Cyberattacks Archives - Les Olson IT

Protecting Your Network from Cloud Snooper

Marie Bradshaw — Mon, 09 Mar 2020 15:48:30 +0000

[cz_image id=”cz_96587″ image=”12781″][/cz_image]

[cz_gap height=”25px”]

[cz_title id=”cz_48598″ cz_title=””]

Have you heard of Cloud Snooper?

Sophos, a leader in next-gen cybersecurity, recently published a report on this new and sophisticated attack. According to their report, Cloud Snooper uses a unique combination of techniques to evade detection, allowing malware on servers to communicate freely with its command and control servers (C2) through firewalls that would normally prevent these types of communications. The detailed SophosLabs report deconstructs the TTPs (tactics, techniques, and procedures) used in the attack, which they suspect was the work of an advanced actor – possibly nation-state sponsored.

The tactics, techniques, and procedures used in the Cloud Snooper attack include a rootkit circumventing firewalls, a technique to gain access to servers disguised as normal traffic, and a backdoor payload that shares malicious code between both windows and Linux operating systems. This approach is known, but very uncommon. Though each TTP has been seen previously in other attacks by skilled cyber-attackers, they have not been seen in combination.

So how does this affect your business?

Sophos expects that this combination of TTPs will “trickle down” and become more commonplace throughout the cybercriminal hierarchy, becoming the blueprint for future firewall attacks.

Sergei Shevchenko, Threat Research Manager at SophosLabs, said “This is the first time we have seen an attack formula that combines a bypassing technique with a multi-platform payload, targeting both Windows and Linux systems. IT security teams and network administrators need to be diligent about patching all external-facing services to prevent attackers from evading cloud and firewall security policies. IT security teams also need to protect against multi-platform attacks. Until now, Windows-based assets have been the typical target, but attackers are more frequently considering Linux because cloud services have become popular hunting grounds. It’s a matter of time before more cybercriminals adopt these techniques.”

If you’re a business owner or manager, now is the time to talk to your IT security team about their plans to respond to this potential threat. If you are responsible for your organization’s network security, here’s some advice for defending against Cloud Snooper and similar attacks:

Create a full inventory of all devices connected to the network, and update all security software used on these devices.
Ensure all external-facing services are fully patched. Cloud hosting services often provide firewall security, but this should not be substitute for an organization’s own cloud security measures.
Check and double check all cloud configurations. User misconfiguration and lack of visibility are the top causes of attacks in the cloud.
Enable multi-factor authentication on any security dashboards or control panels used internally to prevent attackers from disabling security products during an attack.
Remember, there is no single silver bullet for security, and a layered, defense-in-depth, next generation security model that includes components designed specifically to protect data and networks in the cloud (like Sophos Intercept X for Server) is an essential best practice.

If you need help hardening your network against cyber threats, our expert IT team is here to help. We can work with you and even your existing IT security team to make any necessary changes so your network is prepared for the worst.

This article is based on the February 25, 2020 Sophos Press Release.[/cz_title]

[cz_gap height=”30px” id=”cz_62034″][cz_content_box type=”1″ fx_hover=”fx_inner_line_hover” id=”cz_107623″ sk_overall=”background-repeat:no-repeat;background-position:left bottom;background-size:contain;background-image:url(https://lesolson.redpeppersoftware.net/wp-content/uploads/2019/10/artArtboard-1interceptx2.png),linear-gradient(90deg,#e4e4e4,#e4e4e4);padding-top:50px;padding-bottom:35px;padding-left:50px;” back_content=”Quickly foster with resource maximizing” sk_back=”background-color:#ba0230;border-radius:10px;” sk_back_in=”color:#ffffff;” back_btn_link=”url:http%3A%2F%2Fxtratheme.com%2Ffashion-shop%2Fproducts%2F|||” sk_back_btn=”color:#000000;background-color:#ffffff;border-radius:4px;” sk_back_btn_hover=”color:#ffffff;background-color:rgba(0,0,0,0.76);” back_title=”59% OFF FOR WOMEN CLOTHES” back_btn_title=”Check Collection” link=”url:https%3A%2F%2Flesolson.com%2Fproducts%2Fnetwork-solutions%2Fsophos-intercept-x-endpoint-security%2F|||”][cz_gap height=”30px” id=”cz_62034″][cz_social_icons position=”tar” fx=”cz_social_fx_10″ id=”cz_85228″ social=”%5B%7B%22icon%22%3A%22fa%20fa-arrow-circle-right%22%2C%22title%22%3A%22Watch%22%2C%22link%22%3A%22https%3A%2F%2Flesolson.com%2Fproducts%2Fnetwork-solutions%2Fsophos-intercept-x-endpoint-security%2F%22%7D%5D” sk_icons=”font-size:50px;color:#ba0230;” sk_con=”padding-top:0px;padding-right:0px;padding-bottom:0px;margin-top:0px;margin-right:-25px;margin-bottom:0px;”][cz_title title_pos=”cz_title_pos_right” id=”cz_47845″ link=”url:https%3A%2F%2Flesolson.com%2Fproducts%2Fnetwork-solutions%2Fsophos-intercept-x-endpoint-security%2F|||” sk_overall=”background-color:rgba(255,255,255,0.86);”]

LEARN ABOUT
SOPHOS INTERCEPT X
PRODUCT PAGE

[/cz_title][cz_gap height=”30px” id=”cz_62034″][/cz_content_box][cz_gap height=”30px” id=”cz_62034″]

[cz_gap height=”30px” id=”cz_62034″][cz_content_box type=”1″ fx_hover=”fx_inner_line_hover” id=”cz_73269″ sk_overall=”background-repeat:no-repeat;background-position:left bottom;background-size:contain;background-image:url(https://lesolson.redpeppersoftware.net/wp-content/uploads/2020/03/Artboard-2cloudsnooperinfographic.png),linear-gradient(90deg,#e4e4e4,#e4e4e4);padding-top:50px;padding-bottom:35px;padding-left:50px;” back_content=”Quickly foster with resource maximizing” sk_back=”background-color:#ba0230;border-radius:10px;” sk_back_in=”color:#ffffff;” back_btn_link=”url:http%3A%2F%2Fxtratheme.com%2Ffashion-shop%2Fproducts%2F|||” sk_back_btn=”color:#000000;background-color:#ffffff;border-radius:4px;” sk_back_btn_hover=”color:#ffffff;background-color:rgba(0,0,0,0.76);” back_title=”59% OFF FOR WOMEN CLOTHES” back_btn_title=”Check Collection” link=”url:http%3A%2F%2Flesolson.com%2Fwp-content%2Fuploads%2F2020%2F03%2Fcloud-snooper.pdf|||”][cz_gap height=”60px” id=”cz_62034″][cz_title title_pos=”cz_title_pos_center” id=”cz_17074″ link=”url:http%3A%2F%2Flesolson.com%2Fwp-content%2Fuploads%2F2020%2F03%2Fcloud-snooper.pdf|||” sk_overall=”background-color:rgba(255,255,255,0.86);” cz_title=””]

PROTECT AGAINST CLOUD
SNOOPER INFOGRAPHIC

[/cz_title][cz_button title=”Download Now” btn_position=”cz_btn_block” text_effect=”cz_btn_txt_move_down” id=”cz_93289″ subtitle=”Cloud Snooper Infographic” link=”url:http%3A%2F%2Flesolson.com%2Fwp-content%2Fuploads%2F2020%2F03%2Fcloud-snooper.pdf|||” sk_button=”font-size:24px;text-align:center;line-height:20px;background-color:#ba0230;padding-right:30px;padding-left:30px;border-radius:0px;” sk_hover=”color:#ffffff;” sk_subtitle=”font-size:13px;color:#ffffff;font-weight:400;” sk_icon=”border-radius:4px;padding:10px 10px 10px 10px;margin-left:-8px;margin-right:12px;background-color:#ffffff;” alt_title=”Download Infographic” alt_subtitle=”Fight Cloud Snooper” cz_button=””][cz_gap height=”65px” id=”cz_62034″][/cz_content_box][cz_gap height=”30px” id=”cz_62034″]

The post Protecting Your Network from Cloud Snooper appeared first on Les Olson IT.

The Problem with Traditional Antivirus Software

Marie Bradshaw — Wed, 25 Jul 2018 16:12:41 +0000

[cz_image id=”cz_107785″ image=”11270″][/cz_image][cz_gap height=”25px”]

So your business uses Antivirus Software, you’re all set, right? Not so. The problem with traditional Antivirus Software is that it can only defend against known threats. In this article we’ll discover the monumental shift in the threat landscape and why mom and dad’s Antivirus Software just isn’t cutting it anymore.

Years ago the primary form of attacks were “generic malware,” a type of threat that is easily stopped by blocked by basic antivirus software. The thing is, today generic malware only makes up about 12% of cyberattacks. Wait…what’s the other 88%? As you see in the graph below, ransomware, email malware, and other advanced malware have become most common.

[cz_image id=”cz_46622″ image=”11277″][/cz_image][cz_gap height=”25px”]

If you’re thinking maybe you’ll take your chances and hope you just get hit with Generic Malware, you might want to think again. According to the State of Endpoint Security Today Survey, 54% of organizations were hit an average of two times in 2017, and most organizations admit they have no exploit prevention capabilities.

Let’s break down what we mean by known vs. unknown threats:

Known:

Traditional security products are designed to act once they encounter something they know to be malicious. These are attacks that are already known to exist and measures have been taken to block that attack in the future. Unfortunately with traditional antivirus, there is always a gap between when threats begin causing trouble and when the vendors update their software to block against the attack moving forward.

Unknown:

To avoid being detected by antivirus software, hackers need to create a completely new threat. And they’re really good at it too. Sophos Labs has said they receive and process 400,000 previously unseen malware samples every day. They also say that three quarters of the malicious files they encounter are unique to a single organization.

How can you fight back against attacks that have never been seen before, and may never be seen again?

That’s where predictive security comes in. Predictive security utilizes deep learning technology to go much further than simply reacting to threats. If you ever talk to Siri, Alexa or Cortana – you’ve had personal experience with deep learning. In fact, it’s all around us from facial and voice recognition to self-driving cars and language translation. Deep learning is an advanced form of machine learning that was originally inspired by the way the human brain works. It can make predictions about data it has never seen based on the data it is trained on.

When deep learning is applied to the detection of malware and potentially malicious programs, it goes so much farther beyond what traditional antivirus is capable of. One of the solutions that utilizes predictive security is Intercept X by Sophos. Intercept X extracts millions of attributes about a file it’s analyzing and runs it through its deep learning model to determine whether the file is good or bad. This intelligent solution is highly effective at protecting against the unknown, stopping malware before it executes and denying the attacker their opportunity to leverage your data.

In January 2018, ESG Labs tested the latest version of Intercept X with real world advanced attacks. The results? “Intercept X stopped 100% of the exploit techniques that were missed by the traditional antivirus application.” – ESG Labs, A New Approach to Endpoint Security for Today’s Threats

“We haven’t found another product that can boast the high detection and low false positive levels of Intercept X” said Denney Fifield, Direction of Technical Services at Strong and Hanni.

[cz_gap height=”30px” id=”cz_62034″][cz_content_box type=”1″ fx_hover=”fx_inner_line_hover” id=”cz_55633″ sk_overall=”background-repeat:no-repeat;background-position:right bottom;background-size:contain;background-image:url(https://lesolson.redpeppersoftware.net/wp-content/uploads/2019/10/artArtboard-1deeplearning.png),linear-gradient(90deg,#f4f4f4,#f4f4f4);padding-top:50px;padding-bottom:35px;padding-left:50px;” back_content=”Quickly foster with resource maximizing” sk_back=”background-color:#ba0230;border-radius:10px;” sk_back_in=”color:#ffffff;” back_btn_link=”url:http%3A%2F%2Fxtratheme.com%2Ffashion-shop%2Fproducts%2F|||” sk_back_btn=”color:#000000;background-color:#ffffff;border-radius:4px;” sk_back_btn_hover=”color:#ffffff;background-color:rgba(0,0,0,0.76);” back_title=”59% OFF FOR WOMEN CLOTHES” back_btn_title=”Check Collection”][cz_title id=”cz_14996″ cz_title=”” link=”url:%2Finfo%2Fhow-intercept-x-uses-deep-learning%2F|||” sk_overall=”background-color:rgba(255,255,255,0.87);”]

HOW INTERCEPT X

USES DEEP

LEARNING TO FIGHT

SECURITY THREATS

[/cz_title][cz_social_icons fx=”cz_social_fx_10″ id=”cz_40875″ social=”%5B%7B%22icon%22%3A%22fa%20fa-arrow-circle-right%22%2C%22title%22%3A%22Read%20Article%22%2C%22link%22%3A%22%2Finfo%2Fhow-intercept-x-uses-deep-learning%2F%22%7D%5D” cz_social_icons=”” sk_icons=”font-size:50px;color:#ba0230;” sk_con=”padding-top:0px;padding-bottom:0px;margin-top:0px;margin-bottom:0px;”][/cz_content_box][cz_gap height=”30px” id=”cz_62034″]

[cz_gap height=”30px” id=”cz_62034″][cz_content_box type=”1″ fx_hover=”fx_inner_line_hover” id=”cz_17573″ sk_overall=”background-repeat:no-repeat;background-position:left bottom;background-size:contain;background-image:url(https://lesolson.redpeppersoftware.net/wp-content/uploads/2019/09/artAsset-1ransomware-phishing.png),linear-gradient(90deg,#f4f4f4,#f4f4f4);padding-top:50px;padding-right:50px;padding-bottom:35px;” back_content=”Quickly foster with resource maximizing” sk_back=”background-color:#ba0230;border-radius:10px;” sk_back_in=”color:#ffffff;” back_btn_link=”url:http%3A%2F%2Fxtratheme.com%2Ffashion-shop%2Fproducts%2F|||” sk_back_btn=”color:#000000;background-color:#ffffff;border-radius:4px;” sk_back_btn_hover=”color:#ffffff;background-color:rgba(0,0,0,0.76);” back_title=”59% OFF FOR WOMEN CLOTHES” back_btn_title=”Check Collection”][cz_title title_pos=”cz_title_pos_right” id=”cz_96892″ cz_title=”” link=”url:%2Finfo%2Fhow-ransomware-critically-impacts-businesses%2F|||” sk_overall=”background-color:rgba(255,255,255,0.87);”]

HOW RANSOMWARE

CRITICALLY IMPACTS

BUSINESSES

[/cz_title][cz_gap height=”33px” id=”cz_20875″][cz_social_icons position=”tar” fx=”cz_social_fx_10″ id=”cz_63802″ social=”%5B%7B%22icon%22%3A%22fa%20fa-arrow-circle-right%22%2C%22title%22%3A%22GO%22%2C%22link%22%3A%22%2Finfo%2Fhow-ransomware-critically-impacts-businesses%2F%22%7D%5D” cz_social_icons=”” sk_icons=”font-size:50px;color:#ba0230;” sk_con=”padding-top:0px;padding-bottom:0px;margin-top:0px;margin-bottom:0px;”][/cz_content_box][cz_gap height=”30px” id=”cz_20875″]

The post The Problem with Traditional Antivirus Software appeared first on Les Olson IT.