Archive for December, 2020

Ransomware that is Devastating MySQL Servers – be aware

December 29th, 2020

PLEASE_READ_ME is an active ransomware campaign that has been targeting MySQL database servers and dates back to at least the start of this year. The attack chain is extremely simple and exploits weak credentials on internet-facing MySQL servers. There are close to 5M internet-facing MySQL servers worldwide.

MySQL servers have often been used as a low cost alternative for applications like Dynamics Ax Retail store databases.

250,000 databases are offered for sale in the attackers’ dashboard, from 83,000 successfully-breached victims.

If you are using MySQl databases then we strongly recommend that you immediately review your credentials security and reference the link above.

Happy Christmas and New Year

December 25th, 2020

Happy Holidays to all, for whichever holiday you celebrate this time of year.

It’s been a long, hard year, and I hope you are healthy and happy as we close out 2020.

Lets pray that next year is more enjoyable for all of us.

Rampant security attacks – be aware

December 18th, 2020

Cyber criminals have been relentless this year. Data breaches, network infiltrations, bulk data theft and sale, identity theft, and ransomware outbreaks all occurred over 2020. Remote workers account for up to 20% of cybersecurity incidents, and ransomware is on the rise,

This month alone ahs seen amjor breaches:
Leonardo SpA: Italian police arrested suspects believed to have stolen up to 10GB in sensitive corporate and military data from the defense contractor.
Flight Centre: A 2017 hackathon launched by the company was found to be the source of a leak involving credit card records and passport numbers belonging to close to 7,000 people.
Vancouver TransLink: A ransomware attack disrupted Compass metro cards and Compass ticketing kiosks for two days.
Absa: A rogue employee at the South Africa-based bank is thought to be responsible for the leak of personally identifiable information belonging to customers.
HMRC: The UK tax office was branded ‘incompetent’ due to 11 serious data breaches impacting close to 24,000 people.

Microsoft Warns Of New Malware That Wants To Infect Your Browser: Security experts at Microsoft have been tracking a new malware campaign that’s targeting Windows computers. It’s already claimed tens of thousands of victims and hijacked their web browsers.
Earlier this month Microsoft issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Nine of the 58 security vulnerabilities addressed this month earned Microsoft’s most-dire “critical” label, meaning they can be abused by malware or miscreants to seize remote control over PCs without any help from users

On December 8, 2020, FireEye disclosed theft of their Red Team assessment tools. These tools are used by FireEye to test and validate the security posture of their customers. According to FireEye, the hackers now have an influential collection of new techniques to draw upon.

FireEye, last week also said it had discovered a “global intrusion campaign” that it called “widespread” in a blog post published Sunday evening. “The actors behind this campaign gained access to numerous public and private organizations around the world,” FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST.
The attacker’s post compromise activity leverages multiple techniques to evade detection and obscure their activity, but these efforts also offer some opportunities for detection.”

The U.S. Commerce Department on Sunday confirmed a security “breach” at one of its bureaus, and said federal authorities are investigating.
Reuters, the news agency first reported the hack, and cited sources who said the U.S. Treasury Department was also breached, and that hackers may have broken into other government agencies as well. The sources told Reuters that hackers may have been able to monitor staff emails at the agencies for months. And also Reuters reported that the affected bureau at the Commerce Department was the National Telecommunications and Information Administration. Subsequently the US issued an emergency warning that “nation-state” hackers hijacked software used by almost all Fortune 500 companies and multiple federal agencies to gain entry to secure IT systems.”

On Sunday the Washington Post reported that the attack had been traced to Russian state-backed hacking groups.

Its important that organisations are aware of the threats and have appropriate safeguards, polices and training. in the event of a breach its also important to have clearly defined policies of how to respond -its not just about dealing with the threat but also the consequences. For example Ireland’s Data Protection Commission fined Twitter €450,000 (~$550,000) for failing to notify the DPC of a breach within the 72-hour timeframe imposed by European Union’s General Data Protection Regulation (GDPR) and to adequately document it.

To cap it all Avast announced this week that more than three million Internet users have installed 15 Chrome plug-ins and 13 Edge plug-ins that contain malicious code, .

These add-ons contain code that can redirect user traffic to ads and phishing sites, collect personal information such as birth dates, email addresses, and active devices, collect search history, and download other malware to the user device., Avast researchers believe that the primary goal of this campaign is to redirect user traffic for money.

Avast said that it discovered the add-ons last month and found evidence that some of these have been active at least since December 2018, when users first started reporting problems with redirection to other websites.

Jan Rubin, a malware researcher at Avast, said they could not determine if the extensions contained malicious code from the beginning or if the code was added by an update when each of them reached a certain level of popularity. Many add-ons have become very popular, with tens of thousands of installations. In the case of most , this is achieved by presenting these as add-ons that can help users download multimedia content from various social networks, such as Facebook, Instagram, Vimeo or Spotify. Avast said that both Google and Microsoft reported their findings and that both companies are still checking the add-ons.

Two days after Avast released its findings,: Google has removed all 15 Chrome add-ons that Avast has found to contain malicious code, while most Edge add-ons are still available for download. Only Pretty Kitty, The Cat Pet and SoundCloud Music Downloader have been removed.

Below is a list of Chrome add-ons that Avast said contain malicious code:

Direct Message for Instagram

DM for Instagram

Invisible mode for Instagram Direct Message

Downloader for Instagram

App Phone for Instagram

Stories for Instagram

Universal Video Downloader

Video Downloader for FaceBook™

Vimeo™ Video Downloader

Zoomer for Instagram and FaceBook

VK UnBlock. Works fast.

Odnoklassniki UnBlock. Works quickly.

Upload photo to Instagram™

Spotify Music Downloader

The New York Times News

Here’s a list of Edge plug-ins that contain malicious code:

Direct Message for Instagram™

Instagram Download Video & Image

App Phone for Instagram

Universal Video Downloader

Video Downloader for FaceBook™

Vimeo™ Video Downloader

Volume Controller

Stories for Instagram

Upload photo to Instagram™

Pretty Kitty, The Cat Pet

Video Downloader for YouTube

SoundCloud Music Downloader

Instagram App with Direct Message DM

Endpoint security against cybercrime – 7 key questions

December 17th, 2020

7 Vital Questions to Ask

Endpoint security has never been more important, more complex—or more challenging— than it is today. Given the multitude of solutions and of vendors , it is very difficult to sort through all of the competing claims to find what’s truly effective.

1. Will this solution run on all the devices in my environment?
2. How long will deployment take?
3. What will the members of my team need to know or learn in order to work with this platform
4. What types of preventative controls are in place?
5.From where does the vendor get its threat intelligence?
6. How does this solution integrate with incident response workflows? 7 Is 24×7 professional support available from the vendor?
7. Can this solution be integrated with other security services, products, or platforms from the same vendor to reduce costs and complexity?

Why Comodo?- Zero Percent Infection and Breaches for Customers

Comodo offers the only cybersecurity that stops undetectable threats.
Cloud-native cybersecurity with auto-containment stops ro-day threats that AI, ML, & other technologies miss.

Historical s scores and statistics from millions of endpoints on thousands of different networks of enterprise customers. It shows zero percent infection and breaches.

With Comodo you can “Protect without Detection.” The cloud-native framework delivers you zero day protection against undetectable threats while defending your endpoints from known threat signatures. Automatic signature updates simplifies deployment across your entire environment to lower operational costs

Contact us about Advanced Endpoint Protection 0097143365589

Dynamics 365 Supply Chain – Ask Synergy Software Systems – Dubai

December 16th, 2020

“Supply Chain Management” is one of the “Dynamics 365” business applications.
It is known as part of “Microsoft Dynamics 365 for Finance and Operations” which was separated into two different applications to achieve more flexible pricing and licensing.

To learn more about how to build resilience with an agile supply chain see more videos here: e.g.
Resolve product quality issues and accelerate time to market
Accelerate innovation and respond quickly to quality issues, changing customer specifications, and obsolete parts to ensure compliance and mitigate delays.

Gain planning agility to fulfill customer demand
Predict demand using AI and deliver products on time by planning supply and production in near real time, ensuring the right resources are in the right place.

Optimize inventory and logistics
Improve delivery by using predictive analytics to optimize and automate inventory, warehousing, fulfillment, material sourcing, and supply chain logistics.

Maximize asset uptime and lifespan

Reduce equipment downtime, improve overall equipment effectiveness (OEE), and maximize longevity by performing proactive maintenance.

Innovate with intelligent manufacturing operations
Build agile factories and manufacturing processes with predictive technologies, IoT, and mixed reality to improve throughput, quality, and delivery while reducing costs.