This article is contributed. See the original author and article here.
Original release date: December 24, 2020
CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool is intended for use by incident responders and is narrowly focused on activity that is endemic to the recent identity- and authentication-based attacks seen in multiple sectors.
CISA strongly encourages users and administrators to visit the following GitHub page for additional information and detection countermeasures.
This article is contributed. See the original author and article here.
CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly used authentication mechanisms. If left unchecked, this threat actor has the resources, patience, and expertise to resist eviction from compromised networks and continue to hold affected organizations at risk.
In response to this threat, CISA has issued CISA Insights: What Every Leader Needs to Know About the Ongoing APT Cyber Activity. This CISA Insights provides information to leaders on the known risk to organizations and actions that they can take to prioritize measures to identify and address these threats.
This article was originally posted by the FTC. See the original article here.
Congress has just passed another bill to help the people whose finances are taking a beating from the pandemic. Once again, some of us will be getting money by check or direct deposit. The timing and details are still TBA, but here’s what we know:
The government won’t ask you to pay anything up front to get this money. Anyone who does is a scammer.
The government won’t call, text, email, or contact you on social media to ask for your Social Security, bank account, or credit card number. Anyone who does is a scammer.
There’s no such thing as getting your money early, or faster. Anyone who says they can hook you up now (or soon) is both lying and a scammer.
We know from the early days of the CARES Act that scammers will be using numbers 1, 2, and 3, above, as part of their playbook. So, if you spot someone who says any of these things, you (a) know they’re a scammer; (b) can warn someone you know about the scam, because (chances are) they’ll get that call, text, or email, too; and (c) can tell the FTC so we can work to stop scammers and warn people about them: ReportFraud.ftc.gov.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
This article was originally posted by the FTC. See the original article here.
You’ll make a lot of money. I’m going to show you how to do it — and using my program, I guarantee you’ll be successful.
If you see that in an ad, there’s likely a scammer behind it. Just last week, the FTC announced Operation Income Illusion, a nationwide effort to shut down income scams that used false promises like this to trick people into believing they would make a lot of money if they bought one of these programs. In each case, it turned out to be, well, an illusion.
One of the cases announced is against RagingBull.com, an online operation that the FTC alleges took in at least $137 million. The people who paid believed the defendants’ promises about their so-called unique and proven techniques to make profits in the stock market. In ads, the defendants touted people’s ability to make money during the pandemic, and featured people who claimed to have been successful using their program. But the FTC says it was all smoke and mirrors. People didn’t make the returns advertised and many lost money instead. And those glowing testimonials? The FTC alleges the defendants admitted — in the fine print of the ads — that they don’t even verify if those testimonials are true.
Before you pay for a program that promises to help you invest your money, consider these things:
Statistics and testimonials can be faked. Scammers want you to believe their program is always successful and low-risk.
Scammers exaggerate the press of time. They want you to feel pressured to commit now without doing research on the offer.
No one can guarantee a specific amount of return on an investment. Scammers might claim that you can make thousands of dollars per day or per month for life, but no one can actually guarantee that an investment will be successful.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
This article was originally posted by the FTC. See the original article here.
This holiday season (and year-round), gift cards are on scammers’ wish lists. Scammers always have a reason for you to pay them immediately with a gift card. And they often tell you which card to buy and which store to visit. That’s why the FTC is launching a new Stop Gift Card Scams campaign to work with stores and law enforcement to fight these scams. And it’s also why the FTC has taken another look at reporting data to see what’s happening lately.
At ftc.gov/StopGiftCardScams, you can find materials to help people avoid gift card scams. If you’re a retailer (or even if you visit one), you can download, print, and share these materials in your store and community. You’ll find a display rack sign, cashier infographic card, bookmark, and a sticker. Stop Gift Card Scams is also available in Spanish. In fact, the FTC is working with our friends at the U.S. Department of Justice and in local law enforcement to help get the word out nationwide.
This is pressing because the FTC’s data show that, nationwide, gift cards are a top way that people report paying most scammers. People tell the FTC that, since 2018, they’ve paid almost $245 million to scammers, with a median loss of $840. Just today, the FTC released an updated Data Spotlight with some interesting new developments:
Reports suggest eBay is scammers’ current gift card brand of choice. It was Google Play and iTunes, but eBay has claimed the uncoveted top spot.
People most often report using gift cards to pay scammers pretending to be the government, a business, tech support, or a friend or family member in trouble.
People report that scammers tell them to buy gift cards at Walmart, Target, CVS, and Walgreens. And once they have you there, they’ll keep you on the phone as you pay for the gift cards.
Which brings us full circle back to the Stop Gift Card Scams campaign. Read lots more in the Spotlight itself, and find out more about avoiding gift card scams at ftc.gov/giftcards. And if anyone, no matter who it is, tells you to pay with a gift card, that’s a scam. Stop, don’t pay, and then tell the FTC at ReportFraud.ftc.gov.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
This article is contributed. See the original author and article here.
Dear IT Pros,
I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me start with a story.
Once upon a beautiful day, the Security Boss came to your desk and asked if the systems had passed all the security tests. Oh um…, you then wonder what tests are they? The Boss continue asking:
Really, do we have “an security examination” for system recently, how is the test for them look like?
Then, comes another story, on a certain Friday, a Company VIP brought his/her laptops to your desk and ask if it is safe from all threats. He or She then, request you to be sure that the Bitcoin Miners has not taken advantage and been using the compromised computer for their illegal money producing with “Java script Web Miner”. The VIP complained:
I traveled around the World, I surf the net from hotel rooms and browse many public web sites, so I do not want to be a victim of Web Miners attack. Here is the advertisement about the coin mining activities, what could we do to block this kind of script? Then the VIP show you the following image:
After viewing the image, with a little bit shocking, you think:
Surely, I want to check if my anti-malware be able to catch them all. But how and where to start with a test site?
Well, to answer the question, we will continue discussing the testing and test sites you could use to conduct the examinations towards those systems.
Pass the SmartScreen test
First we will use the tests from Microsoft SmartScreen demo site, https://demo.smartscreen.msft.net we could do the tests against the Edge browser to be sure it was protected against phishing page, malware page, malvertising, … All the tests will be conducted with fake virus and cause no harm to systems.
Malvertising (a portmanteau of “malicious advertising”) is the one popped up on a legitimate website, it asked you to click on a link to repair or to clean up your PC, the truly malicious link which cause damage when the innocent victim click on it. Once the PC become damage to the point of pausing all its activities, the attacker then asks for a payment to repair the problem PC. You may recognize and familiar with the following advertising attack:
Please make sure to enable SmartScreen or other Web protection policy for your Company Systems ASAP and test malvertising by using Microsoft SmartScreen demo site.
Edge, IE’ SmartScreen tests
Pass the Defender tests
For the comprehensive tests, we could use Microsoft Defender Demo site,
Test if your next generation of Anti-Virus software with Cloud based service, can block new malware just coming to the Wild for the first time and its signature is not even in Virus Definition list yet.
During the test, a fake virus file will be downloaded.
Potentially Unwanted Applications (PUA) like adware, cryptocurrency miner, coin miner, … They might perform actions on endpoints that adversely affect system performance.
Download this guide to test new virtual desktop infrastructure security intelligence update features. This requires VMs and a host running Windows 10 Insider Preview build 18323 or later.
Pass the Security Industry AMTSO tests
After successfully testing your environment with Microsoft demo, you could continue testing with Anti-Malware Industry Testing Site named AMTSO, www.amtso.org, it is partner with all the big vendors such as Checkpoint, Sophos, McAffee, Symantec, totalAV, Trend Micro, AV Test, F-Secure, Kapersky… for standardized testing purposes.
Let us have a look at its introduction page:
What test you could proceed with AMTSO website, here are the ones:
Your system must pass all the applicable tests.
The test name, “Is connected to a cloud-based lookup system” is used for AV software who is capable of filtering Web URL based on Web reputation list, black list provided by Cloud based service like Microsoft Endpoint Protection (WD ATP), Crowdstrike and FireEye,…
Test Result:
Besides blocking and warning events provided by your Antivirus software during test time, if you have setup security alert on endpoint protection service or Azure security center, you will receive alert Email Messages similar to the following one:
Alert shown in Microsoft Defender Endpoint Protection portal (securitycenter.windows.com):
An Aggressive Test
Lastly if you still want an aggressive way to vigorously test the system if it is blocking the java script cryptocurrency miner?
You could consider using another testing site and browse the site, www.wicar.org for testing on “cryptocurrency miner”. But first, let us read the Wicar.org introduction page:
the list of tests is shown in the following image, it includes test for Java script running Cryptocurrency,
if you test and fail, Wicar.org will be able to run the script during your visiting time and collect a fraction of a dollar or few cents to fund its testing web site operation.
Test result
You AV should be able to block “Java Script Cryto Miners” as shown in this image:
Well, up to this point of time, it seems that my blog article has become too long!
The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.
DrWare.com uses cookies to provide you the best possible experience. Use of this site means you understand and accept our cookie policy. Find out more.
Recent Comments