Create a Secure Environment for Remote Workers

Having remote workers in your business is a great way to expand cost-effectiveness and helps your business grow. But, unfortunately, many businesses have issued remote workers limited access to the network to protect important information. Knowing this, hackers are finding creative ways to access networks and steal vital information.

It is important to ensure your remote workers have proper security protections in place not only to protect their personal devices but also to secure networks and data. Here are three ways to help protect your remote workers:

Define Acceptable Usage Policies: First and foremost, it’s important to have clearly defined policies for your work-from-home employees. These policies should address the use of internet browsers, hardware, and recording devices. Then, create clear rules and enforce the policies.

Use encrypted email: Email is the most common form of business communication people use to communicate remotely. Unfortunately, it is also a favorite method of hackers to sneak peeks at sensitive information and compromise your company’s security. Fortunately, solutions exist that can help you eliminate this risk. Encrypted email is a type of email that only the sender and the recipient can read. This ensures that if the email falls into the wrong hands, the hacker will not be able to read its contents.

Use Virtual Private Networks: Virtual Private Networks allow your remote workers to safely connect to your networks without exposing your network to the risk from their devices. VPNs create a secure tunnel between your networks and remote workers. VPNs provide excellent protection and are a very cost-effective solution.

Employers are quickly learning the benefits of having remote workers. With the right security in place, it’s a great way to expand your business and cut costs. However, with hackers getting more creative in their attack methods, it’s important to ensure your remote workers have the proper protections in place. By using these secure means of communicating and protecting your networks, you can feel confident that you can protect your valuable data from prying eyes.


CISA Issues Warning Over Microsoft Exchange Server Vulnerabilities

Microsoft has warned that hackers are already using zero-day Exchange Server exploits to break into victims’ networks and steal data and that more attacks are likely to come.

Microsoft has given more details about how the vulnerabilities have already been exploited, starting with attacks in August.

In a small number of targeted attacks, the CVE-2022-41040 and CVE-2022-41082 vulnerabilities were linked to give attackers “hands-on-keyboard access.” These vulnerabilities were employed for surveillance into the Active Directory and to steal data. The names of the victims have not been made public.

For the attack to succeed, the intruder must be a confirmed user, but these credentials can be obtained through phishing scams, brute force, or buying stolen credentials.

Even though there are no clear signs yet of who is behind these attacks, Microsoft’s Security Threat Intelligence Team (MSTIC) suspects that these attacks are the work of a single group.

Microsoft says it is working on what it calls an “accelerated timeline” to fix the security hole, but the fix hasn’t come out yet.

Since the vulnerability has been made public, it is likely that hackers are already working to take advantage of it before a fix is available. As a result, Microsoft has warned that “overall exploitation of these vulnerabilities will increase.”

Previous Exchange Server flaws were used in a wide range of cyberattacks, such as ransomware operations and crypto-jacking attacks. This is because attackers rushed to take advantage of the flaws before organizations could apply the patch.

Another warning came from The United States Cybersecurity & Infrastructure Security Agency (CISA), which also stated that attackers could use the latest Microsoft Exchange Server flaws to illegally access and steal user data.

Even though there isn’t yet a patch, Microsoft has advised on how to deal with the threat, such as telling Exchange Server customers that non-admin users shouldn’t be able to access PowerShell remotely.

Product Releases from Amazon’s Hardware 2022 Event

A number of exciting products were announced at Amazon’s Hardware 2022 event. These announcements include two brand-new Eero home networking products and the news that the next-generation Echo Dot devices will feature Eero capabilities.

The first product is the Eero PoE 6 access point. Due to PoE (Power over Ethernet) technology’s popularity among enterprises and home network enthusiasts, this is a fascinating announcement by Amazon. PoE installations are popular because they allow you to connect your equipment with a single cable. This technology should also give customers more mounting options for Eero access points.

According to Amazon, the Eero PoE 6 provides coverage for up to 2,000 square feet, connections, and support for 100 connected devices.

The Eero PoE 6 is priced at $299.99. Starting in October 2022, Amazon will begin selling Eero PoE systems to certified professional installers, followed by regular customers early next year.

The second Eero product announced is the Eero PoE Gateway that will power your Eero PoE. The Eero gateway will be able to support numerous Eero PoE 6 devices as well as other PoE devices, such as security cameras.

The Eero PoE Gateway features ten Ethernet ports to connect your PoE devices, and it’s priced at $649.99.

As a result of its more elaborate setup, Eero’s PoE devices won’t be a suitable fit for everyone. However, it could be an ideal solution for a new home build or renovation.

It is worth noting that additional Eero services are available to prevent your network from losing internet access. One of those services is the Eero internet backup which might be the right choice for those who live in a remote area. This service can use a mobile hotspot or another Wi-Fi connection to keep all the devices operational even when your primary internet connection fails.

To use internet backup, you must subscribe to Eero+ for $9.99 per month or $99 per year. However, considering everything else included with the service, this may be a worthwhile inversion for certain households. The internet backup is a rebranded version of Eero’s Secure+ service, so all the same features are available here – including robust parental controls, network analysis, Malwarebytes, and more.

Eero+ is already available for the existing Eero mesh. However, if you were seeking to upgrade your home internet to one of the top Wi-Fi 6 mesh systems, you might find that Eero+ is enough to convince you to get an Eero kit instead.

Malware-as-a-Service Gaining Popularity

Malware as a Service (MaaS) has gained popularity over the past few years as a method of spreading malware. Typically, MaaS is provided at a monthly, annual, or lifetime subscription price. Once a threat actor obtains access to the malware, they can target individuals through various tactics.

A relatively new MaaS has emerged, called Erbium. Erbium is spread quickly across the internet disguised as cheats and hacks for popular video games.

Due to the fact that the Erbium malware subscription is affordable,  has excellent customer service, and a wide array of skills at a competitive price, it is attractive to threat actors. Additionally, due to the growing popularity of Erbium, the membership fee increased from $9 a week to $100 a month or $1,000 a year in late August 2022.

The development of Erbium appears to be in its early stages, however, it has been detected in several countries worldwide, including the United States, France, Colombia, Spain, Italy, Vietnam, and Malaysia.

The Erbium malware is exceptionally versatile in gathering data from infected devices. In addition to extracting information about the browser, the malware also extracts passwords, cookies, credit card numbers, auto-fill information, cryptocurrency wallet information, and two-factor authentication credentials without the user being aware of it.

Installing an antivirus program on your computer is an effective way to keep it safe from malicious software. Additionally, it is also essential to ensure that you’re updating your operating system and software regularly and downloading applications only from credible sites.

Hackers Are Using DDOS Attacks To Profit Off Businesses

Distributed Denial of Service Attacks (DDOS) have been used by hackers since the earliest days of the web.

Get enough internet-connected devices to ping a server at the same time, and you can knock the server offline.

Keep the pressure on and you can keep it offline, pretty much indefinitely.

These days, given the web’s importance, that can easily bring financial ruin to all but the most deep-pocketed companies. Hackers know this of course, which is why such attacks are still in use to this very day.

Recently though, there’s been a notable surge in their use, and not only that, hackers have begun changing the way they use this form of attack. Specifically, they’ll threaten to perform a sustained DDOS attack against a target company unless that company pays them a fee to go away. This is a marked departure from the way DDOS attacks have been used in the past, and makes it much more similar to a ransomware attack. They simply issue the threat and wait to see if they get paid.

According to statistics gathered by researchers at Neustar, DDOS attacks increased by a staggering 154 percent between 2019 and 2020 and there’s no sign that the surge is slowing down. Now add in the new wrinkle of threatening to hit a company with such an attack, and the scope and scale of the threat resolves into stark clarity.

It’s easy to see why this is an increasingly popular option for hackers around the world. Of all the types of attacks available to hackers, the DDOS option is the simplest and most straightforward. Literally anybody with access to a botnet can do it. Given the massive size of some of the botnets available for hire on the Dark Web, it’s not hard to understand why an increasing percentage of companies are choosing to pay rather than run the risk of being shut down.

Nustar’s Vice President of Security Product Management Michael Kaczmarek, however, advises against simply paying the toll.

He writes:

“Organizations should avoid paying these ransoms. Instead, any attack should be reported to the nearest law enforcement field office, as the information may help identify the attackers and ultimately hold them accountable. Beyond this, organizations can prepare by setting up a robust DDOS mitigation strategy, including assessing the risks, evaluating available solutions, considering mitigation strategies, and keeping their plan and provider up to date.”

Although the threat is very real, there’s actually a lot a company can do to ward off such an attack, and paying the toll only emboldens future threats. The best way forward is to see these criminals held to account. Don’t pay. Make them pay.