Weekly Cybersecurity Update

Cybersecurity Awareness Month Continues:

Anatomy of a Phishing Email

One of the most common threats in the cybersecurity world is phishing emails. These emails are designed with the intentions of deceiving the victim into giving up personal information, clicking on malicious links, or downloading attachments that contain Malware. Let’s take a look at the anatomy of a phishing email and give you some tips to recognize and avoid these scams!

• Sender’s email address: Phishing messages will often come from a forged or suspicious email address. Always be sure to examine the sender email address closely. Look for unusual characters, misspelled domain names, or random letters and numbers. Most legitimate organizations usually use official domain names for their emails, never generic or unfamiliar addresses.
• Urgent tone, alarmist language: Phishing emails often contain a very urgent tone to try and manipulate the target into taking action before they have time to examine the message closely. Always be extremely cautious if an email claims that your account will be suspended if you don’t respond immediately. Look out for emails that claim you’ve won a prize but have to respond quickly. These emails will typically rely on fear or excitement to make you act without investigating further.
• Generic greetings: A reoccurring trait of phishing emails is the use of generic greetings. “Dear User” or “Hello Customer.” My favorite being “Hello, I’m a Hacker.” Most organizations you do business with will address you by your name. If you see a generic greeting, consider it a red flag and investigate further.
• Poor grammar and spelling: Many phishing emails originate from non-native English speakers which can result in grammar and spelling errors. If you notice an email with more than one issue here, it’s best to err on the side of caution.
• Requests for personal information: Most professional organizations will never ask for sensitive personal information like Social Security numbers, credit card details or passwords through email. If you ever receive such a request, be extremely cautious as it’s likely a phishing attempt.

Understanding the basic anatomy of a phishing email can go far, but even top security experts have fallen victim to phishing scams. Remember to always look at the sender information and be alert when an email asks for any personal information. Look out for bogus logos and signatures. Always be cautious when receiving suspicious links or attachments.Online safety is so important these days. Being skeptical can help you navigate the internet with more confidence. That’s all for today. Stay vigilant and be safe!

Cybersecurity Awareness Month Continues:

Safe and Secure Passwords

The passwords you use are the first line of defense when it comes to protecting your personal information. It’s important to keep up with the latest best practices for managing secure passwords. Let’s take a few minutes to look at some tips to keep your personal information protected with better passwords!

Here is a good foundation for creating a secure password:

• Password Length: These days, the longer the password the better. It’s recommended to have a password of at least 12 characters long. If you can make them longer, you absolutely should. The longer the password the harder they are for a hacker to crack.
• Complexity: You should try to use a password combination that includes uppercase and lowercase letters. Numbers and special characters are also essential. Never use basic number combinations or simple words, these can be cracked fairly easily.
• Be unpredictable: Avoid common words, phrases or patterns. Song lyrics can be good but you need to make sure to mix them up with special characters or numbers. Stay away from birthdays, names or pet names.

Now that’s we’ve laid the foundation, here are some general tips to handle your many online accounts:

• Unique passwords for every account: While it may seem tedious or cumbersome, it’s very important to make sure you use a unique password for your most important information. If you use the same password for everything, if one account is hacked, basically all of your accounts are hacked! So it’s best to avoid this all together and just use unique passwords for everything.
• Password managers: Password managers can be an invaluable tool to help create and store very complex passwords. Most in the cybersecurity world will highly recommend finding a password manager that works for you.
• Two-Factor Authentication (2FA): What’s great about 2FA is the ability to add an extra layer of protection to your accounts. Usually this involves you receiving a text message with a special pin, or a mobile app to confirm your identity when trying to log into your account. If someone does steal your passwords, they would also have to have your phone or email to gain access so it’s definitely worth using if available.
• Update your passwords: Again, while it can seem time consuming and tedious, periodically updating your passwords is a great habit to get into. If you discover a company you use has a data breach you should always update your passwords immediately.

Following the basic foundation and general steps should go a long way, but it’s also important to pay attention to the news. Stay up to date about the latest cybersecurity news and data breaches. Putting it all together should go a long way to securing and protecting your most sensitive data. That’s it for now. Remember to stay vigilant and protect your personal information with strong, secure passwords.

October is cybersecurity awareness month! Here are 31 basic cybersecurity tips to help protect your personal and professional data:

1. Use strong, unique passwords: Always make sure to create complex passwords for you accounts. Avoid using birthdays or common words. The National Institute of Standards and Technology (NIST) recommends all user-created passwords be at least 8 characters in length.
2. Enable multi-factor authentication (MFA): MFA adds a nice extra layer of security to your accounts. Consider adding MFA to any account that contains sensitive data, especially anything that stores payment information.
3. Keep software updated: Always update your software and antivirus programs. Update operating systems for the latest patches to avoid security vulnerabilities.
4. Use a password manager: Password managers are great tools to have for personal and professional use. It’s a very easy way to generate and store complex passwords.
5. Be wary of phishing: Always pay close to emails with links and attachments. Never click links or open attachments from unknown senders.
6. Educate yourself: It’s a good idea to periodically review common threats and vulnerabilities. Also stay updated on the best security practices to protect yourself.
7. Secure your Wi-Fi: Make sure to create a unique strong password for your Wi-Fi Network. Use WPA3 encryption if available.
8. Use a firewall: Most computers have built in firewall options. Make sure you are using the firewall to help protect yourself from unauthorized access.
9. Regularly back up data: To help prevent against data loss or ransomware attacks, it is recommended to back up your data as much as possible. Monthly or even weekly backups can be a huge life-saver!
10. Install Antivirus software: Get into the habit of running antivirus software regularly to detect and remove malware.
11. Lock your devices: It’s a very good practice to set up password or PIN protection on your mobile devices to prevent unauthorized access.
12. Encrypt sensitive data: For your most sensitive data, it’s a good idea to use encryption tools for data at rest (data stored at the OS, Container, or Database level), and in transit (data being transported outside or between trusted environments).
13. Keep personal and professional work separate: Separate your personal and profession accounts. Try to avoid using personal devices for professional use whenever possible.
14. Secure physical access: Make sure to protect your devices from theft and tampering.
15. Use secure connections: You should only access sensitive information over secure, encrypted connections. You can tell if a website is using a secure protocol if it has “HTTPS” instead of “HTTP.”
16. Be cautious on social media: Information shared on social media is commonly used in social engineering attacks. Be careful not to give away too much personal information on social media.
17. Regularly review app permissions: Pay attention to the permissions you grant to apps on your devices. Often times random apps gain access to your personal files, or pictures and if those apps are ever compromised, so if your personal data!
18. Disable unused services: It’s a good practice to turn off or even uninstall unnecessary services and features on your devices.
19. Enable device tracking: Certain devices have features that can be enabled if the device is lost or stolen. Explore features like “Find My Device” for tracking options. Some devices even have a remote wipe feature that can be very useful if your device has been stolen.
20. Create separate email accounts: Make sure to have email accounts for personal and professional use.
21. Secure your router: Change default login credentials. Enable WPA3 or WPA2 wireless encryption. Disable remote management and UPnP (Universal Plug and Play).
22. Be cautious with public Wi-Fi: Never use a public Wi-Fi network to conduct sensitive transactions.
23. Monitor your accounts: Get in the habit of regularly reviewing your bank and credit card statements to track suspicious activity.
24. Employ application whitelisting: Only allow trusted applications to run on your computer and mobile devices.
25. Secure your mobile devices: Think of mobile devices as computers. Apply similar security measures to your tablets and smartphones as you do for your computers.
26. Be skeptical of unsolicited emails: Never trust an unsolicited email message. Always be cautious of emails requesting personal or financial information.
27. Disable unneeded browser extensions: Keep track of your browser extensions and remember browser extensions can pose different security risks. Sometimes it’s best to just disable or uninstall them.
28. Use encrypted messaging: For sensitive communications, it’s best to use end-to-end encryption. Look for messaging apps with the best encryption practices.
29. Secure cloud storage: Use two-factor authentication and make sure your most sensitive files are encrypted when using cloud storage.
30. Implement a disaster recovery plan: Make sure to have a plan in place to respond to a data breach or cyberattack.
31. Stay informed: Pay attention to the latest cybersecurity news. Ransomware and data breaches are becoming more and more common. Often times a big breach starts from a simple phishing scam. It’s good to pay attention to cybersecurity news stories to develop better practices and adapt to the ever changing risks we face online.

That’s all for this week, stay safe, and stay vigilant!

Welcome to this week’s cybersecurity update! Staying up to date with latest security related news and vulnerabilities helps impact the decisions we make. As technology advances, our lives become more connected to the digital landscape than ever. It’s important to do our best to protect our personal information and security. We once again had some big news stories this week so let’s get our coffee ready and get to the news!

Here are last week’s news stories ending July 14^th:

The News:

• Apple Issues New Round of Rapid Security Response Updates
  • SecureWorld has a short article about Apple releasing Rapid Security Response updates to address a Zero-Day vulnerability found in fully patched Apple devices. Rapid Security Response updates have recently been introduced by Apple as a way to patch bugs and exploits in between major software updates.  Most Apple devices will automatically apply these updates and prompt the user to restart their device when finished. Some cybersecurity experts are praising Apple’s efforts while others were critical of Apple’s lack of explanation regarding the vulnerabilities. Yet another reminder to always update and patch your mobile devices when updates become available.
• Beware of a Sophisticated Phishing Attack Targeting Microsoft 364 Users
  • Fox News has an article about a new phishing scam that targets Microsoft 365 users. The phishing email contains an attachment that uses a malicious JavaScript code. When a user clicks on the attachment it opens up a web page that makes it look like the user was logged out of their 365 account. If the user enters their login credentials it would allow the hackers to obtain the user’s authentication information. If we sound like a broken record talking about phishing scams, just remember that the most successful hacking operations usually start from a phishing email. Always remember to be careful when dealing suspicious emails!
• USB Drive Malware Attacks Spiking Again in First Half of 2023
  • BleepingComputer has an interesting report about the rise in malware attacks through USB drives this year. Researches have noted a threefold increase in malware coming from USB drives in just the first half of 2023. USB attacks have a variety of advantages over other types of hacking attempts. Often times the malicious processes will launch in complete stealth and by the time you realize somethings wrong it’s already too late. The article serves as an important reminder to always be cautious when handling a USB device of unknown origin. If you come across a random USB drive, never plug it into your computer!
• New York City Schools had Warnings Before Cyber Attack
  • Government Technology (GT) has a story about New York city school systems having received an audit warning of potential risks and lack of preparedness for cybersecurity incidents. The story is a cautionary tale, as the audit was conducted shortly before a major breach that affected thousands of NYC children’s personal information. State education officials have suggested that local school districts are primarily responsible for protecting personal data. Despite that, the audit found many gaps in security procedures, especially when it came to reporting such security incidents to the affected parties. If something like this can happen in the biggest school district in the country, it’s very likely that other school districts aren’t fully prepared to protect personal data either.
• Hayward Hacked: City Suffers Ransomware Attack, Turns Off Website
  • Fox KTVU reports on a California city suffering a ransomware attack that affected their public website and online city portals. 911 and other emergency services were still operational, but the city had to take down their website and pause many business operations while their IT teams investigated the attack. The Hayward Library system was also affected, as their internet services and Wi-Fi access for visitors were suspended. At this time, there is no evidence that any personal information was compromised during the breach. Another reminder that local governments need to have incident response plans in place to be more prepared for these types of attacks.

To end our weekly security update, we wanted to post a follow up story about the Detroit Public Library and the City of Detroit getting scammed for more than $600,000.

Two Years After a Major Detroit Public Library Theft, No Arrests Have Been Made and 400k is Still Missing

That’s all for this week, we’ll be back next Monday for more security related news. Have a good week and stay vigilant!

Online privacy and security are at the forefront of today’s top news stories. Welcome to another edition of our cybersecurity blog where we keep you up to date with the latest news from the digital world. We took a few weeks off, but hackers and threat actors never stop. Let’s get into this week’s top news stories!

Here are last week’s news stories ending July 7^th:

The News:

• Microsoft Teams Exploitable by New Phishing Tool
  • SecureWorld has a good write up about Microsoft Teams, and the security researchers that discovered a major exploit. The security researchers created a tool that demonstrates how hackers can send messages to anyone in an organization despite not being part of the organization’s recipient lists. Microsoft has acknowledged the vulnerability but has declined to work on fixing it. This article really illustrates how important it is for individuals and businesses to pay attention to security news, as major vendors will sometimes refuse to patch known vulnerabilities in a timely manner.
• CISA Warns Govt Agencies to Patch Actively Exploited Android Driver
  • BleepingComputer summarizes the recent news about CISA ordering federal agencies to patch android devices immediately due to several security flaws. Agencies have 3 weeks to secure their android devices. One of the known security flaws would allow an attacker to gain root access to the affected device. This article once again shows the importance of security updates and the need for small and large businesses to have a good mobile device policy in place.
• Iranian Hackers’ Sophisticated Malware Targets Windows and macOS Users
  • The Hacker News reports on an Iranian hacker group linked to the Islamic Revolutionary Guard, and their recent phishing attacks that can install Malware that affects both Windows and macOs operating systems. The article displays the attack sequence discovered by a security firm and notes the different actions taken depending on the installed OS. While the article displays a complicated chain of events, it’s also worth noting that such attacks typically begin from a phishing attempt. Always remember to be mindful when clicking links or downloading attachments from emails!
• Ransomware Criminals Are Dumping Kids’ Private Files Online After School Hacks
  • AP News documents a disturbing story about cybercriminals dumping students’ personal information online. The article mainly talks about the Minneapolis Public School district refusing to pay a 1 million ransom and having student documents posted online as a result. The information was shared on social media and the dark web. It’s important to be aware of such data breaches and to be prepared. Some of the documents contained very personal information. Once information is posted on the dark web it’s near impossible to get that information removed.
• 559,000 Individuals Affected by Murfreesboro Medical Clinic & SurgiCenter Cyberattack
  • The HIPAA Journal writes about the Murfreesboro Medical Clinic and SurgiCenter (MMC) recently confirming that over half a million patients had their health information compromised by hackers. MMC wasn’t able to determine if the files were accessed or removed from their servers, but they did note that the network accessed did contain files with protected health information. The article also includes a few more news stories related to HIPPA breaches. It’s important to pay attention to these stories and remember that your health care providers have a duty to report any breaches that involve Protected Health Information (PHI).

To end this week’s blog update, we would like to share an article from Fidelity about safeguarding your personal information to avoid identify theft scams.

Don’t Get Hooked by these Financial Scams

That’s all for this week, we’ll be back next Monday for another edition! Thanks for reading, have a good rest of your week, stay safe and stay vigilant!

Welcome to another edition of our Cybersecurity weekly blog. We believe staying up to date with the latest news and security threats helps us make better decisions when navigating today’s ever expanding online world. We will get started with some headlines and then offer some tips on the best practices for a safe and secure password.

Here are last week’s news stories ending June 3rd:

The News:

• Malicious Chrome extensions with 75M installs removed from Web Store
  • Bleeping Computer reports on a story where Google recently removed 32 malicious extensions from their Web Store. The extensions were found to push spam, alter search results, and they were downloaded over 75 million times. This story highlights the need for users to exercise caution when downloading apps and browser extensions from official store pages. It also notes that despite these extensions being removed from the store page, users will have to manually uninstall the affected extensions to be safe.
• Akron-Summit County Public Library investigating ‘ransomware incident’ that caused outages
  • The Akron Beacon Journal writes about a ransomware attack on the Akron-Summit County Public Library and its 18 branches. Computers, phones and the library catalog were taken offline for a few days. The incident is still being investigated but the story highlights the quick action taken by the libraries’ team to investigate and secure their systems.
• Idaho hospital diverts ambulances, turns to paper charting following cyberattack
  • Fierce Healthcare reports on a cyberattack targeting the Idaho Falls Community Hospital and its partner clinics. Ambulances were diverted, some clinics closed, and paper charting was used while services were disrupted. It’s unclear at this point if it was a ransomware attack. The article highlights the importance of having a plan in place in the event of such attacks.
• FTC Slams Amazon with 30.8M Fine for Privacy Violations Involving Alexa and Ring
  • The Hacker News is reporting on a story about Amazon’s Alexa assistant and Ring security cameras. The FTC recently hit Amazon with a $30 million dollar fine that includes a $25 million penalty for breaching children’s privacy laws. A big takeaway from this story is that while some of these security devices and voice assistants can make our lives easier, they also come with some big security risks.
• Microsoft Discovers Critical macOS Vulnerability Allowing SIP Bypass
  • SecureWorld has an article about Microsoft discovering a critical macOS vulnerability. The vulnerability referred to as “Migraine” allows attackers to bypass System Integrity Protection (SIP) if they have root access. This article shows that collaboration is important in the security world, and big tech companies should work together when the need arises. MacOS users should also make sure to update their OS to the latest version as soon as possible.

Best password practices in 2023:

1. Use strong and unique passwords for all accounts.
2. Never use information in a password that can be found on your social media accounts.
3. Do not use words found in a dictionary, come up with passphrases instead.
4. Make sure to use upper and lower case letters with a combination of numbers and symbols.
5. Never reuse the same password on multiple accounts.
6. Minimum password length of 14 characters.
7. Password managers are a great tool for storing and creating complex passwords.
8. 2-factor authentication is recommended for all accounts linked to sensitive data.

Never use any of the following: (Top 10 most used passwords 2022 according to Forbes)

Remember that having a strong password is vital to keeping your most important data safe and secure. That’s all for this week’s Cybersecurity blog post. We’ll be back next week for another edition! Thanks for reading, remember to be vigilant and stay safe out there!

• Boot Guard Keys from MSI Hack Posted, Endangering PCs.
  • Tom’s Hardware highlights a significant security concern as the BootGuard keys for MSI motherboards were leaked online, potentially exposing them to malicious exploitation. This leak could enable attackers to bypass the system’s security measures, compromising the integrity and trustworthiness of affected MSI systems.

• Netgear Routers’ Flaws Expose Users to Malware, Remote Attacks, and Surveillance
  • The Hacker News highlights critical vulnerabilities found in Netgear routers that expose users to remote attacks. The flaws allow threat actors to execute arbitrary code, monitor users’ internet activity, hijack internet connections, emphasizing the need for immediate firmware updates and proactive security measures by Netgear router users.

• Toyota: Car location data of 2 million customers exposed for ten years
  • BleepingComputer reveals a data breach that exposed the location data of approximately 2 million Toyota customers for a decade. The incident occurred due to a misconfiguration of a cloud environment, potentially allowing unauthorized access to sensitive information such as vehicle tracking and trip history. The article notes that technically no personally identifiable information (PII) was leaked, only the VIN numbers.

• Bl00dy ransomware gang targets schools via PaperCut flaw
  • TechTarget reports on a ransomware gang known as “Bl00dy” exploiting a vulnerability in the popular print management software, PaperCut MF. The gang specifically targeted schools, encrypting their systems and demanding ransom payments, highlighting the importance of promptly patching vulnerabilities and implementing robust cybersecurity measures in educational institutions.

• Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
  • This article from The Hacker News reports on the successful operation carried out by Spanish law enforcement to dismantle a large-scale phishing operation that had illicitly obtained millions of euros from unsuspecting victims. The authorities arrested several individuals involved in the scheme and seized significant assets. This story emphasizes the importance of cybersecurity awareness to prevent falling prey to such scams.

• Ransomware attack hampering Dallas police operations (This appears to have been caused by a phishing email!)
• Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads (Be careful when downloading random apps to your mobile devices. They found this Malware in 11 different apps!)
• Russian hackers use WinRAR to wipe Ukraine state agency’s data
• Hackers hijacked a university’s emergency system to threaten students and faculty
• Dental offices report hacking leaving patients scrambling, frustrated

• SANS Reveals Top 5 Most Dangerous Cyberattacks for 2023
• Iranian hacking group targets Israel with improved phishing attacks
• Elk Grove Unified employees with tax filing issues may have fallen for phishing email, school district says
• Gone in seconds: rising text message scams are draining US bank accounts
• Georgia is paying hackers to break into its Medicaid portal
• Cybersecurity students learn how to beat hackers at their own game

• Walmart, Amazon, Netflix and MetaMask — Top Scams and Phishing Attempts This week – This is a nice summary of some of the current scams going on. Just note that TrendMicro is also advertising their products in this article. We don’t recommend purchasing anything but wanted to share the helpful information between the ads.
• Password Encryption 101: Best Practices Guide for Orgs of All Sizes
• What is Data Security?
• Buyers Beware: Cybercriminals Target Your Online Credentials