Chrome and Safari: Hackers’ Newest Tools

Filling out web forms often seems like an unbearably monotonous obstacle that gets in the way of online shopping, booking a plane ticket, and doing other types of online registration. With many of today’s transactions done online, people have become accustomed to relying on their browsers’ autofill function to save time. But being able to save time from manually filling in your information comes at a price, especially if you’re using Google Chrome, Safari, and Apple’s mobile-only Opera.

How Do They Do It?

By concealing other fields in a sign-up form, users are tricked into thinking they only have to fill out a few fields. The trickery at work is that upon auto-sign up, other fields, which could include your usernames, passwords, billing address, phone number, credit card number, cvv (the 3-digit code used to validate credit card transactions), and other sensitive information, are auto-filled with the user none the wiser.

This sinister trick is nothing new, but since there hasn’t been any countermeasure since it was first discovered, the threat it poses is worth emphasizing. Finnish whitehat hacker Viljami Kuosmanen recently brought to light how users of Chrome and Safari are particularly vulnerable, and he even came up with a demonstration of how this phishing technique is perpetrated. The technique is so sneaky, it’s enough to make one give up online shopping forever.

Using plugins such as password managers is also fraught with the security risk, as having access to such a utility empowers cyberthieves to do more than just obtain your credit card info; it opens them up to a great amount of personal details. As an alternative, we recommend using a secure software for passwords and usernames, such as LastPass of Dashline.

Preventing an Autofill-Related Theft: So what can you do to avoid falling prey?

Using Mozilla Firefox is one of the easiest available solutions. As of today, Mozilla hasn’t devised a mechanism that affords its users the same convenience that Chrome and Safari users enjoy with autofill. When filling web forms on Firefox, users still have to manually pre-fill each data field due to a lack of a multi-box autofill functionality – a blessing in disguise, given the potential for victimization in autofill-enabled browsers.

Another quick fix is disabling the autofill feature on your Chrome, Safari and Opera (for Apple mobile devices) browsers. This would mean that when filling out web forms, you’d have to manually type responses for every field again, but at least you’d be more secure.

It’s not exactly the most sophisticated form of online data and identity theft, but complacency can result in being victimized by cyber swindlers. Take the first step in ensuring your systems’ safety by getting in touch with our security experts today at 800-421-7151.

The Latest Apple Malware Takes Over Webcams

“The first…of the new year,” is often a coveted title – but not always. With a reputation as a hardware provider whose devices outshine its competitors in the field of cybersecurity, Apple certainly isn’t happy that “The first Apple malware of the new year,” was awarded so early on. We strongly believe in the safeguards installed on Mac computers, but that doesn’t mean you can justify a lax stance on cybersecurity. Take a closer look at this latest strain.

Where Did it Come From?

Dubbed ‘Fruitfly’ by the powers that be at Apple, it looks as though this relatively harmless malware has been hiding inside of OS X for several years. Fruitfly contains code that indicates it was adapted to move from a previous build of OS X to ‘Yosemite,’ which makes it at least three years old.

In fact, there are some lines of code from a library that hasn’t been used since 1998. It’s possible these were included to help hide Fruitfly, but experts have no idea how long it has been holed up inside the infected machines, or who created it.

What Does it Do?

So far, most of the instances of Fruitfly have been at biomedical research institutions. The administrators who discovered the malware explained that it seems to be written to grab screenshots and gain access to a computer’s webcam.

Considering the specific nature of its victims, and what it can accomplish, Fruitfly seems to be a targeted attack that won’t affect the majority of Mac users. However, Apple has yet to release a patch, and dealing with malware is not something to be put off for another day.

How should I Proceed?

We’re always harping on the importance of network monitoring, and now we finally have proof that we are right. Fruitfly was first discovered by an administrator that noticed abnormal outbound network traffic from an individual workstation. Until Apple releases a patch, a better-safe-than-sorry solution is to contact your IT provider about any possible irregularities in your network traffic.

We recommend these additional steps as well:
– Install a full-service internet security suite on your device and keep it updated.
– Keep all software up to date, as this helps to patch vulnerabilities in your software.
– Keep your firewall turned on.
– Never click on suspicious links or open suspicious emails.
– Don’t chat with strangers online.
– Lock down your wireless network with a strong, unique password.
– For maximum security, use a virtual private network for maximum security.

This particular malware targets apple products, but in the age of the Internet of Things it is vital to understand that hackers and malware are compromising webcams on all devices. Once the culprits are in your webcam, they can access anything that you have linked to your network. For additional advice and resources on how to keep your network secure, email us at info@wamsinc.com.

New Malware Tests Virtualization Security

One of the core principles of virtualized technology is the ability to quarantine cyber security threats easily. For the most part, vendors have been winning this security tug-of-war with hackers, but that may change with the resurrection of a long-dormant piece of malware that targets virtualized desktops. If your business employs any form of virtualization, learning more about this updated virus is critically important to the health of your technology.

What is It?

Back in 2012, a brand new virus called “Shamoon” was unleashed onto computers attached to the networks of oil and gas companies. Like something out of a Hollywood film, Shamoon locked down computers and displayed a burning American flag on the display while totally erasing anything stored on the local hard disk. The cybersecurity industry quickly got the virus under control, but not before it destroyed data on nearly 30,000 machines.

For years, Shamoon remained completely inactive – until a few months ago. During a period of rising popularity, virtualization vendors coded doorways into their software specifically designed to thwart Shamoon and similar viruses. But a recent announcement from Palo Alto Networks revealed that someone refurbished Shamoon to include a set of keys that allow it to bypass these doorways. With those safeguards overcome, the virus is free to cause the same damage it was designed to do four years ago.

Who is at Risk?

As of the Palo Alto Networks announcement, only networks using Huawei’s virtual desktop infrastructure management software are exposed. If your business uses one of those services, get in touch with your IT provider as soon as possible to address how you will protect yourself from Shamoon.

On a broader scale, this attack shows how virtualization’s popularity makes it vulnerable. Cyber attackers rarely write malware programs that go after unpopular or underutilized technology. The amount of effort just isn’t worth the pay off.

Headlines decrying the danger of Shamoon will be a siren call to hackers all over the globe to get in on the ground floor of this profitable trend. It happened for ransomware last year, and virtual machine viruses could very well turn out to be the top security threat of 2017.

How Can I Protect My Data?

There are several things you need to do to ensure the safety of your virtual desktops. Firstly, update your passwords frequently and make sure they’re sufficiently complex. Shamoon’s most recent attempt to infect workstations was made possible by default login credentials that had not been updated.

Secondly, install monitoring software to scan and analyze network activity for unusual behavior. Even if legitimate credentials are used across the board, accessing uncommon parts of the network at odd hours will sound an alarm and give administrators precious time to take a closer look at exactly what is happening.

Ultimately, businesses need virtualization experts on hand to protect and preserve desktop infrastructures. Thankfully, you have already found all the help you need. With our vast experience in all forms of virtualized computing, a quick phone call is the only thing between you and getting started. Call us today at 800-421-7151!

3 “Must-Do” IT Resolutions For 2017

“Never before in the history of humankind have people across the world been subjected to extortion on a massive scale as they are today.” That’s what The Evolution of Ransomware, a study by Mountain View, California-based cybersecurity firm Symantec, reported recently.

If you have any illusions that your company is safe from cyber-attack in 2017, consider just a few findings stated in a recent report by the Herjavec Group, a global information security firm:
-Every second, 12 people online become a victim of cybercrime, totaling more than 1 million victims around the world every day.
-Nearly half of all cyber-attacks globally last year were committed against small businesses.
-Ransomware attacks rose more than an astonishing 300% in 2016.
-The world’s cyber-attack surface will grow an order of magnitude larger between now and 2021.
-The US has declared a national emergency to deal with the cyberthreat.
-There is no effective law enforcement for financial cybercrime today.

Clearly, your company’s information and financial well-being are at greater risk than ever in 2017. You cannot count on the federal or state government or local police to protect your interests. That’s why we STRONGLY SUGGEST that you implement the following resolutions starting TODAY.

Resolution #1: Tune up your backup and recovery system. The #1 antidote to a ransomware attack is an up-to-date backup copy of all your data and software. Yet managing backups takes more than just storing a daily copy of your data. For one thing, if your business is at all typical, the amount of data you store grows by 35% or more PER YEAR. If your data management budget doesn’t expand likewise, expect trouble.

Resolution #2: Harness the power of the cloud — but watch your back. Huge productivity gains and reduced costs can be achieved by making full use of the cloud. Yet it’s a double-edged sword. Any oversight in security practices can lead to a breach. Here are two things you can do to harness the cloud safely:

– Determine which data matters. Some data sets are more crucial to your business than others. Prioritize what must be protected. Trying to protect everything can take focus and resources away from protecting data such as bank account information, customer data and information that must be handled with compliance and regulatory requirements in mind.

– Select cloud providers carefully. Cloud vendors know that data security is vital to your business and promote that fact. Yet not all cloud vendors are the same. You can’t control what happens to your data once it’s in the cloud, but you can control who’s managing it for you.

Resolution #3: Set and enforce a strict Mobile Device Policy. As BYOD becomes the norm, mobile devices open gaping holes in your network’s defenses. Don’t miss any of these three crucial steps:
1. Require that users agree with acceptable-use terms before connecting to your network. Be sure to include terms like required use of very strong passwords, conditions under which company data may be “wiped” and auto-locking after periods of inactivity.

2. Install a Mobile Device Management System on all connected devices. A good system creates a virtual wall between personal and company data. It lets you impose security measures, and it protects user privacy by limiting company access to work data only.

3. Establish a strong protocol for when a connected device is lost or stolen. Make sure features that allow device owners to locate, lock or wipe (destroy) all data on the phone are preset in advance. That way, the user can be instructed to follow your protocol when their phone is lost or stolen.

Managed Services for Cyber Security

Ransomware, Trojan horses, spyware and malware are things firms like yours don’t ever want to come across. While the term cyber security was once thrown around to scare businesses into purchasing security software, today’s sophisticated threats can have an immense impact, and often one that antivirus solution alone can’t handle. With that in mind, we’ve rounded up top cyber attack statistics that illustrate why you need managed services in order to remain safe and operational.

The Numbers

Small businesses are not at risk of being attacked, but worse, they’ve already fallen victim to cyber threats. According to Small Business Trends, 55 percent of survey respondents say their companies have experienced cyber attack sometime between 2015 and 2016. Not only that, 50 percent reported that they have experienced data breaches with customer and employee information during that time, too. The aftermath of these incidents? These companies spent an average of $879,582 to fix the damages done to their IT assets and recover their data. To make matters worse, disruption to their daily operations cost an average of $955,429.

The Attacks

So what types of attack did these businesses experience? The order from most to least common are as follows: Web-based attacks, phishing, general malware, SQL injection, stolen devices, denial of services, advanced malware, malicious insider, cross-site scripting, ransomware and others.

Why Managed Services?

Managed services is the most effective prevention and protection from these malicious threats. They include a full range of proactive IT support that focuses on advanced security such as around the clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection and more.

Not only that, but because managed services are designed to identify weak spots in your IT infrastructure and fix them, you’ll enjoy other benefits including faster network performance, business continuity and disaster recovery as well as minimal downtime. One of the best things about managed services is the fact that you get a dedicated team of IT professionals ready to assist with any technology problems you might have. This is much more effective and budget-friendly than having an in-house personnel handling all your IT issues.

Being proactive when it comes to cyber security is the only way to protect what you’ve worked hard to built. If you’d like to know more about how managed services can benefit your business, just give us a call at 800-421-7151, we’re sure we can help.

Don’t Dismiss Disaster Recovery for 2017

Over the previous months, you’ve probably heard about new and disruptive trends like virtual assistants, smartphones, and automation technologies. Some of these IT solutions may even be placed on top of your business priority list. However, with floods, fires, and power outages just around the corner, disaster recovery and business continuity plans should always have a place on your annual budget.

DR Isn’t A Huge Investment
A common misconception about disaster recovery is that it’s a large, bank-breaking investment. Expensive secondary data centers, networks, and server maintenance usually come into mind when a business owner is confronted with the idea of business continuity. And while that may have been true in the past, establishing a strong disaster recovery plan today is as simple – and as cheap – as going to a cloud-based disaster recovery provider and paying for the data and services that your business needs. Subscription pricing models are actually incredibly low, meaning you can have minimal downtime while still having enough to invest in new tech.

Onsite Backups Just Won’t Cut It

Although you might feel secure with a manual backup server down the hall, it is still susceptible to local disasters and, ultimately, does very little in minimizing company downtime. When disaster recovery solutions are hosted in the cloud or in a virtualized server, restoring critical data and applications only take a few minutes.

Business Disasters Can be Man-Made, Too
Even if your workplace is nowhere near frequent disaster zones, cyber attacks and negligent employees can leave the same impact on your business as any natural disaster can. Setting a weak password, clicking on a suspicious link, or connecting to unsecured channels is enough to shut down a 5-, 10-, or even 50-year-old business in mere minutes.

Sure, installing adequate network security is a critical strategy against malicious actors, but last year’s barrage of data breaches suggests that having a Plan B is a must. A suitable disaster recovery plan ensures that your data’s integrity is intact and your business can keep going, no matter the malware, worm, or denial-of-service attack.

Downtime Will Cost You
A business without a DR plan might come out unscathed after a brief power outage, but why risk the potential damages? Either way, downtime will cost your business. First, there’s the general loss of productivity. Every time your employees aren’t connected to the network, money goes down the drain. Then there’s the cost of corrupted company data, damaged hardware, and the inevitable customer backlash. Add all those variables together, and you end up with a business-crippling fee.

So, if you want 2017 to be the best year for your business, make the smart choice and proactively take part in creating your company’s business continuity plan. Your business will be in a better position financially with it than without it.

Keep your business safe, recover from any disaster, and contact us today at 800-421-7151.

New Ransomware Demands Sacrifice

It’s scary to think you can be simply browsing the Internet when WHAM! A screen pops up out of nowhere claiming that you have been hijacked and will need to pay a bitcoin to free your computer. Unfortunately, ransomware like this is not uncommon. But now there’s a new, more devastating virus that asks victims to pick other victims to replace them in order to get their computer information back safely. Read on to find out how Popcorn Time is turning the ransom game on its head – and how you can protect yourself from it.

Ransomware is nothing new. Cybersecurity miscreants have been taking advantage of online users for years by requiring payment to “unlock” a victim’s computer. What Popcorn Time does differently is give users the option to spread the virus to two other victims in the hopes that they will pay the ransom — a tactic that promises to double their money at the expense of your sense of morality (and at the expense of your friendships as well).

The Cost of Popcorn

When you inadvertently download this ransomware, you will be met with a screen that explains that your files have been hijacked/encrypted, and that to get them back you will need to pay one Bitcoin for a decryption key that they keep stored remotely. The Bitcoin fee is usually more than $700, a hefty price to pay during any season but particularly difficult for those infected right after the holiday season.

Spread the Wealth and Hope they Bite

What makes Popcorn Time unique is the option victims have to take their cost away by allowing the ransomware to affect two of their friends for a chance to get a free decryption code. Of course, it works only if both friends pay the ransom, which leaves you looking (and feeling) like a criminal yourself.
Avoiding Popcorn Time this Season

The easiest way to avoid downloading ransomware is to stay off of sites that might contain questionable files. However, this is nearly impossible for modern users, and many hackers are getting good at making their files look legitimate. Limit your exposure to potential ransomware by keeping your software up-to-date and your computer protected with a security program from a reputable company. If you need to learn more about how to avoid running into ransomware while you’re online, give our professional cybersecurity consultants a call at 800-421-7151. We’ll keep you away from the popcorn this year.

Collaboration-Driving Office 365 Updates

Communication might be the key to personal relationships, but collaboration is the key to business connections. That’s why many small- and medium-sized businesses are looking into Office 365, a productivity and collaboration-enhancing software that allows employees to stay productive on-the-go. Recently, Microsoft announced some new Office 365 features, and we’ve rounded up the four latest updates:

Real-time Collaboration in PowerPoint

Users will now be able to share a PowerPoint deck and update documents with others in real time. This means you’ll be able to see edits as your colleagues make them. Microsoft was committed to expanding real-time co-authoring of a company’s native applications, with Microsoft Word already rolling out this feature beforehand. Currently, real-time collaboration is available for PowerPoint on Windows desktops for Office 365 subscribers in the Office Insider program and for PowerPoint Mobile on Windows tablets.

Move Attachments to the Cloud and Share with Colleagues in Outlook

According to Kirk Koenigsbauer, corporate vice president for the Office team, this feature allows users to transform a traditional document into a shared cloud document within Outlook. Previously, Outlook users could only attach cloud-based documents to an email, but this new feature makes it easier to send large files and to collaborate on those files with ease.

Users can upload files into their own OneDrive or a document library as part of an Office 365 group and then designate sharing permissions for the email recipients. The new feature is currently available in Outlook on the web as well as Outlook on Windows desktops for Office 365 subscribers.

Mobile Notifications for Changes to Shared Documents

With this new update, users will be notified when any cloud documents in Word, Excel and PowerPoint are being shared or edited. These notifications let you know when changes are being made, even if you are away from a particular document, so you’re always connected and know when you have to act. This feature can be integrated with the activity feed on Windows desktops, and help businesses improve user collaboration. Koenigsbauer says that Microsoft will continue working on the notification feature “to provide more detail and transparency around shared document activity in the future.” Sharing and editing notifications are available for Word, Excel, and PowerPoint users on Android and Windows Mobile for Office Insiders. This feature will be available for commercial users in all Office mobile applications in the coming months.

Find, Open, and Save Documents in a ‘Shared with Me’ and ‘Recent Folders’ Tab

Microsoft’s “Shared with Me” tab in Word, Excel, and PowerPoint makes it easier for enterprise users to find and open shared documents without having to leave the app you’re working in. At the moment, the Shared with Me tab is available on Windows desktops and Macs for all Office 365 subscribers, iOS and Android devices included. And soon, it will be available on Windows Mobile. And the “Recent Folders” tab — used to help quickly locate files as well — is now available in Word, Excel and PowerPoint on Windows desktops for Office 365 subscribers in the Office Insider program.

Technology has become an integral part of modern businesses, and investing in the right IT resources is needed in order to achieve success. With the latest additions to Microsoft Office 365, small- and medium-sized businesses will enjoy enhanced staff collaboration, increased corporate productivity, and an overall competitive advantage.

Cyberhack Underscores Law Firms’ Vulnerability

Major U.S. law firms have become more vigilant in recent years about the risks of cyberattacks, but revelations this week of a major hack on two New York firms are a reminder that the industry remains vulnerable. 


The Manhattan U.S. attorney’s office unsealed a criminal indictment Tuesday against three Chinese men accused of using stolen law-firm employees credentials to access troves of internal emails at two law firms. The men, according to prosecutors, used details they obtained in law-firm partner emails about pending deals to make more than $4 million in illegal stock trades.

Legal-industry experts say law firms often lag behind corporate clients in data-security measures, even though they are entrusted with valuable trade secrets, market-moving deal news and other sensitive information that is attractive to hackers.
The reason behind the gap is twofold: Lawyers have only felt the treat recently, and law firms traditionally lag behind other industries in tying to become more efficient through technology, largely because they bill their services based on time.

“Law firms aren’t necessarily committed to things that don’t make them money per se,” said Neil Watkins, the senior vice president of security, risk, compliance, and privacy at legal-services company Epic Systems. Mr. Watkins said law firms are at least three years behind what’s become standard of data security in finance and other industries, though he says awareness is improving.

Starting a few years ago, large banks began requiring their top law firms to undergo data-security audits and meet stringent standards.
That level of scrutiny is now being applied by other sectors. Marsh, and McLennon Cos. general counsel, Peter Beshar, said that in recent months, he’s begun requiring his top 10 outside law firms to meet six cybersecurity standards, including using encrypted transmissions when sending messages externally, having detailed incident-response plans and securing $5 million in cybersecurity insurance coverage.

To help stay ahead of a breach, law firms have formed an information-sharing group to learn about new potential threats and system weaknesses from both each other and government agencies. The group, which so far counts more than 100 firms, helped disseminate information on a potential threat a few months ago and thwarted a hack, said Bill Nelson, chief executive officer of the Financial Services information Sharing and Analysis Center, which oversees the legal group and similar entities that focus on other industries. Los angeles family-law lawyer Stacy Phillips said the need to protect the personal information of her clients was at the top of her mind earlier this year the she merged hr boutique law firm into Blank Rome, LLP, a 600-lawyer firm based in Philadelphia. Investing in adequate data-security technology was becoming “prohibitively expensive” at the smaller firm, she said. “It was very much a stress,” she added.

Now at Blank Rome, she said the matrimonial practice, which holds extremely private information from client divorces and custody battles, has a double layer of security to ensure no one else at the firm can access their files.

As read in the Wall Street Journal
Written by Sara Randazzo