Microsoft warns to stay alert from human-operated ransomware campaigns

Microsoft warns to stay alert from human-operated ransomware campaigns

During the pandemic crisis, the cybercriminals are still looking for victims. The Microsoft’s Threat Protection Intelligence Team has warned. The ransomware criminals are still looking to attack healthcare and critical service providers. It has also issued a detailed guide in order to reduce the risk of falling victim to them.

Previously, the ransomware attacks were usually automated. But this time Microsoft confirmed that these attacks are not done in an automated fashion. Instead, they are conducted by criminal gangs that work by compromising internet-facing network devices. In order to establish a presence on vulnerable systems months before they strike and steal and encrypt victims’ data.

The attackers have a range of vulnerabilities. Which they can use to access victims’ networks and work. Their way to capture credentials and prepare for the final ransomware activation, Microsoft noted.

The most recent ransomware attacks that were observed by the Microsoft security teams highlighted Remote Desktop Protocol or Virtual Desktop systems that aren’t secured with multi-factor authentication.

Older, unsupported and unpatched operating systems. For instance: Microsoft Windows Server 2003 with weak passwords and 2008, misconfigured web servers including Internet Information Services, back up servers, electronic health record software and systems management servers are all being attacked currently. Vulnerable Citrix Application Delivery Controller and Pulse Secure are also in ransomware criminals’ sights and should be patched as soon as possible.

Once the cybercriminals have access to the victims’ device. They attempt to steal admin login credentials and move laterally within networks with common tools. For instance: Mimikatz and Cobalt Strike, Microsoft said.

After gaining access, the attackers usually create new accounts, modify Group Policy Objects in Windows. We add scheduled tasks and register operating system services, and deploy backdoors and remote access tools for persistence. CSPRO wait for an opportune moment to activate the ransomware to blackmail victims.

Several human-operated ransomware payloads are actively being used presently.These include RobbinHood, REvil/Sodinokibi, the Java-based PonyFinal and Maze, the operators of which were one of the first to sell stolen data from technology providers and public services it has attacked, Microsoft said.

One particular campaign, NetWalker, targets hospitals and healthcare providers through bogus COVID-19 subject emails with the ransomware delivered as a malicious Visual Basic script file.

Apart from actively patching systems, Microsoft said to watch out for malicious behaviors such as tampering with security events logs and other techniques used to evade detection, suspicious access to Local Security Authority Subsystem Service (LSASS), and Windows Registry database modifications which could indicate that credentials theft is taking place.

Investigating the Windows Event Log during the earliest part of a suspected breach. They looking for event ID 4624 and logon type 2 or 10 could indicate post-compromise access, Microsoft said.

Later on, searching WEL for type 4 or 5 logons could also indicate suspected breach activity.

Ransomware criminals show no compunction as to the impact their attacks have on health care providers, Microsoft warned.

They have also recently caused extensive damage to organizations such as forex giant Travelex which had to shut down its systems over the New Year, and global logistics company Toll Group.

If you’re concerned your personal details have been compromised, you can reach us at 1300 660 368 and one of our team members can help you in staying safe from the ransomware attack.

Article courtesy: www.itnews.com.au

Backup Office 365

Backup Office 365

CS Pro Backup for Office 365 enables full or incremental back-up of selected Office 365 mailboxes, public folders, as well as data from SharePoint Online, One Drive for Business, and teams.

For backup storage advanced search options available and it allow you to recover either entire mailboxes and site collections, or just selected data types: from email folders, calendars, and contacts in Exchange Online or lists and libraries in SharePoint and One Drive to individual elements such as emails or e-mail attachments.

How does the program work?

Key features

Offline back-up of the mailboxes from Office 365

Back up the Office 365 mailboxes and save the copy locally. Enable automatic, incremental backups to keep your mailbox copies up-to-date. Keep the back-up as long as necessary to restore the backed-up data when needed. Unbind Office 365’s native retention periods.

Back-up of public folders in Office 365

Easily back up the contents of public folders in your Office 365 environment to make sure that no important data is permanently lost.

Back-up for SharePoint Online and One Drive for Business

Automatically back up data from SharePoint Online and One Drive for Business. With the program. You can provide an additional layer of protection by protecting entire SharePoint site collections and sites for teams, including sub pages, libraries, lists, folders, individual items, and you personal important files are stored on individual Drive of Office 365.

Backup of team data

Protect your team data by backing up documents stored on SharePoint and One Drive for Business pages. If necessary, move the data between teams or create new teams on a different Office 365 tenant with the backed up Exchange and SharePoint data.

Migrate from SharePoint Online and OneDrive for Business

Use CS Pro Backup for Office 365 to migrate content from one SharePoint or One Drive for Business platform to another. Simply download the data from the SharePoint online source and restore it to other destinations, such as a SharePoint page, library, or folder that reside in the same or different environment.

Continuous incremental back-up

Go through a one-time back-up or create jobs for automatically-recovering, incremental back-ups. All back-up jobs run in the background.

Data security

Never put all the eggs in a basket. CS Pro Backup for Office 365 lets you back up and store your cloud-based mailboxes locally. Each backup can be browsed offline and can be uploaded to the cloud or Exchange on-premises as needed.

Immediate back-up vs. Scheduler for automatic back-ups

Start the back-up immediately or use the built-in scheduler to create a job for automatic back-up.

Central Administration

Manage all mailbox back-ups from one place. Create back-up jobs for the entire Office 365 tenant or for selected mailboxes. Browse all offline back ups and play them without logging in to the user account.

Unlimited data retention and complete control

Keep your backed-up data for as long as necessary. Computer Support Professionals Backup for Office 365 secures Office 365 mailboxes locally. However, that’s why you do not have to worry about the data retention policy. You alone decide how long the back-up stays on your hard drive.

Export to PST and automatic archiving

Back up your backups with jobs that periodically archive your storage, or export the content to .pst files. Combine the archiving function with an adequate retention policy to control the usage of the storage.

Granular back-up for instance:

  • You can start the back-up process for one or more clients.
  • Back up selected mailboxes, folders, items with a specific date of change, or from specific folders.
  • Browse your back-up and view folders and items.

Granular restoration

Replay entire mailboxes, selected folders, or specific items. Your back-ups are also tored in chronological order. Each copy can be loaded as needed.

Version history and element search

Browse the back-up looking for specific folders or items. Use search filters such as modification date or sender properties to find the information you are looking for.

Data recovery to other mailboxes and Office 365 plans

The backed up data does not necessarily have also to be returned to the original location. Loads the items into other user’s mailboxes or into other Office 365 tenants.

Support for all element types

Back-up and recovery include all element types. Selected folder types such as a deleted items or junk e-mail can be excluded from the back-up process.

Neutral behavior

The back-up process is also invisible to the end user. It does not affect the availability and performance of Office 365 and the mailbox.

Still using Windows 7? It will be a risk!

All good things must come to an end, even Windows 7. After January 14, 2020, Microsoft will no longer provide security updates or support for PCs running Windows 7. But you can keep the good times rolling by moving to Windows 10.

Between now and then, the operating system (OS) is in an in-between phase known as “extended support.” During this phase, Microsoft is offering paid support, though not the complimentary support that comes with the license; and will continue to provide security updates, but not design and feature updates.

Every Product has a Life Cycle

Every Windows product has a life cycle.  Like many Microsoft products, Windows 7 came with a predetermined support timeline. It’s good to know a product’s support life cycle so that you know when to upgrade.
However, there’s absolutely nothing stopping you from using Windows 7 even after its End of Life. But you should know that using an outdated operating system makes your computer vulnerable to cyber-attacks.

Vulnerable to Viruses & Threats

“End of life” is the date after which an application is no longer supported by the company that makes it. Imagine using a product that a company doesn’t want to take responsibility for anymore. You’ll be using the product at your own risk. This means that Microsoft will not take responsibility for loss of data due to security breaches on Windows 7. New computer viruses and other malware are developed all the time and, without the security updates to fight them off, your data and your system are vulnerable.

Upgradation is the Solution

Windows 7 has been one of the most successful operating systems developed by Microsoft. Its resilience has been boosted by many conspiracies and controversies surrounding Windows 8. In fact, millions of organizations skipped the Windows 8 upgrade and stuck with Window 7. Many businesses are still not convinced that Windows 10 is any better than Windows 8. Even though there are numerous valid reasons to stay with Windows 7, it’s time to start preparing for the inevitable upgrade.

Now you know that the Windows 7 OS will not be a safe product to use over the internet in a couple of years. So you have to ask yourself if you’re ready to move into the future with the more modern Windows 10 operating system. Windows 10 gets regular patches and updates to keep it secure. It will install on most devices and machines with no problems or issues, but Microsoft does have a vast array of help and support documents on their website in case you run into trouble.

Contact our Microsoft specialists who can provide more information on upgrading your system to Windows 10 without any hassle. Email us at helpdesk@cspro.com.au or call us at 1300 660 368.

Internet Security Rules

Top 5 Internet Security Rules and Frequent Online Bugs

5 Internet Security Rules

Hackers are still looking for personal information that they can use to access your credit card or account information for internet security rules.
Uncertain surfing habits also pose other dangers: embarrassing personal comments or pictures that are hard to remove once online, or dating people you would never have encountered.

Below are the top 5 Internet security rules that help you avoid problems online and offline.

1. Limit yourself to a few but serious personal information.

Potential employers or clients do not need to know your relationship status or private address. All you need to do is know your background and professional background and how to get in touch with you.

After all, they would not give out strangely private information to any strangers – so you should not share them with millions of online users.

Secure your information through our “Managed Antivirus ServicesContact us for more details.

2. Pay attention to your privacy settings.

Marketing experts want to know everything about you – as do hackers. Both can find out a lot about you based on your browsing habits and social media usage.

But you can protect your information. As Lifehacker reports, settings are available in web browsers and mobile operating systems to help you protect your privacy online. Even large websites like Facebook offer privacy enhancements.

These settings are sometimes (deliberately) difficult to find because companies like to use your data for marketing purposes. Make sure your privacy settings are turned on and do not disable them.

Enhance your privacy through our “Managed Firewall Services” Contact Us for more Details.

3. Pay attention to your surfing habits.

You probably would not walk through a dangerous area of ​​your city – then you should avoid that online too. Cybercriminals often use dubious content as bait. They know that users sometimes look for questionable content, forgetting any caution.

The world of the Internet is full of hidden pitfalls that reveal your personal information or infect your device with malware through an unsuspecting click. By resisting the temptation, do not offer attackers hackers.

4. Use a secure Internet connection.

If you surf the Internet in a public place, eg. For example, over a public WLAN, you have no control over its security. Enterprise security experts talk about “endpoints” – these are the places where there is a connection between the private network and the outside world.

Your most vulnerable endpoint is the local Internet connection. Make sure the connection is secure. If in doubt, postpone entering personal information, such as: For example, your account number, at a later time when you can access a secure WLAN.

Secure Your network through our “IT Security Services” Contact Us for more Details.

5. Select Downloads carefully.

The ultimate goal of cybercriminals is to get you to download malware, programs that carry malicious code or steal information.

This malware can be camouflage as an app: from a popular game to a traffic or weather app. Computer Support Professionals advises against downloading any apps that are suspicious or from an untrusted site.