Entries by XSolutions

ALERT: Phishers Are Hard At Work With Bogus Microsoft Emails

One of our very good clients received the following email, supposedly from Microsoft: Regular readers of our blog would quickly see that this email is bogus. By hovering your mouse over the “Restore Access” button (that’s hover—not click!), you can see the actual URL the button is linked to. No surprise here—the link is not […]

The Reach Is Long And The Bite Deep

Scenario: It’s Monday morning and an employee notifies you that his laptop has been stolen. He apologizes profusely, but there is nothing you can do now. You, as the boss, are now thinking, “What a headache. Now I have to buy a new laptop and get it setup, etc. Not to mention the wasted time!” […]

Don’t Be A Sitting Duck

Small businesses are under attack. Right now, extremely dangerous and well-funded cyber-crime rings from all over the world are using sophisticated methods to hack into small business systems to steal company and client information. Some rings are even being funded by their own governments. Their weapon of choice―SPAM. Statistica reports that as of March 2018, […]

ALERT: Phishers Are Hard At Work With Bogus Microsoft Emails

One of our very good clients received the following email, supposedly from Microsoft: Regular readers of our blog would quickly see that this email is bogus. By hovering your mouse over the “Restore Access” button (that’s hover—not click!), you can see the actual URL the button is linked to. No surprise here—the link is not […]

Insidious Bug Found that Can Destroy Privacy

ZDNet reports that a bug was found in the LinkedIn Auto-fill plugin that could allow hackers to steal user profile data. The popular plugin allows third-party sites to capture LinkedIn member data from user profiles when users sign up for webinars, newsletters, etc. Although LinkedIn only allows this plugin to interact with pre-approved sites, the […]

ALERT: Millions Of Trusted Apps Are Leaking Data!

We’ve always advised our readers to carefully scrutinize the apps they use and make sure they do only what they say they’re doing. A post on SecureList shows that many trusted apps are in fact transmitting data using the unsecure HTTP protocol over the internet. The culprit appears to be third-party services called SDKs (Software […]

XSolutions Sees Uptick In Owner/CEO-Spoofed Emails

This is very important so please make sure that EVERYONE in your organization knows about this. Over the last few weeks, we have seen a number of phishing emails impersonating the owner or CEO that are being sent to accounting and HR personnel instructing them to send money, purchase payment cards, etc. In one case, […]

Beware Of This Fiendishly Clever Phishing Scam

Scammers have devised a phishing campaign aimed at taking control of victims’ Gmail accounts. Right now, they’re scamming Gmail users because of the email platform’s popularity and size but the example below can go for any platform in use. Here’s how this Phish operates: A scammer gets a victim’s Gmail info, starts the password reset […]

A Lesson To Be Learned

Here are a few headlines from some security blogs I monitor during the last few days: Atlanta, hit by ransomware attack, also fell victim to leaked NSA exploits Cyberattack disrupted Baltimore emergency responders Hudson’s Bay Probes Data Security at Stores Including Saks Under Armour says 150 million MyFitnessPal accounts hit by data breach Cities and […]

SECURITY ALERT: An Old Nemesis Resurfaces

Heimdal Security reports that the financial trojan, Trickbot has reappeared in a new SPAM campaign. As you may recall, Trickbot targeted US banking companies such as PayPal in the past. New SPAM emails are now spoofing Dropbox usually carrying the subject line, “A new document is available for download” and carrying an infected link. Once […]