Network Security News | Ingalls Information Security

Articles of interest from the week of April 6, 2020

Written by John Frasier | Apr 6, 2020 4:00:00 AM

80% of All Exposed Exchange Servers Still Unpatched for Critical Flaw

Over 350,000 of all Microsoft Exchange servers currently exposed on the Internet haven't yet been patched against the CVE-2020-0688 post-auth remote code execution vulnerability affecting all supported Microsoft Exchange Server versions. (By Sergiu Gatlan, Bleeping ComputerIngalls: Protecting clients from being hacked used to involve a fairly straightforward set of technical controls that kept customer computer networks secure and data backed up in the event of a system failure. To do this 10 years ago, an IT company needed to provide firewalls, antivirus, patch management, and data backup. Today, cyberattacks against small businesses rely almost exclusively on tricking employees into giving up credentials or deploying malware. Here are talking points IT companies can use with their clients that help explain today’s cybersecurity threat landscape.


FBI Warns How Cyber Attackers Are Taking Advantage of Virtual Environments

The FBI anticipates cyber actors will exploit increased use of virtual environments by government agencies, the private sector, private organizations, and individuals as a result of the COVID-19 pandemic. Computer systems and virtual environments provide essential communication services for telework and education, in addition to conducting regular business. Cyber actors exploit vulnerabilities in these systems to steal sensitive information, target individuals and businesses performing financial transactions, and engage in extortion. (By FBI) Ingalls has consolidated relevant and helpful information to address security and privacy concerns surrounding the global COVID-19 outbreak. This guide features free and updated information on current scams, cyber threats, remote working, security awareness, and more. Ingalls will be working diligently to update this guide regularly as resources become available. We wish all of you safety and good fortune amid this hardship.


COVID-19 Exploited by Malicious Cyber Actors. Watch for these Phishing Emails

Both CISA and NCSC are seeing a growing use of COVID-19-related themes by malicious cyber actors. At the same time, the surge in teleworking has increased the use of potentially vulnerable services, such as virtual private networks (VPNs), amplifying the threat to individuals and organizations. APT groups and cybercriminals are targeting individuals, small and medium enterprises, and large organizations with COVID-19-related scams and phishing emails. This alert provides an overview of COVID-19-related malicious cyber activity and offers practical advice that individuals and organizations can follow to reduce the risk of being impacted. The IOCs provided within the accompanying .csv and .stix files of this alert are based on analysis from CISA, NCSC, and industry. (This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC)) Ingalls: Want to see what a Coronavirus phishing email looks like? Make sure your employees are trained on how to spot the Red Flags of a Phishing Email.


Cybersecurity Prevention Can Save Your Company $682k

For many cyber security professionals, one of the biggest challenges they face isn't stopping the next cyberattack, it's proving the value of something that didn't happen. A new report from the Ponemon Institute may finally give them the data they need to show that what they do is saving the organization money. (By Allen Bernard, TechRepublic) Ingalls: Please contact us today if you would like to speak to one of our cybersecurity experts about how we can help secure your company's information in a personalized and efficient way with our cybersecurity and Managed Detection and Response services.


FBI Warns How Cyber Attackers Conduct Business Email Compromise (BEC) Through Cloud-Based Services

Cyber criminals are targeting organizations that use popular cloud-based email services to conduct Business Email Compromise (BEC) scams. The scams are initiated through specifically developed phish kits designed to mimic the cloud-based email services in order to compromise business email accounts and request or misdirect transfers of funds. Between January 2014 and October 2019, the Internet Crime Complaint Center (IC3) received complaints totaling more than $2.1 billion in actual losses from BEC scams using two popular cloud-based email services. While most cloud-based email services have security features that can help prevent BEC, many of these features must be manually configured and enabled. Users can better protect themselves from BEC by taking advantage of the full spectrum of protections that are available. (By FBI) Ingalls: We offer targeted education and awareness to improve your security posture. Combine a social engineering test with a follow up employee training session. Employees are the weakest link in your security posture and we will test and train them to be more aware. Contact us today to learn more about how we can help secure your company's information in a personalized and efficient way.