SCAM OF THE WEEK: Is ChatGPT Your Next Financial Advisor?
ChatGPT, an artificial intelligence (AI) chatbot created by OpenAI, has risen in popularity since its release last year. Now, cybercriminals are using ChatGPT’s popularity to lure you into phishing scams. In one of these scams, cybercriminals try to trick you with a fake new ChatGPT feature.
The scam starts with a phishing email informing you that ChatGPT has a new feature to help you invest in the stock market. If you click the link in the email, you’ll be taken to a spoofed ChatGPT website and prompted to enter your contact information. Then, a representative will call you and request that you submit a payment to open your investment account. Unfortunately, if you submit a payment, that money won't help you invest in the stock market. Instead, cybercriminals will steal it to invest in their own malicious pursuits.
S1deload Stealer Malware
A new malware campaign on Facebook and YouTube is making headlines. S1deload Stealer hijacks these social media accounts, mines cryptocurrency, and spreads itself. Discover what business owners need to know about this malware.
Stanford University Data Breach
The recent Stanford University data breach is causing businesses to reevaluate their security practices. The way the university handled the breach can serve as a guide for business owners. But it is important to understand the facts of the incident.
LastPass Reveals Details of Attack
LastPass recently revealed more details of the second malware attack targeting its infrastructure. It also disclosed the company’s actions to prevent similar attacks in the future. By learning more about the attack, business owners can strengthen their own security weaknesses.
GoDaddy Finds Multiple-Year Security Breach
GoDaddy is a popular web hosting company with millions of customers worldwide. Users are alarmed to find that attackers stole the company’s source code.
The hosting giant found the security breach in early December 2022 after it received customer reports. From there, it carried out a comprehensive investigation. GoDaddy disclosed that its sites are being redirected to random domains.
Serious Security Flaw in Cisco ClamAV Discovered
It is ironic when software designed to protect is vulnerable to threats. That is the case here. Experts discovered the ClamAV free anti-malware program has a serious security risk.
Investigations revealed the security threat is in its scanning library. It was tracked as CVE- 2023-20032. The risk affects several other products from Cisco.
Everything You Need to Know About the Pepsi Data Breach
Hackers need less than a minute to perform a successful data breach. It will be over before you can even finish your cup of coffee. Unfortunately, it can take companies several weeks to realize they were the victim of a malware attack. That's what happened to Pepsi Bottling Ventures.
Cloudflare Successfully Detects and Mitigates Largest DDoS Attack Recorded
During the weekend of Feb. 11-12, 2023, content delivery network provider Cloudflare detected and mitigated an unusually high number of hyper-volumetric DDoS attacks. It did not disclose the targets but mentioned some of the attacked websites. These included a gaming provider, hosting providers, cloud computing platforms, and cryptocurrency companies.
The attack ranged between 50 to 70 million requests per second (rps) and peaked at 71 million rps. That is the largest reported HTTP DDoS attack, surpassing the 46 rps recorded in June 2022.
Internet Explorer Gets Disabled From Windows 10
Microsoft has intended to replace Internet Explorer with the new Edge browser. On June 15, 2022, the company officially retired the popular browser by ending its update support for the application. However, it was still part of Windows 10 and was available for use.
However, a Microsoft Edge update on Feb. 14, 2023, permanently disabled Internet Explorer 11 on Windows 10 computers. As standard with these updates, the rollout takes a few days to a week.
State of Emergency Declared in Oakland to Combat Ransomware Attack
On Feb. 8, 2023, the City of Oakland suffered a ransomware attack. It forced several city systems to go offline. Fortunately, it did not affect emergency services. 911 and fire rescue
were still online.
Digital security experts investigated the incident. They assume the attack started with an email that contained a malicious ransomware program. When a user clicks on a link or attachment, the ransomware gets into the system and steals valuable data.
Microsoft Announces End Date for Exchange Server 2013
Microsoft Exchange Server 2013 will no longer receive updates starting April 11, 2023. That gives companies using the system to upgrade to a newer one or lose support.
Measure the Success of Your Social Media Strategy
It doesn't matter how creative or well-thought-out your social media marketing strategy is. All the hard work you put into it will be for nothing if you don't measure its performance. It's the only way to know if your efforts resonate with your audience and if they're producing the results you want. If not, it's an opportunity for you to improve your plan until it succeeds.
Over 3 Million Patients Affected in California Hospital Ransomware Attack
A ransomware attack exposed the information of more than 3.3 million patients on Dec. 1, 2022. Multiple medical groups are affected under the Heritage Provider Network in California.
AWS Warns Against Malvertising Targeting Users
Cybersecurity company Sentinel Labs has discovered a new malvertising campaign targeting AWS users. Sentinel Labs warns that cybercriminals have established a campaign on Google Ads programs that take users to a fake landing page to steal their credentials and other details.
Why Network Security Is More Important Than Ever
Modern businesses rely on computers and the internet to perform their daily operations. An example is the use of emails, which is essential for client and internal communications.
Companies also collect data from their customers and use that to perform their services. An online shop needs to process personal information and credit card payments. Hospitals use computers to store patient records so doctors can reference them later. The point is that your organization has data and crucial files that could be valuable to someone else.
Microsoft Edge Renders Using Adobe Acrobat
Adobe and Microsoft announced on Feb. 8, 2023, a collaboration to transform the PDF reading experience by bringing Acrobat to Edge. They aim to provide stronger security and improved performance through the new partnership.
Reddit Cybersecurity Incident
Reddit, a popular social news site, disclosed that it was hacked on Sunday night (pacific time). The company announced on February 9th in a posting that they first became aware of the incident that happened on February 5th. It refers to it as “sophisticated phishing” targeting Reddit employees.
Search Engine Yandex Suffers Massive Leak
Russian search engine Yandex offers a slew of online services to replace Google, Netflix, Spotify, Amazon, and Uber. However, a recent Yandex data leak contains nearly 50 gigabytes of data with leaked files, including information ranging from API (application programming interface) keys to search engine behaviors. Information released by the leaker as “Yandex git sources” contains source code for most of Yandex’s online services.
Microsoft Teams Free (Classic) Is Retiring
Microsoft has decided to retire its MS Teams Free (classic) app.
Released in 2017, MS Teams is a communication platform where users chat and call each other over the internet. While the primary concept is nothing new, the innovation comes with bells and whistles included. It is geared towards being a collaboration platform.
The product is available in both paid and free versions. The company has recently announced it would be retiring the free version.
Schools in Arizona and Massachusetts Most Recent Victims of Cyberattacks
Schools in Tucson, AZ, and Nantucket, MA, became the most recent targets of cyberattacks within hours of each other during the last week of January. The two attacks appear to be unrelated.
The hackers behind the Tucson Unified District ransomware attack specifically mentioned low spending on crucial cyber services as a reason for infecting their systems. A note allegedly written by the attackers states, “If you are reading this it means that your system(s) were hit by Royal. Most likely what happened was that you decided to save some money on your security.”