Were you a Phishing Victim?

Were you a Phishing Victim?

If you were directed from a remote logon system such as a OWA (Outlook for Web Access) or any other logon page, you possibly were duped and missed tell tale signs of a phishing attempt and you clicked a link you should not have followed.

No confidential data was taken and no data moved from the system internal system.

What could be the impact?

  • If you have clicked on a link and the remote site has a script that downloads a payload (some virus or malware) that infects your computer.
  • Once the virus has been downloaded, it will have many possible attack paths including encrypting your data, stealing your data or be used as an attack point against other computers.

What should you look for?

  • Have a look at the web site address and the exact spelling...
Read More

Microsoft Windows Device Monitor

Microsoft Windows Device Monitor

One of the biggest risks we have in an enterprise is the introduction of viruses which can have many adverse effects in your network and related resources.  Some of them include and are not limited to:

  • Create a backdoor into your environment which a bad actor (hacker) will use for his benefit and your losses;
  • Allow for malware ‘loader’ to download the actual payload from a Command and Control (C2C) centre
  • Waste resources
  • and more…

This is normally introduced by privileged users such as Administrator that brings in an infected USB drive and plugs it into a workstation or a server with anti-virus software not running or not properly updated.  Now the malware is inside your network and you are a pawn in the cyberwar game...

Read More

Ransomware in the Machine

Ransomware in the Machine

“Have not done your homework?  Do not past BEGIN, go straight to the crying room!”

The latest attack (12 May 2017) on your data known as WannaCrypt a.k.a WannaCry is the result of the WikiLeak release of NSA hacking tools.  This blog entry is not to talk about the intricacies of the exploit and what you should do about it to control the damage as if you do not have staff on your team that averted this, you need to relook at the skill level as well as the controls you have in place.

Credit to anonymous on the Internet...

Have not done your homework? Do not past begin, go straight to the crying room.

For those who have not patched against the exploit, I have seen an excellent image on the web for them.  This sounds insincere however there was ample time to address many issues.

The Microsoft patch (MS...

Read More