Microsoft will be ending support on January 14, 2020 for:
Windows 7 • Windows 2008 • Windows 2008 R2 • SQL 2008 • Exchange 2010 • Windows Mobile
GreenFlash Sundown exploit kit has been repurposed to drop a botnet, cryptominer, and very potent ransomware (all three at once) via drive-by downloads served via website ads. This kit hadn’t been targeted at North America previously but this recent repurposing has been designed to primarily attack English language users in North America.
The biggest mitigations are fully patched Flash & web browsers, safe and careful browsing habits, and being trained in security awareness to learn to avoid clicking links in emails that may be trying to direct you to a site serving the malvertisement.
Also, interesting note – the exploit kit executes a system check to make sure the environment is “desirable” before it fires the main payload, so the same malicious ad may trigger ransomware on one system but not another.
Many years of membership and engagement with the Western NY chapter of the Association of Legal Administrators (ALA) prompted LMT to attend the 2019 ALA Annual Conference & Expo in Grapevine, TX. The ALA gathering assembles legal management and administrative staff, including single attorney offices and large law firms, from across the U.S. to learn and network around the latest legal trends in technology, HR, billing, and more. Cloud computing, disaster recovery, and compliance were hot topics among attendees and speakers.
We hate to be the bearer of bad news, but 2019 and beyond will surely bring more waves of ransomware, phishing, new laws and regulations, and attacks utilizing information technology as a threat vector. Tax season is upon us and is a particularly high threat time of year with internet phishing scams that lead to tax-related fraud and identity theft.