silver sparrow

About Silver Sparrow

Security researchers have spotted a new malware operation targeting Mac devices that has silently infected almost 30,000 systems. Named Silver Sparrow, the malware was discovered by security researchers from Red Canary and analyzed together with researchers from Malwarebytes and VMWare Carbon Black.

“According to data provided by Malwarebytes, Silver Sparrow had infected 29,139 macOS endpoints across 153 countries as of February 17, including high volumes of detection in the United States, the United Kingdom, Canada, France, and Germany,” Red Canary’s Tony Lambert wrote in a report published last week.

But despite the high number of infections, details about how the malware was distributed and infected users are still scarce, and it’s unclear if Silver Sparrow was hidden inside malicious ads, pirated apps, or fake Flash updaters —the classic distribution vector for most Mac malware strains these days.

Furthermore, the purpose of this malware is also unclear, and researchers don’t know what its final goal is. Once Silver Sparrow infects a system, the malware just waits for new commands from its operators — commands that never arrived during the time researchers analyzed it, hoping to learn more of its inner workings prior to releasing their report. But this shouldn’t be interpreted as a failed malware strain, Red Canary warns. It may be possible that the malware is capable of detecting researchers analyzing its behavior and is simply avoiding delivering its second-stage payloads to these systems.

The large number of infected systems clearly suggests this is a very serious threat and not just some threat actor’s one-off tests.

What You Can Do

Avoid downloading software packages or updates from websites you are unfamiliar with.

• Were you prompted by a website to download a software package and/or update?
• Was it something you weren’t intending to download or install until the website suggested you should?
• Was the package file named something simple and dull, like “update.pkg” or “updater.pkg?”

If you said yes to any of these, please contact us and we’ll take a look at it.

Contact Us
314.333.3330
acumen@acumen-corp.com

Things to consider before switching to the Cloud

More and more businesses are switching to the Cloud to store their data and rightly so. The Cloud offers numerous benefits over the traditional, physical on site server. For example,

  • Anytime, anywhere access to your data: Information in the Cloud can be accessed from anywhere using an internet connection, unlike in the case of traditional servers, where you need a physical connection to the servers
  • Significant cost savings: You cut hardware costs, because the Cloud follows a ‘pay-as-you-use’ approach to data storage
  • SaaS compatibility and support: The Cloud allows the use of Software-as-a-Service since the software can be hosted in the Cloud
  • Scalability: The Cloud lets you scale up and down as your business needs change
  • 24/7 monitoring, support, and greater access reliability: When your data is in the Cloud, the Cloud service provider is responsible for keeping it safe and ensuring it is securely accessible at all times. They monitor the Cloud’s performance and in the event of any performance issues, they provide immediate tech support to resolve the problem

Your big Cloud move: What to consider

If you are considering moving to the Cloud, you will find it helpful to sign-up with an MSP who is well-versed with the Cloud. They can advise you on the benefits and risks of the Cloud and also offer the Cloud solution that’s right for you. In any case, before you migrate to the Cloud, make sure you are dealing with a reputed Cloud service provider who has strong data security measures in place. You can even explicitly ask them what security mechanisms they have invested in to manage data access and security.

Yes, moving to the Cloud has it benefits, but it also has its challenges including security risks. Learn more in our next blog, “Is the Cloud really risk-free?”

Online shopping? Watch out for these red flags

Who doesn’t like online shopping? Online shopping has opened up a whole new world to us. Get whatever you want, whenever you want, without wandering from store to store. It doesn’t matter if it is too hot to venture outside or if there’s a blizzard out there, you do your shopping from the comfort of your couch and the stuff at your doorstep. You get great deals, some are better than in-store specials. But, did you know cybercriminals love the concept of online shopping as much as you do. Cybercriminals are exploiting the growing popularity of online shopping to cheat unsuspecting buyers through techniques such as phishing, malware injection, etc. Here are a few tips that may work to keep you safe from being a target of cybercriminals as you shop online.

How to determine if the ad or shopping site is genuine?
As you browse the web, you will come across various ads targeted at your interests. Businesses engage in ‘Retargeting’ which means they use cookies to target you with very specific ads until you buy something. For example, look at a wallet and, you will see ads for wallets on various other sites you browse even if they are not shopping sites. Are those ads genuine? Before clicking on any ad you see online and making a purchase, be sure to verify if the ad is genuine. The same goes for shopping sites. Before you shop, you need to ensure the site is genuine, especially since you will be sharing your credit card details or Personally Identifiable Information (PII) such as your address. Here are a few things to check before you make that online purchase.

English: Keep an eye out for grammatical errors or spelling mistakes in the ad. Fake ads and sites may look a lot like the actual ones, but spelling mistakes or grammar errors may tell the true story. Scammers don’t have content writers to write great sales content!

Check the URL: When at a shopping site, always check the URL in the address bar to ensure it is genuine. For example, if you see www.1amazon.com or www.amazon-usa.com, you should know it is not the same as www.amazon.com. Checking the URL also lets you detect website cloning and phishing. Website cloning is one of the most popular methods used by scammers to fleece consumers. As the term suggests, the cybercriminal first creates a ‘clone’ site that looks exactly like the original one, barring a very minor change in the URL.

Don’t Get Phished!
Phishing is when you receive a message, usually through an email or a text message asking you to take an action, such as clicking on a link, filling out a form, logging into an account, etc., Such messages look as though they are genuine. But, the form fill, account login, or link will take you to a spurious site where your information will be captured for bad use. Checking the URL will help you detect phishing frauds as well.

Check before you download anything: Sometimes you may receive a link and asked to download a coupon or a gift card that entitles you to a sizable discount. It may be a fraud. In fact, it probably is.

Download only from legitimate marketplaces: With so many shopping options it is tempting to download every new app that you come across. But, only download from authorized marketplaces like Google Play Store for Android or the App Store for iOs.

At the end of the day, remember, there is no free lunch. If something seems too good to be true, it probably is.

Protecting yourself against poison attacks

Data poisoning by way of logic corruption, data manipulation and data injection happen when the attacker finds a way to access your data set. The kind of poison attack varies depending on the level of access the attacker is able to achieve. Here’s what you can do to ensure such access is prevented:

  1. The data poisoning attacks discussed above adversely affect your IT system’s machine learning capabilities. So, the first logical step would be to invest in a good machine learning malware detection tool. These tools are different from the typical anti-malware tools you get in the market and are specifically designed to prevent machine learning capability poisoning.
  2. Always follow general IT security best practices such as:
        • Training your employees to identify spam, phishing attempts, and possible malware attacks
        • Following good password hygiene, which means never sharing passwords and only using passwords that meet the required security standards
        • Having a powerful IT audit process, tracking and version control tools, so as to thwart any possible insider attacks
        • Ensuring the physical security of your IT systems by way of biometric access, CCTV systems, etc.

Google has released version 88.0.4324.150 of the Chrome browser for Windows, Mac, and Linux. This release contains only one bugfix for a zero-day vulnerability that was exploited in the wild.

What You Can Do

Users are advised to use Chrome’s built-in update feature to upgrade their browser to the latest version as soon as possible.

Determine if an update is pending
1. On your computer, open Chrome.
2. At the top right, look at More (3 dots).
3. If an update is pending, the icon will be colored:
Green: An update was released less than 2 days ago.
Orange: An update was released about 4 days ago.
Red: An update was released at least a week ago.

 

Updating Instructions
Some notes before you update:
– All browsers will be closed and you will need to relaunch Chrome from the Windows menu.
– Once you relaunch, your browsers will reopen the apps automatically where
you left off.
– You don’t need to close browsers or even log out of web applications. However, you may need to log back into some applications once you relaunch.

To update Google Chrome:
1. On your computer, open Chrome.
2. At the top right, click More (3 dots).
3. Click Update Google Chrome.
Important: If you can’t find this button, you’re on the latest version.
4. Click Relaunch.

 

Have Questions? Need Assistance?
If you have questions or need assistance, please call the friendly experts at Acumen at 314-333-3330.

 

 

*https://www.zdnet.com/article/google-patches-an-actively-exploited-chrome-zero-day/

This Cybersecurity Awareness Month, we explore the cybersecurity challenges brought on by the COVID-19 pandemic as businesses are increasingly adopting the work-from-home (WFH) model.

 

Fortify your company’s online accounts by enabling the strongest authentication tools available.  Usernames and passphrases are not enough to protect key accounts.

About 90% of all security breaches are caused by human error.** The vast majority of those are preventable with proper training, procedures, and vigilance. We can help you minimize your risk while saving time, money, and frustration with a centralized solution.

We would love to discuss your security needs with you and offer customized solutions. Call or email us today to get started.

 

 

 

 

*https://staysafeonline.org/cybersecurity-awareness-month/theme/
**https://chiefexecutive.net/almost-90-cyber-attacks-caused-human-error-behavior/

This Cybersecurity Awareness Month, we explore the cybersecurity challenges brought on by the COVID-19 pandemic as businesses are increasingly adopting the work-from-home (WFH) model.

 

2020 saw a major disruption in the way many work, learn, and socialize online. Our homes and businesses are more connected than ever.

With more people now working from home, internet-connected environments are colliding on a scale we’ve never seen before, introducing a whole new set of potential vulnerabilities to defend.*

According to research, about 90% of all security breaches are caused by human error.** The vast majority of those are preventable with proper training, procedures, and vigilance. We can help you minimize your risk.

We would love to discuss your security needs with you and offer customized solutions. Call or email us today to get started.

 

 

*https://staysafeonline.org/cybersecurity-awareness-month/
**https://chiefexecutive.net/almost-90-cyber-attacks-caused-human-error-behavior/

This Cybersecurity Awareness Month, we explore the cybersecurity challenges brought on by the COVID-19 pandemic as businesses are increasingly adopting the work-from-home (WFH) model.

“If you connect it, protect it.”

If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences or training employees – our interconnected world will be safer and more resilient for everyone.*

 

The line between our online and offline lives is now indistinguishable. This network of connections creates both opportunities and challenges for individuals and organizations across the globe.

Internet-connected devices have impacted our lives and we want to empower all users to own their role in security by taking steps to reduce their risks.*

According to research, about 90% of all security breaches are caused by human error.* The vast majority of those are preventable with proper training, procedures, and vigilance. We can help you minimize your risk.

We would love to discuss your security needs with you and offer customized solutions. Call or email us today to get started.

 

*https://staysafeonline.org/cybersecurity-awareness-month/
**https://chiefexecutive.net/almost-90-cyber-attacks-caused-human-error-behavior/

If your ultimate goal is to build a culture of cybersecurity that includes employees who know how to protect themselves and the company and who understand cyber risks as your business functions, here are some important tips:

  • Keep a clean machine: Your company should have clear rules for what employees can install and keep on their work computers.
  • Keep security software current: Having the latest security software, web browser and operating system is the best defense against viruses, malware and other online threats.
  • Automate Software Updates: Many software programs will automatically connect and update to defend against known risks. Turn on automatic updates if that’s an available option.
  • Use strong authentication to protect access to accounts and ensure only those with permission can access them. This also includes enforcing strong passphrases.
  • Back up data: Put in place a system – either in the cloud or via separate hard drive storage – that makes electronic copies of the key information on a regular basis.
  • Limit access to data or systems only to the employees who require it to perform the core duties of their jobs.
  • When in doubt, throw it out: Employees should know not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if they know the source. Employees should also be instructed about your company’s spam filters and how to use them to prevent unwanted, harmful email.
  • Stay watchful and speak up: Encourage employees to keep an eye out and say something if they notice anything strange on their computer.*

At Acumen Consulting, we have systems working around the clock to ensure our client businesses are secure, preventing unauthorized access and misuse and keeping data safe and accessible only to authorized personnel, whether they work from home or office.

According to research, about 90% of all security breaches are caused by human error.** The vast majority of those are preventable with proper training, procedures, and vigilance. We can help you minimize your risk.

We would love to discuss your security needs with you and offer customized solutions. Call or email us today to get started.

*https://staysafeonline.org/cybersecurity-awareness-month/theme/
**https://chiefexecutive.net/almost-90-cyber-attacks-caused-human-error-behavior/

This Cybersecurity Awareness Month, October 2020, we explore the cybersecurity challenges brought on by the COVID-19 pandemic as businesses are increasingly adopting the work-from-home (WFH) model.

In this historic year, they’ve chosen the Cybersecurity Awareness Month theme as “Do Your Part. #BeCyberSmart.” The theme empowers individuals and organizations to own their role in protecting their part of cyberspace, with a particular emphasis on the key message for 2020: “If you connect it, protect it.”  If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences or training employees – our interconnected world will be safer and more resilient for everyone.*

At Acumen Consulting, we have systems working around the clock to ensure our client businesses are secure, preventing unauthorized access and misuse and keeping data safe and accessible only to authorized personnel, whether they work from home or office.

According to research, about 90% of all security breaches are caused by human error.** The vast majority of those are preventable with proper training, procedures, and vigilance. We can help you minimize your risk.

We would love to discuss your security needs with you and offer customized solutions. Call or email us today to get started.

 

 

*https://staysafeonline.org/cybersecurity-awareness-month/theme/
**https://chiefexecutive.net/almost-90-cyber-attacks-caused-human-error-behavior/