Education is a crucial element of society, so attacks on this sector are very attractive to hackers. And this is why they are now targeting universities.

Universities, of course, are huge organizations packed full of students and tutors. As a result, these groups generate massive amounts of data every day. This makes these establishments massive data centers. And it’s no surprise that hackers can’t resist testing their defenses. Their latest attack has targeted a specific cloud computing provider in the form of Blackbaud and has affected a number of universities worldwide.

You may not work in a university, but all malware attacks contain important lessons we can learn from. Let’s take a closer look and find out what happened in the Blackbaud attack.

Attacking the Cloud

Blackbaud, a global provider of administrative and financial software to educational institutions, was targeted and attacked in May. The attack in question used a ransomware strategy to disrupt operations and demand a ransom. The exact source of infection has not been disclosed, but it would appear that the hackers began encrypting data immediately. However, Blackbaud mounted a quick response and were able to expel the hackers before the data was fully encrypted.

Unfortunately, a significant amount of data had already been copied by the hackers. And this data was of a particularly sensitive nature. It does not appear that any credit card details were copied, but phone numbers and donation histories were confirmed to have been duplicated. Blackbaud, therefore, was forced to pay a ransom in order for the hackers to destroy their copy.

Avoiding Ransomware Attacks

The Blackbaud attack may not have been the most devastating of malware attacks, but any breach is cause for concern. And, given that this attack targeted several large universities, the number of individuals affected is huge. As with all malware attacks, though, it’s possible to negate these attacks before they take hold. All you have to do is follow these simple practices:

  • Say No to Unverified Links: One of the hallmarks of ransomware attacks is the usage of malicious links. These links may promise to send you somewhere safe – such as your online banking page – but the true destination will be somewhere less safe. These malicious destinations are likely to attack your PC or install malware. Make sure that all links are checked and verified before clicking. 
  • Don’t Give Out Personal Data: Hackers will often facilitate their ransomware attacks by employing a social engineering strategy. The information gained from such an approach can be used by hackers to tailor phishing emails to appeal to you e.g. understanding who your phone provider is allows hackers to design emails from that specific provider. As a rule of thumb, never give out personal details to unsolicited callers. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Even the biggest tech companies are at risk of having their networks breached. Twitter, with 330 million users, is huge, but far from immune from hackers.

A recent spear phishing attack on Twitter managed to generate headlines around the world and seriously disrupt the platform’s service. The attack, which was carried out by three young men aged between 17 – 22, was remarkable in its scope and its execution. It was an unexpected breach of Twitter’s defenses and one which defied their technological prowess. But there was more to this attack than just disruption. There was also a financial sting in the tail.

You may not run a social media company, but it’s likely that your organization has a presence in this sphere. Therefore, it’s important to understand what happened.

Twitter is Breached

On the 15th July, a number of high-profile and verified Twitter accounts were taken over by hackers. The hackers used this control to not only access the accounts’ private message systems, but also download their data. Most dramatically, however, the accounts were used to post links to a Bitcoin scam. This scam claimed that if users sent Bitcoins to a specific account they would double their money. But this was far from true. Instead, the hackers made off with more than $100,000 in Bitcoin.

How did this Attack Take Place?

The Twitter breach was a textbook case of spear phishing, a strategy which involves targeting individuals and encouraging them to reveal confidential data. Graham Clark, one of the accused hackers, conducted a social engineering campaign to pass himself off as a member of Twitter’s IT team. A genuine Twitter employee fell for this deceptive ploy and handed over a set of credentials for Twitter’s customer service portal. These credentials allowed Clark and his fellow hackers to gain instant access to accounts such as Joe Biden, Elon Musk and Apple.

Lessons to be Learned

Twitter, upon discovering this attack, took immediate action by suspending all verified accounts. However, the damage had already been done and Twitter was left extremely embarrassed. Social engineering is, of course, a powerful hacking technique. And, if it’s pursued and executed numerous times, it will eventually pay off. But this doesn’t mean you are defenseless. You can easily protect your systems by reinforcing the following points:

  • Use Multi-Factor Authentication: Requesting a set of credentials to gain access to a system is a powerful defense. But requesting multiple sets of credentials is even better. And that’s why multi-factor authentication is so important. Rather than relying on just a username/password combination, it can also request a unique pin number generated to a registered phone number.
  • Understand the Spear Phishing Signs: It’s important to educate your staff on the signs of spear phishing.  Suspicious phone calls and emails requesting confidential information, for example, should immediately be challenged. It only takes a minute or two to contact a user on their direct phone or email to verify the request, so don’t fall victim to rushed demands.
  • Always Patch Your Systems: Operating systems are regularly issuing updates to address new and emerging phishing techniques. Therefore, a network which has all its software fully updated should be secure. However, many firms are guilty of leaving patches to the last minute due to time concerns. And it’s this complacency which allows hackers to get a foothold in your systems.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


 

Hackers thrive upon deception and the result of this endeavor is social engineering. It’s a powerful tactic and one you need to protect yourself from.

Social engineering has been used to deploy attacks such as the Coronavirus malware and the recent attack on high profile Twitter accounts. The method is intriguing due to its sophistication and its human element. Rather than relying on complex coding techniques to outwit computer systems, social engineering takes advantage of human naivety. More importantly, however, is the sheer destruction that it can cause.

The world is a perilous place at the best times, but now more than ever we need to make sure we protect ourselves and our businesses. One of the best ways to get started is by reinforcing the barricades against social engineering.

What is Social Engineering?

Manipulation is, in a word, exactly what social engineering is. But you’re going to need a little more information than that, so let’s take a closer look.
Social engineering is a process in which one party seeks to deceive individuals into revealing sensitive information. When it comes to the world of IT this sensitive data tends to relate to login credentials, but can also involve transferring sensitive documents such as employee records. These attacks are commonly executed through the use of phishing emails, but this is not the only technique. It’s possible for hackers to carry out social engineering attacks over the telephone and even face to face.

The Best Ways to Protect Yourself

Protecting yourself against social engineering takes a concerted effort. You can’t rely on software alone to protect you. Luckily, you can strengthen your personal defenses by practicing the following:

Take Your Time: Social engineering relies on a lack of caution on the victim’s part. Therefore, it’s crucial that you always take your time when it comes to any form of communication. A social engineer will do their best to force you into making a quick decision e.g. clicking a link or disclosing your password. To counter this, evaluate all requests and press for answers if you feel even slightly suspicious.

Use Email Filters: There have been great advances made in email filters over the course of the last 20 years. Where these junk filters once had relatively little use they are now highly intelligent. Enabling your email filters will enhance your security and prevent the majority of phishing emails making their way into your inbox. This reduces your risk and stops you from engaging with a social engineer.

Too Good to Be True: As with all areas of life, if something sounds too good to be true then it makes sense to be suspicious. After all, it’s unlikely that a representative for an African prince wants to deposit millions of dollars into your bank account. And, if they did, why would they require your social security number? And your workplace login credentials? As a rule of thumb, if it sounds like a scam then it probably is and should be deleted.

Is the Source Genuine: If an email says that it’s from your bank then this doesn’t mean it’s from your bank. Likewise, a phone call from your HR team isn’t necessarily genuine. Hackers specialize in trickery and deception, so they won’t shy away from such blatant and direct approaches. Always check every request for details such genuine URL details (by hovering over a link) and only transmitting sensitive data to internal email addresses.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Google’s Chrome is the most widely used browser on the internet, but this dominance also makes it a major target for hackers.

The popularity of Chrome means that it’s a vital asset for PC users and this applies to both domestic and business settings. One of the major advantages of Chrome is that it’s supported by a vast database of add-ons. These add-ons, which are coded by official developers or third-party coders, can be installed within seconds and provide an enhanced browsing experience. But the ease with which these add-ons can be released makes them a security risk.

This risk has been brought into sharp focus by a security lapse which has led to 32 million downloads of malicious spyware. And this startling figure is why we’re going to take a closer look at the situation.

What is a Chrome Add-on?

You may be wondering what a Chrome add-on is and it’s a good question which we will quickly cover. Add-ons, also known as extensions, allow users to modify Chrome in a way which adds extra features and accessibility e.g.  Save to Google Drive. The add-ons are built using web technologies such as JavaScript and are embedded into the user’s browser where they can be turned on and off.

How Has Spyware Infiltrated Chrome Add-ons?

Security researchers have discovered that a number of Chrome add-ons have not been delivering the benefits they promise. These particular extensions, available for free, advertise themselves as providing services which include converting files to different formats and warning about malicious websites. However, these add-ons contain a nasty surprise in the form of spyware. And this spyware has been used to record browsing data and login credentials. Around 70 suspicious add-ons, all uploaded with fake contact details, have been identified and since removed by Google.

How Can You Protect Yourself Against Malicious Add-ons?

The busy digital age we live in means it’s easy to lose focus with what’s happening on our screens. But vigilance is crucial when it comes to threats such as malicious add-ons. Therefore, it’s important that you practice the following when working with extensions:

  • Check Permissions: Whenever you install an add-on it will detail the permissions that it requires to run. These could range from asking for permission to access your hard drive through to analyzing your browsing data. An add-on which asks for a large number of permissions should immediately ring alarm bells. Most important, however, is the nature of these permissions. Anything which feels too invasive should be declined and an alternative sought. 
  • Audit Your Add-ons: It’s always a good idea to monitor the add-ons you have installed in your browser. Any that you deem as no longer necessary should be removed; auditing your add-ons should be carried out every month. This will ensure that your browser does not become bloated with add-ons and minimizes the risk of rogue extensions being present. 
  • Ask a Professional: If in doubt, always reach out to an IT professional before installing an add-on. Their experience of identifying malicious software will allow them to quickly determine whether it is safe or not. And, don’t forget, only ever consider an add-on which provides an invaluable benefit. Otherwise it is recommended to continue without it.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Hackers are keeping busier than ever and evolving their strategies almost daily; their latest method for attack is to target the humble resume.

Ask any HR professional to tell you how many resumes they receive in a week and they will be able to show you a mountain of them. Even in a business landscape which has changed dramatically over the last 20 years, a resume remains a crucial calling card for employment. And this is why hackers are keen to exploit them. It’s not just that a resume can easily be loaded with malware, it’s more that organizations are so familiar with them they are unlikely to suspect them.

Hackers, of course, thrive on complacency, so it’s time to take a look at what could be lurking inside that next resume.

Malware Laced Resumes

Resume themed scams are on the rise in the US and this latest installment centers around the use of the ZLoader malware. As with many strains of malware, ZLoader is designed to steal credentials. These credentials can include stored passwords and browsing histories, but also banking credentials. And what’s most concerning is that many of these infected resumes are being sent to financial institutions.

But what exactly do these compromised resumes look like? And how are they activated? Well, this is what happens:

  1. Recipient receives an email with a title along the lines of “Job Application” or “Advertised Job”.
  1. Upon opening the email, the recipient is encouraged to open an attached Excel document which claims to be a resume.
  1. If the Excel document is opened, the recipient is then prompted to activate a macro to enable the content.
  1. Unfortunately, activating the macro will only enable a download of the ZLoader malware to the recipient’s PC.
  1. One of ZLoader’s main attack strategies is to infect systems with a malicious app called Zeus which can record keystrokes and steal banking information.

How to Tackle Suspicious Resumes

ZLoader is a form of malware which has been around for several years now. And, thankfully, this means that many anti-malware tools are effective at identifying it and eliminating it. However, if ZLoader is only active for a few minutes it can steal valuable and damaging information. Therefore, it’s always advisable to practice the following:

  • Be Wary of Attachments: Even the most trusted source can be compromised and at the mercy of digital attacks. Say, for example, you receive a resume from a friend – does this mean you should open it without a second thought? The answer is no and this is because your friend’s email address could easily have been hacked. All email attachments should, as a result, be scanned with anti-virus software or checked by an IT professional. 
  • Never Enable Macros: A macro can be very useful for automating certain processes and features in an Office document. But this also makes them perfect for launching malware attacks. If you are ever prompted to enable a macro within an Office document you should verify that it is safe to run. And, again, this should be verified by an IT professional who will have more experience with malicious macros.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More