535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

June 05, 2017

Four Security Threats to Keep On Your Radar

We are about to enter one of the most dangerous times of the year for cybercrime.

Many small businesses will slow down for the summer, meaning employees will have more time to click around randomly on the Internet — exposing organizations to a number of threats like ransomware.  

At the same time, hordes of summer interns and entry level hires will join the workforce, many of whom are still dark about cybercrime. Plus, many organizations will experience temporary IT staffing shortages as employees head out of town or work reduced hours.     

Understand that while business may slow down this summer, cybercriminals will not. Hackers will have their eyes peeled for low-hanging fruit they can exploit.

For this reason, it’s important to keep your guard up. Here are four threats that you need to be aware of this summer:

“Fireball” malware: A new type of malware called Fireball is spreading like wildfire across the Internet. The malware, which experts claim originated in China, has already infected at least 250 million computers and counting. Twenty percent of corporate networks may be infected, too. India, Mexico and Brazil have reportedly been hit the hardest.

“Fireball has two main functions: the ability of running any code on victim computers–downloading any file or malware, and hijacking and manipulating infected users’ web-traffic to generate ad-revenue,” Check Point stated in a report. “Currently, Fireball installs plugins and additional configurations to boost its advertisements, but just as easily it can turn into a prominent distributor for any additional malware.”

According to Check Point, Fireball is hiding in freeware applications like Soso Desktop, FVP Imageviewer and Deal Wifi.

Infected resumes and RFPs: Chances are likely your organization will be seeking assistance this summer, either from part time hires or third party vendors. As such, you may be posting advertisements on websites like Indeed.com or Craigslist.

While these websites are great for finding help quickly, they can also be an enormous headache from a cybersecurity perspective. It’s very easy for a hacker to create a fake resume or RFP, embed it with malware and respond to an online advertisement — infecting the company in the process. A hacker could, for instance, attach a rootkit into a PDF and use it to access a computer’s microphone and camera.

As a precaution, employees should never automatically run files when downloading them. All incoming files from the strangers should be saved to a folder, and analyzed before being executed.

Small-scale DDoS attacks: Over the last year, distributed denial of service (DDoS) attacks have grown into a top cyberthreat. But according to new research from Corero, it’s not the large attacks that you really need to worry about — it’s the small ones. In fact, 98 percent of all DDoS attacks against Corero’s customers during 1Q17 were measured at less than 10 Gbps in volume. And almost three quarters lasted 10 minutes or less.

As the report explains, these small attacks typically go undetected by IT security staff and DDoS protection systems. But they can be strong enough to knock down a firewall or detection system and allow hackers to enter into a network.

A cartoon named Judy:  Researchers have discovered a type of malware called Judy that may present up to 40 different Android applications.  According to NYMag, the malware — which features a cartoon character named Judy in its title — has also spread to many other applications in Google Play. Between 8.5 and 36.5 million users may be infected.

Once an infected application is installed, the device is automatically routed to a page with embedded auto-clicking adware that generates recurring revenue for its hosts.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

To ensure your security, consider one of our most popular services — Auditing & Documentationwhich pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.


 



Comments powered by Disqus

Related Articles