Tools To Recover From Ransomware
by Artie Kaye
Ransomware is a threat to companies and individuals alike. 6 years ago an endeavor was started by law enforcement and security firms. The result was No More Ransom. This organization collects data on ransomware attacks, encryption methods, and has released software to help recover any data that has been encrypted. Their software requires an upload of the ransom note and some of the encrypted files to check against existing encryptions. So far the tools have seen over 10 million downloads.
If you find yourself or your business hit by a ransomware attack, please check out their website below. It is not a guarantee they can help, but they are constantly adding to their library of algorithms. Data shows that businesses that pay are more likely to be targeted again.
https://www.nomoreransom.org/en/index.html
https://www.youtube.com/watch?v=9Exv_qUeNXk
https://www.digitaltrends.com/computing/this-anti-hacker-group-helps-you-escape-ransomware-for-free/
https://www.infosecurity-magazine.com/news/no-more-ransom-has-helped-over-15m/
Slack Password Leak
By Artie Kaye
Slack is a business focused messaging program. The company released a statement regarding a password hash leak. The flaw has existed since 2017 and was fixed in mid-July 2022. When sending or revoking an invite to a group through the application the user’s password hash would be sent as well. Slack uses hash and salt for their security to protect passwords. Hashing a password encrypts it, protecting it from being read without decrypting it first. A salted password adds user unique variables to the password to make it harder to brute force.
The company contacted 0.5% of their users to inform them of a password reset. Regardless of if you received an email to change your password with Slack, change it anyway just to be safe. The company recommends using a password manager and 2 factor authentication to help keep things more secure.
https://slack.com/intl/en-gb/blog/news/notice-about-slack-password-resets
https://tech.co/news/slack-may-have-been-sending-other-people-your-password-for-five-years
https://www.securityweek.com/slack-forces-password-resets-after-discovering-software-flaw
Snapchat and American Express Redirect Scam
by Artie Kaye
This phishing scam involves an official looking email being sent that has a link that starts with either American Express or Snapchat’s domain. Due to the way the websites are coded, any third party can use their domain to redirect elsewhere. The link looks official and sends you to an official page which redirects you to one that is designed to cause you harm. American Express was informed of this flaw and made haste to fix it, redirects through their website now return an error page. Snapchat was informed in July in 2021 and still has not addressed the problem.
Always be careful with links, even official looking ones. There’s a good chance the link is harmful if there are multiple instances of HTTP, or if it has any of the following qualifiers: redirect=, external-link, url=, or proxy. If you click the link, scan the url it takes you to. When in doubt, always manually navigate to the website that’s wanting you to submit credentials.
https://www.hackread.com/unprotected-snapchat-amex-sites-credential-harvesting/
Sony Pulls Films From Viewing
by Artie Kaye
In Germany and Austria, Sony is removing films it no longer has the rights to offer from its service. People who believed they had purchased a movie to watch on their Playstation are finding out they bought a limited license to stream it through Sony’s platform. This highlights a flaw in the way online content is managed. We have seen it happen in the past with Amazon deleting copies of 1984 and Animal Farm among other ebooks off of kindles without user consent. When you spend money on something, be it movies or software, and you don’t have a physical copy, you do not own it. You are merely renting until the company providing it takes it away.
https://hothardware.com/news/playstation-store-pull-john-wick-hundreds-purchased-movies