Extortion scheme via advertisement on Bing

Be careful on the advertisement you click on.

Katie Matusik is a  Gymnast (took 3rd place in 2012 NCAA National Gymnastics)

If you search for Kaite Matusik on Bing you will see the following:

katiematusik-fakebingsite

If someone clicks on it:

then the following site comes up:

bingextortionscheme

 

It is an extortion Scheme and is difficult to get out of(click “leave Page”), but if you reboot it is ok (it seems), but I would make sure your anti-virus software is up to date.

Contact Us

I saw this interesting extortion scheme on isc.sans.net

targeted malware campaign -> to exploits in Dropbox

Malware campaign is using some old and new methods.

One email claims to be from Maersk shipping line and the attachment (word doc) opens a backdoor connection to two hacker command and control servers

The dropbox domain is also referenced, the links attempt to contact londonpaerl (. )co (. )uk and selombiznet(.)net (I added the parantheses so it is harder to copy and paste these malware sites.

 

It is always good to keep up on the latest attacks and update anti-malware software.

This information is from a threatpost.com blog post

POS – Point of Sale systems were breached credit card info stolen

Information Systems & Supplies(ISS) has a letter to all of its customers

They discovered a breach through their remote access software, where customer data could have been  stolen.

this is a travesty – so how do you know if a company you frequent has ISS  there may have been a breach Here is  a list of potential breaches:

dairy Queen, TacoTime, Laurelwood, Buffalo Wild Wings, Flat Tail Brewing, BarrelRoom, Atrium Lounge, and others….

 

Ask your restaurant if they use ISS as their software to handle transactions.

Or ask us and we will ask them.

Here is the FuturePOS software that was potentially breached

futurepos

Paypal two factor authentication bypassed by testers

Duosecurity has bypassed the Two-factor authentication

This is effect makes the 2FA (Two Factor Authentication) useless.

this means that a password still has to be guessed(broken into) by the hackers for the account to be compromised.

Essentially if you set up your PayPal account for “extra” security, unfortunately that did not pan out.  2FA is not what it seems, it is actually not working as advertised.

 

Our recommendation is to stop using 2FA with PayPal for the time being.

Here is an explanation of 2FA by Google

passwords revealed when hacker looks at port 49152- 31,964 systems vulnerable

Cari.net has the details

They even did a scan to the Internet

Total Hosts responding to web requests on port 49152: 9,867,259

Vulnerable Systems: 31,964

 

So not all systems responding on port 49152 are Supermicro products.

they also have to return something to a “get /{SBlock”

 

Once you know you have a problem, how do you fix it? – you have to flash the system.

There is a temporary fix, but whenever the system reboots (power recycles) the same problem occurs.

do you have a supermicro vulnerable system?

Contact us and we can help you determine that.