The U.S. government has issued a warning about a new ransomware attack that spread through Russia and Ukraine and into other countries around the world.
Phishing is a technique hackers use to convince individuals into giving up their usernames, passwords and other personal information. The concept is simple, send an email that looks official from a friend, colleague or service provider. That email contains a link to a login form that looks and behaves like websites we use everyday. The person receiving the email doesn’t think twice about entering their normal login. Now the hacker is now in possession of their stolen identity. The hack doesn’t stop there. Next the hackers will use the new stolen identify to convince others to login to their malicious website. The hack will continue to work up in an organization until they reach the credentials of top executives. These executives typically have access to internal documents, finical data, proprietary information and hold access to critical systems that support the organization.
Spearfishing is when an attacker focuses his efforts on one specific target. The hacker will collect personal details about a specific individual through their social media profiles, blogs and public databases. This will help them form a bait email that has a higher likelihood of success. Once someone has fallen victim, the hackers will install a backdoor into the users computer and begins exploring the network moving latterly from device to device. Once the attackers locate what they are looking for they will send a copy of the data to their servers. Many sophisticated attacks will attempt to remove traces and logs to prevent discovery of what has occurred.
802.11r is a standard for improving the roaming experience of wireless client devices as they physically move. This technology enables client devices to automatically associate and disassociate to various access points based off physical location. The vulnerability abuses design or implementation flaws in cryptographic protocols to reinstall an already-in-use key. This vulnerability affects numerous wireless products across the industry, and it is considered a critical security concern. We recommend all our customers patch their wireless infrastructures immediately or disable 802.11r until the patch can be applied. We also recommend customers install the Windows, MacOS and iOS updates related to these vulnerabilities.
For more information please check out Cisco's websites: