Blog – Brain Trust Technologies LLC

Protect yourself from this Facebook threat!

September 11, 2017 admin Social Media 2017september11socialmedia_c, facebook adware, facebook messenger, facebook social engineering, Social media security

Despite the apparent break from international ransomware attacks, hackers are still keeping themselves busy, this time using an adware campaign that could easily be one of their most cunning tricks yet. If you use Facebook Messenger, you need to read this.

What is it?

Little is known about the adware itself or those behind it, but it was uncovered by David Jacoby, senior security researcher at Kaspersky Lab, when he received a Facebook message from one of his friends, only to find out that wasn’t the case.

Basically, the adware uses Facebook Messenger to track your browser activity and pushes you to click on malicious ads or give out personal information.

How does it work?

By clickjacking and hijacking credentials of Facebook users, the adware is able to send messages to people in the victim’s contact list. If you’re one of those people, you’ll receive a phony message from your friend’s compromised Facebook account.

The message includes your friend’s name followed by the word “Video,” a shocked face emoji, and a shortened URL. Once clicked, the URL will redirect you to a Google Doc with a blurred photo taken from your friend’s Facebook page, disguised as a video. If you click on the “video”, you’ll be redirected to one of a number of targeted websites based on your browser, operating system, and location.

For instance, if you use Google Chrome, you’ll be sent to a website that looks exactly like YouTube, complete with the official logo. The hoax website will show you a fake error message to trick you into downloading a malicious Chrome extension.

If you’re on Firefox, you’ll be sent to a site with a false Flash Player update notice and a Windows adware executable; the same goes with OS X except the adware is hidden in a .dmg file.

The goal here is to move your browser through a set of websites so tracking cookies can monitor your activity and display malicious ads or you can be “social engineered” to give up confidential information.

How do you avoid falling victim?

Facebook has rolled out a number of automated systems to stop harmful links and files. What’s more, they will provide you with a free antivirus scan if they suspect that your account has been compromised by adware.

Still, you should be very skeptical about any shortened URL links sent to you by your Facebook friends, no matter how long you’ve been friends.

Due to their low key nature as potential security endpoints, cyber criminals are turning to social media platforms as their new medium of choice. To keep your business safe, you need to stay up-to-date and educate your employees. If you have any other questions about social media and how it can impact your business, just give us a call.

Published with permission from TechAdvisory.org. Source.

Useful tips on reducing your IT budget

September 8, 2017 admin Hardware 2017september8hardware_c, document management, hardware, Printers, printing

You can easily lower your IT budget by better managing your print infrastructure. It sounds too good to be true, but it’s totally doable. Companies big and small follow inefficient printing models without even realizing it, but you can break the mold by following these tips:

Replace outdated printers

Outdated and cheap printers may be functional, but they are putting a huge dent in your IT budget.

Any piece of equipment that is seven years old (or older) requires frequent repairs and causes more trouble than it’s worth. Because old printers are no longer under warranty, fixing them is more costly and challenging. It’s also difficult to replace parts for old printers because manufacturers have stopped carrying them for models that have been phased out.

When you replace outdated equipment with newer, multi-functional printers, you’re investing in hardware that will pay for itself with increases in productivity and efficiency.

Avoid purchasing unnecessary supplies

A poorly managed printer environment could result in a stockpile of cartridges, toners, and reams of paper. This happens when, for example, an employee uses a printer that’s about to run out of ink and makes an unnecessary request for a new ink or toner. This is more common than you may think, and definitely more expensive.

In the absence of a dedicated printer manager, you can avoid this situation by automating supply replacement. Assign a point person to proactively place orders when supplies are about to run out, so your company can avoid needless purchases.

Impose strict process workflows

Submitting expense reports, filing reimbursements, and other administrative tasks require a proper document workflow. Without a guideline, employees and administrative staff tend to print an unnecessary amount of documents.

Automate your company’s document-driven processes to reduce or prevent redundant print jobs that result in stacks of abandoned documents. Not only is it wasteful, it’s also a security and privacy concern.

Go paperless

Designing a document management solution that reduces paper consumption is the best way to save money. It may not be possible in every department, but those who can do their jobs without printing should be encouraged to do so by management. Printing lengthy email chains that can be discussed in a meeting is just one example of a wasteful practice that should be avoided.

Reduce IT support calls for printing issues

Calling your company’s IT guys to assist with problems like paper jams, printer Wi-Fi issues, and other concerns reduces employee frustration. You and your IT personnel could avoid dealing with these productivity killers by identifying the problem areas of your print environment. Then, you can work on solutions specific to your office, such as drafting a printing workflow, or getting help from document management experts who can recommend time- and budget-saving solutions.

Having a group of experts manage your IT workflow can make your day-to-day operations more efficient and help you save on printing costs. Our experts will gladly recommend best practices and tips on document management. Call us today.

Published with permission from TechAdvisory.org. Source.

Locky-type ransomware is attacking systems

August 30, 2017 admin Security 2017august30security_c, locky, malware, ransomware, security, trojan

A new, Locky-type ransomware is currently infecting tens of thousands of computers worldwide. It uses the same code from the 2016 version to encrypt users’ files and it looks poised to cause another massive cyber emergency. Here’s everything we know so far.

Quick facts

According to a threat intelligence report, the email-based ransomware attacks started on August 9 and were detected through 62,000 phishing emails in 133 countries in just three days. It also revealed that 11,625 IP addresses were used to carry out the attacks, with the IP range owners consisting mostly of internet service providers and telecom companies.

How it works

The malicious email contains an attachment named “E 2017-08-09 (580).vbs” and just one line of text. Like the original Locky authors, attackers responsible for the new variant deploy social engineering tactics to scam recipients into opening the attached .doc, zip, pdf, .jpg or tiff file, which installs the ransomware into their systems.

When an unsuspecting user downloads the file, the macros run a file that provides the encryption Trojan with an entry point into the system. The Trojan then encrypts the infected computer’s files.

Once encryption is completed, the user receives instructions to download the Tor browser so they can access the “dark web” for details on how to pay the ransom. To retrieve their encrypted files, users will be asked to pay from 0.5-1 Bitcoin.

What you need to do

This ransomware variant builds on the strengths of previous Trojans. In fact, the original Locky strain made it easy for cyber criminals to develop a formidable ransomware that could evade existing cyber security solutions. This is why adopting a “deny all” security stance, whereby all files are considered unsafe until proven otherwise, is the best way to avoid infection.

Here are other tips to avoid infection:

Don’t open unsolicited attachments in suspicious emails. Alert your IT staff, and most importantly disallow macros in Microsoft Office unless they’ve been verified by your IT team.
Performing regular backups guarantees you never have to pay cyber criminals a ransom. If all other security measures fail, you can always rely on your backups, which protect your business not just from cyber crime-related disasters, but also from natural and other unforeseen system failures.
Train your staff to identify online scams like phishing. This and other similar ransomware strains take advantage of users’ lack of cyber security training.
Update your operating systems as soon as updates become available to reduce, or eliminate, the chances of your system’s vulnerabilities being exploited.

Even with a trained staff and the latest protections installed, your IT infrastructure may still have unidentified security holes. Cyber security experts can better evaluate your entire infrastructure and recommend the necessary patches for your business’s specific threats. To secure your systems, get in touch with our experts now.

Published with permission from TechAdvisory.org. Source.

«‹ 19 20 21 22 ›»