moving realistically or slight misalignments around the face and neck.
    • Check the source: Where did you encounter the video? Was it on a reputable news site or a random social media page? Be cautious of unverified sources and unknown channels.
    • Listen closely: Does the voice sound natural? Does it match the person’s typical speech patterns? Incongruences in voice tone, pitch, or accent can be giveaways.

    Deepfake Audio

    This type involves generating synthetic voice recordings. They mimic a specific person’s speech patterns and intonations. Scammers can use these to create fake audio messages. As well as make it seem like someone said something they didn’t.
    Here’s how to spot them:

    • Focus on the audio quality: Deepfake audio can sound slightly robotic or unnatural. This is especially true when compared to genuine recordings of the same person. Pay attention to unusual pauses as well as inconsistent pronunciation or a strange emphasis.
    • Compare the content: Does the content of the audio message align with what the person would say? Or within the context in which it’s presented? Consider if the content seems out of character or contradicts known facts.
    • Seek verification: Is there any independent evidence to support the claims made? If not, approach it with healthy skepticism.

    Text-Based Deepfakes

    This is an emerging type of deepfake. It uses AI to generate written content. Such as social media posts, articles, or emails. They mimic the writing style of a specific person or publication. These can be particularly dangerous. Scammers can use these to spread misinformation or impersonate someone online.
    Here’s how to spot them:

    • Read critically: Pay attention to the writing style, vocabulary, and tone. Does it match the way the person or publication typically writes? Look for unusual phrasing, grammatical errors, or inconsistencies in tone.
    • Check factual accuracy: Verify the information presented in the text against reliable sources. Don’t rely solely on the content itself for confirmation.
    • Be wary of emotional triggers: Be cautious of content that evokes strong emotions. Such as fear, anger, or outrage. Scammers may be using these to manipulate your judgment.

    Deepfake Videos with Object Manipulation

    This type goes beyond faces and voices. It uses AI to manipulate objects within real video footage such as changing their appearance or behavior. Bad actors may be using this to fabricate events or alter visual evidence.
    Here’s how to spot them:

    • Observe physics and movement: Pay attention to how objects move in the video. Does their motion appear natural and consistent with the laws of physics? Look for unnatural movement patterns as well as sudden changes in object size, or inconsistencies in lighting and shadows.
    • Seek original footage: If possible, try to find the original source of the video footage. This can help you compare it to the manipulated version and identify alterations.

    Staying vigilant and applying critical thinking are crucial in the age of deepfakes.
    Familiarize yourself with the different types. Learn to recognize potential red flags. Verify information through reliable sources. These actions will help you become more informed and secure.

    Get a Device Security Checkup

    Criminals are using deepfakes for phishing. Just by clicking on one, you may have downloaded a virus. A device security checkup can give you peace of mind. We’ll take a look for any potential threats and remove them.
    Contact Invincia Technologies with questions, concerns or just need a 2nd opinion. Thanks!
    Article used with permission from The Technology Press.

  • Hackers Hit By Pandemic, Start Auctioning Data

    Cybercriminal businesses have seen a hit from the weakened economy. In response, they’re further morphing tactics to extract money.

    Times are tough.

    Cybercriminals are getting creative.

    We’ve seen several stories of Ransomware groups releasing stolen data to force ransom payment (like here). Some have even formed a cartel to expand reach and revenue (like here). Now, they’ve added a new line of revenue from victim data.

    The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software.

    Many Ransomed organizations are either unwilling or unable to pay Ransom demands. This could be in following law enforcement guidance or they simply don’t have the funds in this tough economy. Unfortunately, this has consequences.

    “The problem is a lot of victim companies just don’t have the money [to pay ransom demands] right now.”

    When ransom demands aren’t met, the REvil team is now exacting their tolls via data auctions.

    Experts say the auction is a sign that ransomware groups may be feeling the financial pinch from the current economic crisis, and are looking for new ways to extract value from victims

    On the block in their first auction, the REvil team is selling data from a Canadian agricultural producer who has reportedly not paid their Ransom demand.

    The victim firm’s auction page says a successful bidder will get three databases and more than 22,000 files stolen from the agricultural company.

    Cybercriminals have been printing money (figuratively) through these attacks, and they don’t seem to be stopping.

    “Others are now charging a fee not only for the ransomware decryptor, but also a fee to delete the victim’s data. So it’s a double vig.”

    This is yet another dark turn in the Ransomware game. As much as we don’t want to admit it, these criminals are crafty and smart.

    It’s time to protect your team and your assets from these attacks.

    Are you ready to take action?
    You already have a lot on your plate, so we make it easy. Find out how to protect your team with Invincia’s Automated Security Awareness platform.

    To get a quote, set up a call with our team here!

    Original article here.
    [https://krebsonsecurity.com/2020/06/revil-ransomware-gang-starts-auctioning-victim-data/]

  • Cyber readiness starts with awareness

    News emerged in a new report last week that just 10% of European and US firms are “cyber ready”, despite surging attacks.

    The study from insurer Hiscox — which spanned the UK, US, Germany, Belgium France, Spain, and the Netherlands — should be something of a wake-up call for IT and cybersecurity leaders. SMEs, in particular, are said to be in the firing line.

    Although technical controls certainly play their part in helping to mitigate risk and improve preparedness, the report revealed that cultural changes and a more proactive approach to training are equally important. Perhaps it’s time for the security industry, in general, to take a more holistic approach to threat prevention that’s not so solution-centric.

    Attacks soar in 2018

    The percentage of firms classed as “experts” in cyber-readiness actually dropped from 11% last year. Yet the threats facing them have never been more pronounced: 61% reported an attack over the past year, up from less than half (45%) the year before. The figure rose even higher in France (67%) and Belgium (71%). The frequency of attacks has also increased, as has their cost: up 61% from $229,000 last year to $369,000 in this year’s report, with medium and large firms bearing most of the financial impact.

    According to an FBI report also out last week, total losses from global complaints to the Bureau’s Internet Crime Complaint Center in 2018reached $2.7bn, with nearly half ($1.3bn) coming from Business Email Compromise attacks. Ransomware losses also surged, from $2.3m to $3.6m, although many more attacks go unreported.

    Read the full article here

  • Attack Campaign Using Fake Browser Updates to Deliver Ransomware and Banking Malware

    Researchers observed an attack campaign distributing fake browser updates to infect website visitors with ransomware and banking malware.

    Sucuri reported that the attackers inject either links to an external script or the entire script code into a compromised webpage. In both cases, this code creates a message box informing the user that a critical error resulted from an outdated version of the web browser. It then prompts the visitor to update his or her browser version while displaying garbled text in the background to legitimize the appearance of a critical browser vulnerability.

    If the user clicks the “Update” button within the message box, the computer downloads a ZIP archive. This resource harbors a JavaScript file with a name that mentions “browser” and “components,” an apparent attempt to further convince the user that it is legitimate.

    Once run, the file tries to download browser.jpg, which is actually a Windows EXE file containing ransomware. By comparison, the Android version of this campaign downloads banking malware onto the infected device.

    A Long History of Fake Browser Updates

    The tactic of using fake browser updates to deliver malware goes back to at least 2012, when Trend Micro discovered several websites offering fake, malware-laden updates for popular web browsers. A year later, ThreatTrack Security Labs came across fake upgrades hosted on an online repository.

    The tactic has also been active in recent years. In 2017, for example, Proofpoint discovered a malvertising attack that used fake browser updates to deliver the Kovter ad fraud malware. Malwarebytes Labs came across something similar when it uncovered the FakeUpdates malware campaign in November 2018.

    How to Defend Against Banking Malware and Ransomware

    Security professionals can help defend against banking malware and ransomware by taking a risk-based approach to patch management, which can help them decide whether to patch known component vulnerabilities or replace at-risk items with more secure ones. Security teams should also invest in a solution that delivers phishing intelligence about ongoing attack campaigns, which helps responders determine which indicators pose the greatest risk to the organization’s environment.

    Contributing Editor

    David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley..
    https://securityintelligence.com/news/attack-campaign-using-fake-browser-updates-to-deliver-ransomware-and-banking-malware/