Entries in Cyber Security (17)

Friday
Apr072023

PAConnect, Sophos and Cowbell: A Strategic Partnership for Cybersecurity

DateFriday, April 7, 2023 at 7:03AM

Cybersecurity is one of the most pressing challenges for businesses in the digital age. As cyber threats become more sophisticated and frequent, organizations need to protect their data, systems and reputation from potential breaches and attacks. However, cybersecurity is not a one-size-fits-all solution. Different businesses have different needs, risks and budgets when it comes to securing their digital assets.

That's why PAConnect, a leading IT solutions provider, has partnered with Sophos and Cowbell, two of the most innovative and trusted names in the cybersecurity industry. Together, they offer a comprehensive and customized cybersecurity package that combines cutting-edge technology, expert services and tailored insurance coverage.

Sophos is a global leader in next-generation cybersecurity solutions that protect millions of users across 150 countries. Sophos offers a range of products and services that cover endpoint protection, network security, cloud security, mobile security and more. Sophos also provides 24/7 threat intelligence and response through its SophosLabs and Sophos Managed Threat Response teams.

Cowbell is a cyber insurance company that leverages artificial intelligence and data science to assess and mitigate cyber risks. Cowbell offers cyber insurance policies that are tailored to each business's unique risk profile and exposure. Cowbell also provides proactive risk management tools and resources to help businesses improve their cybersecurity posture and resilience.

By partnering with Sophos and Cowbell, PAConnect can offer its clients a holistic and integrated approach to cybersecurity that covers prevention, detection, response and recovery. PAConnect can help its clients select the best Sophos products and services for their specific needs and budget, as well as provide installation, configuration, maintenance and support. PAConnect can also help its clients obtain the optimal Cowbell cyber insurance policy that covers their potential losses in case of a cyber incident.

With this strategic partnership, PAConnect, Sophos and Cowbell aim to provide businesses with the peace of mind that they are protected from cyber threats at all levels. Whether it's a ransomware attack, a data breach, a phishing scam or any other cyber risk, PAConnect, Sophos and Cowbell have the solutions to help businesses stay secure and resilient.

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Monday
Mar272023

Last week's announcement of Sophos and Cowbell Partnership

DateMonday, March 27, 2023 at 7:03AM

Sophos has partnered with Cowbell Cyber Inc. to provide businesses with an easier way to access cyber insurance. The partnership will allow our clients to directly share their security health information with Cowbell to facilitate optimal premium quotes and policies and gain access to Cowbell insurance through Sophos.

The partnership is a further step in Sophos’ journey to support its customers in the efforts to mitigate cyber risk. Specifically, Sophos endpoint customers will be able to ‘opt-in’ to share with Cowbell their endpoint security health status from the Sophos Central platform, using a secure API. The partnership will also allow Cowbell to offer its cyber insurance coverage to Sophos customers in the U.S. through the opt-in sharing of endpoint health security data.

The benefits of the partnership include easier access to cyber insurance for businesses, optimal premium quotes and policies, and the ability to share endpoint security health status with Cowbell to facilitate optimal premium quotes and policies.

AuthorBob Appleby | CommentPost a Comment |
in , , , ,
Monday
Mar062023

Ransomware on the Rise

DateMonday, March 6, 2023 at 2:20PM

A CSO article suggests that cyberattack tactics rise up as ransomeware payouts increase. The author goes on to describe the different modes of attack and what to look out for. Worth a read!

AuthorBob Appleby | CommentPost a Comment |
in ,
Monday
Feb132023

Repost:Booking.com reservation data used to scam customers

DateMonday, February 13, 2023 at 8:00AM

This is a very well documented article describing a scam that has been going on for years. This is worth your time if you use this service. Read more...

A day after watching the Super Bowl ads I noticed Booking.com paid for a Super Bowl Ad so this all of a sudden becomes a little more important to consider.

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Wednesday
Dec042019

Senior Care Providers Scramble After $14M Ransomware Attack Hits Tech Firm VCPI

DateWednesday, December 4, 2019 at 10:38AM

Heath firms are seeing themselves as the big-ticket target more and more these days. A week ago, we saw a report of another Health Care Provider being attacked with ransomware for the tune of $14M in BitCoin to unlock their encrypted data.

For more information Click Here to see the article. But if this scares you, and it should, call us to see if you are protected from this sort of attack, and if not how we can help you stave off this type of attack!

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Tuesday
Oct292019

Adobe Crative Cloud customer database breached

DateTuesday, October 29, 2019 at 8:37AM

Naked Security reported on this breach that exposed 7.5 million Adobe customers revealing the following information:

  • Account creation date
  • Adobe products used
  • Subscription status
  • Whether the user is an Adobe employee
  • Member IDs
  • Country
  • Time since last login
  • Payment status

See full details here: https://nakedsecurity.sophos.com/2019/10/28/adobe-database-exposes-7-5-million-creative-cloud-users/

 

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Thursday
Oct262017

Sorry if you missed the Sophos Rise Over Ransomeware event yesterday

DateThursday, October 26, 2017 at 8:44AM

There was a good turnout yesterday at the Cranberry/Pittsburgh event. Sophos presented a lot of good information to everyone that attended about the state of the Sophos products and the story behind the Synchronized Security Solution.

AuthorBob Appleby | CommentPost a Comment |
in , , , ,
Wednesday
Oct252017

Sophos Launches New XG Firewall Version, Adds New Application Visibility And Deployment Options

DateWednesday, October 25, 2017 at 2:35PM

This is a great article from CRN on the new release of the version 17 SFOS operating system. One of Sophos PAC members had quote in it which is sums up the positive direction that Sophos is taking towards their Synchronized Security capabilities for your network. Good job SAM! It is good to get the word out about one of the best good news stories in the security industry and the major reason for looking at Sophos then any other solution.

If you are not aware of the Sophos Synchronized Security Story you may want to take a look at the video below. Each new version of SFOS and the Sophos Central Products bring your network more security with each new component that you add to it.

See a quick video below to get a better view of what I am talking about:

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Wednesday
Aug232017

Microsoft Warns Users to be Diligent as Tech Support Scams Get More Sophisticated

DateWednesday, August 23, 2017 at 1:28PM

Microsoft has been warning users about tech support scams for years, and this week shared how it is seeing these scams continue to evolve by targeting victims through emailed links that lead to tech support scam websites.

The spam emails, according to Microsoft, use social engineering techniques to get users to click suspicious links. Once a target clicks on the link, they are led to a tech support scam website, “which use various scare tactics to trick users into calling hotlines and paying for unnecessary ‘technical support services’ that supposedly fix contrived device, platform, or software problems.”

A survey last year, cited by Microsoft, found that two out of three people have experienced a tech support scam in the previous 12 months.

As Microsoft explains in a blog post, while typically tech support scams leverage a mix of techniques, including malicious ads, malware, and cold calling, email lets them “cast a wider net.”

“The technical support scam websites employ various social engineering techniques to compel users to call the provided hotlines,” Microsoft said. “They warn about malware infection, license expiration, and system problems. Some scams sites display countdown timers to create a false sense of urgency, while others play an audio message describing the supposed problem.”

Microsoft has been tracking tech support scams for years, working with law enforcement to investigate tech support fraud networks and strengthening its technology to prevent tech support scams from making it in customer inboxes in the first place. Microsoft recommends that users update to Windows 10 if they haven’t already to ensure they are benefiting from the most up to date security defenses.

AuthorBob Appleby | CommentPost a Comment |
in , ,
Monday
Aug142017

Naked Security: Thousands of Android-spying apps in the wild: what to do about SonicSpy

DateMonday, August 14, 2017 at 3:31PM

By Bill Brenner, nakedsecurity.sophos.com

Well we always knew that Android was a security nightmare but SophosLabs has found three cases of SonicSpy-infused apps in Google Play:

Researchers from SophosLabs and elsewhere have found three cases of SonicSpy-infused apps in Google Play: Soniac, Hulk Messenger, and Troy Chat – messaging apps that hide their spying functionality and await orders from command-and-control servers.

Google booted the apps from its store after they were discovered. Researcher Chen Yu said the Google Play versions had “tiny installation numbers and existed for a very short time”. Though three were found on Google Play, SophosLabs has counted 3,240 SonicSpy apps in the wild. Some reports place the number at 4,000.

According to multiple reports, a single bad actor – probably based in Iraq – has released these apps into the wild since February.

To read more of this article: click here

AuthorBob Appleby | CommentPost a Comment |
in , , , ,
Tuesday
Jul182017

Sophos Phish Threat Protection–Whitepaper

DateTuesday, July 18, 2017 at 10:03AM

It is now surprise that Phishing attacks have caused issues with a whole lot of people. Whether it is from “The Microsoft Service Department” wanting to help you get rid of unwanted malware by signing on to your computer to get a quick look and run their special software… to the IRS scams with the caller wanting you to satisfy your unknown tax bill or there will be agents coming to take you away. They are coming at us from all directions. Some are subtle and most are real sneaky. How do we test our organization to see if we are prepared and educated to be aware of these attacks so that we are not succumbed by them? How do we get trained to understand what we should be wary of?

Sophos has an answer for you. Their brand new Phish Threat Protection service that allows you to setup campaigns to both train and test your employees. It is reasonably priced and is a good source for keeping your people on their toes. What is your weakest link in your organization? The People.

Take a look at this whitepaper: Don’t Take the Bait and learn more about protecting your company today.

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Tuesday
Jul112017

Did you ever wonder the difference between anti-malware and anti-virus software?

DateTuesday, July 11, 2017 at 12:57PM

The short answer is that most anti-virus software packages also are taking care of anti-malware because they are different faces of the same issue. All viruses are malware so… The main difference between different companies products is how effective and how they do their recognition of the malware. We pick the combination of Sophos’s Endpoint Protection + Intercept X to give you the best one-two punch to protect your systems. When you combine these products with s Sophos Firewall you have a very effective start to your security needs.

Sophos Synchronized Security

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Wednesday
Jun282017

Good News if you are using Sophos Endpoint Protection and/or Intercept X Security Products

DateWednesday, June 28, 2017 at 9:29PM

Sophos Stops Petya Ransomware

As with the recent WannaCry Ransomware attack, organizations around the world have again been affected by a new ransomware variant known as the Petya cyber-attack. We wanted to contact you to offer our advice and support.
Customers using Sophos Endpoint Protection are protected against all known variants of this ransomware. We first issued protection on June 27th at 13:50 UTC and have provided several updates since then to provide further protection against possible future variants.
In addition, customers using Sophos Intercept X were proactively protected with no data encrypted from the moment this new ransomware variant appeared.
Find out more about Intercept X and how it can protect your customers from ransomware like Petya and Wanna:

Further Information

Sophos KB: New variant of Petya ransomware
NakedSecurity:  Deconstructing Petya: how it spreads and how to fight back

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Tuesday
Aug042015

Yet Another Encryption Scam

DateTuesday, August 4, 2015 at 10:26AM

ZDNet reports that another encryption scheme has arisen to rear its ugly head using Windows 10 upgrade as the teaser. Hackers are targeting users attempting to upgrade to Windows 10 with ransomeware malware that encrypts files until a ransom is paid. The "bad guys" appear to be impersonating Microsoft in and an attempt to grab your money. 

Emails are being sent out tempting the email recipient with an attachment that is an installer that will allow them to get the new Windows 10 operating system sooner. What is making this scheme work is the fact that Microsoft is making users wait in queue for their turn to upgrade their systems. Impatience on the part of waiting users is causing plenty of heartache for those that succomb to the tempation of running the installer.

Once you download and open the attached executable file, the malware payload opens, and begins encypting data on the affected computer and locking you out of those files.

Typically you are required to pay the ransom using bitcoin which is much harder to track. And to make it even harder to track the bad guys, they are usually using the TOR network which makes it nearly impossible to trace.

Cisco research Nick Biasini said the malware payload, called CTB-Locker, is being delivered at a "high rate." "The functionality is standard however, using asymmetric encryption that allows the adversaries to encrypt the user's files without having the decryption key reside on the infected system." 

Ransomeware attacks have been on an increase since 2014 and is a quick and easy near-untraceable way to generate a lot of money in a very short time. So hackers are going to keep coming up with new ways to attack your systems. So beware of what you are clicking on and accepting, you may their very next victim!

AuthorBob Appleby | CommentPost a Comment |
in , , , , , , , ,
Wednesday
Jul152015

CryptoWall ransomware cost US victims at least $18 million, FBI says

DateWednesday, July 15, 2015 at 12:31PM

by John Zorabedian on June 25, 2015

 

ransomware-note-1200Malware that encrypts all of a victim's files and holds them for ransom - what's commonly called crypto-ransomware or cryptoware - continues to be hugely successful in making money for the criminal gangs who perpetuate it.

According to a public service announcement from the FBI's Internet Crime Complaint Center (IC3), the CryptoWall variant of crypto-ransomware cost US businesses and consumers at least $18 million between April 2014 and June 2015.

That figure is based on complaints from 992 CryptoWall victims, and includes related damages such as the cost of network mitigation, loss of productivity, legal fees, IT services and credit monitoring services.

It's not clear how much of the $18 million was paid out in ransom fees to the CryptoWall criminals, but the FBI said that the ransom demanded typically ranged from $200 to $10,000.

The FBI called CryptoWall the "most current and significant ransomware threat" in the US.

Although the FBI's report of financial damages caused by CryptoWall is significant, it's likely those figures represent only a tiny minority of the cost to victims worldwide.

It's difficult to determine the exact number of crypto-ransomware victims, in part because many businesses caught in the ransomware trap don't want to come out and say so (public sector organizations like police departmentshaven't had the same luxury).

Equally hard is figuring out how much money the crooks have hauled in from their ransomware enterprises.

What we do know is that crypto-ransomware is highly effective, and lucrative enough for criminals to keep coming up with new forms of it - one survey found that 3% of UK citizens had been victims, and 40% of those had paid the ransom.

CryptoWall's predecessor, CryptoLocker, was extremely successful - the crew behind CryptoLocker raked in an estimated $27 million in the first two months after it was unleashed in September 2013.

Although CryptoLocker was fatally damaged by a law enforcement take-down of its server infrastructure in May 2014, cybercriminals soon began spreading other dangerous forms of ransomware based on CryptoLocker's successful model.

We began seeing CryptoWall in April 2014, along with another similar variant called CryptoDefense.

Since then, other copycats have emerged that have proved to be just as dangerous, some even borrowing the CryptoLocker name.

Recently we even saw crypto-ransomware that borrowed themes and imagery from the popular television series "Breaking Bad."

The crooks have figured out some fiendish ways to get people to pay up: by making their illicit software "consumer-friendly" with easy-to-follow instructions on how to pay with bitcoins or other forms of untraceable e-payment, and offering "user support."

Crypto-ransomware crooks have also figured out that they can earn their victim's trust (more or less) by offering to decrypt one file for "free" - so you'll know the crooks will follow through on their promise to decrypt the rest of your files once you pay them.

If the crooks have implemented the encryption process properly - and they often have - you're left with a choice of losing your files, or paying for a copy of the decryption key.

It presents an ethical dilemma - one which Sophos security expert and fellow Naked Security writer Paul Ducklin captured well in his excellent post "Ransomware - should you pay?"

His spot-on and simple advice is summed up here:

  1. Don't pay if you can possibly avoid it, even if it means some personal hassle.
  2. Take precautions today (e.g., backups, proactive anti-virus, web and email filtering) so that you avoid getting into a position where you ever need to pay.
AuthorBob Appleby | CommentPost a Comment |
in , , , ,
Tuesday
Jan212014

Worst Passwords of 2013

DateTuesday, January 21, 2014 at 6:00AM

imageThere are a lot of solution out their to help you keep track of and to make strong passwords for you online access to all of your sites. It is important to not only have strong passwords (ones that cannot be easily guessed) but also to have different passwords for each and every site that you access. That way if one is compromised then the rest of your secure sites are not compromised as well.

What Makes a Strong Password?

  • It needs to contain special characters such as @#$%^&
  • It must be at least 8 characters long.
  • It must not have any common words such as 123, password, your birth date, your login name and any words that can be found in the dictionary.
  • a variation of capitalization and small letters

For best protection every password you use should be unique and have the characteristics of what is a strong password listed above. You may be wondering how you are going to remember so many passwords when you have a problem remember just one! Try some of these tips in creating and remembering your passwords:

1. First, think of a thing, date, phrase, event, place or anything that is unique only to you. Make sure that it is at least 8 characters in length. What ever you come up with use this as the focal point for creating the rest of the password. Some people call this the salt phrase.

2. Many use the following to confuse the spelling by replacing certain alpha characters with specific special characters. You can come up with your own rules for doing this but commonly people use the following.

  • Replace all the ‘a’ with @
  • Replace all the ‘s’ with $
  • Repalce any space with %
  • Replace any ‘o’ with 0
  • Replace any ‘i’ with !

3. Then for each site use either the site name or something about the site additionally added to your salt term. You can even vary the placement of the two parts to even make it more unique. Come up with some rules to use to help you remember and you will be on your way to a much safer online experience.

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Monday
Oct032011

National Cyber Security Awareness Month

DateMonday, October 3, 2011 at 4:31PM

Cyber Security Awareness Contest for Students!

Astaro is asking us to join them in their quest to educate students about cyber security! During the month of October, Astaro will be running a contest, giving students the chance to win a free laptop!

The rules are simple: Record a 1-2 minute video answering two important questions: What does cyber security mean to you, and what do you do to stay safe online? Act it out, record a song, make up a dance, or come up with some other way to express your thoughts on cyber security!

Check out some of the submissions now and vote for your favorite!

Watch Now

Cyber Security Month more info

Astaro Promotes Cyber Security Awareness more info

AuthorBob Appleby | CommentPost a Comment |
in , , , , ,