Saw the craziest news article on ZDnet yesterday. Apparently ransomware is now installing a virtual machine INSIDE the hacked computer in order to avoid detection. We’ve entered a new phase of devious behavior!
Please make sure your users are safe – I really think the only way to avoid all this is to adopt a Zero Trust attitude.
Think of it this way – do you let a technician into your home to work on the AC unit, just because they have the right shirt on? Did you call them? Are they ‘safe’? Do they take their shoes off and keep their N95 mask on? Some of us will allow them in, some will not.
At this time, I have immune compromised folks at home, and that technician isn’t coming in. I’ll live with a busted AC unit for now, it’s not worth the risk.
Is your PC worth the risk to allow untrusted software in and run whatever, wherever it wants, with whatever bugs it brings with it? I think not.
Brain dump for today: I’m astounded that the average end-user hasn’t realized the quantity and quality of malware sites/phishing and general attacks that have launched since Covid-19 sent us all home.
While I’m loathe to use that term (C19) here, it needs to be stated that the bad guys have little concern for ‘playing by the rules’ and they’ll use whatever means necessary to get into your PC, your network, your business and ultimately to the golden nuggets of your organization.
PLEASE, spend a few extra minutes considering the email that purports to have the latest C19 updates, government stimulus checks and free food – it’s quite likely someone after YOUR checkbook.
Look for the classic phishing clues (let me know if we need to share them) and look before you click!
And why did I choose the title? Only because I missed celebrating May 4th – I was too busy in front of the computer. sigh.