New Updates To This Malware Made It More Dangerous

If you haven't yet heard of a malware strain called 'Predator the Thief', it's something that belongs on your radar.

It first emerged as a threat in July of 2018, when it was used in conjunction with an extensive phishing campaign.

In its original incarnation, it proved more than capable of stealing passwords, browser data, user names and the contents of cryptocurrency wallets. In addition, it was able to access the infected victim's webcam and take pictures with it, sending everything to a command and control server.

Unfortunately, the group behind the malware has been busy updating it. It's recently been spotted in the wild with a new set of enhanced capabilities that make it more difficult for antivirus programs to detect its presence.

In addition to that, the hackers have upped their game on the phishing campaign front. This included adding new documents to use as lures to hook the victim into inadvertently installing the malicious code.

The new and improved version of the malware was discovered by Fortiguard Labs, and apparently version 3.3.4 was released on Christmas Eve, 2019.

Although there's no clear indication as to who is behind the code, a forensic analysis reveals it to be Russian in origin. Fortiguard's researchers reached this conclusion based on the fact that the malware is specifically designed not to operate in Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Ukraine or Uzbekistan. Those are countries that Russian hackers tend not to target as a rule.

In terms of minimizing the threat that Predator the Thief poses, Fortiguard's researchers recommend ensuring that macros are disabled by default and that all software (including OS software) is fully patched and up to date. These are, of course, sensible precautions to take when protecting against any threat, so it makes for good advice in general. Stay on your guard. It's dangerous out there.

Call SpartanTec, Inc. in Wilmington if you need the expertise of IT professionals in making sure that your network is protected against malware and other possible online threats. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Cybersecurity Trends In 2020

Corporate and personal privacy keep on eroding because data breaches and cyberattacks increasingly common. During the first half of 2019, over 4.1 billion data records have been exposed in reported data breaches. The average cost of these data breaches for companies that have been affected is almost $4 million per business.

Becoming alert as the society becomes increasingly dependent on technology is the cybersecurity industry, worth $120 billion and is expected to grow to a massive $300 billion once 2024 comes. With the ages of IoT and AI are coming, you will benefit from having a home or vehicle that is connected to the internet, or every day schedule to organize and automate your lives further. However, you need to ask yourself: are there possible hidden costs of increased internet connectivity? With hackers breaching devices and networks every 39 seconds, it is crucial for firms to have necessary security measures if they want to survive and thrive as a formidable business. Now that 2019 has ended, here are five of the top security trends you need to watch out for in the new year, 2020.

Cloud-Based Security Expansion

While the world is continuing to move most of tech infrastructure into the cloud, you will see security platforms that are cloud based and security services will also follow. Over the past twenty years, cloud computing has evolved significantly and it is now commonly utilized to support important operations of various businesses. From Dropbox and other data storage services that are cloud based, to all in one CRM clouds like Salesforce, businesses and consumers have become increasingly dependent on storing essential data in these clouds.

Data Encryption Advancements

Over the past years, cyberattacks have become much more sophisticated. Plus, an increasing number of advancements in data encryption have followed. The rise in encryption advancements will help you stay ahead of current security threats including distributed ledger technologies, zero-knowledge proof, ring signature, and privacy technology. If these techs are used in combination with any of the others, not only partial or full data anonymization will be achieved but identity and data verification will also be automated.

Cyber Insurance

The world faces countless cyber threats and that is why cyber insurance has become a need for not only large firms but small to medium enterprises, too. About $11.5 million is the estimated aggregate global loss linked to cyber extortion and hacks. At the moment, the size of the market for cyber insurance is at $2.4 billion in premiums and it is expected to grow twice in size or even triple this year. However, some growth may be limited due to the restrictive conditions and high cost of coverage on insurance policies.

Passwordless Authentication

Password protection and privacy will be a major problem that will plague consumers and business today because of the rise of AOL. However, just recently, there’s another method of authentication that sought to replace passwords. The password authentication tools may include hardware tokens or one time password generators, knowledge based authentication, and biometric authentication.

About 90% of mid size firms are expected to go with passwordless authentication in over 50% of their use cases by 2022. GETID and other similar companies will help other firms process AML and KYC checks for their clients using a compliant and secure biometric product. One of the biggest point of attack for hacking is password and that is why it is obvious for many businesses to prioritize identification through other means.

Cybersecurity Talent

Back in 2017, the World Economic Forum said there was as shortage of people who are trained in cybersecurity and it has not stopped increasing ever since. Unfilled cybersecurity jobs will continue to rise up to 3.5 million globally by 2021, which will be an increase of 350% from 2014. In the United States alone, there are 1 million people working on cybersecurity but there are around 500,000 positions that are still left unfilled. Since the list of security certifications and security training firms are still growing, finding work in this sector is almost certain if you are qualified.

Call SpartanTec, Inc. in Wilmington now and let our team set up the most effective strategies to improve and bolster your cybersecurity in 2020.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

New Ransomware Threatens To Release Stolen Data To Public

The leaders of the ransomware known as Sodinokibi (REvil Ransomware) have announced a nasty new tactic to get their victims to pay up when their files get encrypted.

The hackers are now threatening that they'll begin releasing stolen data to the general public or to competitors unless the ransom is paid.

While hackers have made this threat in the past, this year was the first time in history that anyone has followed through with it. At the end of November of this year, when Allied Universal was successfully attacked, they were given the ultimatum to pay up or see their files released. The company didn't pay, and the hackers promptly released more than 700MB of data on a hacking forum on the Dark Web.

Given this new reality, it raises some thorny questions. Should IT professionals begin treating ransomware attacks as data breaches? Possibly so, but doing so complicates matters. Right now, ransomware attacks are treated as a purely internal problem. Customers and vendors aren't necessarily contacted and formal disclosures don't have to be made as to the scope and scale of the data impacted.

If hackers start regularly releasing the files they encrypt, it puts a lot of information at risk. Information that includes sensitive data, personal information, salary information, termination letters, details on relationships with third parties, trade secrets, and a host of other sensitive, proprietary data. It is all at risk of public exposure. It will not only increase public concern but could easily lead to lawsuits. That is especially if the company falling victim to a ransomware attack fails to report it as a breach and the data is subsequently leaked.

It's too soon to say whether or not this is or will become the new normal, but before it happens to you, it bears thinking about how your company will handle the issue.

Don't put your client's information and your business data at risk. Call SpartanTec, Inc. in Wilmington now.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro