This is a weekly series to highlight the best articles and news stories going on in the Community.
What was your favorite story? What topics would you like to see? Sound off in the comments! :)
Webroot's Top 10 Nastiest Ransomware Attacks of 2017!
It's that time of the year, folks! We’re revealing the top 10 nastiest ransomware attacks from the past year. NotPetya came in on our list as the most destructive ransomware attack of 2017, followed closely by WannaCry and Locky in the number two and three spots, respectively.
This top 10 list underscores the reality of our increasingly connected world—cybercriminals will continue to develop new infections and will capitalize on reliable, successful attack methods.
Learn more on our Threat Blog and check out the Infographic!
Windows 10 Fall Creators Update - Bug
After your PC updates to Windows 10 Fall Creators Update, you may get a notice saying that ‘access to files and or folders was denied’. Typically, this happens when you create, update, move or delete an existing file or folder. We have identified why this is happening and will be updating Webroot shortly. In the meantime, if this causes you any problems there is a temporary fix to help you out.
The Fix – With Webroot administrator rights you need to:
- Open Webroot SecureAnywhere by double-clicking on the Webroot icon on the bottom right-hand corner of your screen. Or, if it is not visible, click on the ^ symbol to reveal hidden icons.
- Double-click the icon to open up Webroot
- Then, click on the Advanced Settings button on the top right corner of the Webroot window that appears
- Click on ‘Shields’ on the left side of the options window
- Remove the check mark next to “Check files for threats when written or modified”
- Click the Save button at the bottom of the options window and enter the captcha code when prompted
- Then, restart (reboot) your PC
Stay up-to-date on this issue.
Facebook Phishing Campaign Targets Android and iOS Users
A Facebook spam campaign is luring users to phishing pages that try to trick targets into handing over Facebook or YouTube credentials.
The spammed content appeared to be a link to a YouTube video, but the attackers used the old technique of forging metadata to trick Facebook's URL previewing system into displaying the wrong link info. Users who clicked the links joined a carousel of various short link services. At one point, users would land on a site that triaged users based on their device type.
Read more and be careful what you click on!
Fake tech support 'scam' husband and wife banned FOR LIFE from computer repair world
A husband and wife team accused of scamming people with dodgy tech support calls about bogus malware infections have been barred for life from offering IT support and repairs.
The couple was accused of owning and operating of a handful of tech support scams outfits that used both telemarketing calls and online ads to convince victims their machines were infected with malware in order to sell unneeded or ineffective service plans, software, and support contracts.
Hop on over to The Register for the full story!
Malicious Chrome extension steals all data
There’s a glut of malicious Google Chrome extensions out there, but some are more harmful than others. The one that SANS ISC incident handler Renato Marinho has dubbed “Catch-All” falls in the former category.
“Catch-All” goes after every piece of data the victim posts on any website, including login credentials for all kinds of online services. Before the malicious extension is installed, the md0 executable tries to disable Windows Firewall, kill all Google Chrome processes, and disable several security features that could prevent the malicious extension from working as intended (such as disabling improved SafeBrowsing download protection).
Help Net Security has you covered!
Risky online dating apps putting your privacy in danger
Just how carefully is your dating app keeping your personal information and location out of other people's sight?
Researchers at Kaspersky have taken a look at a number of online dating apps for Android and iOS and have some alarming findings to share:
"First of all, we checked how easy it was to track users with the data available in the app. If the app included an option to show your place of work, it was fairly easy to match the name of a user and their page on a social network. This, in turn, could allow criminals to gather much more data about the victim, track their movements, identify their circle of friends and acquaintances. This data can then be used to stalk the victim.
More specifically, in Tinder, Happn and Bumble users can add information about their job and education. Using that information, we managed in 60% of cases to identify users’ pages on various social media, including Facebook and LinkedIn, as well as their full names and surnames."
Think twice about what personal information you share!
What was your favorite story of the week?
What stories or topics would you like to see covered next week?
Sound off in the comments and let us know!
