Criminals Are Using YouTube Video Channels To Spread Malware

YouTube has long been a hunting ground used by hackers and scammers to push all manner of hoaxes, scams and malicious code onto unsuspecting users. A security researcher known only as Frost is working for Cluster 25.

Frost has reported a significant uptick in the number of malware campaigns orchestrated from YouTube.

Overwhelmingly these campaigns are pushing Trojans onto the PCs and smart devices of their victims.

Frost has identified what appear to be two clusters of malicious activity occurring simultaneously. One of these is pushing the RedLine trojan and the other is pushing Racoon Stealer.

Literally thousands of videos and channels have been made in the conduct of these two campaigns. Based on Frost’s personal observation the campaigns are adding 100 new videos and 81 channels every twenty minutes.

He had the following to say about the identified campaigns:

The videos in question cover a wide range of topics. The hackers behind the campaigns tend to favor videos about software cracks, how to guides that outline how to get around software licenses, cryptocurrency, software piracy, game cheats and VPN software.

The videos are at least vaguely helpful and contain a link that the video’s authors claim is to a tool that will help the viewer on his or her quest related to the topic of the video. Naturally the link is nothing of the sort and clicking on it will install malicious code on the viewer’s device.

The problem has gotten serious enough that YouTube’s owner Google made a formal statement about the matter.

Google’s statement reads in part as follows:

“We are aware of this campaign and are currently taking action to block activity by this threat actor and flagging all links to Safe Browsing. As always, we are continuously improving our detection methods and investing in new tools and features that automatically identify and stop threats like this one. It is also important that users remain aware of these types of threats and take appropriate action to further protect themselves.”

The moral of the story is simple: Be very careful about any links you click.

MANAGED IT SERVICES

CYBERSECURITY | HELPDESK | UPDATES | BACKUPS

WHY DO YOU NEED MANAGED SERVICES?

The Easiest Way To Disaster-Proof Your Cyber Security

The Easiest Way To Disaster-Proof Your Cyber Security

Though no one would dispute the increasing prevalence of cyber-attacks on businesses in recent years, many small-business owners believe themselves and their business to be immune to such cyber attacks. Broadly speaking, many small-business owners are likely to think that cybercriminals will go after the bigger fish. However, the fact of the matter is that cyber-attacks are crimes of opportunity, and small businesses often have access to a good amount of sensitive data without many major safeguards. In other words, they’re low-hanging fruit, ripe for the picking. 

Back in 2019, two-thirds of respondents to a survey about cyber security didn’t believe that their small to mid-size business (SMB) would fall victim to a cyber-attack. Consequently, only 9% of respondents said cyber security was a top priority for their business, and 60% didn’t have any sort of plan for deterring a cyber-attack. All of this, despite the fact that, according to a report from CNBC, SMBs endured 43% of reported cyber-attacks, and according to data from the Ponemon Institute and Keeper Security, 76% of SMBs in the U.S. alone reportedly endured a cyber-attack within the previous year. 

Every small-business owner should have some plan for deterring cyber-attacks so they don’t end up as another statistic. Here are a few strategies for keeping the cybercriminals at bay. 

Boost Your Cloud Security

Storing data in the cloud is easy and cost-effective, but you should take care to find the most secure cloud storage platforms. Not all cloud platforms make security a priority, but some do. A few of the top-rated, most secure cloud platforms, according to Cloudwards.net, include Sync.com, pCloud and Icedrive. 

Secure All Parts Of Your Network

Our computers and the many smart devices hooked up to our network can become weak spots for hackers to get in. Taking steps to safeguard each device in your network with strong passwords and robust authentication measures will go a long way toward keeping the hackers at bay. In fact, one of the most basic security measures you can take for your network is to restrict access to your WiFi with a strong password. 

Invest In Extra Security Measures

Virtual private networks (VPNs) and firewalls are tools that are highly effective in protecting against cyber-attacks, even if they can’t prevent 100% of them. 

Pay Attention To Updates And Upgrades

When you get notified that one of the technological tools that you use has a new update, it’s easy to ignore it. However, you should commit to regularly updating and upgrading these tools because developers will often add patches to their programs that make them more secure against attacks with each update. So, it behooves business owners to regularly install updates for their tech tools. 

Back Up Your Data

With one of the most common forms of cyber-attacks being ransomware attacks, where hackers will hold your company data hostage until you pay them a ransom amount, having your company data stored on multiple backup solutions can ensure that your business won’t crumble due to your data’s inaccessibility.

Limit Employee Access To Your Network

As much as we’d wish it were true, many cyber-attacks don’t come from outside of your company. Instead, they originate from within. If you want to limit the amount of damage that someone inside your company can do in a cyber-attack, the best course of action is to limit their access to different parts of your network. 

Train Your Employees

At the same time, just as many cyber-attacks occur not because of an employee’s malicious intent, but because of their ignorance. They click on a link in a sketchy e-mail and fall for a phishing scheme, volunteer their password info without thinking about it or choose a weak password for their computer. That’s why you need to dedicate time to training your employees on best practices when it comes to security. 

Set Up A ‘Security Culture’ At Your Workplace

You need to make cyber security a top priority, not just for your IT department, but for every department at your business. When everyone works together to protect their workplace from a cyber-attack, you have a better chance of actually succeeding. 

Will protecting your business from a cyber-attack require a good amount of time and money? Absolutely. Can you afford to ignore the prevalence of cyber-attacks any longer? Statistically, no. The sad truth is that 60% of SMBs that fall victim to a cyber-attack end up shuttering within six months. Don’t put yourself in that kind of position. Instead, take your business’s cyber security seriously. 

MANAGED IT SERVICES

CYBERSECURITY | HELPDESK | UPDATES | BACKUPS

WHY DO YOU NEED MANAGED SERVICES?

How To Keep Your Password Secure

How To Keep Your Password Secure

  • Make sure your password is long and strong. That means at least 12 characters. Making a password longer is generally the easiest way to make it stronger. Consider using a passphrase of random words so that your password is more memorable, but avoid using common words or phrases. If the service you are using does not allow long passwords, you can make your password stronger by mixing uppercase and lowercase letters, numbers, and symbols.
  • Don’t reuse passwords you’ve used on other accounts. Use different passwords for different accounts. That way, if a hacker gets your password for one account, they can’t use it to get into your other accounts.
  • Use multi-factor authentication when it’s an option. Some accounts offer extra security by requiring something in addition to a password to log in to your account. This is called multi-factor authentication. The “something extra” you need to log in to your account fall into two categories:
    • Something you have — like a passcode you get via an authentication app or a security key.
    • Something you are — like a scan of your fingerprint, your retina, or your face.
  • Consider a password manager. Most people have trouble keeping track of all of their passwords. The longer and more complicated a password is, the stronger it is, but a longer password can also be more difficult to remember. Consider storing your passwords and security questions in a reputable password manager. To find a reputable password manager, search independent review sites, and talk to friends and family for ones that they use. Make sure to use a strong password to secure the information in your password manager. KeeperSecurity & LastPass are just a couple options.
  • Pick security questions only you know the answer to. If a site asks you to answer security questions, avoid providing answers that are available in public records or easily found online, like your zip code, birthplace, or your mother’s maiden name. And don’t use questions with a limited number of responses that attackers can easily guess — like the color of your first car. You can even use nonsense answers to make guessing more difficult — but if you do, make sure you can remember what you use.
  • Change passwords quickly if there’s a breach. If a company tells you there was a data breach where a hacker could have gotten your password, change the password you use with that company right away, and on any account that uses a similar password.

Why businesses need DNS protection

DNS Protection

What is DNS protection?

Before we talk about DNS security, you need to understand the DNS. The domain name system (DNS) works like a phone book for the internet. When a user enters text into a browser, DNS servers take that input and translate it into the unique internet protocol (IP) addresses that let the browser open the desired site. But DNS protocols were never designed with security in mind, and are highly vulnerable to cyberattacks, such as cache poisoning, DDoS, DNS hijacking, botnets, C&C, man-in-the-middle, and more.

By redirecting users’ web traffic through a cloud-based, DNS security solution, businesses can finely tune and enforce web access policies, ensure regulatory compliance, and stop 88% of threats at the network’s edge—before they ever hit the network or endpoints.  If your business is like many others that have embraced remote workforce DNS Protection should absolutely be part of your network security plans.  DNS Protection can also secure your mobile workforce without interfering with the VPNs, firewalls, and other security tools you already use.

Why businesses need DNS protection

Uncontrolled internet access is a high-risk activity for any business, regardless of size.  DNS Protection helps protect you from wasted bandwidth, malware from sophisticated attacks such as ransomware and other cybercrime.

Per a report from EfficientIP, the average cost of a single attack was $715,000 USD. When you do the math, it’s clear how DNS Protection for servers, endpoints, and other networked devices could make all the difference to a business’ success (and survival).

What DNS Solution is best for my business?

Choosing a DNS protection solution doesn’t need to be hard.  There are several reputable options we can work with including Webroot DNS Protection & Cisco Umbrella.  These are 2 great solutions that offer up a DNS layered security to protect your workforce.  Don’t wait call us today. (561) 404-9251

Why use two-factor authentication (2FA) or Multifactor (MFA) with your VPN connection?

What is a VPN?

Virtual private networks (VPNs) have been a popular way for companies to provide their employees remote access to their private servers and network resources. VPNs create secure connections between remote machines and your servers allowing your users to stay productive when out of the office. VPNs reduce the risk that hackers can find and enter your servers while your employees securely work from home or anywhere for that matter.

While VPNs are great, they are far from a perfect solution and are subject to security threats, such as phishing attacks. For example, an attacker will often send a legitimate looking email to one of your employees and invite them to log into their account via a link in the email to update their information, pay a bill, or other…. The hacker only has to wait for the unsuspecting employee to enter their username and password. Once in possession of valid credentials, the attacker will be able to connect to your VPN as a legitimate user, gain access to your network, steal information or cause other types of damage such as deploying ransomware.

How 2FA two-factor authentication secures your VPN network

Two-factor authentication (2FA) reduces the risk that hackers can access your network using these stolen or compromised credentials. 2FA requires users to validate their identity by presenting a second security factor in addition to their password. When connecting to a corporate network, users must first enter their computer or VPN credentials, followed by a time-based one-time password (TOTP). This TOTP (usually a 6 digit numeric code) is displayed on users mobile phone in an application called an authenticator. Google Authenticator and Microsoft Authenticator are 2 popular and free apps compatible with both iPhone and Android devices.

2FA makes it extremely difficult to impersonate a user without having access to this second factor. This means that even if hackers were to steal all of your employees’ usernames and passwords, they still wouldn’t be able to access your VPN because they don’t have the 2FA code generated in the authenticator app.

How can I enable 2FA for my company’s VPN?

Every firewall and network is a little different and thus the configuration can vary dramatically. If you are interested in securing your network with 2FA please reach out to TMD Technology Services to assist you in determining the best path forward.

Aside from your VPN we highly recommend using 2FA on all your important accounts including email, banking, website and social media.