Webroot

Designed with MSPs, resellers, and distributors in mind, the Webroot® Channel Edge® Program offers
competitive margins, recurring revenue, lower operational costs, improved productivity, and innovative
enablement tools. Through its web-based management console and integration with RMM and PSA
platforms, Webroot provides easy-to-deploy next-generation security for endpoint, mobile, and web.
Partnering with businesses of all sizes, Webroot secures your clients against sophisticated threats—no
matter how or where users connect. For more information, visit www.webroot.com/MSPpartners

Share tech news, updates, or what's on your mind.

Sign up to Post

Cyber News Rundown: Edition 7/21/17


Cyber-News-Rundown-WordPress-800x600.jpg
Malware Lurking in Game of Thrones Torrents

Viewers hoping to catch an illegal copy of the season 7 premier of Game of Thrones, released last Sunday evening, stumbled across something much more dangerous than White Walkers. The most pirated TV show in the last 5 years, Game of Thrones torrents often come with an extra side of malware, and have even released a Cerber ransomware variant onto unsuspecting viewers. While some lucky pirates have escaped with clean torrents, others haven’t been so fortunate. Use caution in all your internet activities, whatever they may be.

Twitter Porn Bot Shutdown

In the last few weeks, researchers have been attempting to bring down a Twitter botnet that took over 86,000 bot accounts to send out a relentless stream of porn ads to Twitter users across the globe. The botnet itself began by creating systematically generated Twitter accounts to send out a malicious URL payload to victims, which would then redirect them to a variety of porn sites controlled by the same network.

Adoption Data Leaked in Newcastle

Recently, officials of the Newcastle City Council have been attempting to resolve a data breach in which a spreadsheet of over 2,700 adopted children’s information
1
Put Machine Learning to Work--Protect Your Clients
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

QTT2017.PNG
In This Issue:
Streaming Malware Detection and Trends

More information here.

Although malware and potentially unwanted applications (PUAs) such as spyware and adware have been a top concern for years, many organizations still find themselves overwhelmed by the abundance of modern threats. This quarter, we examine malware trends, get insight from Webroot CTO Hal Lonas on dissolving security perimeters, and present findings from two recent surveys on how security professionals will focus their security efforts over the next year.

Get the latest Threat Trends Report now!
2
Interestingly enough I have no problem using let's encrypt on Windows platform and figured it was going to be a breeze on *nix... Running into a slew of issues.  For one I am trying to use certbot to facilitate this.  When I issue the correct commands and webroot I see it builds the .well-known folder but it does not build the acme-challenge folder.  If I try to manually create the acme-challenge folder it deletes it after the sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com command (with my domain info substituted of course) with the following error:

Detail: Invalid response from
   http://<mysite>/.well-known/acme-challenge/bM6ijKNrbr6Dcf3nzJdyhssFHrySeeLk-2VWQgAlWnQ:
   "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
   <html><head>
   <title>403 Forbidden</title>
   </head><body>
   <h1>Forbidden</h1>
   <p"
Super frustrated as everything in *nix is always easier, right?  Well not this time LOL.   Any suggestions would be appreciated!

-J
0
Cyber-News-Rundown-WordPress-800x600.jpg
Cyber News Rundown Edition: 7/14/17

Verizon Call Logs Found Exposed Online

Over the past month, researchers have been learning more about the recent discovery of unsecured customer service call records for over 14 million individuals on an Amazon server. The server in question is controlled by Nice Systems, an enterprise software company based in Israel, and contained call logs from January through June of this year. In the unencrypted records were customers’ names and their Verizon account login credentials. Even after Verizon became aware of the server’s vulnerability, it took over a week to get it properly secured by Nice Systems.

Bupa Healthcare Services Breached

In the last week, international healthcare provider Bupa was the victim of a data breach that included basic customer information, such as names, birthdates, and nationalities. The breach originated with an employee incorrectly transferring data between systems of Bupa Global, which handles international health insurance for frequent travelers—around 108,000 customers in total. The affected branch of Bupa has contacted all affected customers, and has stated that no other branches worldwide have been compromised.

Botnets Distributing New Point-of-Sale Malware

With the recent influx of botnet-related cyberattacks in the last year, it’s hardly surprising that Point-of-Sale malware is now spreading through the same channels
3
Bupa breach affects more than half a million customers

A London health insurance agency has been hit with a massive data breach. The personal information of about 547,000 people was compromised.

More info here
1
Cyber-News-Rundown-WordPress-800x600.jpg
Cyber News Rundown: Edition 7/7/17

British Lawmakers’ Logins Targeted

Over the last week, multiple parliament members and other lawmakers in the UK have been the focus of cold-callers attempting to gain login credentials, following a successful brute force attack that compromised the credentials of several other officials. Passwords for the remainder of the parliamentary staff have received a force reset to avoid any further exploitation of their systems.

Banks Still Struggle with Security

The Online Trust Alliance recently conducted an anonymous study of 1,000 websites across many different sectors, to test for security, privacy, and consumer protection. Of the 100 largest US banks in the study, only 27% passed all 3 categories, while 65% failed in at least one category. Although the American Banking Association still believes that banks are the current standard for security, the long list of breaches throughout the last year alone leave many consumers questioning just how secure their banks really are.

Sabre Breach Exposes Google Employee Data

In the past few days, Google has been sending out notifications to employees after Sabre Hospitality Services experienced a breach in their reservation system
4
bitcoin_photo_via_shutterstock.jpg
This just in... Humans Still the Weakest Link

"The fact that access appears to have been initiated by initially compromising an employee's personal PC is a very worrying development – highlighting huge failings on so many levels, from an employee education and training standpoint, all the way to administrative and technical controls, to monitoring and enforcement." -  David Kennerley, director of threat research at Webroot.

More on TheRegister.
5
 
LVL 2

Expert Comment

by:Christopher Rourke
Good ol' PEBCAK :) Thanks for the article link.
1
 

Author Comment

by:Drew Frey
Happy to share, Christopher! There's an educational component most people could use to help combat PEBCAK :)
1

Many Firms Hit by Global Cyber Attacks - Petrwrap


Firms around the globe are reporting that they have been hit by a major cyber-attack. Some experts have suggested that it could be a ransomware attack, similar to Wannacry which hit last month. Alan Woodward, a computer scientist at Surrey University, said: "It appears to be a variant of a piece of ransomware that emerged last year.

More on this story via the BBC.
10
 
LVL 9

Expert Comment

by:Experts Exchange
They have a sense of humor.
2
 
LVL 14

Expert Comment

by:Ajit Singh
The Petya ransomware has caused serious disruption at large firms. Ransomware attack continue to be a huge challenge for organizations with incidents reaching record highs. This article explains bit more about 'Petya' ransomware attack strikes companies across Europe and US.
 
Also check this this article to defense the ‘Petya’ Ransomware Attack.
0
Honda isn't alone in facing these challenges -- according to Reuters, competitors Nissan and Renault also stopped production at plants in Japan, Britain, France, Romania and India last month due to WannaCry attacks.  

This attack should serve as a reminder that even if your business wasn't hit during the initial WannaCry outbreak, you may well still be vulnerable.

More on the latest WannaCry attack and how you can mitigate future attacks here.
3
Drew Frey writes articles on cyber security and ransomware protection.  Follow him if you're interested in seeing new articles in those topics.

https://www.experts-exchange.com/members/Drew-Frey.html
5
 

Expert Comment

by:Michael Bodine
SP INFOTECH was also part of a scam...they had people calling up with foreign voices and the company name would change..as they answered the phone.. certaintly unpredictable crap.
1
 
LVL 16

Author Comment

by:Kyle Santos
Source?
0
When ransomware hits your clients, what do you do?
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Popular third-party chat platforms like Slack, Discord, and Telegram are just a few of the many new productivity applications that are being hijacked by cybercriminals to create command-and-control (C&C) communications infrastructures for their malware campaigns.
0
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
0
IMG_0386.jpg
Colorado is fortunate to have a diverse community of tech companies and startups, each one backed by its own diverse community of leaders, tech gurus and innovators. But diversity aside, women are still grossly underrepresented in tech — in classrooms, in boardrooms and everywhere in between.
 
We talked with Amy Wiley, VP of Engineering Services here at Webroot about her greatest challenges, what Webroot is doing to promote diversity in tech, and advice for other women looking to get into the tech industry.
 
Read more here.
2
DNS-Protection-with-ConnectWise.png
It's always exciting around here! We're thrilled to expand our partnership with ConnectWise to offer customers better protection and performance. To get insight into why this matters, we sat down with George Anderson, Webroot’s product marketing director for business solutions, and Gavin Gamber, vice president of Channel Sales and Alliances at ConnectWise.
 
What is DNS Protection? Why is it important? Why do ConnectWise partners need this?  
 
Read more here.
4
Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
1
Hackers.jpg

Treat 64-bit malware like any other possible threat. Invest in a credible threat intelligence platform, understand your organisation's risk tolerance level and plan accordingly. Be smart and be alert. Keep systems up-to-date, understand what devices need an internet connection, review user permissions and privileges, create and execute a backup strategy. But mostly importantly continue to educate your users about cyber dangers, and test your incident response and disaster recovery plans regularly.

Read more here.
2
 
LVL 1

Expert Comment

by:Juana Villa
Your link is not working, I think you meant "http://wbrt.io/xm9e"
Anyway, I agree as users we all need to know how to protect our data.
1
 

Author Comment

by:Drew Frey
Great catch! Thanks for keeping me a watchful eye out.
1
We have installed Web Root Secure Anywhere Endpoint Protection v. 9.0.15.50 on several of our customer's Windows 10 computers (running either Office 2016, Office 2013, or Office 2010).

Our customers keep reporting that when they arrive at work in the morning the list of their recently opened documents within either Microsoft Word or Excel has been cleared (see the screenshots).

This is a major problem.

What can be done to fix or prevent this from happening?

WordExcel
0

Webroot

Designed with MSPs, resellers, and distributors in mind, the Webroot® Channel Edge® Program offers
competitive margins, recurring revenue, lower operational costs, improved productivity, and innovative
enablement tools. Through its web-based management console and integration with RMM and PSA
platforms, Webroot provides easy-to-deploy next-generation security for endpoint, mobile, and web.
Partnering with businesses of all sizes, Webroot secures your clients against sophisticated threats—no
matter how or where users connect. For more information, visit www.webroot.com/MSPpartners

Top Experts In
Webroot
<
Overall
>