New PowerPoint Exploit Launches on Hover

A new exploit that uses a PowerPoint feature that enables “mouse-over actions.”  This feature allows a PowerPoint slide show to initiate activity without having to actually click on a link.  Just hovering on a link is enough to advance to the next step.  Since we have been teaching people for years to reveal a link destination by hovering over a link to show the top tip box, this exploit would take ...

Continue Reading →
0

US-CERT Warns About Airline Phishing Scams

What if there was a new phishing scam that had an open rate of 90%.  That’s right, this phishing email is so believable, 90 out of 100 recipients open the the attachment or click on the link without a second thought.

These attacks begin with the scammer researching the target victim.  These targets usually work at companies where there is a lot of air travel. ...

Continue Reading →
0

EyePyramid – Data Stealing Trojan Horse

I read a story in Naked Security recently that reported the arrest of a couple of Italian cyber-criminals who have been stealing personal information from Italian mayors, prime ministers, cardinals, and other notables since 2010.   They used a phishing exploit to install a Trojan Horse/keylogger called EyePyramid.  There were a couple of things that caught my eye.

The first is the sheer volume of data stolen – 87 gigabytes!  This information was ...

Continue Reading →
0

US-CERT Warns Against Phishing and Social Engineering Exploits

US-CERTWe continue to hear from security researchers and professionals that an astonishing 95% of all exploits begin with someone opening an attachment or clicking a link on a phishing email.  I have a client where two different employees opened the attachment on an email from “FedEx” and became infected with crypto-malware.  These incidents happened nearly a week apart, and you think that the second ...

Continue Reading →
0

Does Your Computer Have A Malware Infection? – Part 2

malwareOn Wednesday we looked at the obvious, visual symptoms of a malware infection.  Today we will explore some changes in performance that can indicate that your computer is infected.

Performance Symptoms

Most malware writers are NOT interested in giving you easy visual clues, but the malware will create additional activity on your system that can tip you off to an infection.

  • Constantly Flashing Hard Drive Light – If the hard drive activity light is constantly ...
Continue Reading →
0

Does Your Computer Have A Malware Infection?

malwareToday we are going to look at the symptoms that your computer may be displaying that are indications of a malware infection.

Visual Symptoms

These are signs that you will see on your computer display, and are the most obvious symptoms.

  • Ransomware  – The last stage of a ransomware or cryptoware infection is the prominent display of instructions on how to pay the attackers to get your decryption key
  • Fake Security Pop-Up – I haven’t ...
Continue Reading →
0

How Did They Take Over My Computer?

Computer breaches can happen many ways, but the two most common are stolen credentials, and phishing emails.  Credentials, your user name and password, sometimes are stolen from a web server breach, and then sold online on the criminal marketplaces.  Or sometimes you are tricked into giving them up on clever fake websites.  Phishing is one way that credentials are stolen.  The links in phishing emails often will direct the unwary user to the fake web page with the helpful web ...

Continue Reading →
0

Who Killed Dyre Wolf? The Russians?

Bank-trojanDyre Wolf is one version in the family of banking Trojans that started with Zeus and NeverQuest, and now includes Dridex, SpyEye, Shylock,Shifu, Gozi, and Tinba.  Banking Trojans are designed to sit unnoticed on your computer, and to capture your banking and financial login credentials and send them to criminals who use the information to empty your accounts.  They are among the worst exploits that can happen to you, followed closely by ...

Continue Reading →
0

OpenDNS Umbrella – Web Filtering and Security for SMBs

OpenDNSA great product for quickly and easily adding web site filtering to your organization is OpenDNS Umbrella.  OpenDNS was recently purchased by Cisco Systems.  OpenDNS is another featured security product that is part of the Managed Services program here at CIT.

The way OpenDNS works is that all of your traffic to and from the Internet is run through the proxy server cloud at OpenDNS.  In addition to protecting your organization ...

Continue Reading →
0

Phishing and Spearphishing – Don’t Take The Bait!

Phishing HookHere’s a provocative statement:  If you could just prevent your staff for clicking on links or opening attachments in phishing emails, 95% of your cybersecurity problems would be prevented.

As perimeter defenses and anti-malware software products have become more effective, cyber-attackers have turned to the phishing email approach as their number one favorite method for acquiring user names and passwords or gaining unauthorized access to computers on your network.   The spearphishing ...

Continue Reading →
0
Page 1 of 2 12