The hackers responsible for the 2013 attacks on South Korea are believed to be back at it. Meanwhile, a security company has discovered two tools that may have been used to bypass security in the Sony Pictures Entertainment hack. To hear more, just click play!
IT Rewind Featured Stories:
Did our short segment leave you wanting more? Check out the original articles of stories we covered!
Continuum's Must-Read Blog Post This Week
In light of new encrypting ransomware like CryptoWall 4.0 which was just discovered last week, how can you improve end user security practices and prevent clients from becoming victims of these malicious schemes? You can force videos upon people and make them score a 100% on an online quiz before they have "passed" their security training, but does that really work? If you ask Engin Kirda, chief architect at Lastline and professor of computer science at Northeastern University in Boston, he'll tell you that it's not. In a recent article on eWeek, Kirda said that the only time that people seem to take cybersecurity seriously is after they have become the victim of an attack. Okay, that's good to know, but you certainly don't want all of your clients to get hit with malware in order for them to realize the seriousness of the threat. So what else can you do?
We reached out to users on Reddit and Mangolassi, an IT community that we recently joined, to see how MSPs and IT service providers conduct user education in a way that actually works. Beyond literature and best practices emails, which you can't guarantee people will read, we asked these professionals to explain how they implement a more "realistic and effective" security training program. Their answers were fascinating and worth experimenting with at your own business! Read more »
What Else Is New in the IT Channel?
Now that you've seen our top picks for this week, here are some more stories that made the headlines. Have a suggestion for a story that we should cover next week? Let us know by commenting below or tweeting @FollowContinuum or @BenDBarker!
Happy Birthday, Windows:
Happy 30th, Windows: What We've Loved Through the Years
InfoWorld, @, Woody Leonhard, @
Cyber-threats are growing rapidly:
IT Managers Struggling to Keep up With Cyber-Threats: Security Experts
eWeek, @, Wayne Rash, @
The lastest on ransomware:
Ransomware's Latest Threats: What to Do About CryptoWall, Chimera and Their Ilk
PCWorld, @, Robert Lemos, @
Hey everyone welcome back to IT Rewind. After a week in sunny Orlando, Florida, we’re home sweet home at our Boston studios to bring you the latest from the world of IT. This week, the hacking group that attacked South Korean banks may have a new target and a security company has found tools that are very closely related to capabilities used in the Sony hack. Hear more about these stories and more right now on IT Rewind!
Remember in 2013 when South Korean banks, government, websites and news agencies were targeted by hackers? Well, a recent malware attack in Europe has led security researchers to believe that the group responsible for the attacks in South Korea is back. Palo Alto Networks has found strong similarities between the malware used in the European attack and that used in the South Korea attack, which was referred to as Dark Seoul and Operation Troy. The European organization that was attacked had emails sent to specific employees that contained legitimate video player software with malware wrapped into it. The code used in the malware appears to be the same as that used in the Dark Seoul attacks. The one glaring difference is that the malware used on South Korea contained a destructive component that wiped hard drives, while the version used on the European organization did not.
An important note in this story is that specific employees were targeted in the attack, and their inability to recognize a harmful email is what led to the breach. Be sure to check out Continuum’s must-read blog post of the week to see how some companies are stepping up their efforts in security training.
While we’re on the topic of devastating hacks from the past, let’s run our minds back to the attack on Sony Pictures Entertainment. Recently, a security company called Damballa found two utilities that are similar to those seen in the malware that attacked Sony. The biggest question surrounding the Sony hack was how the attackers were able to bypass security. Well, the utilities discovered by Damballa help mask new files when they are introduced to a system. The tools that Damballa discovered are being called setMFT, which allows files to contain different timestamps, and afset, which is used for time stomping and cleaning up log data.
That’s all the time that we have for this week’s episode of IT Rewind, As always, read the full stories that we covered today and other tech stories by clicking on the links below.
Of course, you can always find us on Twitter, Instagram and Vine at FollowContinuum as well as LifeAtContinuum, We’re also on Facebook, LinkedIn, Spiceworks, YouTube and Periscope.
Take it easy.
Grow your client base! Learn more about MSP marketing!
By Lily Teplow
By Brian Downey
By Dave LeClair