<img height="1" width="1" style="display:none;" alt="LinkedIn" src="https://dc.ads.linkedin.com/collect/?pid=239833&amp;fmt=gif">
  •  
  •  
 

Recent Posts

Malicious Wallpapers, Phishing Trends, Zoom Backgrounds & more!

Posted by Griffin Ball on Sep 18, 2020 11:05:00 AM

The Lighthouse IT Podcast - 18th, 2020

Matt and Griffin discuss Malicious Wallpapers, Phishing Trends, Coors wanting to send you to your Zoom background, Labor Day deals actually focusing on jobs, and the fabled TikTok deal coming to a close!

Listen here! Want to get straight to the news? Go to the 5:05 minute mark.

Security News

Could your wallpaper be trying to steal your credentials?

Well it turns out that new rubber-ducky theme you downloaded for your Windows 10 computer might just be an attempt to steal your credentials. Our friends over at Bleeping Computer and Sophos have both published similar findings that the Windows 10 theme files can be used to pass credentials to a third party. In the Sophos study, they setup a server to spoof or "phish" credentials by requesting files (such as the wallpaper background) from a remote resource and using an authentication prompt to look similar to a normal Windows credential prompt. By trying to convince you that you need to enter your local credentials to continue, the remote server stores and serves the files appropriately - but now your account has been compromised.

In the Bleeping Computer study, they stepped it up another notch and were able to use a Pass-the-Hash attack using an remote SMB server. SMB is used by Windows for sharing files between computers and is largely trusted. When your computer attempts to access an SMB share, it will automatically pass a hash of your credentials to the other computer to attempt to login. In normal circumstances, this makes connecting to SMB shares painless, but in this example, the hash is stored by the remote server and can be used later by de-hashing tools to attempt to determine your username and password.

While right now these both show great ways to determine your username and password, image files have also had some history in the past of remote code execution issues - meaning it could be possible that if another vulnerability is found in an image library, it could be a one stop shop for installing a malicious payload AND getting your account information to install itself.

READ MORE HERE FROM BLEEPING COMPUTER AND HERE FROM SOPHOS

Read More

Topics: Cybersecurity, Podcast

More Apple Store Drama, Ransomware Wins and the New Facebook

Posted by Griffin Ball on Sep 4, 2020 10:09:33 AM

The Lighthouse IT Podcast - September 4th, 2020

Matt and Griffin discuss self-destructing DVDs, more Apple store drama, another win against ransomware, Walmart joining in on the TikTok deal, and the New Facebook.

Listen here! Go to the 3:00min mark to skip the intro.

Security News

Apple "Tax" drama continues - but with an additional contender

In a bid to help small businesses cope with financial loss, Facebook announced a new feature allowing "paid for" events on the platform, making it easy for small businesses to host virtual meetings to stay engaged with customers. To further its value, Facebook stated that it would not be taking a cut of any payment made to those businesses as way to support them during this time.

Read More

Topics: Internet Safety, Ransomware, Cybersecurity, Podcast, Digital Marketing

Apple Gave Epic a fortnight, Influencer Resilience & Reeling in TikTok

Posted by Griffin Ball on Aug 21, 2020 11:00:00 AM

The Lighthouse IT Podcast - August 21st, 2020

Matt and Griffin discuss "Proof" that criminals have no boundaries, how Apple gave Epic Games a fortnight before getting kicked off the app store, the launch of Instagram's TikTok competitor (Reels), the uphill battle that TV Ads have had to face, and finally two of the largest influencer ad agencies merging.

Listen here! Want to skip the intro? Go to the 1:45min mark.

Security News

"Proof" that criminals have no boundaries

Brown-Forman, headquartered in Louisville, Kentucky is a multi-million dollar business that is the latest high profile company to fall victim to "new wave" ransomware operators. The company, better known for its properties of Finlandia vodka and Jack Daniels, among other major global brands, was the target by the REvil crew.

 
In new wave ransomware, the group operates on a 3 stage attack, an additional tactic over the normal 2 stage.
  • In the first stage, they scope out the network to see if it is worth their time. Checking out backups, administrative tools, and more.
  • In the second stage (the new stage), they steal the data - called exfiltration.
  • Finally, the attempt to encrypt network files.
The idea is that even if you do have backups, the stolen data can be used for blackmail.
Read More

Topics: Internet Safety, SEO, Ransomware, Cybersecurity, Podcast, Digital Marketing

We have joined the ASCII Group community!

Posted by Matt Almendinger on Aug 14, 2020 11:00:00 AM

One of the driving forces at Lighthouse IT Solutions has always been community. It’s what gets me out of bed in the morning. We love community in all of its forms - whether we are reviewing our vendors or our clients. However, one of the areas that we believe we have lacked as a provider is a community that represents our industry.

Unfortunately, all too often, it is hard to not get caught up in competition with our peers, making it difficult to find a place that allows us to have community with those in our industry. That competitive spirit can be a wedge between great opportunities. Well we are excited to announce that through this self-awareness, we have sought to fix this gap and found such an opportunity that will positively impact our clients.

So, it is my personal pleasure to announce that Lighthouse IT Solutions has joined the ASCII Group community. The ASCII Group is a collection of IT companies working together to better the industry and raise the bar, so to speak. This not only helps us here at Lighthouse to be better, but it allows us to offer more to our clients.

Read More

Topics: Harmony, IT services, Business Continuity, Managed Service Provider