A Google Docs phishing scheme is taking the internet by storm this week. A client of ours received an email from one of their colleagues similar to the screenshot below.
Zero Day Examples
Stuxnet – The First Big One
Stuxnet is known as the world’s first cyber weapon. Stuxnet was used to break Iran’s uranium enrichment centrifuges when it was feared they were producing chemical weapons. While there’s no proof as to who created the zero-day exploit, everyone seems to agree that it was the National Security Agency (NSA) who launched the digital weapon. Stuxnet, which was previously named ‘Olympic Games’, made its way into the Iranian nuclear enrichment facility at Natanz in 2006. The code infected specific industrial control systems the Iranians were using and proceeded to speed up or slow down the centrifuges until they destroyed themselves, all while the operators’ computer screens showed everything was working as normal.
In 2016, ransomware attacks quadrupled in number over those in 2015. 2017 cybersecurity statistics for ransomware are projected to double again over the number of attacks in 2016. The threat from ransomware is not only growing, but developing to allow hackers to target susceptible organizations and their most valuable data files and alter ransom demands accordingly.
By now, we have all heard about ransomware as it has taken over the cybersecurity scene over the last couple of years. However, we want to make sure that everyone is clear about the difference between cyber ransom and ransomware, as there is a very clear distinction. Cyber ransom and ransomware attacks have been the most popular forms of cyberattacks as of late.
It’s no secret that 2016 was the ‘Year of Ransomware.’ While we don’t know for certain what 2017 holds, could it be the ‘Year of Ransomware-As-A-Service?’ Over the last two weeks, two ransomware-as-a-service (RaaS) variants have made waves in the cybersecurity world. Spora, a RaaS that currently only infects Russian users was the first to be discovered. Now, Satan RaaS is the newest variant that allows cybercriminals of all abilities to infect users.
A new phishing campaign has been discovered this week that targets even the most tech-savvy Gmail users. By posing as someone you may know, cybercriminals are gathering personally identifiable information that could be leveraged against the individual or against your company. Learn how the newest phishing campaign works and how you can keep yourself and your company safe from becoming the next victim.
Last year I wrote an article after I received an email that was intended to go to our Human Resources department. I noticed some red flags in the email and was able to conclude that it was a phishing attempt. I got to thinking from the cybercriminals perspective about how easy it would be to compromise the Human Resources department with ransomware due to the high volume of applications that many companies receive. I had no idea how accurate my thoughts would turn out to be.
2016 was an extremely busy year for cybercriminals. Between all of the data breaches that occurred, there were nearly 2 billion accounts compromised. In this article, we will review the ‘Top 5 Data Breaches’ throughout the last 12 months. Furthermore, we will discuss how all of these cyberattacks were preventable and how WatchPoint can protect your company from becoming the next big headline in cybersecurity news.
Contrary to popular belief, Black Friday is not the busiest shopping day of the year. In fact, it is the third busiest, ranking behind Super Saturday and the day after Christmas. Super Saturday is the Saturday before Christmas and this year, it is Christmas Eve. The majority of people shopping on Christmas Eve or Super Saturday are probably guys who are getting last-minute gifts for their significant others. The day after Christmas is reserved for women looking to cash in on some of the biggest deals of the year (I can say this because my fiancée hasn’t bought a single thing for our wedding since everything will be at least 50% off on Dec. 26th).
2016 has been tabbed as the “Year of Ransomware.” So, what will 2017 bring? It’s looking like ransomware and extortion attacks, Internet of Things (IoT) attacks, and internal threats will continue to escalate. In turn, defense against cybersecurity threats will increase, which will result in cybersecurity spending being at an all-time high. Cybersecurity will no long be an afterthought; it will become a priority for businesses.