See Ransomware first hand without the encryption and destruction. Learn from the past, act in the present, guarantee a future!
seen from United States
seen from United States
seen from Mozambique

seen from Australia
seen from Türkiye
seen from Chile

seen from United States

seen from United States
seen from United States
seen from United States

seen from United States
seen from Australia
seen from Czechia
seen from China

seen from Thailand
seen from Netherlands
seen from United States
seen from Canada

seen from Canada
seen from United Kingdom
See Ransomware first hand without the encryption and destruction. Learn from the past, act in the present, guarantee a future!
Though there are no warning signs to indicate that spyware or adware is being installed on your system, there are several tell tale signs to alert you of their presence, once they install. I have compiled here for your convenience 10 tell tale signs that can warn you of the presence of adware or spyware on your computer.
Are you the victim of identity theft? According to Joanna Crane of the Federal Trade Commission's Identity Theft Program, 80% of the victims who call the FTC say they have no idea how it happened. Furthermore, an FTC survey reported that 4.6% of those polled reported that they had been a victim of identity theft within the past year. Additionally, according to a recent General Accounting Office report, it is estimated that as many as 750,000 Americans are victims of identity theft.
Most people on the internet are good, honest people. However, there are some people browsing the internet who derive fun from poking around websites and finding security holes. A few simple tips can help you secure your website in the basic ways. Now, obviously, the subject of data security is a complicated one and way beyond the scope of this column. However, I will address the very basics one should do which will alleviate many potential problems that might allow people to ...
If you avoided a data breach while you and your people celebrated the holidays, lucky you! And the key to remaining in that blissful state is to bolster TRAINING.
Ensure your people are comprehending what they are learning, tested on, and committing to utilize on the job to ensure no train-wrecks ruin your company’s reputation for secure management of proprietary data, nor seize your daily operations!
It’s true! After a nasty breach at FireEye and within less than a week of the company’s alert that Russian hackers had breached RED TEAM software penetration tools, FireEye identified that the source was an earlier breach at Solar Winds where hackers took over and infected the Solar Winds Orion update process. (SolarWinds Orion is used mainly by […]
We were many in the industry (after FireEye’s initial announcement) to conclude that the hackers were going after high value targets (Government!) only but now with the breach details becoming known across the board there is verifiable concern that hackers will attack additional, smaller-sized companies whose backdoor can be activated, thus compromised.
‘Spoofing’, ‘Phishing’ and ‘Link Altering’ – Expensive Financial Traps
“Spoofing” or “phishing” frauds attempt to make internet users believe that they are receiving e-mail from a specific, trusted source, or that they are securely connected to a trusted web site, when that’s not the case at all, far from it. Spoofing is generally used to convince individuals to divulge personal or financial information which enables the perpetrators to commit credit card/bank fraud or other forms of identity theft.
In “email spoofing” the header of an e-mail appears to originate from someone or somewhere other than the actual source. Spam distributors often use email spoofing to get their recipients to open the message and possibly even respond to their solicitations.
“IP spoofing” is a technique used to gain unauthorized access to computers. In this instance the unscrupulous intruder sends a message to a computer with an IP address indicating that the message is coming from a trusted source.
“Link alteration” involves the altering of a return internet address of a web page that’s emailed to a consumer in order to redirect the recipient to a hacker’s site rather than the legitimate site. This is accomplished by adding the hacker’s IP address before the actual address in an e-mail which has a request going back to the original site. If an individual unsuspectingly receives a spoofed e-mail and proceeds to “click here to update” account information, for example, and is redirected to a site that looks exactly like a commercial site such as eBay or PayPal, there is a good chance that the individual will follow through in submitting personal and/or credit information. And that’s exactly what the hacker is counting on.
How to Protect Yourself
If you need to update your information online, use the same procedure you’ve used before, or open a new browser window and type in the website address of the legitimate company’s page.
If a website’s address is unfamiliar, it’s probably not authentic. Only use the address that you’ve used before, or better yet, start at the normal homepage.
Most companies require you to log in to a secure site. Look for the lock at the bottom of your browser and “https” in front of the website address.
If you encounter an unsolicited e-mail that requests, either directly or through a web site, for personal financial or identity information, such as Social Security number, passwords, or other identifiers, exercise extreme caution.
Take note of the header address on the web site. Most legitimate sites will have a relatively short internet address that usually depicts the business name followed by “.com,” or possibly “.org.” Spoof sites are more likely to have an excessively long string of characters in the header, with the legitimate business name somewhere in the string, or possibly not at all.
If you have any doubts about an e-mail or website, contact the legitimate company directly. Make a copy of the questionable web site’s URL address, send it to the legitimate business and ask if the request is authentic.
Always report fraudulent or suspicious e-mail to your ISP.
Lastly, if you’ve been victimized, you should file a complaint with the FBI’s Internet Crime Complaint Center at http://www.ic3.gov.
Discover how Data Guard 365 can protect your organization from malware by taking our 5-point Value Assessment
Christian John Sales, Marketing Manager, Data-Guard 365
Data-Guard 365 is a MSSP firm headquartered in Indianapolis, Indiana, with offices in Chicago, Atlanta, and other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide armored cybersecurity for a price point that pays for itself.
www.Data-Guard365.com / (317) 967-6767 / [email protected]
Fighting the Good Cyberfight!
When a kingpin gets hacked, we and our partners talk LOUDLY about it in order to share what we learned, coordinate our endeavors, and batten down the hatches. That is the leadership tact FireEye CEO Kevin Mandia took when last week’s attack was launched against the firm by cybercriminals accessing the same “Red Team” tools used by FireEye (with customers’ permission) to test their cyber-resilience using “white hat” attacks. Mandia explains “the attackers used a novel combination of techniques not witnessed by us or our partners in the past. The techniques thwarted counter-security tools and forensic examination and allowed the cyber attackers to operate without detection. There’s no evidence that customer information was compromised, but if any emerges the customers involved will be contacted directly.”
You see, just because experts know where to look and what to look for doesn’t mean they won’t be attacked. It simply means they won’t experience a breach that compromises them to an extent that they are unable to mitigate the damage to themselves and those they protect. FireEye walked the talk. Within hours, Mandia was forthcoming, problem on the table, made public knowledge, and mitigating damage. And I don’t doubt he called industry heads to sit together on this one, virtually and physically (masked or not), burning Tuesday night’s oil in order to throw back a counter play that muzzled the attacker and unraveled their devious plan.
Think Match 6 in world class chess when, in 41 moves, Bobby Fischer dethrones the defending champion Boris Spassky. From move 36:
S: Queen back to E8
F: Rook back to F3
S: Queen to D8
F: Bishop to C4
S: Queen back to E8
F: Rook to F8
CHECKMATE!
Fischer memorized then leveraged the errors Spassky made in former matches with other Chess greats -- errors that Spassky had not memorized or had failed to remember how he salvaged those or how he paid for those errors.
So it was last week with long-standing, well respected, cybercrime fight partner FireEye: their breach got all our attention, as we watched them release the indicators of compromise to those needing to know. Now, companies have the wherewithal to detect whether Red Team tools are being used against them! FireEye won by recapturing from the criminals any power to negatively spin those useful Red Team tools. As this unfolds, Mandia's positivity of full disclosure is in view for all to behold. Good job.
Make no mistake: We cybersecurity firms (MSSPs) are vying for your cybersecurity business, but we stand shoulder to shoulder in our fight against cybercrime and our common enemy – the Deep Web’s tosses and turns in every corner of the globe! And as Fischer did, we memorize and leverage errors those bad actors make when bludgeoning their way into our networks to try and compromise yours.
The good news: We win more matches than we lose, and ‘losing’ in our book doesn’t typically mean the bad actors get any further in the game than a few pawn moves due to Artificial Intelligence (AI) tools detecting ‘bad behavior’ we can mitigate in good time.
Is it becoming clearer why your IT folks need a cybersecurity partner? Without our A.I. tools, those who would seize your information assets are only one to five moves away from crying “Checkmate”! So when a powerhouse like FireEye can get jolted head on, what do you think cybercriminals will do to your firm’s well meaning, hard working handful of IT guys and gals who stand bravely yet helplessly outnumbered and without power tools?
Let the cybersecurity experts fight the galactic battles they’re used to winning, so you and your team can sleep easy and awake refreshed to win the economic war you navigate in these turbulent times!
Pamla Davitt, VP Business Development, Data-Guard 365
Data-Guard 365 is a MSSP firm headquartered in Indianapolis, Indiana, with offices in Chicago, Atlanta, and other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide armored cybersecurity for a price point that pays for itself.
www.Data-Guard365.com / (317) 967-6767 / [email protected]