Bayon Technologies Group

Are you a small business that cannot afford the cost of Microsoft teams?

2021-12-01

Are you a small business that cannot afford the cost of Microsoft teams? Then you are in luck! Microsoft just announced that they are adding a new standalone Teams SKU for small to midsize businesses to its lineup, the cost would be as low as $48 per user per year!

Are you tired of having to click on the “load more” button when you are searching on Google on your mobile device?

2021-10-18

Google is introducing its new continuous scrolling feature, now instead of making you tap the load more button, Google will just load up the next page allowing you to scroll to your heart’s content.

Hospitals are turning people away and not necessarily because they are overrun with sick patients

2021-08-23

Several hospitals and clinics in West Virginia and Ohio are canceling surgeries and diverting ambulances right after a ransomware attack knocked out staff access to IT systems across virtually all of their operations.

The facilities affected are owned by Memorial Health System, and they represent over 64 clinics, including hospitals in West Virginia and Ohio. Early Sunday, they experienced a ransomware attack that hampered the three hospitals’ ability to operate normally.

Starting at midnight on Sunday night, the three hospitals began to divert emergency patients to a nearby medical center. In addition, most of the Memorial Health System facilities have also postponed all non-urgent surgeries and radiology exams for the next few days.

“We will continue to accept: STEMI, STROKE, and TRAUMA patients at Marietta Memorial Hospital,” officials said in a statement. “Belpre and Selby are on diversion for all patients due to radiology availability. It is in the best interest of all other patients to be taken to the nearest accepting facility. If all area hospitals are [on] diversion, patients will be transported to the emergency department closest to where the emergency occurred. This diversion will be ongoing until IT systems are restored.”

Even though some ransomware groups have pledged to spare hospitals, schools, and critical infrastructure from attack, recent research shows that critical health providers continue to get infected, either because of human error or because ransomware groups still consider them as targets. So far there have been 38 attacks on health care providers or systems that have disrupted patient care at roughly 963 locations, compared to the 560 sites and 80 separate incidents in 2020 according to Brett Callow, a threat analyst at security firm Emsisoft.

Nowadays, it is crucial to have backup plans for ransomware attacks as well as provide extensive training to employees to make sure they are not putting themselves and your company at risk.

If you need help with strengthening your security measurements visit our website at https://www.bayontechgroup.com/ or call us at 954-903-7730 today for a FREE consultation.

T-Mobile was hacked...again…. But this time they are not entirely sure what was taken

2021-08-17

A T-Mobile spokesperson stated on Monday that their system was breached and that the company’s investigators are in the process of figuring out what was actually stolen. “We have determined that unauthorized access to some T-Mobile data occurred, however, we have not yet determined that there is any personal customer data involved”, they also stated. “We have been working around the clock to investigate claims being made that T-Mobile data may have been illegally accessed”.

This statement was released right after Motherboard reported that a forum post was advertising a huge amount of data for sale. They did not specifically mention T-Mobile but they did go on to say that more than 100 million people’s personal data came from T-Mobile servers. In addition, they mentioned that it included social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver license numbers.

This is definitely not the first time that T-Mobile has gotten hacked, it is actually the sixth time in the past few years. One of their biggest cyberattacks happened in 2018 that gave unauthorized access to customer names, billing ZIP codes, phone numbers, email addresses, and account numbers. If T-Mobile confirms that sensitive data was stolen from 100 million people, then this breach will be among the largest carrier data breaches ever.

There is a new phishing campaign that is causing mayhem throughout the US

2021-08-05

The perpetrators who created this well-crafted campaign are not new at this, they are previously known to have stolen millions of users banking credentials, therefore this threat is not to be taken lightly.

This particular phishing campaign has successfully gained traction within SMBs not protected by Ironscales or the like. If you or your clients do not have a phishing protection tool in place you are at great risk and most likely already have this campaign in your inbox.

See below for a short version of the report received from Sentinel One about this campaign:

If you are concern about your cyber security and need assistance with the above discussed topic feel free to contact us at 954- 903- 7730 or visit us at https://www.bayontechgroup.com/

Apple releases an urgent security update for IOS, iPadOS, and macOS to patch a zero-day flaw that it said may have been actively exploited.

2021-07-29

The new update that is set to be released in less than a week, comes after the company announced iOS 14.7, iPadOS 14.7, and macOS Big Sur 11.5 to the public. This patch fixes a memory corruption issue (CVE-2021-30807) in the IOMobileFrameBuffer component, a kernel extension responsible for managing the screen framebuffer, that could potentially be abused to alter the code and kernel privileges.

Apple credited an anonymous researcher who found out about this flaw and prevented the weaponization of this vulnerability for malicious attacks. The company also addressed that the main issue was with the memory handling and that they are not “aware that this issue is currently being exploited”

In addition, the timing of this update raises some questions about whether the zero-day had any part in the compromising iPhones using NSO Group’s Pegasus software, which has turned out to be the main focus of many investigative reports that have exposed how the spyware tool turned mobile phones of several journalists, human right activists, and many other public figures into portable surveillance devices, granting complete access to highly sensitive information stored in them.

In conclusion, if you own any of the apple devices mentioned above is extremely recommended that you move quickly to update them to the latest version to mitigate the risk associated with the flaw.

Hackers find a flaw in Microsoft’s Hello facial-recognition system and trick system into unlocking when it shouldn't

2021-07-19

Biometric authentication is a key factor of the tech industry’s plan to eliminate log-in passwords. Services like Apple’s FaceID recognition have made this feature widely recognized, followed by Microsoft’s Hello which has had quite an improvement over the last few years. Apple allows you to use FaceID with cameras embedded in iPhones and iPads however is not yet compatible with all Macs. Now since Microsoft is so diverse and works with a large selection of third-party webcams it does get the upper hand on this subject.

Ultimately, hackers always find a way to uncover flaws and vulnerabilities in every system and this feature is no exception. Windows Hello facial recognition works only with webcams that use infrared sensors in addition to the standard RGB sensors. However, the system seems to overlook RGB data…. What does this mean you might ask? Well, this means that with one straight-on infrared image of the individual’s face and one black frame, it tricks the system into believing the person is actually there and bypasses Windows Hello security feature unlocking the protected device.

Microsoft commented on this flaw and called it a “ Window Hello security feature bypass vulnerability” and immediately released a patch for it to address this issue. In addition, the giant in technology suggests that users should be using the “Windows hello enhanced sign in security feature” which utilizes Microsoft's “virtualization-based-security” to encrypt Windows Hello face data and processes into the memory where it cannot be tampered with.

In reality, there is a deeper issue here, as previously mentioned, Windows Hello feature works with several third-party companies, therefore, it is extremely hard to create that Camara and system trust connection. On the other hand, Apple FaceID only works with the company’s proprietary TrueDepth camera, an infrared camera combined with several other sensors. This provides total control over both hardware and software creating a safer ecosystem, something that Windows cannot really do.

Marc Rogers a long time biometric-sensor security researcher and vice president of cybersecurity at the digital identity management company Okta, states that he is very surprised that Microsoft did not anticipate the possibility of attacks done to third-party cameras and that “really Microsoft should know better” “This attack pathway, in general, is one that we have known for a very long time. I’m a bit disappointed that they aren’t more strict about what cameras they will trust”

There is a new warning from Microsoft about a specific call center that is tricking users to download malware.

2021-06-24

Have you received a call claiming that your free trial subscription is over? Are they advising you to call a number to cancel it before you get charged with monthly fees? If so, DON’T DO IT! It’s all a scam attempting to get you to download a malware called BazarLoader which is used to distribute ransomware.

These malicious actors have been active since January and they usually start by sending phishing emails advising the victim that a trial subscription has expired and that they need to call a number to cancel before they get charged. Then once the victim falls for it and the malware has been downloaded, the criminals are able to access the infected Windows device through the back door and will proceed to send follow-up malwares, scan the environment and exploit other vulnerabilities on the network.

This group caught Microsoft’s attention as they are mostly targeting Office 365 users. See below for Microsoft’s response on the attack

“When recipients call the number, a fraudulent call center operated by the attackers instructs them to visit a website and download an Excel file in order to cancel the service. The Excel file contains a malicious macro that downloads the payload” Microsoft Security Intelligence explains.

The Microsoft security team also noticed that the group is using the Cobalt Strike penetration testing kit to steal credentials. Cobalt Strike is mostly used as a lateral movement on a network after initial compromise. Due to this discovery, Microsoft has created a GitHub page for publicly sharing details about this cyberattack as well as other malwares techniques.

EA becomes the latest target of cybercrime and not only gets hacked but it also gets source codes stolen

2021-06-11

Millions of Electronic Arts (EA) player accounts became at risk of being taken over by hackers due to a "chain of vulnerabilities," security researchers say.

In a worst-case scenario, cybercriminals could exploit flaws to gain complete access to a user's credit card information and fraudulently purchase in-game currency while impersonating the legitimate user. The vulnerabilities did not require a user to hand over passwords, experts alleged.

Hackers in fact have stolen valuable information from the major game publisher, the company said. The malicious actors have claimed to have downloaded source code for big name games such as FIFA 21 and for the proprietary Frostbite game engine used as the base for many other high profile games.

However, EA spokesperson confirmed that there was “No Risk to Players”. “Absolutely no data player data was accessed, and we have no reason to believe that there is any real threat to players privacy” she added.

The “network intrusion” was not the usual ransomware attack and had happened recently. Since then the company said it had already improved security measures and also added that they did not expect “an impact on our games or our business”

Cybersecurity risks skyrocket with COVID and is expected to cost the world around $10.5 trillion annually by 2025. Here is how some startups companies are fighting back.

2021-06-07

With the increase of remote workers, cybersecurity issues have grown into a $1T problem giving malicious actors ample new opportunities for cyberattacks.

There has been a surge of hacks and breaches as cyberattackers are demanding for larger ransoms from companies regardless of their size. They have targeted local governments, hospital systems and even hacked Tesla factories cameras, just to mention a few. However, there is also some blame on technicians who have been providing troubleshooting remotely instead of on-site, which opens up a whole new window for attackers.

As of a result of this, companies are spending more than ever on digital security, which is prompting some extra security measures from the technology giant Google. With about two-thirds of Americans admitting to using the same password across platforms, and attempting to remove passwords once and for all, Google announced that two-step verification would become the default for most users making it harder to be extorted.

According to AngelList co-founder Naval Ravikant, startup company Magic has raised over $4M to develop “a world in which user identity and authentication is decentralized and not subject to control by tech giants”. On the other hand, New York based Beyond Identity has raised $ 105M to replace passwords with a “chain of trust” using asymmetric key cryptography.

Meanwhile, Europe based SingleID is using “Zero knowledge distributed authentication” to be able to provide single-click checkouts to consumers.

Password management is a particularly sensitive and complicated subject. It is truly a challenge for crypto investors who must store their keys somewhere where they can later be retrieved. For this reason Singapore-based start-up company Torus specializes in just that “cryptographic key management”

The estimated damage cost of cybersecurity breaches is based on recent historic year-over-year growth which has dramatically increased malicious impostors activities and cyberattacks. These are projected to be at a higher magnitude in 2025.