<?xml version="1.0" encoding="UTF-8"?><rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" > <channel> <title>jIT Solutions</title> <atom:link href="https://www.jitsolutionsit.com/feed/" rel="self" type="application/rss+xml" /> <link>https://www.jitsolutionsit.com</link> <description></description> <lastBuildDate>Tue, 01 Mar 2022 17:09:22 +0000</lastBuildDate> <language>en-US</language> <sy:updatePeriod>hourly</sy:updatePeriod> <sy:updateFrequency>1</sy:updateFrequency> <image> <url>https://www.jitsolutionsit.com/files/2020/10/favicon-150x150.jpg</url> <title>jIT Solutions</title> <link>https://www.jitsolutionsit.com</link> <width>32</width> <height>32</height> </image> <item> <title>Medusa Android Banking Trojan Steals Sensitive User Information</title> <link>https://www.jitsolutionsit.com/2022/03/01/medusa-android-banking-trojan-steals-sensitive-user-information/</link> <comments>https://www.jitsolutionsit.com/2022/03/01/medusa-android-banking-trojan-steals-sensitive-user-information/#respond</comments> <pubDate>Tue, 01 Mar 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[Android]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Google]]></category> <category><![CDATA[Malware and Virus Protection]]></category> <category><![CDATA[Recent News]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Technology News]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/03/01/medusa-android-banking-trojan-steals-sensitive-user-information/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14153" src="https://www.jitsolutionsit.com/files/2022/03/android-trojan-resized.png" alt="" width="300" height="225" />There are two new forms of malware spreading rapidly among people with Android devices according to researchers at ThreatFabric. This latest campaign involves the FluBot malware (also known as Cabassous) and the ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14153" src="https://www.jitsolutionsit.com/files/2022/03/android-trojan-resized.png" alt="" width="300" height="225" />There are two new forms of malware spreading rapidly among people with Android devices according to researchers at ThreatFabric. This latest campaign involves the FluBot malware (also known as Cabassous) and the Android banking trojan called Medusa. What's disturbing about this most recent spate of attacks is that both forms of malware share the same basic infection tactics and delivery infrastructure.</p> <p>FluBot is one of the most notorious strains of Android malware and can steal passwords, banking details, and other sensitive information from infected devices. It also gains access to the user's list of contacts and uses SMS messages to spread to other devices.</p> <p>FluBot's success has encouraged imitators. Although Medusa was not created by the same group that authored FluBot, Medusa's authors are following in FluBot's footsteps.</p> <p>In the case of Medusa it began life as a keylogger. It has been upgraded and can now take screenshots and collect data about how the device is used. Medusa's authors have even gone so far as to deliver their malicious payload by using poisoned apps bearing the exact same names that FluBot's controllers use.</p> <p><strong>The researchers at ThreatFabric had this to say about the matter:</strong></p> <p><em>"Despite the fact that Medusa is not extremely widespread at the moment, we do see an increase in volume of campaigns and a sufficiently greater number of different campaigns.</em></p> <p><em>Powered with multiple remote access features, Medusa poses a critical threat to financial organisations in targeted regions."</em></p> <p>The single best thing users can do to minimize the risk of infection by either of these forms of malware is to install apps from the Google Play store or other authorized and trusted vendors only. Never install an app via a direct link or from some other website that offers it. It just isn't worth the risk.</p> <p><a href="https://sitesdev.net/articles/2022/03/01/medusa-android-banking-trojan-steals-sensitive-user-information/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/03/01/medusa-android-banking-trojan-steals-sensitive-user-information/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Malware Disguised As Windows 11 Upgrade Targets Windows 10 Users</title> <link>https://www.jitsolutionsit.com/2022/02/28/malware-disguised-as-windows-11-upgrade-targets-windows-10-users/</link> <comments>https://www.jitsolutionsit.com/2022/02/28/malware-disguised-as-windows-11-upgrade-targets-windows-10-users/#respond</comments> <pubDate>Mon, 28 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Malware and Virus Protection]]></category> <category><![CDATA[Microsoft]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Technology News]]></category> <category><![CDATA[Windows 11]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/28/malware-disguised-as-windows-11-upgrade-targets-windows-10-users/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14147" src="https://www.jitsolutionsit.com/files/2022/02/windows-11-update-resized.png" alt="" width="300" height="225" />According to researchers at HP, there's a new threat to worry about. Hackers have recently begun disguising malware as Windows 11 upgrades and are using them to target Windows 10 users who ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14147" src="https://www.jitsolutionsit.com/files/2022/02/windows-11-update-resized.png" alt="" width="300" height="225" />According to researchers at HP, there's a new threat to worry about. Hackers have recently begun disguising malware as Windows 11 upgrades and are using them to target Windows 10 users who are anxious to move to Microsoft's latest OS. This new campaign begins like many others with an email informing the recipient that if they click the link provided in the email, they'll be taken to Microsoft's website where they can get a free copy of Windows 11.</p> <p>Victims who click the link will be taken to a site that is a very good and convincing replica of the legitimate Microsoft website. Only a careful inspection of the URL will reveal that something is amiss and most users don't pay much attention to URLs so this is quite likely to go unnoticed.</p> <p>Once on the site, the victim will be prompted to download the file that promises to be Windows 11. It is nearly 800 MB in size so at that point it still seems legitimate.</p> <p>Unfortunately, if the victim runs the downloaded file they seal their fate as it will install malware on their system.</p> <p>At present, the most common malware deployed via this campaign is RedLine Stealer which steals stored passwords, cookies, saved payment card information, and cryptocurrency wallet information. So if it lands on your system or finds its way into your company's network it can deal significant damage with long lasting consequences.</p> <p>The worst part of all this is that Microsoft has unintentionally made the issue worse than it needs to be. There are a great many Windows 10 users who cannot get Windows 11 from official distribution channels due to hardware incompatibilities. That has created an enormous opportunity for hackers around the world and they are wasting no time exploiting that opportunity.</p> <p><a href="https://sitesdev.net/articles/2022/02/28/malware-disguised-as-windows-11-upgrade-targets-windows-10-users/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/28/malware-disguised-as-windows-11-upgrade-targets-windows-10-users/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>The San Francisco 49ers Recently Hit With Ransomware Attack</title> <link>https://www.jitsolutionsit.com/2022/02/26/the-san-francisco-49ers-recently-hit-with-ransomware-attack/</link> <comments>https://www.jitsolutionsit.com/2022/02/26/the-san-francisco-49ers-recently-hit-with-ransomware-attack/#respond</comments> <pubDate>Sat, 26 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Ransomware]]></category> <category><![CDATA[Recent News]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Technology News]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/26/the-san-francisco-49ers-recently-hit-with-ransomware-attack/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14142" src="https://www.jitsolutionsit.com/files/2022/02/football-resized.png" alt="" width="300" height="225" />Hackers will attack absolutely anybody. No one is safe and nothing is sacred. Not even football is safe. The most recent high-profile attack was made against the San Francisco 49ers according to ...]]></description> <content:encoded><![CDATA[<p><strong><img class="alignleft size-full wp-image-14142" src="https://www.jitsolutionsit.com/files/2022/02/football-resized.png" alt="" width="300" height="225" /></strong>Hackers will attack absolutely anybody. No one is safe and nothing is sacred. Not even football is safe.</p> <p>The most recent high-profile attack was made against the San Francisco 49ers according to BleepingComputer which got confirmation from the 49ers.</p> <p>According to the information disclosed by the 49ers they are in the process of recovering from an attack by the BlackByte ransomware gang which caused a "temporary disruption" of parts of the 49ers IT infrastructure.</p> <p>Currently we have few details. We do not know for example whether the BlackByte gang was able to successfully deploy their ransomware. We cannot confirm the gang's claims that they stole data from the football organization.</p> <p><strong>Their official disclosure statement reads in part, as follows:</strong></p> <p><em>"The San Francisco 49ers recently became aware of a network security incident that resulted in temporary disruption to certain systems on our corporate IT network. Upon learning of the incident, we immediately initiated an investigation and took steps to contain the incident.</em></p> <p><em>Third-party cybersecurity firms were engaged to assist, and law enforcement was notified.</em></p> <p><em>While the investigation is ongoing, we believe the incident is limited to our corporate IT network; to date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi's Stadium operations or ticket holders.</em></p> <p><em>As the investigation continues, we are working diligently to restore involved systems as quickly and as safely as possible."</em></p> <p>While the BlackByte gang isn't particularly active, security professionals have been aware of their activities since July 2021. They have taken down their share of relatively high-profile targets and are certainly not to be ignored.</p> <p>The lesson here is simple. No matter who you are you are not safe. The hackers don't care and they will come for you. Stay vigilant out there because 2022 is just getting started.</p> <p><a href="https://sitesdev.net/articles/2022/02/26/the-san-francisco-49ers-recently-hit-with-ransomware-attack/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/26/the-san-francisco-49ers-recently-hit-with-ransomware-attack/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>iPhone Sales Edging Out Android In The US</title> <link>https://www.jitsolutionsit.com/2022/02/25/iphone-sales-edging-out-android-in-the-us/</link> <comments>https://www.jitsolutionsit.com/2022/02/25/iphone-sales-edging-out-android-in-the-us/#respond</comments> <pubDate>Fri, 25 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[Android]]></category> <category><![CDATA[Apple]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Google]]></category> <category><![CDATA[iPhone]]></category> <category><![CDATA[Recent News]]></category> <category><![CDATA[Technology News]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/25/iphone-sales-edging-out-android-in-the-us/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14138" src="https://www.jitsolutionsit.com/files/2022/02/iphone-resized.png" alt="" width="300" height="225" />It's no secret that supply chain issues have impacted a variety of different industries. Apple has been somewhat less impacted than others. Leveraging this and their massive infrastructure and marketing budget, they ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14138" src="https://www.jitsolutionsit.com/files/2022/02/iphone-resized.png" alt="" width="300" height="225" />It's no secret that supply chain issues have impacted a variety of different industries. Apple has been somewhat less impacted than others.</p> <p>Leveraging this and their massive infrastructure and marketing budget, they have flexed their corporate muscles and gained market share.</p> <p>According to statistics gathered by data analytics firm Kantar, Apple accounted for slightly more than half of all smartphone sales in the US in 2021. They claimed 51 percent of the total sales for the year which is a 2.7 percent increase from 2020.</p> <p>Apple lost ground in Australia, Japan, and Great Britain. Sales surged in Germany (up 5.6 percent to 30.9 percent of the market. Sales were also up 2.2 percent in France to 26.7 percent of the French market, up 1.3 percent in Italy to 19 percent of the market and up an impressive 9.1 percent in China, to 25.7 percent of the market.</p> <p>The increase in the Chinese market alone more than made up for the losses we mentioned and the company is forecasting strong demand going forward for the iPhone 13.</p> <p>Bear in mind that when looking at these figures, we're comparing Apple's iPhone sales to the entire Android ecosystem. That's how utterly dominant the company is in the smartphone market, and that's amazing.</p> <p>It gets even better for Apple because their next generation iPhone SE is generating a tremendous amount of industry buzz and excitement. It will likely allow Apple to widen their lead on the Android ecosystem.</p> <p>If you're a fan of Apple and their products, this is great news indeed. It's hard to believe that the company was at one time verging on bankruptcy.</p> <p>Even if you're not a fan of Apple, you must admire the company. Their customers are more than just customers. They are diehard fans of not only the company itself, but of every product the firm makes. Anyone in any industry would kill to have customers half as loyal as Apple's.</p> <p><a href="https://sitesdev.net/articles/2022/02/25/iphone-sales-edging-out-android-in-the-us/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/25/iphone-sales-edging-out-android-in-the-us/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Hackers Are Using NFT Excitement To Trick Users</title> <link>https://www.jitsolutionsit.com/2022/02/24/hackers-are-using-nft-excitement-to-trick-users/</link> <comments>https://www.jitsolutionsit.com/2022/02/24/hackers-are-using-nft-excitement-to-trick-users/#respond</comments> <pubDate>Thu, 24 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Malware and Virus Protection]]></category> <category><![CDATA[Recent News]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Technology News]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/24/hackers-are-using-nft-excitement-to-trick-users/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14134" src="https://www.jitsolutionsit.com/files/2022/02/NFT-resized.png" alt="" width="300" height="225" />Researchers from Fortinet are warning of a new threat to be on the lookout for. Right now, NFTs are all the rage. Everyone is talking about them, and many are excited about ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14134" src="https://www.jitsolutionsit.com/files/2022/02/NFT-resized.png" alt="" width="300" height="225" />Researchers from Fortinet are warning of a new threat to be on the lookout for.</p> <p>Right now, NFTs are all the rage. Everyone is talking about them, and many are excited about them. Hackers have been quick to take advantage of that fact, and the Fortinet researchers have stumbled across a poisoned spreadsheet that purports to contain information about NFTs.</p> <p>The spreadsheet actually quietly deploys a malware strain called BitRAT when opened.</p> <p>BitRAT is a particularly nasty strain of malware that first appeared for sale on the Dark Web back in late 2020. It is notable because it can bypass User Account Control (UAC), which is a Windows feature designed to prevent unauthorized access to the OS.</p> <p>Once installed on a target system BitRAT can steal login credentials from browsers and other applications. It can log keystrokes and upload or download files which makes it more than capable of installing other forms of malware once the beachhead has been established.</p> <p>It's too early to say yet whether NFTs are here to stay or if they're just a flash in the blockchain pan. Either way, if they are generating buzz and excitement around the world, hackers will continue to exploit that excitement.</p> <p><strong>As the Fortinet researchers put it:</strong></p> <p><em>"Be mindful that attackers often use attractive and trendy subjects as lures. As NFTs become increasingly popular, they will be used to entice victims into opening malicious files or clicking on malicious links."</em></p> <p>The best thing you can do is to educate your employees and inform them of the threat. Remind everyone you know that no matter how exciting the topic might be, it's never a good idea to open files from untrusted sources or click on links embedded in emails. If you need to go to a website open a new browser tab and manually type in the URL. Better safe than sorry.</p> <p><a href="https://sitesdev.net/articles/2022/02/24/hackers-are-using-nft-excitement-to-trick-users/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/24/hackers-are-using-nft-excitement-to-trick-users/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Hackers Are Breaking Into Microsoft Teams And Dropping Malware</title> <link>https://www.jitsolutionsit.com/2022/02/23/hackers-are-breaking-into-microsoft-teams-and-dropping-malware/</link> <comments>https://www.jitsolutionsit.com/2022/02/23/hackers-are-breaking-into-microsoft-teams-and-dropping-malware/#respond</comments> <pubDate>Wed, 23 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[Business Advice]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Malware and Virus Protection]]></category> <category><![CDATA[Microsoft]]></category> <category><![CDATA[Recent News]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Technology News]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/23/hackers-are-breaking-into-microsoft-teams-and-dropping-malware/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14128" src="https://www.jitsolutionsit.com/files/2022/02/work-chat-resized.png" alt="" width="300" height="225" />Researchers at Avanan are a Check Point subsidiary. They have recently issued a warning that anyone who uses Microsoft Teams should be aware of. According to the latest statistics, more than 270 ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14128" src="https://www.jitsolutionsit.com/files/2022/02/work-chat-resized.png" alt="" width="300" height="225" />Researchers at Avanan are a Check Point subsidiary. They have recently issued a warning that anyone who uses Microsoft Teams should be aware of. According to the latest statistics, more than 270 million people use Teams every single month.</p> <p>According to Avanan, hackers are breaking into Team chats and attaching malicious files to ongoing conversations. By all outward appearances the attached files appear to be relevant to the conversations, but anyone unfortunate enough to click on the file will be infected.</p> <p>At this point, it's not clear how the hackers are gaining access to Teams in the first place. The most likely possibilities include compromising a third-party vendor that a company does business with, phishing attacks, or stealing Microsoft 365 or email credentials.</p> <p>The disturbing thing about this recent spate of attacks is the fact that it requires absolutely no sophistication. It's about the simplest form of attack one could imagine and made possible in no small part by virtue of the fact that Microsoft Teams is almost universally trusted by those who use it.</p> <p>Very few people think anything of security once they're entrenched in the Teams framework.</p> <p><strong>The researchers at Avanan recommend the following to limit your risk and exposure:</strong></p> <ul> <li>Encourage end-users to reach out to IT when seeing an unfamiliar file</li> <li>Implement protection that downloads all files in a sandbox and inspects them for malicious content</li> <li>Deploy robust, full-suite security that secures all lines of business communication, including Teams</li> <li>Make sure you recognize anyone leaving files in Teams chat</li> </ul> <p>Even if your employees follow all of those recommendations, it won't provide bullet-proof protection, but it will make an infection from this vector much less likely.</p> <p>Although Teams already has robust file protection protocols in place, you can bet that Microsoft will be taking another closer look at this in the weeks and months ahead.</p> <p><a href="https://sitesdev.net/articles/2022/02/23/hackers-are-breaking-into-microsoft-teams-and-dropping-malware/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/23/hackers-are-breaking-into-microsoft-teams-and-dropping-malware/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Hackers Are Setting Their Sights On Linux Systems</title> <link>https://www.jitsolutionsit.com/2022/02/22/hackers-are-setting-their-sights-on-linux-systems/</link> <comments>https://www.jitsolutionsit.com/2022/02/22/hackers-are-setting-their-sights-on-linux-systems/#respond</comments> <pubDate>Tue, 22 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[Business Advice]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Malware and Virus Protection]]></category> <category><![CDATA[Recent News]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Technology News]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/22/hackers-are-setting-their-sights-on-linux-systems/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14121" src="https://www.jitsolutionsit.com/files/2022/02/linux-hacker-resized.png" alt="" width="300" height="225" />For most of the history of the internet Linux has been able to stay below the radar of hackers around the world. While there have been some attacks that specifically targeted Linux ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14121" src="https://www.jitsolutionsit.com/files/2022/02/linux-hacker-resized.png" alt="" width="300" height="225" />For most of the history of the internet Linux has been able to stay below the radar of hackers around the world.</p> <p>While there have been some attacks that specifically targeted Linux users, they've managed to keep a low enough profile that it hasn't been a major issue.</p> <p>According to a group of researchers from VMware, that appears to be changing.</p> <p>They warn that hackers are increasingly setting their sights on Linux-based systems. That's a problem because to date, there has been no corresponding increase in efforts to detect and manage those threats.</p> <p>Even worse is that with a growing number of hybrid systems in use today, Linux is becoming much more commonly seen in the Enterprise environment. Given the disconnect between the growing threat level and the level of preparations being made to meet that threat, Linux-based systems may well be the new weakest link in your company's network.</p> <p>If there's a silver lining in the dire warning from the folk at VMware it lies in the fact that most of the attacks targeting Linux-based systems aren't very sophisticated at this point. That will change over time but in the here and now it shouldn't take much to fend off the current generation of attacks.</p> <p><strong>As the VMware team put it:</strong></p> <p><em>"Focus on the basics. The fact is that most adversaries are not super advanced. </em><em>They're not looking for unique exploits, they're looking for the general open vulnerabilities and misconfigurations. Focus on those before you start focusing on zero-day attacks and new vulnerabilities - make sure you've got the basics covered first."</em></p> <p>It's sound advice and easy to follow. The worst thing you can do in this case is nothing. The threat level is rising. That's an indisputable fact. Those who take no action do so at their cost.</p> <p><a href="https://sitesdev.net/articles/2022/02/22/hackers-are-setting-their-sights-on-linux-systems/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/22/hackers-are-setting-their-sights-on-linux-systems/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>New Malware Is Using CSV Files To Infect Users</title> <link>https://www.jitsolutionsit.com/2022/02/21/new-malware-is-using-csv-files-to-infect-users/</link> <comments>https://www.jitsolutionsit.com/2022/02/21/new-malware-is-using-csv-files-to-infect-users/#respond</comments> <pubDate>Mon, 21 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Malware and Virus Protection]]></category> <category><![CDATA[Microsoft]]></category> <category><![CDATA[Office 365]]></category> <category><![CDATA[Recent News]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Technology News]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/21/new-malware-is-using-csv-files-to-infect-users/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14113" src="https://www.jitsolutionsit.com/files/2022/02/malware-resized.png" alt="" width="300" height="225" />Researchers have spotted a new phishing campaign you should be aware of. What sets this one apart is that the hackers are using a lowly but specially crafted CSV file to infect ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14113" src="https://www.jitsolutionsit.com/files/2022/02/malware-resized.png" alt="" width="300" height="225" />Researchers have spotted a new phishing campaign you should be aware of.</p> <p>What sets this one apart is that the hackers are using a lowly but specially crafted CSV file to infect machines. They are installing the BazarBackdoor malware. If you're not familiar with the term CSV stands for "Comma Separated Values" and it's a text file format that can be loaded into Excel.</p> <p>If you open the file in a text editor, you'll simply see alphanumeric values separated by commas with the first line generally being the headers for the spreadsheet. Open the same file in Excel and it will separate the data into neat rows and columns.</p> <p>CSV files are popular because they make it relatively easy to export data from one application and import it into another. Since the files are text only most people consider them to be relatively harmless and are generally not all that cautious when opening them.</p> <p>Microsoft Excel supports a feature called Dynamic Data Exchange (DDE) which can be used to execute commands whose output is inputted into the open spreadsheet including CSV files.</p> <p>Hackers are always on the lookout for new angles to play and have naturally begun to abuse this feature. They execute commands that download malware on the devices of unsuspecting victims.</p> <p>BazarBackdoor is a stealthy malware strain created by the TrickBot group. It's main purpose as the name suggests is to provide ongoing remote access to an internal device that can be used as a springboard for further lateral movement within a network.</p> <p>The current campaign is centered around emails that pretend to be "Payment Remittance Advice" emails with links to remote sites that download a CSV file with innocuous names like "document-2196t6.csv."</p> <p>If this file is opened in notepad or word pad and examined, at first glance it will appear to be nothing more than a run of the mill CSV file. Unfortunately, embedded inside of it is a WMIC call in one of the columns of data that launches a PowerShell command and that's enough. That's all the hackers need to install the malware.</p> <p>As always vigilance is your best defense against this sort of thing. Remind your employees not to open any emails from unknown or untrusted sources and not to download or open any attachments from those emails.</p> <p><a href="https://sitesdev.net/articles/2022/02/21/new-malware-is-using-csv-files-to-infect-users/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/21/new-malware-is-using-csv-files-to-infect-users/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Last Year Microsoft Blocked More Than 25 Billion Hacker Attacks</title> <link>https://www.jitsolutionsit.com/2022/02/19/last-year-microsoft-blocked-more-than-25-billion-hacker-attacks/</link> <comments>https://www.jitsolutionsit.com/2022/02/19/last-year-microsoft-blocked-more-than-25-billion-hacker-attacks/#respond</comments> <pubDate>Sat, 19 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Microsoft]]></category> <category><![CDATA[Office 365]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Technology News]]></category> <category><![CDATA[Windows]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/19/last-year-microsoft-blocked-more-than-25-billion-hacker-attacks/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14106" src="https://www.jitsolutionsit.com/files/2022/02/hacker-resized-1.png" alt="" width="300" height="225" />Individual users often don't have a good sense of the scope and scale of hacking attacks around the world. The numbers may shock you. According to Microsoft, in 2021 the company blocked ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14106" src="https://www.jitsolutionsit.com/files/2022/02/hacker-resized-1.png" alt="" width="300" height="225" />Individual users often don't have a good sense of the scope and scale of hacking attacks around the world. The numbers may shock you.</p> <p>According to Microsoft, in 2021 the company blocked more than 25.6 billion brute force authentication attacks against Azure AD users. They also and intercepted a staggering 35.7 billion phishing emails with Microsoft Defender for Office 365.</p> <p>Vasu Jakkal is Microsoft's Corporate Vice President for Security, Compliance, and Identity. Jakkal is both passionate and concerned about this subject. The increase in the total number of attempts since the pandemic began has been breathtaking.</p> <p>Unfortunately, Jakkal says that so far only a minority of Azure AD and Microsoft 365 users seem interested in taking steps to bolster their own security. Based on statistics gathered by Microsoft, only 22 percent of Azure AD users have activated MFA (multi-factor authentication) protocols. MFA would keep their accounts safer and make it significantly more difficult for hackers to force their way in.</p> <p><strong>Here is how much more difficult it can be:</strong></p> <p>Google combined forces with researchers at New York University and the University of California to study that very topic. They discovered that MFA implementation can block up to 100 percent of automated bot attacks, 99 percent of bulk phishing attacks, and up to 66 percent of targeted attacks. That is an impressive level of protection for something that's so simple to implement and make use of!</p> <p><strong>The two big takeaways here are:</strong></p> <ol> <li>The total number of hacking attacks is increasing dramatically.</li> <li>Although automated tools are getting progressively better at preventing many of them, end users have an important role to play too. Unfortunately, as of right now they're not.</li> </ol> <p>Depressingly few users are taking even the most basic steps to better secure their accounts. If you set one major IT security goal for the year, a very good one would be to do all you can to increase the percent of users at your firm who are taking advantage of MFA everywhere they can.</p> <p><a href="https://sitesdev.net/articles/2022/02/19/last-year-microsoft-blocked-more-than-25-billion-hacker-attacks/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/19/last-year-microsoft-blocked-more-than-25-billion-hacker-attacks/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>More Scammers Are Using Social Media To Target Victims</title> <link>https://www.jitsolutionsit.com/2022/02/18/more-scammers-are-using-social-media-to-target-victims/</link> <comments>https://www.jitsolutionsit.com/2022/02/18/more-scammers-are-using-social-media-to-target-victims/#respond</comments> <pubDate>Fri, 18 Feb 2022 16:00:00 +0000</pubDate> <dc:creator><![CDATA[jitsolutionsit]]></dc:creator> <category><![CDATA[Blog]]></category> <category><![CDATA[Facebook]]></category> <category><![CDATA[General Interest]]></category> <category><![CDATA[Instagram]]></category> <category><![CDATA[Recent News]]></category> <category><![CDATA[Security]]></category> <category><![CDATA[Social Networking]]></category> <category><![CDATA[Technology News]]></category> <guid isPermaLink="false">https://www.jitsolutionsit.com/2022/02/18/more-scammers-are-using-social-media-to-target-victims/</guid> <description><![CDATA[<img class="alignleft size-full wp-image-14099" src="https://www.jitsolutionsit.com/files/2022/02/social-media-resized.png" alt="" width="300" height="225" />An increasing number of scammers are using social media to target victims and relying on social engineering tricks to convince people to part with their personal information or money. The problem has ...]]></description> <content:encoded><![CDATA[<p><img class="alignleft size-full wp-image-14099" src="https://www.jitsolutionsit.com/files/2022/02/social-media-resized.png" alt="" width="300" height="225" />An increasing number of scammers are using social media to target victims and relying on social engineering tricks to convince people to part with their personal information or money. The problem has grown serious enough that the FTC (Federal Trade Commission) has issued a formal warning to consumers.</p> <p><strong>According to a recently released FTC report:</strong></p> <p><em>"More than 95,000 people reported about $770 million in losses to fraud initiated on social media platforms in 2021. </em></p> <p><em>Those losses account for about 25 percent of all reported losses to fraud in 2021 and represent a stunning eighteen-fold increase over 2017 reported losses. Reports are up for every age group, but people 18 to 39 were more than twice as likely as older adults to report losing money to these scams in 2021.</em></p> <p><em>More than half of people who reported losses to investment scams in 2021 said the scam started on social media. Reports to the FTC show scammers use social media platforms to promote bogus investment opportunities and even to connect with people directly as supposed friends to encourage them to invest. </em></p> <p><em>People send money, often cryptocurrency, on promises of huge returns, but end up empty-handed."</em></p> <p>Overall cryptocurrency scams are regarded as the number one threat for investors in 2022, according to a new report from the North American Securities Administrators Association (NASAA). However, the FTC is cautioning all users to exercise caution and develop better habits when scrolling through their favorite social media platform.</p> <p>They recommend setting limits on who can see your posts, taking advantage of increasingly robust privacy controls, opting out of targeted advertising, and doing more due diligence on any company you plan on doing business with before buying anything from them.</p> <p>It's good advice in general but it is especially important now given how prevalent social media-based attacks are becoming.</p> <p><a href="https://sitesdev.net/articles/2022/02/18/more-scammers-are-using-social-media-to-target-victims/" rel="nofollow" target="_blank">Used with permission from Article Aggregator</a></p>]]></content:encoded> <wfw:commentRss>https://www.jitsolutionsit.com/2022/02/18/more-scammers-are-using-social-media-to-target-victims/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> </channel> </rss>