INOC Data Centers

02/28/2024

In the vast digital landscape, Android reigns supreme as the world’s most popular operating system. But lurking in the shadows are cunning cyber threats that can wreak havoc on unsuspecting users. Enter the notorious Android banking trojans, a breed of malware that can silently steal your hard-earned cash.

According to Malwarebytes’ recent 2024 ThreatDown State of Malware report, a staggering 88,500 of these trojans were detected last year alone. These virtual pickpockets disguise themselves as innocent mobile apps—QR code readers, fitness trackers, or productivity tools—only wreaking havoc once installed on your device.

The catch? They’re masters of deception, slipping past and asking for seemingly harmless permissions. But behind the facade lies a dangerous game: stealing your online credentials, including banking logins, and draining your accounts.

One such villain, the SharkBot banking trojan, masqueraded as a file recovery tool, gaining access to your personal files, maps, and even Google Play payments.

So, next time you download an app, be wary—it might just be a Trojan horse in disguise!
https://www.malwarebytes.com/blog/news/2024/02/android-banking-trojans-how-they-steal-passwords-and-drain-bank-accounts

Android banking trojans are a serious cyberthreat to everyday users that, through clever trickery, steal passwords and drain bank accounts.

02/27/2024

Today and every day, choose kindness.

Kindness is a beacon that illuminates the human spirit and holds a profound place in our lives. As novelist Henry James eloquently put it...

“Three things in human life are important: the first is to be kind, the second is to be kind, and the third is to be kind.”

02/26/2024

The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers.
To that end, the notorious group has moved its data leak portal to a new .onion address on the TOR network, listing 12 new victims as of writing.
https://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html

LockBit ransomware group resurfaces after law enforcement takedown, claims FBI 'hacked' their infrastructure and leaked information.

02/20/2024

ConnectWise has just released software updates to address two security flaws in its ScreenConnect remote desktop and access software. These vulnerabilities are crucial, so if you’re using ScreenConnect, act promptly!

Authentication Bypass: A sneaky bug that allows unauthorized access using an alternate path or channel (CVSS score: 10.0).

Path Traversal: A flaw that improperly limits a pathname to a restricted directory (CVSS score: 8.4).

The company rates the severity of these issues as critical, emphasizing that they “could allow the ability to execute remote code or directly impact confidential data or critical systems.”

Affected Versions: ScreenConnect versions 23.9.7 and prior. Fixes Available: Update to version 23.9.8 ASAP!

While there’s no evidence of exploitation in the wild, self-hosted or on-premise users should upgrade immediately. ConnectWise will also provide updated versions for releases 22.4 through 23.9.7 for the critical issue.

Stay secure, folks!

ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software.

02/05/2024

Capital District Small Businesses!!

SAVE THE DATE: NFIB New York’s 2024 Small Business Day at the Capitol.

Join business owners and advocates for Small Business Day at the Capitol on Tuesday, May 19th.

2024 is an important year for New York’s small business owners. Lawmakers need to hear from you on how to best jumpstart our economic recovery.
Advocate for policies that will help your business grow and tell lawmakers how proposed laws will impact the future of your business.

-Meet with lawmakers to voice your concerns
-Learn about the business community’s legislative priorities
-Network with other business owners
-Make your voice heard in Albany!

https://www.nfib.com/content/news/new-york/save-the-date-nfib-new-yorks-2024-small-business-day-at-the-capitol/

SAVE THE DATE: NFIB New York's 2024 Small Business Day at the Capitol Join business owners and advocates for Small Business Day at the Capitol on Tuesday, May 19th. 2024 is an important year for New York’s small business owners.…

01/31/2024

Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc).
https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html

A recently disclosed flaw in the GNU C library can give hackers full root access to Linux machines.

01/24/2024

"According to Microsoft, the group managed to access the account in November after subjecting it to a password spray attack, a type of brute force attack where the attacker tries a large amount of logins until they succeed. The group used this foothold to access some of Microsoft’s corporate email accounts and steal some emails and attached documents."
https://www.malwarebytes.com/blog/news/2024/01/microsoft-got-hacked-by-state-sponsored-group-it-was-investigating

Microsoft has acknowledged a successful cyberattack by Russians state sponsored group Midnight Blizzard aka Cozy Bear.

01/17/2024

Look at this guy, Punchmade Dev, who has been suspected of selling stolen payment cards and identity data online. He's known for flaunting his expensive jewelry and rapping about cybercrime, but there wasn't much evidence to support the claims, until recently.

Lately, Punchmade Dev started promoting an online shop selling stolen payment cards and identity data. Which is now leading people to believe that he's actually involved in cybercrime now.

Important? Of course, because it sheds light on the potential connection between cybercrime and the online personas of some people. It also raises concerns about the ease with which stolen data can be bought and sold online.

Overall, it's a pretty interesting article that makes you think about the dark side of the internet.
https://krebsonsecurity.com/2024/01/e-crime-rapper-punchmade-dev-debuts-card-shop/

January 17, 2024 1 Comment The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade has le...

01/10/2024

Petco wants to change the pet store game. Look at this layout!
https://info.retailspacesevent.com/blog/how-petco-is-upending-your-idea-of-the-pet-store

Explore Petco's innovative NYC flagship store in this insightful talk by designers Rick and Angela Neira, revealing a unique blend of pet wellness and retail strategy that sets new standards in customer engagement and experience.

01/09/2024

Let's just be honest. In today's day and age, there isn't a medium where you can't be targeted. Be vigilant out there.
https://thehackernews.com/2024/01/beware-youtube-videos-promoting-cracked.html

Beware of YouTube videos offering cracked software! They might be a gateway to the Lumma malware, stealing your sensitive information

01/03/2024

An Akamai researcher has found two vulnerabilities in Windows that can be combined to achieve a full, zero-click remote code ex*****on (RCE) in Outlook.
https://www.malwarebytes.com/blog/news/2023/12/how-outlook-notification-sounds-can-lead-to-zero-click-exploits

*****on

A researcher found two Microsoft vulnerabilities which could be combined to achieve zero-click remote code ex*****on.

12/29/2023

Start 2024 off right, knowing your data is in the right place. Schedule a tour and see why INOC is New York States premiere data center solutions provider.

www.inoc.net