Tag Archive for: Avoid

Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion

/in


The danger of being hit by a ransomware attack is scary enough, but in many cases, criminals can still extort your business after the ransom has been paid and things have seemingly returned to normal. Double and even triple extortions are becoming increasingly common, with ransomware gangs now demanding additional payments to keep the private information captured in their attacks from being leaked. These added threats are driving up the collective cost of ransomware, which is forecast to reach $265 billion by 2031, according to some sources.

In traditional ransomware attacks, the attackers hijack and encrypt valuable data to force organizations to pay a ransom in exchange for the safe restoration of data and network functionality. CISOs have responded by adopting stronger cyber protections, such as creating secure offsite backups and segmenting their networks, and attackers have quickly evolved to subvert these methods. 

One Extortion, Two Extortion, Three

The cat-and-mouse game that is ransomware took an ugly turn over the past year or so as attackers realized the value that organizations put on not releasing their sensitive information publicly: The brand and reputation hit can sometimes be just as damaging as being locked out of files and systems. Capitalizing on this unfortunate reality, attackers began adding the threat of leaking sensitive data as a follow-up to successful or even unsuccessful ransomware attacks when organizations were able use backups to restore their systems.  

With double extortion being so successful, attackers figured: Why stop there? In cases of triple extortion, attackers threaten to release data about downstream partners and customers to extract additional ransom payments, potentially putting the initial organization at risk of lawsuits or fines 

Some bad actors have even created a search function that allows victims to find leaked data about partners and clients as proof of the datas damaging value. A ransomware operation known as ALPHV/BlackCat may have started this trend in June, when cybercriminals posted a searchable database containing the data of nonpaying victims. The BlackCat gang went as far as to index the data repositories and give…

Source…

How to avoid scams and theft during Cyber Monday shopping

/in


ROCHESTER, N.Y. (WROC) — Cyber Monday can be the last chance to save big time on holiday shopping but it’s also a day for criminals to steal your identity and banking information if you are not careful shopping online.  

Simply clicking on a sketchy link or ad sent to you can be the difference between hackers getting access to your personal information. Although it’s convenient to shop online and get what you want instantly, cyber security specialists urge you to take extra time to know if the sites are legit.

In 2021, research by Adobe found Americans spent about $10.8 Billion on Cyber Monday shopping. But as more customers participate in this digital age of holiday shopping, criminals also get more opportunities.  

“This is one of the most exciting times of the year for everybody, including cybercriminals,” Professor Jonathan Weissman of Computer Security at RIT said. “You have to remain extra vigilant and aware of everything you’re going now because cyber criminals are waiting.”  

In this day and age, cybercriminals can get their websites promoted to the top of any search engine to look legit. If you have any suspicion, cyber security experts encourage you to open a new browser and re-type the business name and products to look for matching results.  

“When you click on a malicious link you could be redirected to a site that looks like the site you think you’re doing business with,” Professor Weissman continued. “When you enter your credentials, they go right to the cybercriminals.”  

Making purchases over a public Wi-Fi connection can also be dangerous.  

Professor Weissman added, “You run the risk of going to an attacker’s access point and connecting to their network thinking you’re on a legitimate network and in essence, you can actually transfer all your information directly to the attacker.”  

Email and text message phishing is also becoming a common tactic where hackers install malware or ransomware within digital gift cards or links. Experts explain legit businesses almost never reach out with these types of attachments.  

“Ransomware will encrypt and lock your system,” Professor Weissman…

Source…

Top 5 ways to avoid cyber crime

/in


Cyber crime is on the rise and with October being Cybersecurity Awareness Month, AT&T complied their top 5 ways to avoid cyber-crime.

Jason Boone with AT&T here in the Rocky Mountain share’s the company’s top 5 list:

1.    Always think, “This could happen to me.” 

  • When it comes to cybersecurity, many people have an “it won’t happen to me” attitude. (That’s why they still use the same password for every site, despite expert recommendations to avoid doing so.) However, the reality is that cyberattacks are only growing in number year-over-year. 

2.    “Fluffy” and your childhood best friend’s name can help  

  • Banks, social media networks, etc. will ask for two forms of information, including security questions only you should know. These are harder to crack, so be sure to opt-in when you see it. 

3.    Strengthen your own security 

  • Keep security software up to date. 
  • Check with your carrier to see if they have tools to help. The AT&T ActiveArmor advanced mobile security app offers Identity Monitoring, which alerts you if your personal information is leaked, and provides tips to help resolve. And ask your internet provider about extra layers of security available to you at home. AT&T Fiber customers receive AT&T Internet Security at no additional cost.   

4.    Be proactive 

  • Monitor your bank and credit card statements for suspicious charges or transfers. 
  • Approach online-only friendships with caution to ward off social engineering attempts. 

5.    Protect your passwords 

  • We all know it’s necessary, but not all of us take steps to do it. 72% of people admit to using the same password across multiple logins.  
  • Using a strong password that differs from site-to-site will help decrease your chances of being hacked. If you struggle with passwords, consider getting a password manager.   

Boone also says that to always think “this can happen to you” and to be pro-active and protect your passwords.

Source…

Saudi urges WhatsApp users to update app to avoid malware threat

/in


Saudi cybersecurity urges WhatsApp users to update app to avoid malware threat

Riyadh: The authorities in the Kingdom of Saudi Arabia (KSA) on Sunday urged users of the WhatsApp application to update their app to avoid serious malware threats.

The national indicative centre for cyber ​​security, in Saudi Arabia, warned of security flaws in the WhatsApp application.

The centre, which is affiliated with the Kingdom’s national cybersecurity authority, said in its warning, “WhatsApp has issued several updates to address the vulnerabilities.”

MS Education Academy

It explained that the vulnerabilities exist in WhatsApp applications for the Android system prior to version 2.22.16.12, and before version 2.22.16.2.

There are also gaps in the WhatsApp Business application for Android before version 2.22.16.12, and WhatsApp iOS before version 2.22.16.12 and 2.22.15.9.

The centre stated that the threats consist in enabling the attacker to exploit the vulnerabilities by executing malicious software remotely.

According to data from Kaspersky, a cybersecurity company, published in February, the year 2021 saw a significant increase in attacks targeting mobile phones in Saudi Arabia by 19 per cent.

Subscribe us on The Siasat Daily - Google News

Source…