Bad news—thanks to four flaws in Microsoft Exchange Server software, over 60,000 individuals and organizations have had their emails stolen by a cyberespionage unit based in China, with over 30,000 of those targeted being in the United States. Let’s review what has taken place up to the time of this writing, and what can be done about it.
Based on how the rest of the year has gone, it should come as no surprise that 2020 has come to an end with the news that the United States was targeted in the largest cyberespionage attack ever. Let’s go into what this attack signifies, and what we should all take away from it.
We’re always talking about the importance of keeping your software up to date. It is the very best way to avoid the vulnerabilities that can cause data breaches. When the Department of Homeland Security tells organizations to patch their software, however, it is urgent. This is exactly what has happened recently regarding the world’s most utilized Internet browser, Google Chrome.
Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.
The ransomware Petya (previously thought to have been eradicated) has unfortunately resurfaced, and it’s brought a friend to the party. Petya was delivered via an email containing an invitation to apply for a job, including the virus in an executable file that was disguised as a PDF job resume. When a hepless user clicked the file, Petya would get to work.
You don’t often hear about mobile operating systems being vulnerable to security threats (desktop vulnerabilities usually hog the spotlight), but when you do, they’re usually major problems that you need to be aware of. One such threat is called “Hummer,” a trojan that has installed unwanted apps and malware to more than a million phones all over the world.
Software vulnerabilities can cause major issues for individuals and businesses. Cisco’s Talos Security Intelligence and Research Group, which is designed as an organization to “protect consumers from known and emerging threats,” has found such a vulnerability with 7zip.
What kind of Microsoft products does your business use on a regular basis? If you can’t answer this question, you could be in trouble when it comes time to update your crucial applications and operating systems. This is a necessary part of working with technology; if your software can’t be considered secure, you need to upgrade to a more recent, better-functioning tool, or find yourself in a dangerous situation.
Modern ransomware is exceptionally dangerous, even by malware standards. Ransomware is capable of locking down important files on a victim’s computer, displaying a massive threat to both business professionals and their networks, as well as the average PC user. While other types of ransomware like CryptoLocker and CryptoWall are somewhat manageable, a new variant called CryptoJoker makes it borderline impossible to recover your files.
There’s a wicked string of malware on the Internet that locks users out of their browser and directs them to call a phone number. That phone number reaches hackers who have set up a subterfuge as an IT support company. If this happens to you, even if you are in the middle of something important, do not call the phone number.
