Current Malware and Security Breaches and How to Defend Against Them
A NYC area cyber security consultant and managed services provider (MSP) examines current malware and security breaches in a new article on the eMazzanti Technologies website. The informative article first asserts that recent cyber-attacks in the news show ransomware on the rise.
The author then explains how the RansomHouse Gang took advantage of bad passwords to hack semiconductor giant AMD. He then discusses how the Lapsus$ Hacker Group and others used social engineering and exploited insider threats to compromise data at Microsoft and authentication company, Okta.
“Successful military leaders know their enemies and the threats they present,” stated Almi Dumi, CISO, eMazzanti Technologies. “Understanding current malware and security breaches that dominate the threat environment informs security strategy.”
Below are a few excerpts from the article, “Current Malware and Security Breaches and How to Defend Against Them.”
Ransomware on the Rise
“After a decline in ransomware in 2021, ransomware attacks have begun to rise again. In fact, the first quarter of 2022 saw twice as many ransomware attacks as reported in the entire previous year. While high profile attacks on Colonial Pipeline, Apple and JBS gathered attention in 2021, hackers seem to be turning their focus to small and midsize businesses (SMBs).”
RansomHouse Gang Takes Advantage of Bad Passwords
“Recently, the RansomHouse gang announced that it had stolen 450 GB of sensitive data from semiconductor giant AMD. RansomHouse seems to have appeared on the scene near the end of 2021, previously hijacking targets in Africa and Canada. In this instance, the gang mocks poor passwords at AMD that effectively left a door wide open for bad actors.”
Lapsus$ Hacker Group Exploits Insider Threats
“Another hacker group, Lapsus$, has also carried out significant attacks this spring. Using social engineering, the group exploits insider threats to gain entrance to its victim organizations. In the case of Microsoft, for instance, they took over a single account, then compromised several key projects. Fortunately, customer data remained safe.”
Top Malware Threats Employ Social Engineering
“Social engineering features prominently in lists of top malware threats published by security experts this spring. For instance, the Shlayer virus continues to plague organizations by using malvertisements (malicious advertisements) to spread malware. Clicking the fake ads, often for Adobe Flash Player updates, leads victims to unwittingly install malicious code.”
Essential Cyber Security Practices
By implementing essential security practices, organizations guard against most threats. Critical practices include updating password policies and deploying multi-factor authentication (MFA), as well as strengthening email filters. Additionally, organizations guard against social engineering by increasing security awareness among all employees.
eMazzanti Technologies delivers the security tools necessary, from email defense to MFA, employee training, 24/7 network monitoring, and more.
Have you read?
Improve Cyber Security with SIEM as Part of an Overall Security Solution
Russian Hackers May Be Aiming at Your Business
About eMazzanti Technologies
eMazzanti’s team of trained, certified IT experts rapidly deliver increased revenue growth, data security and productivity for clients ranging from law firms to high-end global retailers, expertly providing advanced retail and payment technology, digital marketing services, cloud and mobile solutions, multi-site implementations, 24×7 outsourced network management, remote monitoring, and support.
eMazzanti has made the Inc. 5000 list 9X, is a 4X Microsoft Partner of the Year, the #1 ranked NYC area MSP, NJ Business of the Year and 5X WatchGuard Partner of the Year! Contact: 1-866-362-9926, email@example.com or http://www.emazzanti.net Twitter: @emazzanti Facebook: Facebook.com/emazzantitechnologies