Heads up Texas, Your Data Is in Danger

When it comes to cybercrime, there is no discrimination. When it comes to data theft, every Texas government or business is considered a target. However, larger companies are the most targeted. Hackers are stealing data, selling it, and are making money off of your data. According to Jareth at Emsisoft, hackers are using multiple tactics to steal your data, and here is how:

1. Malware

Hackers are using malware such as keyloggers and banking malware to pull login credentials and credit card information. Malware also spreads in the form of email, so it’s essential to have strict email security. By having tight email security, this decreases significantly the chance of being infected by email malware. Many ransomware attacks are using malware to hit significant numbers of businesses and local governments. Texas is a major target for these attacks, so it’s essential to have security policies to protect your business.

2. Phishing

Phishing is a form of social engineering. 

“Social engineering is a form of techniques employed by cybercriminals designed to lure unsuspecting users into sending them their confidential data, infecting their computers with malware or opening links to infected sites.”

Kaspersky

These hackers use these social engineering techniques to gain access to your personal information that they can use to infect your environment. For example, a Texas school district, Manor Independent School District, was the target of a major phishing scam. The hackers posed as vendors and stole 2.3 million dollars from the Texas school district. Schemes like this occurring bring up the question, how many others have gone unnoticed? 

3.Weak Passwords

Weak passwords are the easiest way that hackers get access to systems. Texas and all other states are vulnerable to this attack. Hackers use different password crackers to steal data such as brute force attacks, keyloggers, and phishing. It is essential to use strong password policies to prevent an attack like this. 

There are multiple ways that hackers can gain access to personal data. Tactics used are malware, phishing, weak passwords, and even unsecured networks. Hackers are stealing data, selling it, and are making money off of your data. Texas remains a primary target for attacks like these. Your data is your data, don’t be the next headline. To prevent an attack like this, contact CoreRecon. Thanks for reading, let us know what you think!

Follow CoreRecon on Twitter: https://twitter.com/CoreRecon
Facebook: https://www.facebook.com/CoreReconCyberSec
Instagram: http://instagram.com/corerecon

Ransomware Continues to Wreak Havoc

Ransomware is  “malware that requires the victim to pay a ransom to access encrypted files” (Merriam-Webster).

Merriam-Webster

I’m sure you’ve heard the term ransomware countless times this past year alone. Over the past couple of years, ransomware has continued to evolve. If the trend continues, ransomware will not be going away anytime soon; in fact, it appears that it is beginning to become more frequent. Ransomware began as a threat to consumers. The idea was to trick people into paying fines that were not real and purchase infected equipment.

These days ransomware attacks are “becoming more targetedsophisticated and costly, even as the overall frequency of attacks remains consistent” (IC3).

IC3

 Impacted in 2019 by ransomware:

  • 113 government agencies, municipalities and state governments
  • 764 healthcare providers
  • 89 universities/colleges
  • School districts with up to 1,233 individual schools were potentially impacted.

Cybersecurity must be one of the top priorities when it comes to any establishment that holds personal data. Public institutions are usually the main culprit for ransomware because there is typically a lack of funding allocated for cybersecurity.

The best way to keep this from happening to your business is to call CoreRecon. We provide security assessments for your network infrastructure. We also are an MSP, which means we can be your IT support and help educate employees on safe desktop practices. The most important thing for us is to keep your business and your data safe.

Don’t be the next headline, thanks for reading!

Contact CoreRecon at 3612483258

Available 24/7 | info@corerecon.com

Follow us on Twitter: twitter.com/corerecon

Follow us on Instagram: instagram.com/corerecon

Like us on Facebook: www.facebook.com/CoreReconCyberSec/

Wait, the Healthcare Industry Still Uses CDs?

The healthcare industry is still using CDs

Many people have stopped using CD-ROMS, mostly because it’s a lot easier to either save it on a thumb drive or just save it to the cloud. Many people have become migrating to the cloud and it’s beneficial mostly because work can be done virtually anywhere with an internet connection. A lot of PCs and laptops do not come with CD drives anymore. Overall, it’s beginning to become obsolete. This means that if a place needs to view CDs they must purchase an external disc drive. Downloading and burning CDs is also time-consuming as well.

So why are some people still using CDs? If you work in the healthcare industry then you know that CDs are essential in the workplace. They are vital because radiologists must use these to store medical images. The reason that the healthcare industry must use CDs is that not all doctors use the same software. The only way these images can be viewed anywhere is with a CD-ROM. The downside to a thumb drive is some lack the space capacity for these images. Let’s open our minds and think of the future. In fact, the cloud is the future of the healthcare industry. Technology continues to evolve and so should we.

However, there is now a group dubbed Ditch the Disk*. They are all for heading to the cloud and trying to get rid of the use of CDs. Is it time to say goodbye to CD-ROMs? Let me know what you think below. Thanks for reading!

Follow CoreRecon on Twitter: https://twitter.com/CoreRecon

Facebook: https://www.facebook.com/CoreReconCyberSec

Instagram: http://instagram.com/corerecon

Creds to https://www.cnbc.com/2020/02/14/salesforce-cmo-ashwini-zenooz-urges-healthcare-to-move-on-from-cd-roms.html for bringing the movement to our attention.

*Find out more about Ditch the Disk at https://ditchthedisk.com/

Ransomware Hackers Continue to Evolve

A new hacking tactic has surfaced, and it is infecting PCs at an alarming rate. Ransomware “gangs” have begun using drivers to infect PCs. Currently, they are using GIGABYTE technology to infiltrate networks. GIGABYTE is a leading computer hardware company. They build motherboards, graphics cards, and more. Chances are you have a piece of GIGABYTE hardware in your PC right now. Unfortunately, instead of releasing a patch for the vulnerability within the software, GIGABYTE maintained that its products were unaffected.

The hackers are using GIGABYTE drivers to gain access to PCs and disable security products so their actions can remain hidden. With security products enabled, the hackers would not be able to access PCs as easily. 

A security company has recently released the method of the new tactic.**

  1. Ransomware gang gets a foothold on a victim’s network.
  2. Hackers install legitimate Gigabyte kernel driver GDRV.SYS.
  3. Hackers exploit a vulnerability in this legitimate driver to gain kernel access.
  4. Attackers use the kernel access to disable the Windows OS driver signature enforcement temporarily.
  5. Hackers install a malicious kernel driver named RBNL.SYS.
  6. Attackers use this driver to disable or stop antivirus and other security products running on an infected host.
  7. Hackers execute the RobbinHood* ransomware and encrypt the victim’s files.

Therefore, files are encrypted and inaccessible, this is a result of the hack. 

*RobbinHood is ransomware that currently does not have a public decryption key. Without the public decryption key, there are minimal ways that data restoration can occur unless the affected users pay for the attackers’ private key.

However, that does mean that our security experts are unable to crack it. In these perilous times with technological warfare, it is essential to get a security assessment. Contact CoreRecon to ensure that your network and your company remain safe during this dangerous time. Please don’t wait until it’s too late, call 3612483248 for more information on our cybersecurity services. 

Twitter: @Corerecon

Facebook: https://www.facebook.com/CoreReconCyberSec/

Instagram: https://www.instagram.com/corerecon/

**More information on new hacking tactic: