<img height="1" width="1" style="display:none;" alt="LinkedIn" src="https://dc.ads.linkedin.com/collect/?pid=239833&amp;fmt=gif">
  •  
  •  
 

Recent Posts

Malicious Wallpapers, Phishing Trends, Zoom Backgrounds & more!

Posted by Griffin Ball on Sep 18, 2020 11:05:00 AM

The Lighthouse IT Podcast - 18th, 2020

Matt and Griffin discuss Malicious Wallpapers, Phishing Trends, Coors wanting to send you to your Zoom background, Labor Day deals actually focusing on jobs, and the fabled TikTok deal coming to a close!

Listen here! Want to get straight to the news? Go to the 5:05 minute mark.

Security News

Could your wallpaper be trying to steal your credentials?

Well it turns out that new rubber-ducky theme you downloaded for your Windows 10 computer might just be an attempt to steal your credentials. Our friends over at Bleeping Computer and Sophos have both published similar findings that the Windows 10 theme files can be used to pass credentials to a third party. In the Sophos study, they setup a server to spoof or "phish" credentials by requesting files (such as the wallpaper background) from a remote resource and using an authentication prompt to look similar to a normal Windows credential prompt. By trying to convince you that you need to enter your local credentials to continue, the remote server stores and serves the files appropriately - but now your account has been compromised.

In the Bleeping Computer study, they stepped it up another notch and were able to use a Pass-the-Hash attack using an remote SMB server. SMB is used by Windows for sharing files between computers and is largely trusted. When your computer attempts to access an SMB share, it will automatically pass a hash of your credentials to the other computer to attempt to login. In normal circumstances, this makes connecting to SMB shares painless, but in this example, the hash is stored by the remote server and can be used later by de-hashing tools to attempt to determine your username and password.

While right now these both show great ways to determine your username and password, image files have also had some history in the past of remote code execution issues - meaning it could be possible that if another vulnerability is found in an image library, it could be a one stop shop for installing a malicious payload AND getting your account information to install itself.

READ MORE HERE FROM BLEEPING COMPUTER AND HERE FROM SOPHOS

Read More

Topics: Cybersecurity, Podcast

More Apple Store Drama, Ransomware Wins and the New Facebook

Posted by Griffin Ball on Sep 4, 2020 10:09:33 AM

The Lighthouse IT Podcast - September 4th, 2020

Matt and Griffin discuss self-destructing DVDs, more Apple store drama, another win against ransomware, Walmart joining in on the TikTok deal, and the New Facebook.

Listen here! Go to the 3:00min mark to skip the intro.

Security News

Apple "Tax" drama continues - but with an additional contender

In a bid to help small businesses cope with financial loss, Facebook announced a new feature allowing "paid for" events on the platform, making it easy for small businesses to host virtual meetings to stay engaged with customers. To further its value, Facebook stated that it would not be taking a cut of any payment made to those businesses as way to support them during this time.

Read More

Topics: Internet Safety, Ransomware, Cybersecurity, Podcast, Digital Marketing

Apple Gave Epic a fortnight, Influencer Resilience & Reeling in TikTok

Posted by Griffin Ball on Aug 21, 2020 11:00:00 AM

The Lighthouse IT Podcast - August 21st, 2020

Matt and Griffin discuss "Proof" that criminals have no boundaries, how Apple gave Epic Games a fortnight before getting kicked off the app store, the launch of Instagram's TikTok competitor (Reels), the uphill battle that TV Ads have had to face, and finally two of the largest influencer ad agencies merging.

Listen here! Want to skip the intro? Go to the 1:45min mark.

Security News

"Proof" that criminals have no boundaries

Brown-Forman, headquartered in Louisville, Kentucky is a multi-million dollar business that is the latest high profile company to fall victim to "new wave" ransomware operators. The company, better known for its properties of Finlandia vodka and Jack Daniels, among other major global brands, was the target by the REvil crew.

 
In new wave ransomware, the group operates on a 3 stage attack, an additional tactic over the normal 2 stage.
  • In the first stage, they scope out the network to see if it is worth their time. Checking out backups, administrative tools, and more.
  • In the second stage (the new stage), they steal the data - called exfiltration.
  • Finally, the attempt to encrypt network files.
The idea is that even if you do have backups, the stolen data can be used for blackmail.
Read More

Topics: Internet Safety, SEO, Ransomware, Cybersecurity, Podcast, Digital Marketing

TikTok Ban, Chex Quest Revamp and Unilever Experiments

Posted by Griffin Ball on Aug 7, 2020 11:00:00 AM

The Lighthouse IT Podcast - August 7th, 2020

Matt and Griffin discuss the possible TikTok ban, what we currently know about it, and what it could mean for marketers. They touch on the huge rise in mobile game downloads that came from COVID, and they also go over some of the interesting experimental marketing efforts many companies, like Unilever, are pushing to get ahead.

Listen here!

Security & Marketing News

What a TikTok Ban Would Mean for Marketers 

TikTok has gained a reputation for being the least secure social media platform. That being said, it’s also one of the most popular as of right now. TikTok is used to share short video clips that are usually related to a music dance challenge or even just eating a spoonful of cinnamon. This app is owned and originated from overseas, China, in 2017. Now that it has become widely used in the US, the security risks are becoming a concern. Since it is owned by the Chinese company ByteDance, they can request the data collected by TikTok at any time and even the US branch of TikTok must comply. The concern comes in when comparing the security regulations of both nations.  

President Trump is taking action to ban the platform. With that in mind, Microsoft’s interest in the platform could change the outcome of his decision. Trump had agreed that if the company’s ownership is transferred to America, it could potentially be safe to stay.

READ MORE

Read More

Topics: Internet Safety, Cybersecurity, Malware, COVID19, Podcast