Look Before You Click!

Lately I’ve been receiving, what appears to be, a lot more phishing emails than I used to. Some are quite good, while others are obvious fakes. Either way, spoofing trusted brands to get emails read and acted upon appears to be the way to go—if you’re a career cyber-criminal. Just the other day, this email […]

Hackers Serve Malware Cocktail That Evades Most AV Programs

As I stated many times before, cyber-criminals are an adaptable bunch. They still use SPAM to deliver malicious payloads because it works so well, then change the code slightly to evade most anti-virus (AV) programs for a time. When the security companies catch up, they change it again. The new cyber-criminal toy is the Hancitor […]

A New Twist To An Old Scam

In the past, scammers targeted departments responsible for issuing payroll, often spoofing the emails of authority figures to obtain detailed records. A recent LEXOCOLOGY post warns us that scammers are now zeroing in on the employees themselves that could cost workers plenty while posing a serious cyber-threat to organizations of all sizes. Here’s how this […]

Are You Or Someone You Know The Star Of A Fake Porn Movie?

Just when you think the criminal element can’t sink any lower—they do. Artificial Intelligence (AI) technology has advanced to the point that criminals are now able to near-seamlessly attach anyone’s face onto existing porn movies creating the ultimate click-bait! As a recent KnowBe4‘s security blog post mentions, for a long time criminals using Photoshop were […]

O&R Warns Residents Of Utility Scams

  Orange & Rockland (O&R) issued a warning to its customers about scammers pretending to be from O&R and threatening their targets unless they immediately pay them money.   O&R says that scammers may: Call you on the phone and manipulate caller ID to make it look like the call is coming from O&R. Threaten […]

Meet Skygofree—The Multipurpose Mobile Trojan

A recent post in Kaspersky Lab detailed a powerful “new” Android trojan that has been operating since 2014 that was “discovered” in late 2017. It’s called Skygofree (not related to the TV service Sky Go) and here are some of the things it can do: Track where you are and turn on audio recording when […]

Watch What You Type Into Your Browser!

Wherever we are, we’re in a hurry. It doesn’t matter where we are either, at home, work, vacation—or surfing the internet. But, one small typo can land you into BIG trouble. In our rush to get to a favorite website, many of us don’t really watch what we’re typing into the browser. One letter off […]

2018 … And The Beat Goes On

Unless you’ve been living under a “digital rock” lately, you’ve undoubtedly heard about this year’s major security flaws called “Meltdown” and “Spectre”. They’ve been all over the blogs and news and put at risk just about every PC, server and smartphone because they affect all operating systems (Windows, Linux, Android, iOS, macOS, FreeBSD and others). […]

ALERT: Worldwide Ransomware Attack Underway

A new strain of ransomware called Bad Rabbit has hit multiple organizations in Russia, Ukraine, Europe and now the United States. Bad Rabbit is a variant of the NotPetya ransomware. The attack froze computer systems in several European countries prompting the U.S. Department of Homeland Security to issue an alert. Security firm KnowBe4 says that the outbreak appears to have originated using […]

Article Roundup: Week Ending 10.20.2017

Important Cyber news of the week, summed up by XSolutions and posted to Social Media: Security Alert: Microsoft Office Zero Day and DNS Vulnerabilities Potentially Impacting Users Microsoft patched two critical vulnerabilities this past Patch Tuesday that could allow hackers to gain access to systems and devices. Security Alert: Critical Wi-Fi Vulnerability Found – DO […]

Security Alert: Critical Wi-Fi Vulnerability Found – DO NOT IGNORE THIS!

Mathy Vanhoef, a researcher from Belgian university KU Leuven made public yesterday information about an attack vulnerability affecting the wide-spread wireless protocol WPA2. It is called “Key Reinstallation Attack” or KRACK for short and can be used by cyber-criminals to bypass WPA2 network security and read information that everyone assumes is encrypted and secure. This […]

Article Roundup – Week Ending 10/06/17

XSolutions posts to social media almost on a daily basis. Readers of our blog and newsletter see only a small portion of the information we share. Below are articles from various sources and experts that we shared this past week: Source: Deloitte Breach Affected All Company Email, Admin Accounts Global accounting firm, Deloitte experienced a […]

Look Ma, No Macros!

Successful hackers should be very proud—they’ve created yet another way to trick the masses and infiltrate the systems of countless victims. Kaspersky Lab researchers found an undocumented and little-known feature in Microsoft Office that allows hackers to gather configuration data on targeted systems without the need to create macros. Microsoft Word, Microsoft Office for iOS […]

Massive Ransomware Attack Underway

Barracuda researchers confirmed that a massive ransomware attack is presently underway. Over 20 million SPAM emails with infected attachments carrying a Locky variant have been sent so far and there are no signs that it is slowing down. Researchers have identified the sources of the attack as coming from Vietnam, India, Columbia, Turkey and Greece. […]

Security Alert: Supply Chain Attack Nabs CCleaner

Researchers at Cisco Talos discovered that CCleaner’s 32-bit version (v5.33.6162 and CCleaner Cloud v1.07.3191) were compromised using the app’s v5.33 installer. According to the Graham Cluley post, once a user downloaded and installed the tainted version, malware would determine if the user had admin rights and then proceeded to steal data, sending it to the hacker’s server. […]

Official Photo From CIANJ: XSolutions Wins CIANJ Best Practices Award

This is the official CIANJ photo of Joe Jr. accepting the 2017 Best Practices award on behalf of XSolutions from Commerce and Industry Association of New Jersey (CIANJ) President, Anthony Russo at the Annual Best Paractices Conference on September 12, 2017. As a matter of fact, I attended the CIANJ’s Human Resources forum on Employee Handbook […]

XSolutions Wins CIANJ Best Practice Award For 2017

We are proud to announce that XSolutions Consulting Services is a recipient of the CIANJ’s Best Practices Award for 2017. Joe Jr. accepted the award at the Commerce and Industry Association of New Jersey’s 2017 Best Practices Conference held on September 12th at Nanina’s In the Park. The award was given for our use of […]

Security Alert: Equifax Data Breach Impacts 143 Million People

Reporting agencies and security blogs are ablaze today with the news that Credit-reporting giant Equifax suffered a data breach possibly exposing critical information on 143 million U.S. consumers. Hackers supposedly exploited a vulnerability in a website application and gained unauthorized access to files as far back as mid-May. Information exposed in the hack: names, Social Security […]

Security Alert: 23 Million Bogus Emails Spreading Ransomware

In just 24 hours, over 23 million phishing emails carrying the Locky Ransomware virus have been distributed in one of the largest malicious campaigns of the year. The emails have utilized subject lines like: please print documents photo images scans pictures The emails come with an attachment, this time it’s a ZIP file containing VBS […]

Security Alert: New IRS/FBI Ransomware Scam

A new ransomware phishing scam is going around using IRS and FBI emblems to trick unsuspecting victims into clicking infected links that when clicked will encrypt your files and hold your data for ransom. Remember, the IRS does not email, send text messages nor will they contact you through social media to discuss tax issues. […]