What is BadRabbit Ransomware?

Posted by Gary Fleming on Oct 25, 2017 3:34:07 PM

The latest strain of ransomware “Bad Rabbit” began spreading across Russia and Ukraine yesterday, with 3 Russian websites, a Ukraine airport and underground system been hit. Since then, there have been various reports of “Bad Rabbit” infections in Turkey, Bulgaria, Japan, Germany, Poland, South Korea and the United States.  The U.S. Computer Emergency Readiness Team (US-CERT) which is run by the Department of Homeland Security, issued an alert about the ransomware worm but didn’t say whether any infections had been detected in the U.S or not. They have said it "discourages individuals and organisations from paying the ransom, as this does not guarantee that access will be restored".

How it works?

The Bad Rabbit ransomware enters networks when a user on your network runs a phony Adobe Flash Player installer posted on a hacked website, with the initial infections coming from a Russian news website. Other reports said websites based in Ireland, Denmark and Turkey have also been corrupted with the fake Flash installer and have been spreading the malware.

Once “Bad Rabbit” Ransomware has infected its first machine within a network, it then uses an opensource tool to find any login credentials stored on the machine, so it can spread to other machines. There are also some conflicting reports that BadRabbit uses the NSA’s EternalBlue tool, used by both NotPetya and the WannaCry Ransomware worm that spread in May, to spread through local networks.

Read More

Topics: Phishing, Cyber Crime, malware, Computer Viruses, Cyber Security

“Get Rich or Die Trying”: Lone Ranger Cyber Criminal responsible for over 4,000 attacks.

Posted by Gary Fleming on Aug 21, 2017 5:30:34 PM

A large spree of Cyber-attacks which aims to infect networks, steal information and commit fraud has impacted over 4,000 organisations globally in the past 4 months.  Some of the companies hit include leading international names in the banking, manufacturing, construction and oil and gas industries across Germany, Croatia, Abu Dhabi, Egypt, Kuwait and Dubai.

Attacks of this nature and scale tend to be accredited to cyber-criminal gangs, many of which are state funded with the aim of destabilising economies. However, in this case, this couldn’t be further from the truth. Researchers have discovered that these attacks are the work of a Nigerian man in his 20s who works on his own near the Nigerian capital. Funnily, on his personal Facebook page he uses the phrase, “Get Rich or Die Trying”.

Read More

Topics: Phishing, Cyber Crime, malware, Computer Viruses, Cyber Security

Simplifying email security for non-technical users

Posted by Niall Mackey on Feb 4, 2016 1:49:51 PM

Spending time showing employees the common traits of fraudulent messages (incorrect logos, dodgy sender addresses, third-party links, zip attachments) will help them better understand what they need to avoid. And once they know what they are looking for, it becomes much easier for them to manage their own mailbox security.

Show workers how to hover their mouse over links, check the sender’s address and manually scan emails for malware. Anything that looks suspicious needs to be double-checked or deleted immediately.

Read More

Topics: Email Security, Cyber Crime, Cyber Security

Engaging Users in the Fight Against Cybercrime

Posted by Niall Mackey on Jan 19, 2016 4:03:37 PM

Every computer, every user account and every item of software on your company network represents a potential attack point for cybercriminals. Some of these channels are more effective than others, but every device is at risk of compromise.

The modern network has thousands of ‘moving parts’, creating an administrative nightmare for the IT manager. And with the rapid uptake of BYOD and remote working technologies, the problem is only going to get worse.

Read More

Topics: IT Security, Cyber Crime, BYOD

AT&T Ordered to Pay $25 Million Due to Data Breach

Posted by Niall Mackey on Apr 30, 2015 12:00:00 PM

American telecommunications company AT&T has been ordered to pay a $25 million (£16.9m) fine to the Federal Communications Commission (FCC). Why?

In its overseas call centers in Colombia, Mexico and the Phillipines, AT&T suffered a major data breach in which the names and social security numbers were stolen from some 280,000 customers.

Read More

Topics: Cyber Crime

4 Common Cyber Attacks You Should Look Out For

Posted by Niall Mackey on Apr 22, 2015 2:15:00 PM

If you or your business haven’t fallen victim to a cyber attack, consider yourself lucky. Just last year (2014), there’s been a 23% increase in data breaches and a 200% increase in ransomware attacks. Despite increased measures to fortify IT infrastructures globally, businesses are still managing to allow hackers to compromise their computer security.

Read More

Topics: Phishing, Cyber Crime

Ransomware: What It Is & How to Avoid It

Posted by Niall Mackey on Apr 13, 2015 11:30:00 AM

Among the several types of attacks that can be leveraged against your company’s IT framework, ransomware has the potential to be the costliest. Unlike some smaller types of viruses where the only damaging effect is to your peace of mind, ransomware takes internet hacking to a whole different level.

As you may expect, there’s a heavy price a pay for your actions if your computers are infected with ransomware. And the cost of clicking on a malicious link, opening an infected attachment or visiting a social network site can costs you upwards of 600. And that’s if you decide to comply with the hackers’ request.

In 2013, one of the major problems in the hacker world was the popular ransomware called CryptoLocker. The makers made away with about 3 million (USD) and through half a million infections. (You can read more about its effect here.)

However, let’s not get ahead of ourselves. We’ll start from the top.

Read More

Topics: IT Security, Email Security, Cyber Crime, malware, Ransomware

Keep Your Router Hacker-Proof with These Tips

Posted by Niall Mackey on Apr 1, 2015 8:25:29 PM

Running a business that requires much technology can be a pain if you’re not used to the security detail that must be done beforehand. Fortunately, if you have an IT team, this task can be much easier and stress-free. Not only do you have to focus on having the right state-of-the-art technology that suits your company’s needs, but one that also addresses your client’s concerns.

While you establish this infrastructure, it’s equally as important that the safety of your team is fully fortified. From your emails to data storage to passwords to encryption, each area could be a potential hotbed for criminals to compromise the safety of you, your clients and employees.

Read More

Topics: IT Security, Phishing, Cyber Crime, Spam, malware, Computer Viruses

4 Ways to Ensure a Safe BYOD Policy

Posted by Niall Mackey on Mar 12, 2015 3:00:00 PM

The advent of wireless technology in the workplace has changed the way millions of employees approach their job. It’s also created millions of jobs that would otherwise have made one-day tasks last months on end.

Read More

Topics: IT Security, Email Security, Cyber Crime, Blockmail

What Is BadUSB? And Should I Be Scared?

Posted by Niall Mackey on Mar 9, 2015 11:30:00 AM

In the past several years, we’ve seen the USB port grow up like a child in his formative years. We’ve seen the progression from being reserved only for mice and keyboards to now being used for everything from charging to storing. However, as security experts, we’re not captivated by its use and growthwe’re concerned with its safety.

Read More

Topics: IT Security, Cyber Crime, malware, Computer Viruses