Major Security Threats Update
Current ransomware risk, fake LinkedIn profiles, Bart ransomware, spearphishing uptick, successful security paradigms
MP3 - Ransomware Risk, Fake LinkedIn Profiles, Spearphishing, Password Reuse Attacks

Excellent article by Microsoft that IT managers should use to educate company business decision makers.

http://blogs.microsoft.com/cybertrust/2016/04/22/ransomware-understanding-the-risk/

Proofpoint did an analysis on some new ransomware called Bart

Their analysis demonstrates that if you do not have adequate protection against email borne ransomware attacks, you will become a victim.
https://www.proofpoint.com/us/threat-insight/post/New-Bart-Ransomware-from-Threat-Actors-Spreading-Dridex-and-Locky

Only connect with people you actually know and have assessed.

Some guy was complaining that LinkedIn limited him to 30,000 connections. Really?

That is what followers are for.

As a reminder, turn on your LinkedIn privacy settings so that ONLY YOU can see your connections.

Massive uptick in spearphishing attacks from China that are getting past spam filters. If you do not yet have Trend's Hosted Email Security and Cloud App Security, then you are open to these attacks.

Clever piracy extortion scams

Trend's Cloud App Security and Hosted Email Security would likely stop these emails containing malicious URLs. Since the ISPs themselves are getting these emails, it indicates that the ISPs don't have adequate security.

http://bgr.com/2016/06/24/phishing-scam-isp-emails/

Github and GoToMyPC and password reuse attacks

There are plenty of password manager applications to use. I recomend that whatever app you use, use it with multifactor authentication.

http://status.gotomypc.com/incidents/s2k8h1xhzn4k

http://www.pcmag.com/news/345385/github-hit-by-reused-password-attack?

Check out my article on using the YubiKey with Password Safe and the Breakfast Bytes that goes with it to learn more.

http://qualityplusconsulting.com/index.php/resources/179-yubikey-passwordsafe

http://qualityplusconsulting.com/index.php/podcasts/180-breakfast-bytes-yubikey-passwordsafe

http://www.darkreading.com/cloud/ransomware-domains-up-by-3500--in-q1-/d/d-id/1325748

By the way, do not visit DarkReading.com unless your network is protected by a properly programmed WatchGuard Firebox. Every time I visit that website, it tries to execute an Adobe Flash attack.

My Firebox tells me about the fact that IPS attack signature ID 1132509 has been attempted.

You can see it here on WatchGuard's ThreadDB.

http://www.watchguard.com/SecurityPortal/ThreatDetail.aspx?rule_id=1132509

It's another fine example of how there is stuff on completely legit websites all the time that is trying to hack you.

• Wisconsin company where the finance person was also the IT person.
• They never maintained a relationship with an external security consultant, so they ended up getting a ton of ransomware that was totally preventable with the systems that they currently had in place had those systems been maintained and configured properly.
• Hey business owners! It is completely unrealistic to expect your IT manager to also be a security architect. Less than 1% of all people who have been professionally employed in the entire IT industry for more than 10 years have adequate knowledge of security strategy. So how realistic is it to expect your IT manager to get that job done by themselves?

You better have plans in place to get Office 2016 installed by February 2017.

Office 2013 will not work with Office 365 after February 2017.

What's new in Office 2016 for Office 365?

https://support.office.com/en-us/article/What-s-new-and-improved-in-Office-2016-for-Office-365-95c8d81d-08ba-42c1-914f-bca4603e1426?ui=en-US&rs=en-US&ad=US