Archive for March 18, 2022

LokiLocker Ransomware Packs Data Wiping Capabilities

Posted in Commentary with tags , on March 18, 2022 by itnerd

BlackBerry has warned of a new ransomware family identified as LokiLocker. The RaaS family targets Windows systems by threatening to overwrite a victims Windows Master Boot Record (MBR), which in turn wipes all files and renders the machine completely unusable. However, when that tactic is taken into play, it negates all conversations of payments. BlackBerry has pointed to some evidence that suggests LokiLocker was developed by Iranian hackers and designed to target English-speaking victims.

Aimei Wei, CTO and Founder, Stellar Cyber had this to say:

“The research shows that Ransomware is happening at scale. It is provided as a service to many affiliates. It is also becoming more destructive. Besides encrypting files, it also wipes the system. The chance of being hit has greatly increased and consequence is bigger. People should always have data backup, preferably offline, and exercising caution when downloading files or opening attachments. In addition, for organizations, deploying a threat detection and response system or using a threat detection/response service may help to quickly discover the attack, disrupt/stop it from spreading and reduce the damage.”

This is important to item to note:

At the time of writing this, there is no free tool to decrypt files encrypted by LokiLocker. If you are already infected with LokiLocker ransomware, the recommendation by most official security authorities – such as the FBI – is not to pay the ransom. Quite apart from the fact that every victim who pays the ransom perpetuates the global growth of ransomware, remember that you’re dealing with criminals here, and there is no guarantee that you’ll regain access to your data, even if you pay up. Finally, even if you’re data is restored, there is no way to know whether the threat actor planted a backdoor somewhere on your machine, for easy future access. After all, people who pay one ransom can often be persuaded to pay another.

When it comes to ransomware of all types, often the best thing we can do as defenders is to make every effort to stay one step ahead of the threat actors, even when the journey proves complex and arduous.

With that in mind. Prevention is the key to not getting pwned by this. Thus companies need to do whatever is required to ensue that they don’t become victims of this ransomware.

Leave a comment »

Finance, Education & Healthcare Were Top Targets For Cybercriminals In Canada in 2021: Trend Micro

Posted in Commentary with tags on March 18, 2022 by itnerd

New research from Trend Micro Incorporated warns of spiraling risk to digital infrastructure and remote workers as threat actors increase their rate of attack on organizations and individuals.

Ransomware attackers are shifting their focus to critical businesses and industries more likely to pay, and double extortion tactics ensure that they are able to profit. Ransomware-as-a-service offerings have opened the market to attackers with limited technical knowledge – but also given rise to more specialization, such as initial access brokers who are now an essential part of the cybercrime supply chain.

Threat actors are also getting better at exploiting human error to compromise cloud infrastructure and remote workers. Trend Micro Cloud App Security (CAS) detected and prevented 25.7 million email threats in 2021 compared to 16.7 million in 2020, with the volume of blocked phishing attempts nearly doubling over the period. Research shows home workers are often prone to take more risks than those in the office, which makes phishing a particular risk.

In the cloud, incorrectly configured systems continue to plague organizations. Services such as Amazon Elastic Block Store and Microsoft Azure’s Virtual Machine were among the services that had relatively high misconfiguration rates. Trend Micro also found that Docker REST APIs are frequently misconfigured, exposing them to attacks from groups like TeamTNT that deploy crypto-mining malware on affected systems.

Business email compromise (BEC) saw detections drop 11%. However, CAS blocked a higher percentage of advanced BEC emails, which could be detected only by comparing the writing style of the attacker with that of the intended sender. These attacks comprised 47% of all BEC attempts in 2021 versus 23% in 2020.

While 2021 was a record year for new vulnerabilities, Trend Micro research shows that 22% of the exploits sold in the cybercrime underground last year were over three years old. Patching old vulnerabilities remains an essential task alongside monitoring for new threats to prevent cyber-attacks and ensure strong security posture.

To learn more about Navigating New Frontiers: Trend Micro 2021 Annual Cybersecurity Report, please visit: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/navigating-new-frontiers-trend-micro-2021-annual-cybersecurity-report

Leave a comment »

TELUS Will Offer The New iPhone SE & iPad Air with 5G, Plus Green iPhone 13’s Starting Today

Posted in Commentary with tags , on March 18, 2022 by itnerd

TELUS will offer the powerful iPhone SE with compact and durable design, sophisticated alpine green iPhone 13 Pro and stunning green iPhone 13, and the powerful and versatile iPad Air with a new front camera with Center Stage. 

The new iPhone SE features impressive upgrades, including the performance of the A15 Bionic chip, 5G, an all-new camera system, longer battery life and improved durability. 

iPhone 13 Pro and iPhone 13 feature two beautiful new colors, alpine green and green, extending the most advanced iPhone lineup ever with its sleek design, the breakthrough A15 Bionic chip, incredibly durable Ceramic Shield front cover, an advanced 5G experience, and cutting-edge camera systems for stunning photos and videos. 

iPad Air features the Apple-designed M1 chip, delivering a massive leap in performance. Available in a new array of colors, iPad Air also includes the new Ultra Wide front camera with Center Stage, a USB-C port with up to 2x faster transfer speeds, blazing-fast 5G and more, starting at the same affordable price, with a stunning 10.9-inch Liquid Retina display. 

Customers can order the iPhone SE, iPhone 13 Pro and iPhone 13 Pro Max in alpine green, and iPhone 13 and iPhone 13 mini in green, and iPad Air starting today. 

For complete pricing and availability details, please visit telus.com/apple. The iPhone SE and iPhone 13 lineup will also be available at Koodo on 4G LTE. 

For more details on iPhone SE, iPhone 13 and iPad models, please visit www.apple.com.

Leave a comment »

Guest Post: Scammers Create Fake Donation Sites To Take Advantage Of Consumers During Crisis

Posted in Commentary with tags on March 18, 2022 by itnerd

By Hank Schless, Senior Manager of Security Solutions at Lookout

During times of turmoil the best of humanity comes out as people show their support through donations. In fact, 56% of Americans donated to charity in 2021. Oftentimes, the easiest way to donate is online through organizations. Unfortunately, scammers take advantage of others’ kindness and create fake websites claiming to be accepting donations. 

It is often difficult for people to distinguish between a legitimate site and a fake one. Security experts from Lookout, the leader in delivering integrated Security, Privacy, and Identity Theft Protection solutions, identified the below scams regarding donations for the crisis in the Ukraine.  

Scam 1: The below is a phishing example where scammers have created a fake copy of the official Ukrainian Government website. The scammer added a “Donate Fund” button with Bitcoin, Ethereum and U.S. Dollar payment options. 

Scam 2: The below is a fake website that was created for “Ukraine Appeal” that targets people to try and trick them into believing it is a legitimate donation site.

Lookout helps protect your digital information at every level – from the device you hold, to the apps and online services you use and the networks you connect to. Lookout also continuously monitors the internet to ensure what matters to you the most – such as social security and credit card numbers – aren’t exposed. And if anything happens, Lookout’s team of experts and a $1 million identity theft insurance policy are here to back you up.

Leave a comment »

Tile Launches Their Own Anti Stalking Features

Posted in Commentary with tags on March 18, 2022 by itnerd

Tile has announced their Scan and Secure feature. Which is their version of what Apple has done to discourage the use of AirTags as tracking devices in situations like stalking. This feature allows anyone to check for the presence of Tile devices in close proximity to them that don’t belong to them. Instructions on how to use it can be found here, and it can be used by anyone simply by downloading the Tile app. I took a look at the instructions and it seems a bit of a chore to use. I say that because of this:

The scan requires you to walk/move or drive a certain distance away from your original location (the feature does not work properly if you circle around one location, such as walking inside your home). Your safety while completing the Scan and Secure feature is very important to us. Please use caution while walking/moving/driving when using the feature. If you choose to drive during the scan, please avoid looking at your phone while driving.

Once started, the scan will continue and your phone will not go ‘to sleep’. When the scan is complete, please park your car in a safe place before reviewing the results.  If you choose to walk or use a bike (or any similar transportation mode such as a scooter) while running the scan, please remain aware of your surroundings and be careful around traffic.

That really sounds like any user who thinks that they might have an unwanted Tile tracker on their person has to hop through hoops to confirm or deny that. And I truly wonder if this will truly work as designed as Apple’s solution to this problem seems way more elegant. The only way to find out is to test this for myself. Now I checked my Tile app and I didn’t have this feature. But it is apparently rolling out over the next couple of weeks. Thus when I do get it, I’ll test this out and let you know how well this works or doesn’t work. Stay tuned for that.

Leave a comment »