Glen Benjamin - LAN Infotech

The advent of vCISOs is shaking up the industry. Discover how these virtual security experts are helping SMBs navigate the complex threat landscape without breaking the bank. Is a vCISO the secret weapon your business needs?

In today’s rapidly shifting digital landscape, where cyber threats constantly evolve and new security tools frequently emerge, the demand for adept cybersecurity leadership is more critical than ever. This dynamic environment necessitates that chief information security officers (CISOs) not only keep pace with current technological advancements but also proactively anticipate potential vulnerabilities and emerging threats. This growing need has catalyzed the rise of virtual CISOs (vCISOs), proving particularly valuable to small and medium-sized businesses (SMBs) that require expert guidance to navigate these complexities but lack the resources to maintain a full-time executive. This makes the role of the vCISO, with its inherent flexibility and strategic focus, ideal for organizations that want to strengthen their security posture without the overhead of a full-time, in-house CISO.

As cybersecurity develops, vCISOs are adept at utilizing emerging technologies to fortify security protocols. Machine learning, for example, is an indispensable tool that empowers vCISOs to proactively detect and address potential security threats before they cause harm. By analyzing patterns in vast amounts of data, AI algorithms can customize security protocols to suit the specific needs of each business, ensuring that defenses are both robust and relevant. This capability reduces the risk of breaches by adapting to new threats as they evolve.

LAN Infotech Glen Benjamin - LAN Infotech

The rise of the vCISO: From niche to necessity? The advent of vCISOs is shaking up the industry. Discover how these virtual security experts are helping SMBs navigate the complex threat landscape without breaking the bank. Is a vCISO the secret weapon your business needs?

On October 24th, the U.S. Department of Health and Human Services Office for Civil Rights data breach portal updated the total number of people impacted by the UnitedHealth data breach to 100 million, marking the first time the company has officially quantified the breach's scope. This confirmation cements the breach as the largest healthcare data exposure in U.S. history, underscoring the significant risks that cybersecurity incidents pose to sensitive patient information.

What Happened in the Change Healthcare Breach?
As reported by TechCrunch, the breach began in February 2024 when the ALPHV/BlackCat ransomware group targeted UnitedHealth’s Change Healthcare platform, a widely used payment processing system within the healthcare industry. The attackers deployed ransomware to disrupt operations and exfiltrated vast amounts of sensitive data. The compromised data included patients’ personal information, financial details, and medical records.

This attack had a cascading impact across the U.S. healthcare sector, disrupting billing, payment processing, and even delaying patient care. Change Healthcare is integral to the healthcare infrastructure, processing millions of payments annually, which means the breach affected not only UnitedHealth but also countless hospitals, clinics, and medical practices reliant on this platform.

LAN Infotech Glen Benjamin - LAN Infotech

100 Million Americans’ Medical Records Exposed In Massive Data Breach UnitedHealth’s massive healthcare data breach exposed 100 million Americans’ personal info—are you at risk? Learn the details and what you can do to protect yourself.

The Cybersecurity and Infrastructure Security Agency (CISA) is warning federal executives about a large-scaling spear phishing campaign by a foreign actor. In a new alert issued late yesterday, CISA said the adversaries are often posing as a trusted entity by sending spear-phishing emails containing malicious remote desktop protocol files. Once they have gained access, the threat actor may pursue additional activities, such as deploying malicious code to achieve persistent access to the target’s network. CISA recommends public and private sector organizations do 10 things to protect themselves, including restricting outbound remote desktop protocol files and prevent these files from executing on the network.
(Foreign threat actor conducting large-scale spear-phishing campaign - CISA)

Just days ahead of Election Day, a group of career federal employees is calling for more protections against online threats. One type of threat feds face is doxing, or the malicious publication of feds’ personal information online without their consent. Thousands of members of the Department of Justice Gender Equality Network (DOJ GEN) are urging DOJ leadership to scale up the response to, and prevention of, those threats to career feds. Agency leaders have recognized what they said has been a recent “escalation of attacks” against DOJ employees. But DOJ GEN said it’s still concerned about a lack of protection. In a letter this week to DOJ leaders, the group outlined specific steps the agency can take to better protect career feds against the attacks.
(Letter on doxing and other online threats - Department of Justice Gender Equality Network)

LAN Infotech Glen Benjamin - LAN Infotech

CISA issues warning to feds about large-scale spear phishing campaign by a foreign actor In a new alert issued late yesterday, CISA said the adversaries are often posing as a trusted entity.

LAN Infotech is proud to support MyFlare Alert and South Florida Institute on Aging Partner to Enhance Safety and Independence for Seniors Across the Community!

We’re pleased to announce a new partnership between MyFlare Alert™ and the South Florida Institute on Aging (SoFIA), a dedicated non-profit organization, to provide a connected, independent living solution for seniors and their caregivers. This collaboration marks the beginning of a broader initiative to bring dependable safety tools to communities everywhere, empowering seniors to live independently with confidence and support. For those who may face financial barriers, MyFlare Alert™ will be made available at no cost, ensuring safety and peace of mind are accessible to all.

MyFlare Alert™ provides seniors with a simple, reliable way to remain closely connected to family, friends, and caregivers. Independent living no longer means being alone; it means having support exactly when it’s needed, all at the touch of a button. With MyFlare Alert™, users can instantly connect for reassurance, quick assistance, or urgent help, whether through their phone, smartwatch, or beacon

South Florida Institute on Aging LAN Infotech Glen Benjamin - LAN Infotech

South Florida Institute on Aging (SoFIA) Selects MyFlare Alert Community Safety System. Empowering Independence with MyFlare Alerts—support when you need it, peace of mind for loved ones, and help just a touch away.

Your Google account is the gateway to most everything the average criminal hacker could want, including access to your Gmail inbox and the treasure trove of sensitive information it contains. Protecting your Google account is critical in the war against hacking and the use of two-factor authentication remains one of the most recommended weapons in the Gmail defense armoury. A new warning has now been issued by law enforcement as cybercriminals are actively bypassing that 2FA account protection to gain unfettered access to email data. Here’s everything you need to know and, most importantly, how to stop the 2FA-bypass hackers.

New Gmail Warning As 2FA Bypass Attacks Underway
The Federal Bureau of Investigation published an October 30 public alert relating to the theft of what are known as session cookies by cybercriminals in order to bypass 2FA account protections.The FBI Atlanta division’s warning stated that hackers are “gaining access to email accounts by stealing cookies from a victim’s computer.” Gmail, being the world’s biggest free email service with more than 2.5 billion active accounts, according to Google, is naturally a prime target for these ongoing attacks.

The FBI warning comes in addition to the awareness campaign I have been engaged upon when it comes to the dangers of 2FA bypass attacks and session cookie theft for Gmail users, as well as those of other web email platforms, over the last year or so. That these types of attacks are a prime method for cybercriminals looking to compromise Gmail accounts is now a given, so let’s cut straight to the chase and look at the best ways to mitigate the threat.

LAN Infotech Glen Benjamin - LAN Infotech

New Gmail 2FA Attack Warning—Stop The Email Hackers Now Hackers are bypassing Gmail 2FA protections, but don’t panic as stopping them is pretty easy. Here’s what you need to know.

The phone rings and it's a number you don't recognize. Or perhaps an unknown number shows up in your missed calls. You're curious, but you don't want to pick up or call back if it's a telemarketer or scammer. Instead of playing robocall roulette, here are a few ways to investigate who's calling you before you engage.

Legit Call vs. Scam Call: How to Tell the Difference
You may have noticed that America has a problem with scam calls. Scammers took $10 billion from unsuspecting victims in 2023, and it's hard to see the problem going away anytime soon. If you get a call, there are a few ways to tell if it's legit or not.

What does the phone say? When a call comes in, look for a displayed number and location. If your phone isn't showing any information and says something like Unknown, chances are there's a scammer on the other end of the line. Anyone can hide their number, but best to let this one go to voicemail and call back if it's someone you know. If the phone says Scam Likely, it's typically correct; feel free to ignore the call.

Look for verification. Carriers have started verifying phone numbers when you receive a call. Google's phone app also adds a badge on incoming calls that it can attach to a business. Unfortunately, this doesn't verify every call from a legitimate business or w**d out legitimate businesses that use robocalls.

LAN Infotech Glen Benjamin - LAN Infotech

Should You Pick Up? How to Find Out Who's Calling You Get a random call from an unknown number? Here's how to do a reverse phone lookup.

Situational Awareness – Cyber News
Please find the Geography-Wise and Industry-Wise breakup of cyber news for the last 5 days as part of the situational awareness pillar.

Weekly Intelligence Trends/Advisory
1. Weekly Attack Type and Trends
Key Intelligence Signals:

Attack Type: Ransomware Attacks, Spear Phishing, Vulnerabilities & Exploits, Data Leaks.
Objective: Unauthorized Access, Data Theft, Data Encryption, Financial Gains, Espionage.
Business Impact: Data Loss, Financial Loss, Reputational Damage, Loss of Intellectual Property, Operational Disruption.
Ransomware –Sarcoma Ransomware, RansomHub Ransomware | Malware – PySilon
Sarcoma Ransomware Ransomware – One of the ransomware groups.
RansomHub Ransomware – One of the ransomware groups.
Please refer to the trending malware advisory for details on the following:
Malware – PySilon
Behaviour –Most of these malware use phishing and social engineering techniques as their initial attack vectors. Apart from these techniques, exploitation of vulnerabilities, defense evasion, and persistence tactics are being observed.

LAN Infotech Glen Benjamin - LAN Infotech

Weekly Intelligence Report - 01 Nov 2024 - CYFIRMA Situational Awareness – Cyber News Please find the Geography-Wise and Industry-Wise breakup of cyber news for the last 5 days...

The threat of a copyright infringement claim has become the latest way for malware operators to trick their targets.

Researchers with Cisco Talos report that an ongoing attack in Taiwan is being spread via phishing emails that contain malware attachments.

Targeting businesses and advertising companies, the emails will pose as a legal notice from either a copyright holder a legal representative of a company making a copyright claim. Attached to the message will be a supposed PDF attachment that presents itself as a legal document with details on the complaint.

“The decoy email and fake PDF filenames are designed to impersonate a company's legal department, attempting to lure the victim into downloading and executing malware,” wrote Cisco Talos researcher Joey Chen,

Once the victim opens the attachment, which presents itself as a PDF but is actually an executable, they are redirected via a Google Appspot.com domain that then routes through another third-party URL shortening service before finally arriving at a Dropbox domain.

That domain then infects the victim with the actual payload: an info-stealing malware designed to harvest account credentials and other personal detail. The malware was identified as being either LummaC2 or Rhadamanthys, which are available on dark web markets.

LAN Infotech Glen Benjamin - LAN Infotech

https://buff.ly/4hua5RB

Malware operators use copyright notices to lure in businesses The threat of a copyright infringement claim has become the latest way for malware operators to trick their targets.

BeetleJuice (1988) - Day-O (Banana Boat Song) Dinner (HD) Buy/Rent - BeetleJuice (1988) / Amazon: https://amzn.to/2WQauK0Or Amazon Prime Members has multiple free movies : Amazon: https://amzn.to/3h5F2ODMusic Sound ...

!!

The Addams Family Theme song Hehe I love this show and the movie of course! Enjoy!Lyrics:They're creepy and they're kooky, Mysterious and spooky, They're all together ooky, The Addams Fa...

Crooks are leveraging the event management and ticketing website Eventbrite to deliver their phishing emails to potential targets.

“Since July, these attacks have increased 25% week over week, resulting in a total growth rate of 900%,” Perception Point researchers say.

The phishing emails impersonate legitimate companies
The phishing emails look like they are coming from Eventbrite because they are, but their content is crafted to impersonate legitimate businesses such as NLB Group (financial institution), EnergyAustralia (energy company), DHL (delivery service), Qatar Post (post service), and others.

On Everbrite, anyone can set up an account and create a new event. The phishers sign up and create fake events under the guise of a reputable brand and embed phishing links within the event description or attachment.

This allows them to send emails via the Eventbrite platform.

“The attacker can enter any email address; it is equivalent to sending an invite – it doesn’t matter if the email address has registered for the event. The emails are targeted and not random. The recipients also do not have to be an Eventbrite user to receive the email,” the researchers told Help Net Security.

“According to Eventbrite, users can send up to 250 promotional emails per day. If they have a PRO package, then it’s a range between 2,000 – 10,000 emails per day. An attacker creating multiple accounts a day could multiply this reach substantially: For instance, with four free accounts, an attacker could potentially send 1,000 phishing emails daily. Although less probable, if attackers leverage the service’s paid Pro plans, they could increase their reach further depending on the plan tier. We do not know if they are doing this, though.”

LAN Infotech Glen Benjamin - LAN Infotech

Phishers reach targets via Eventbrite services - Help Net Security Crooks are leveraging the event management and ticketing website Eventbrite to deliver their phishing emails to potential targets.

!!!

Ray Parker Jr. - Ghostbusters (Official Video) Official video for "Ghostbusters" by Ray Parker Jr.Listen to Ray Parker Jr.: https://RayParkerJr.lnk.to/listenYDSubscribe to the official Ray Parker Jr. YouT...

You just can't have without !!!

Michael Jackson - Thriller (Official 4K Video) Michael Jackson's official 4K music video for "Thriller"Listen to more Michael Jackson: https://MichaelJackson.lnk.to/Stream!toMichael Jackson's 14-minute sh...

AMERICANS who were owed payments of up to $25,000 as part of a multi-million dollar Capital One settlement can still apply for benefits to protect their cash.

A total of 98 million Capital One customers are understood to have been impacted by a major data breach in 2019.

The breach exposed the personal information of customers and credit card applicants, leading to a class action lawsuit and resulting in a $190 million settlement that received approval in 2022.

Customers were told to submit their complaints by November last year, with initial payments - up to $25,000 - being dished out last September.

A second round of payments were given last month - and the settlement is now officially closed.

Capital One is, however, still providing services such as "identity defense" and "free restoration," meaning claimants could still be entitled to further support.

LAN Infotech Glen Benjamin - LAN Infotech

Capital One users entitled to $190m settlement pot can still access benefits AMERICANS who were owed payments of up to $25,000 as part of a multi-million dollar Capital One settlement can still apply for benefits to protect their cash. A total of 98 million Capital One cust…

My All-Time Favorite Halloween Song! !!!

Bobby Pickett - Monster Mash [HD] Bobby Pickett Monster Mash Lyrics in Color + Upscaled to HD. The Monster Mash Lyrics VideoBobby Pickett Monster Mash Lyrics VideoThanks to AI technology, fan...

Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows.

This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head spin. But don't worry, we're here to break it all down in plain English and arm you with the knowledge you need to stay safe.

So grab your popcorn (and maybe a firewall), and let's dive into the latest cybersecurity drama!

LAN Infotech Glen Benjamin - LAN Infotech

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27) AI manipulation, cloud storage flaws, and a major AWS vulnerability - this week's cybersecurity recap is packed!

Still my All-Time Favorite Halloween Commercial!

Ghostly Car Ad BEFORE YOU WATCH THE VIDEO, READ THIS... Strange but interesting. This is a car advertisement from Great Britain. When they finished filming the ad, the film...

From escalating cyber threats to questions about resources and security’s role in the enterprise, cyber leaders are reshaping their agendas to address several key long-standing and emerging concerns.

But CISOs know that their job, which in its earliest days may have been narrow in scope, now comprises a huge array of responsibilities.

Although CISOs say each of those duties are critical, they cite a group of issues that are top of mind for them. Here are 10 that now dominate the CISO agenda.

LAN Infotech Glen Benjamin - LAN Infotech

The 10 biggest issues CISOs and cyber teams face today From escalating cyber threats to questions about resources and security’s role in the enterprise, cyber leaders are reshaping their agendas to address several key long-standing and emerging concerns.

***Important Announcement, Glen is Speaking at Tech Talent Fest 2024!!!***

I'm honored to be speaking at the upcoming South Florida Tech Hub Event, Tech Talent Fest being held on November 18th at FIU. Please see the details below for my session on Microsoft Copilot including registration and sponsorships for those interested in participating. We look forward to having you attend this important Education Event!

Glen Benjamin with LAN Infotech Session:
2:30 PM - 3:00 PM
WORKSHOP: "How to Use Microsoft Co-Pilot" (LAN Infotech)
New Capability Topics include Microsoft 365, AI , Wave 2, Web & Work Data, Pages, LOB Data, Excel using Python, PowerPoint with Narrative Builder , Prioritize my Inbox, Copilot Agents,

Tech Talent Fest 2024 | AI, Cyber, Cloud, Software Development

Join us for a technology conference and career fair FREE for all job seekers, higher education partners and industry professional attendees!

Monday, November 18 · 10am - 4pm
Florida International University
11200 Southwest 8th Street Miami, FL 33199

South Florida Tech Hub LAN Infotech Glen Benjamin - LAN Infotech

Please Register at:

Tech Talent Fest 2024 | AI, Cyber, Cloud, Software Development Join us for a technology conference and career fair FREE for all job seekers, higher education partners and industry professional attendees!

Microsoft has just made a shattering announcement about the integration of autonomous agents into its Copilot ecosystem. These autonomous agents, which are supposed to transform the way we work with AI, raise as much hope as criticism. Microsoft seems confident in its vision, but while its autonomous agents look promising, it’s essential to keep a critical eye.

What is an autonomous AI agent?
Let’s already explain what exactly autonomous AI agents are.

Agents are software systems, powered by artificial intelligence models, capable of performing tasks independently, often in a complex environment.

In contrast to conventional AIs that require human intervention at every step, autonomous agents can perceive their environment, make decisions, communicate with each other and act continuously to achieve a goal.

Imagine an autonomous agent in a professional context:

it could analyze incoming emails, prioritize those requiring an immediate response, write drafts and even make decisions based on external information such as calendars or user preferences.

The idea here is to automate complex processes to increase productivity.

LAN Infotech Glen Benjamin - LAN Infotech

Microsoft Copilot agents : automation on a grand scale? Microsoft presents its autonomous agents for Copilot, promising advanced automation. Features and challenges of this AI innovation

COLUMBUS, Ohio (WCMH) — The director of the Columbus Department of Technology gave an update Monday night, showing slight progress in the city’s recovery efforts against the ransomware attack that hit in late July.

It was a very brief update during Monday’s City Council meeting: this week, the Department of Technology is focused on restoring internet and employee remote access. The director shared that the goal is to have the internet fully restored this week.

“City departments have limited access to the internet using either wi-fi connectivity in city buildings or the websites we have specifically permitted to be accessed,” the Director of the Department of Technology Sam Orth said.

Orth shared that tests were happening throughout Monday and would continue after the meeting to ensure the internet is safe to fully restore.

“With full internet restoration this week, users will be able to browse the internet from their desktop computers over wired networks to the city’s internet service providers,” Orth said.

LAN Infotech Glen Benjamin - LAN Infotech

Columbus on track to have internet restored after hack COLUMBUS, Ohio (WCMH) — The director of the Columbus Department of Technology gave an update Monday night, showing slight progress in the city’s recovery efforts against the ransomware …

WASHINGTON, Oct 25 (Reuters) - Delta Air Lines (DAL.N), on Friday sued cybersecurity firm CrowdStrike (CRWD.O), in a Georgia state court after a global outage in July caused mass flight cancellations, disrupted travel plans of 1.3 million customers and cost the carrier more than $500 million.

Delta's lawsuit filed in Fulton County Superior Court called the faulty software update from CrowdStrike "catastrophic" and said the firm "forced untested and faulty updates to its customers, causing more than 8.5 million Microsoft (MSFT.O), opens new tab Windows-based computers around the world to crash."

The July 19 incident led to worldwide flight cancellations and hit industries around the globe including banks, health care, media companies and hotel chains.
"Delta’s claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernize its antiquated IT infrastructure," CrowdStrike said late on Friday.

Delta, which said it has purchased CrowdStrike products since 2022, said the outage forced it to cancel 7,000 flights, impacting 1.3 million passengers over five days.
Delta said CrowdStrike is liable for over $500 million in out-of-pocket losses as well as for an unspecified amount of lost profits, expenditures, including attorneys’ fees and "reputational harm and future revenue loss."

LAN Infotech Glen Benjamin - LAN Infotech

https://buff.ly/3Ag9zGe

In this Help Net Security interview, Michael Daum, Head of Global Cyber Claims for Allianz Commercial, discusses the significant rise in cyber claims in 2024, driven by an increase in data breaches and ransomware attacks.

Daum highlights the need for businesses to implement cyber hygiene practices and align their risk management strategies with insurers’ expectations to mitigate financial impacts and reduce premiums.

Cyber claims have risen significantly in both frequency and severity in 2024. What factors do you believe are contributing most to this increase, and how are insurers adapting to this changing risk environment?
Cyber claims have continued their upwards trend over the past year, driven in large part by a rise in data and privacy breach incidents.

Some notable trends include: A rise in ransomware attacks including data exfiltration is a consequence of changing attacker tactics and the growing interdependencies between organizations sharing ever more volumes of personal records. At the same time, the evolving regulatory and legal environment has brought an uptick in so-called ‘non-attack’ data privacy-related class action litigation, resulting from incidents such as wrongful collection and processing of personal data – the share of these claims has tripled in value in two years alone.

With today’s complex web of interconnectivity and reliance on service providers, modeling has become critical. When insurers assess our customers’ risks, we are not just modeling to the insured’s exposure. We are modeling to the extended network, their cloud, software, and digital service providers.

LAN Infotech Glen Benjamin - LAN Infotech

The future of cyber insurance: Meeting the demand for non-attack coverage - Help Net Security Cyber claims have continued their upwards trend over the past year, driven in large part by a rise in data and privacy breach incidents.

Threat actors are increasingly creating malicious virtual hard drives to distribute malware, in the hopes of getting around email gateways that have become good at detecting infected documents, spreadsheets, and PDFs, says a new study.

“While virtual hard drive files like .vhd and .vhdx are typically used for virtual machines, they can also be opened in Windows to mount the virtual image as if it were a physical volume,” researchers at Cofense warned infosec defenders on Tuesday.

Phishing lures are sent to would-be victims with .zip archive attachments containing malicious virtual hard drive files, or embedded links to downloads that contain a virtual hard drive file that can be mounted and browsed through by a victim. The hope is that a victim can be misled into running a malicious payload.

Another tactic is to configure the virtual hard drive to automatically execute files in Windows via AutoRun. Starting with Windows Vista, however, files won’t run automatically; users are given a prompt asking for their approval.

The phishing campaigns seen this year all appear to be delivering the Remcos Remote Access Trojan (RAT) and/or the XWorm RAT, the study says.

The study also says that in one email campaign Cofense has seen, some malicious virtual hard drive files were able to get by gateways from Cisco Systems, FireEye, and Proofpoint. There were cases where the malicious file had a negative verdict (that is, the file was cleared), was scanned but not flagged as malicious, or was scanned but determined not to be spam.

LAN Infotech Glen Benjamin - LAN Infotech

Threat actors increasingly using malicious virtual hard drives in phishing attacks The tactic is a way of getting around email gateways and antivirus, according to Cofense.