The shift to hybrid work has become more prevalent as offices reopen and employees wish to maintain working remotely a few days each week. This arrangement introduces security risks as employees are connecting to networks with lower security postures. Remote network security is often not discussed and the focus for most IT teams is on securing the employee’s device. Company data can be exposed when employees use less secure networks to connect to the internet. This can happen when users work from hotels, coffee shops, and other public places. Devices that switch between public and corporate networks can be a vector for attack. For example, an employee could download malware while working at Starbucks and then spread it on the corporate network while working at the office.
Training is important as employees should be aware of remote work risks and how to use best practices like MFA on their accounts. Requiring a VPN to connect to company assets is another important protection. This reduces the risk of using unsecured public wifi. VPNs can also be targets for attacks, as noted by the article. A successful phishing attack tricked Twitter employees into signing into a phony VPN login page in 2020. Companies must be diligent with managing the risk of hybrid work as this model will likely continue for the foreseeable future.
Palo Alto Networks Introduces PAN-OS 10.2 Nebula: The Industry’s First Inline Deep Learning Protection for Network Security to Help Stop Sophisticated Attacks as They Happen
Wed, February 9, 2022, 8:15 AM
PAN-OS® 10.2 Nebula collects, analyzes and interprets potential zero-day threats in real time using inline deep learning — a network security first. This results in six times faster prevention and 48% more evasive threats detected, surpassing anything previously available. Nebula also introduces AIOps — Palo Alto Networks tenth security service — and the new Advanced Threat Prevention service while enhancing Advanced URL Filtering, DNS Security, IoT Security and other related security services.
Top Managed Firewall Service Providers 2022
Secure Access Service Edge (SASE) as Firewall-as-a-services.
Managed firewall service providers handle the implementation and maintenance of firewall infrastructure. Instead of IT teams deploying the firewall internally, it is provided as a service
Services are an area of the cybersecurity market that has been growing in recent years, as they represent an easy route to more sophisticated cyber protection. Unfortunately, security services have also gotten mired in marketing and terminology complexity, making purchasing decisions difficult for those buyers most in need of simplicity.
Vendors offering this services
Barracuda MSP
Barracuda Managed CloudGen Firewall Service offers customers advanced threat protection. It is a good way to replace legacy firewalls without having to retrain staff. The service can be provided directly to enterprises or via other MSPs.
Verizon
Two types of managed firewall are available from Verizon: The Managed Enterprise Firewall service is for those using Internet Dedicated Services or customer-provided dedicated Internet access with bandwidth of T1 or greater; and Managed Business Firewall, for Internet Dedicated Access Services or customer-provided dedicated Internet access with bandwidth up to a maximum of T1.
Summary:
Managed firewall services is a platform services run in a similar fashion as the cloud services to support SMEs with a more sophisticated cyber protection to meet and sustain their day-to-day operational services.
The latest terminology is Secure Access Service Edge (SASE). Under that banner, service providers are offering a great many security products, including firewall-as-a-Service (FWaaS), that are bundled together and aimed at ever-expanding network boundaries. Think Internet of Things (IoT) and mobile devices, remote workers, branch offices, partners, customers and more. It can be more than a little challenging for buyers with a more traditional network to defend.
https://thehackernews.com/2022/02/cisa-orders-federal-agencies-to-patch.html
The US cybersecurity and CISA are pushing to secure their system against actively exploited Windows vulnerability that could be used to gain elevated permissions of affected hosts. They added a CVSS score of 7.0 to the vulnerabilities catalog. Those kinds of security vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose a significant risk to the federal enterprise.
Windows stated that the bug was addressed by Microsoft as part of the update in January 2022. Attackers gain elevated administrator privilege through Vulnerability in the Win32k.sys. and the flaws impact windows machines it’s worth noting that the security vulnerabilities are also bypassed for another escalated privilege flaw in the same way CVSS 7.8 and Microsoft resolved by Feb 2021.
The San Francisco 49ers, an American football team, was subject to a ransomware attack this past weekend. BlackByte, a ransomware gang, claimed responsibility for having disrupted the team’s corporate IT network systems and threatened to leak financial data to the dark web. BlackByte is known to use the dark web to shame victims and force them into paying their extortion demands. Previous victims have reported that the actors have taken advantage of Microsoft Exchange Server vulnerability as a means of gaining access to their networks. However, this attack does not necessarily come as a surprise since two days prior, the FBI and U.S. Secret Service issued an alert about the gang “[compromising] multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors.”
This article talks about hackers who planted fake digital evidence on devices of Indian Activists and Lawyers. The digital evidence is called an “incriminating digital evidence”. “Cybersecurity firm called Sentinel attributed the intrusions to a group it tracks as “ModifiedElephant,” an elusive threat actor that’s been operational since at least 2012, whose activity aligns sharply with Indian state interests. The hackers were able to get into the system using spear phishing with malicious documents to deliver malware such as NetWire and simple keyloggers. They did create fake accounts or simply resending their malware multiple times using new emails or lure documents.
“BlackByte Tackles the SF 49ers & US Critical Infrastructure”
The NFL football team, San Francisco 49ers, was a recent target of a BlackByte ransomware attack. This attack flustered the NFL team’s corporate IT network on Sunday, which happened to be the day of the Super Bowl. BlackByte is a RaaS gang that leases its ransomware to people and receive a share of potential ransom profits. They claim responsibility for the attack by leaking files that were allegedly stolen in the attack. The 49ers decided to bring in third-party cybersecurity firms to help figure out the details of the attack, and the organization also notified law enforcement. The consensus as of now is that the attack was limited to only the corporate IT network, therefore not affecting ticket systems or systems at their home stadium.
We have seen the rise of as-a-service (XaaS) paradigms in the IT world and that is certainly not limited to firewalls. This article touches on the introduction of Firewall as a Service, or FWaaS, and how it’s network traffic inspection capabilities are now being delivered as part of a company’s cloud infrastructure. The article notes, “FWaaS allows organizations to eliminate the need for multiple on-premises deployed firewall appliances. It simplifies the IT infrastructure through an easy-to manage-centralized console system. And like every cloud service, FWaaS can be adapted according to the size, need, configurations, demand, and tailor-made security as needed by the organizations”. FWaaS can provide many services such as domain rules, web and URL filtering, and identity management and it can also perform deep packet inspection (DPI).
FWaas has become popular as a result of a more remote work culture where network/internet traffic has become geographically scattered. While traditional on-prem firewalls only inspect and monitor traffic that passes through it, FWaaS can inspect and monitor traffic coming from anywhere at anytime. Some other benefits of FWaaS include:
– It’s easy to configure;
– Simplifies infrastructure management;
– It’s scalable and secure; and
– It provides better visibility and control
An analysis of second-quarter malware trends shows that threats are becoming stealthier.
A full 91.5 percent of malware was delivered using HTTPS-encrypted connections in the second quarter, researchers said, making attacks more evasive.
That’s according to WatchGuard Technologies’ latest report on findings within its telemetry, which also found that these detections come primarily from two malware families: AMSI.Disable.A ,which was first spotted in Q1; and the older malware known as XML.JSLoader. Together these make up more than 90 percent of detections over HTTPS and more than 12 percent of total detections, according to the report.
Cambodia cans critics of its snoopy Internet Gateway, says every nation has one
Tomorrow, Cambodia is scheduled to activate the “National Internet Gateway” for their country. The governamnet has claimed that the gateway will be put into place and is needed for tax collection. However critics, including the United Nations, claim that many countries around the world tax online transactions or impose digital service taxes without the use of a gateway. The United Nations has also stated that this gateway “permitst the Cambodian government to monitor internet actifvity, intercept and censer digital communications, and collect, retain and share personal data of users”. It appears this gateway is being implemented under the guise that it is for tax purposes, when really it is going to surveil and collect data on it’s citizens. This will have a negative affect on internet freedom and human rights within Cambodia.
In response to the email hack on Sony Pictures, Sony switched to using fax machines to communicate its most sensitive information. Fax machines aren’t used as frequently as newer technologies so hackers may not spend as much time learning new ways to exploit them. Unfortunately, in many configurations, fax machines can leave a network vulnerable. Bad actors can send scripts to the fax machine through phone lines, bypassing the network’s firewall. Once the bad actor has access to the fax machine, they can search for connected networks. This article recommends getting rid of fax machines altogether but I believe that organizations that need to keep fax machines around can secure their network by segregating the network and separating the fax machines from sensitive systems. Internal monitoring for any suspicious activity from the fax machine would also help in this case.
Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts
The Spanish National Police last week arrested eight people involved in financial fraud using SIM swapping attacks. This group disguises itself as a bank or an organization trusted by victims, and they use traditional phishing techniques to obtain victims’ personal information and banking data.
Criminals forge official authorization documents to pretend the victim’s identity, and then they go to the phone store to get the SIM card. After obtaining the SIM card they will receive a secure confirmation from the bank and withdraw money from the account.
“Dating online? Tips from a cybersecurity firm”
ABS-CNB News
Cybersecurity firm Kaspersky reminds the public to be careful when sharing personal information on dating platforms. The reason for this is because cyber criminals are continually able to steal identities/money from users despite dating apps best efforts to improve encryption protocols and attention to user privacy. Scammers/fraudsters/abusers are quick to pick up this information people post online in hopes of financial gain. Caution is critical, and so the firm recommends five ways to safely enjoy online dating.
1. Don’t link social media accounts to dating applications
2. Do not share your phone number/messaging handles, stick to the app’s built in messaging feature, at least initially
3. Be wary for questions a match may ask, such as to visit a certain website or common security questions (favorite teacher, pet)
4. Be wary of automated messages that could be bots looking for data or money
5. Turn on in-app settings to only reveal your profile to matches
This article describes the different types of passwordless authentication which is being implemented aggressively across different enterprises. For the most part, these are pretty well known to the cyber industry except for one which is “magic link”. To me, this is still insecure since it requires an email and then sends a token – so it still requires a password since it is connected to your email.
However, what I am more interested in is seeing if companies may start giving the option to have passwordless authentication to the customer. Currently, most websites use traditional password/security which can be frustrating for many users. I’m wondering if eventually there will be a way to connect a contactless smart card and use that for sign ins with a pin as an alternative for signing into websites. I would also be interested in the ethical issues it has collecting biometrics from customers. Overall, I thought this was an interesting read.
An organization named GiveSendGo, which is based in Boston Massachusetts recently had a security breach. On Monday, GiveSendGo’s website claimed to be under maintenance about an hour after their site was apparently hijacked and redirected to a webpage of the hacker’s choice. “The redirected page condemned the truckers who descended on Canada’s capital to oppose mandatory COVID-19 vaccinations, causing widespread disruption to traffic and trade for more than a week.” I personally have a problem with this, due to not being a fan of conforming to authoritarianism. Moreover, the article also proclaims that, “GiveSendGo co-founder Jacob Wells did not respond to a request for comment.” This is the norm for leaders of organizations to not take accountability when they have a security breach. 30 megabytes of donor information from GiveSendGo was released to the public, “including self-reported names, email addresses, ZIP codes and IP addresses.” Yet the co-founder couldn’t address the concerns of the people who were affected by this data breach. Disgraceful!
Google drive accounts for 50 percent of malicious document downloads
In 2021 about 50 percent of malicious office documents were delivered using google drive. Netskope reported that office 365, google docs and pdf’s make up 37 percent of malware that is downloaded.
Google drive took over in 2021 as the leader in malicious document downloads from Microsoft one drive which lead up to that point with 34 percent.
How cybercriminals are operating? Cybercriminals will sign up for free accounts from these hosting services. They will upload malicious files and will share them with unsuspecting users who open those files.
Legitimate platforms are easy tools for cyber criminals to use to attack unsuspecting people, keep an eye out and don’t click on emails or links from people you don’t know.
Matthew Bryan says
Article: Don’t Undervalue The Security Of Your Hybrid Employees
Author: Einaras von Gravrock
Published: Feb 7, 2022
Link:https://www.forbes.com/sites/forbesbusinesscouncil/2022/02/07/dont-undervalue-the-security-of-your-hybrid-employees/?sh=40a6a53b23e3
The shift to hybrid work has become more prevalent as offices reopen and employees wish to maintain working remotely a few days each week. This arrangement introduces security risks as employees are connecting to networks with lower security postures. Remote network security is often not discussed and the focus for most IT teams is on securing the employee’s device. Company data can be exposed when employees use less secure networks to connect to the internet. This can happen when users work from hotels, coffee shops, and other public places. Devices that switch between public and corporate networks can be a vector for attack. For example, an employee could download malware while working at Starbucks and then spread it on the corporate network while working at the office.
Training is important as employees should be aware of remote work risks and how to use best practices like MFA on their accounts. Requiring a VPN to connect to company assets is another important protection. This reduces the risk of using unsecured public wifi. VPNs can also be targets for attacks, as noted by the article. A successful phishing attack tricked Twitter employees into signing into a phony VPN login page in 2020. Companies must be diligent with managing the risk of hybrid work as this model will likely continue for the foreseeable future.
Shubham Patil says
Palo Alto Networks Introduces PAN-OS 10.2 Nebula: The Industry’s First Inline Deep Learning Protection for Network Security to Help Stop Sophisticated Attacks as They Happen
Wed, February 9, 2022, 8:15 AM
PAN-OS® 10.2 Nebula collects, analyzes and interprets potential zero-day threats in real time using inline deep learning — a network security first. This results in six times faster prevention and 48% more evasive threats detected, surpassing anything previously available. Nebula also introduces AIOps — Palo Alto Networks tenth security service — and the new Advanced Threat Prevention service while enhancing Advanced URL Filtering, DNS Security, IoT Security and other related security services.
Link: https://finance.yahoo.com/news/palo-alto-networks-introduces-pan-131500883.html
Oluwaseun Soyomokun says
Top Managed Firewall Service Providers 2022
Secure Access Service Edge (SASE) as Firewall-as-a-services.
Managed firewall service providers handle the implementation and maintenance of firewall infrastructure. Instead of IT teams deploying the firewall internally, it is provided as a service
Services are an area of the cybersecurity market that has been growing in recent years, as they represent an easy route to more sophisticated cyber protection. Unfortunately, security services have also gotten mired in marketing and terminology complexity, making purchasing decisions difficult for those buyers most in need of simplicity.
Vendors offering this services
Barracuda MSP
Barracuda Managed CloudGen Firewall Service offers customers advanced threat protection. It is a good way to replace legacy firewalls without having to retrain staff. The service can be provided directly to enterprises or via other MSPs.
Verizon
Two types of managed firewall are available from Verizon: The Managed Enterprise Firewall service is for those using Internet Dedicated Services or customer-provided dedicated Internet access with bandwidth of T1 or greater; and Managed Business Firewall, for Internet Dedicated Access Services or customer-provided dedicated Internet access with bandwidth up to a maximum of T1.
Fortinet
Palo Alto Networks
Perimeter 81
Zscaler
Checkpoint
Summary:
Managed firewall services is a platform services run in a similar fashion as the cloud services to support SMEs with a more sophisticated cyber protection to meet and sustain their day-to-day operational services.
The latest terminology is Secure Access Service Edge (SASE). Under that banner, service providers are offering a great many security products, including firewall-as-a-Service (FWaaS), that are bundled together and aimed at ever-expanding network boundaries. Think Internet of Things (IoT) and mobile devices, remote workers, branch offices, partners, customers and more. It can be more than a little challenging for buyers with a more traditional network to defend.
https://www.channelinsider.com/security/managed-firewalls/
Mohammed Syed says
https://thehackernews.com/2022/02/cisa-orders-federal-agencies-to-patch.html
The US cybersecurity and CISA are pushing to secure their system against actively exploited Windows vulnerability that could be used to gain elevated permissions of affected hosts. They added a CVSS score of 7.0 to the vulnerabilities catalog. Those kinds of security vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose a significant risk to the federal enterprise.
Windows stated that the bug was addressed by Microsoft as part of the update in January 2022. Attackers gain elevated administrator privilege through Vulnerability in the Win32k.sys. and the flaws impact windows machines it’s worth noting that the security vulnerabilities are also bypassed for another escalated privilege flaw in the same way CVSS 7.8 and Microsoft resolved by Feb 2021.
Elizabeth Gutierrez says
Article Title: San Francisco 49ers catch ransomware, sample files leaked online
Link: https://www.theregister.com/2022/02/14/49ers_ransomware_blackbyte/
The San Francisco 49ers, an American football team, was subject to a ransomware attack this past weekend. BlackByte, a ransomware gang, claimed responsibility for having disrupted the team’s corporate IT network systems and threatened to leak financial data to the dark web. BlackByte is known to use the dark web to shame victims and force them into paying their extortion demands. Previous victims have reported that the actors have taken advantage of Microsoft Exchange Server vulnerability as a means of gaining access to their networks. However, this attack does not necessarily come as a surprise since two days prior, the FBI and U.S. Secret Service issued an alert about the gang “[compromising] multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors.”
Ornella Rhyne says
This article talks about hackers who planted fake digital evidence on devices of Indian Activists and Lawyers. The digital evidence is called an “incriminating digital evidence”. “Cybersecurity firm called Sentinel attributed the intrusions to a group it tracks as “ModifiedElephant,” an elusive threat actor that’s been operational since at least 2012, whose activity aligns sharply with Indian state interests. The hackers were able to get into the system using spear phishing with malicious documents to deliver malware such as NetWire and simple keyloggers. They did create fake accounts or simply resending their malware multiple times using new emails or lure documents.
https://thehackernews.com/2022/02/hackers-planted-fake-digital-evidence.html
Michael Galdo says
“BlackByte Tackles the SF 49ers & US Critical Infrastructure”
The NFL football team, San Francisco 49ers, was a recent target of a BlackByte ransomware attack. This attack flustered the NFL team’s corporate IT network on Sunday, which happened to be the day of the Super Bowl. BlackByte is a RaaS gang that leases its ransomware to people and receive a share of potential ransom profits. They claim responsibility for the attack by leaking files that were allegedly stolen in the attack. The 49ers decided to bring in third-party cybersecurity firms to help figure out the details of the attack, and the organization also notified law enforcement. The consensus as of now is that the attack was limited to only the corporate IT network, therefore not affecting ticket systems or systems at their home stadium.
https://threatpost.com/blackbyte-tackles-the-sf-49ers-us-critical-infrastructure/178416/
Bryan Garrahan says
https://techgenix.com/firewall-as-a-service-everything-you-need-to-know/
We have seen the rise of as-a-service (XaaS) paradigms in the IT world and that is certainly not limited to firewalls. This article touches on the introduction of Firewall as a Service, or FWaaS, and how it’s network traffic inspection capabilities are now being delivered as part of a company’s cloud infrastructure. The article notes, “FWaaS allows organizations to eliminate the need for multiple on-premises deployed firewall appliances. It simplifies the IT infrastructure through an easy-to manage-centralized console system. And like every cloud service, FWaaS can be adapted according to the size, need, configurations, demand, and tailor-made security as needed by the organizations”. FWaaS can provide many services such as domain rules, web and URL filtering, and identity management and it can also perform deep packet inspection (DPI).
FWaas has become popular as a result of a more remote work culture where network/internet traffic has become geographically scattered. While traditional on-prem firewalls only inspect and monitor traffic that passes through it, FWaaS can inspect and monitor traffic coming from anywhere at anytime. Some other benefits of FWaaS include:
– It’s easy to configure;
– Simplifies infrastructure management;
– It’s scalable and secure; and
– It provides better visibility and control
However, FWaaS has it’s downsides including:
– It’s costly; and
– Network reliant;
Jason Burwell says
“Encrypted & Fileless Malware Sees Big Growth”
An analysis of second-quarter malware trends shows that threats are becoming stealthier.
A full 91.5 percent of malware was delivered using HTTPS-encrypted connections in the second quarter, researchers said, making attacks more evasive.
That’s according to WatchGuard Technologies’ latest report on findings within its telemetry, which also found that these detections come primarily from two malware families: AMSI.Disable.A ,which was first spotted in Q1; and the older malware known as XML.JSLoader. Together these make up more than 90 percent of detections over HTTPS and more than 12 percent of total detections, according to the report.
https://threatpost.com/encrypted-fileless-malware-growth/175306/
Ryan Trapp says
Cambodia cans critics of its snoopy Internet Gateway, says every nation has one
Tomorrow, Cambodia is scheduled to activate the “National Internet Gateway” for their country. The governamnet has claimed that the gateway will be put into place and is needed for tax collection. However critics, including the United Nations, claim that many countries around the world tax online transactions or impose digital service taxes without the use of a gateway. The United Nations has also stated that this gateway “permitst the Cambodian government to monitor internet actifvity, intercept and censer digital communications, and collect, retain and share personal data of users”. It appears this gateway is being implemented under the guise that it is for tax purposes, when really it is going to surveil and collect data on it’s citizens. This will have a negative affect on internet freedom and human rights within Cambodia.
https://www.theregister.com/2022/02/15/cambodia_clarifies_internet_gateway/
Amelia Safirstein says
In response to the email hack on Sony Pictures, Sony switched to using fax machines to communicate its most sensitive information. Fax machines aren’t used as frequently as newer technologies so hackers may not spend as much time learning new ways to exploit them. Unfortunately, in many configurations, fax machines can leave a network vulnerable. Bad actors can send scripts to the fax machine through phone lines, bypassing the network’s firewall. Once the bad actor has access to the fax machine, they can search for connected networks. This article recommends getting rid of fax machines altogether but I believe that organizations that need to keep fax machines around can secure their network by segregating the network and separating the fax machines from sensitive systems. Internal monitoring for any suspicious activity from the fax machine would also help in this case.
https://informationsecuritybuzz.com/articles/faxploiting-or-how-fax-machines-can-be-hacked/
Yangyuan Lin says
Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts
The Spanish National Police last week arrested eight people involved in financial fraud using SIM swapping attacks. This group disguises itself as a bank or an organization trusted by victims, and they use traditional phishing techniques to obtain victims’ personal information and banking data.
Criminals forge official authorization documents to pretend the victim’s identity, and then they go to the phone store to get the SIM card. After obtaining the SIM card they will receive a secure confirmation from the bank and withdraw money from the account.
Link: https://thehackernews.com/2022/02/spanish-police-arrest-sim-swappers-who.html
Alexander William Knoll says
“Dating online? Tips from a cybersecurity firm”
ABS-CNB News
Cybersecurity firm Kaspersky reminds the public to be careful when sharing personal information on dating platforms. The reason for this is because cyber criminals are continually able to steal identities/money from users despite dating apps best efforts to improve encryption protocols and attention to user privacy. Scammers/fraudsters/abusers are quick to pick up this information people post online in hopes of financial gain. Caution is critical, and so the firm recommends five ways to safely enjoy online dating.
1. Don’t link social media accounts to dating applications
2. Do not share your phone number/messaging handles, stick to the app’s built in messaging feature, at least initially
3. Be wary for questions a match may ask, such as to visit a certain website or common security questions (favorite teacher, pet)
4. Be wary of automated messages that could be bots looking for data or money
5. Turn on in-app settings to only reveal your profile to matches
https://news.abs-cbn.com/life/02/15/22/dating-online-tips-from-a-cybersecurity-firm
Michael Duffy says
This article describes the different types of passwordless authentication which is being implemented aggressively across different enterprises. For the most part, these are pretty well known to the cyber industry except for one which is “magic link”. To me, this is still insecure since it requires an email and then sends a token – so it still requires a password since it is connected to your email.
However, what I am more interested in is seeing if companies may start giving the option to have passwordless authentication to the customer. Currently, most websites use traditional password/security which can be frustrating for many users. I’m wondering if eventually there will be a way to connect a contactless smart card and use that for sign ins with a pin as an alternative for signing into websites. I would also be interested in the ethical issues it has collecting biometrics from customers. Overall, I thought this was an interesting read.
https://jumpcloud.com/blog/passwordless-authentication-methods-examples
Joshua Moses says
An organization named GiveSendGo, which is based in Boston Massachusetts recently had a security breach. On Monday, GiveSendGo’s website claimed to be under maintenance about an hour after their site was apparently hijacked and redirected to a webpage of the hacker’s choice. “The redirected page condemned the truckers who descended on Canada’s capital to oppose mandatory COVID-19 vaccinations, causing widespread disruption to traffic and trade for more than a week.” I personally have a problem with this, due to not being a fan of conforming to authoritarianism. Moreover, the article also proclaims that, “GiveSendGo co-founder Jacob Wells did not respond to a request for comment.” This is the norm for leaders of organizations to not take accountability when they have a security breach. 30 megabytes of donor information from GiveSendGo was released to the public, “including self-reported names, email addresses, ZIP codes and IP addresses.” Yet the co-founder couldn’t address the concerns of the people who were affected by this data breach. Disgraceful!
https://news.yahoo.com/hackers-leak-names-freedom-convoy-150814207.html
Corey Arana says
Google drive accounts for 50 percent of malicious document downloads
In 2021 about 50 percent of malicious office documents were delivered using google drive. Netskope reported that office 365, google docs and pdf’s make up 37 percent of malware that is downloaded.
Google drive took over in 2021 as the leader in malicious document downloads from Microsoft one drive which lead up to that point with 34 percent.
How cybercriminals are operating? Cybercriminals will sign up for free accounts from these hosting services. They will upload malicious files and will share them with unsuspecting users who open those files.
Legitimate platforms are easy tools for cyber criminals to use to attack unsuspecting people, keep an eye out and don’t click on emails or links from people you don’t know.
https://cyware.com/news/google-drive-now-accounts-for-50-of-malicious-document-downloads-c0b6ab5c