GandCrab Ransomware Takes Aim At Your Inbox

February 27, 2019 | 126 views

Over the past several days AppRiver security specialists have been seeing early morning Ransomware campaigns targeting users. The ransomware itself belongs to the GandCrab family and has been the most frequently distributed of its kind over the past year. And like most ransomware, it has the power to significantly cripple business operations if it finds the right target.In the past 48 hours we have quarantined 260,000 of these malicious messages.

Spotlight

RL Canning

RL Canning is a global provider of Information Technology consulting and managed services headquartered in Chicago, IL. We deliver innovative IT services that offer our customers the flexibility to meet unique business needs and the opportunity to transform and perform through services. Our people, and their capabilities, make a difference and share a passion for excellence and commitment to the customer experience

OTHER ARTICLES
AI TECH

Top 10 Low-Code App Development Platforms for Fast Custom App Creation

Article | July 20, 2022

Explore the top low-code platforms that enable fast and cost-effective app development with a strategic approach by creating and achieving MVPs and understanding the KPIs of a good platform. Contents 1 Low-Code Development Essentials: Creating and Deploying Effective MVPs 2 KPIs of a Good Low Code Development Platform 3 Top 10 Low-Code App Development Platforms 3.1 AIRKIT 3.2 BETTY BLOCKS 3.3 CREATIO 3.4 DECISIONS 3.5 INTERFACING 3.6 KISSFLOW 3.7 SKUID 3.8 TRACKVIA, INC. 3.9 ULTIMUS 3.10 XENOSS 4 Strategic Low-Code Development: Trend Forecast Analysis Low-code platforms have transformed software development, enabling fast and cost-effective app development. This article covers vital components like creating effective minimum viable products, execution strategies, and key performance indicators to look for in a good low code platform for mobile app development. The article also lists the top 10 platforms, like Airkit, Betty Blocks, and Creatio, which offer innovative solutions to reduce time-to-market and produce exceptional results. 1. Low-Code Development Essentials: Creating and Deploying Effective MVPs Creating a software product or app from scratch doesn't have to be long and tiresome when it can be fast and fun with the help of low-code application development platforms. Before you start building your app around the no code framework, you need to create a minimum viable product (MVP) that can thrive on its own in the market. Defining the attributes of your app to meet your value proposition is essential. Having a plan of execution alongside the best lowcode development tools leads to the success of your software development projects. Effective execution strategies and product development strategies are far more critical to the success of your product than the development process itself. Thanks to low-code platforms, developing and deploying the desired features in your app is faster and easier than ever before. Cutting down on the development time leaves you more time to think strategically about product design, marketing, and perhaps sales. 2. KPIs of a Good Low Code Development Platform Low-code platforms for mobile app development allow organizations to deliver new user experiences faster. While evaluating different low-code application development platforms that meet your business needs, we highly recommend these factors, KPIs, and features to look for: Drag-and-drop interface: Enables non-technical users to create apps, reducing IT burden. It boosts productivity and lowers development time and costs. Develop once and deploy anywhere: Low code mobile app development platforms create apps for multiple platforms (cross platforms) without extra coding. It cuts down on IT workload and speeds up time-to-market. Seamless integration with enterprise systems: Simplifies the integration of enterprise systems with low code app development platforms, trims development time and costs, and enhances system efficiency. Intelligent BI and analytics: Automatically analyzes data, minimizing the time and effort required for data analysis. Leverage insights for data-driven decisions and improves business outcomes. AI-enabled data enrichment: Automatically fills in missing values or adds more data points to enrich the data. Improves data quality and accuracy and reduces IT workload. Complete visibility of data with dashboards: Provides a real-time view of app performance and user behavior. Monitors and improves app performance and user experience. Compliance with international data security policies: Ensures compliance with GDPR, HIPAA, Intertek, BSI, and AICPA SOC, reducing the risk of data breaches and ensuring data privacy. Flexibility for coding and posting: Enables developers to use preferred coding languages and frameworks, improving developer productivity. Transparency and predictability with pricing: This provides transparency and predictability regarding pricing. Allows budgeting for app development and reduces the risk of cost overruns. Low-code platforms help businesses develop applications quickly and efficiently. They offer a visual development environment, integrate with existing systems, support rapid application development, cross-platform compatibility, customization, and security. They are an excellent solution for businesses wanting to build applications quickly and cost-effectively. 3. Top 10 Low-Code App Development Platforms Today's low-code development platforms, which use the most recent low code technology, put more emphasis on innovation and optimization of business processes than just quick development and deployment. When your prime focus is fast-paced app development, there are some platforms that go above and beyond to reduce time-to-market and produce exceptional results, as listed down below. 3.1 Airkit Building complex apps with beautiful front-end experiences requires custom components, workflows, and styles. Share and iterate with the team to collaborate on application development. Airkit uses a visual builder, conversation automation, agent automation, security, and integrations. Latching on to anything with pre-built integrations helps with fast and free additional functionalities. For excellent CX, use components for purpose-built CX across all platforms. Reusable components and templates for designing personalized cross platform buyer journeys. With app debuggers, you can debug, test, and preview apps and use multi-environment deployment with a single click. Manage and control security and scalability with role-based access, versioning and environments, as well as end-user authentication. 3.2 Betty Blocks Betty Blocks is an enterprise-grade no-code development platform that lets users build collaboratively with no limitations. It lets you build apps with rapid application development technology, automate processes, and maximize efficiency. It is utilized by citizen developers to build solutions that integrate with the current tech stack. Building internal applications, customer-facing apps, and process automations is simple and easy to innovate with Betty Blocks. It offers development, testing, and production environments on its public cloud as well as on-premise and cloud providers in its standard and enterprise plans, respectively. As far as free and fast integrations are concerned, it integrates with everything from its Betty Blocks Store. It also lets you build your own integrations using the API. Its intuitive drag-and-drop user interface builder allows reusability, radically shortens the time to market, and empowers the citizen development workforce. 3.3 Creatio Creatio is a no-code development platform with a compostable architecture. Creatio Studio allows for no-code application development with an extreme degree of freedom. It lets you select the available types of apps, connectors, and OOTB functionality templates to manage instances and facilitate the collaborative development process. It is packed with intuitive no-code design automation tools to create and modify pages and views, data models, workflows, and integrations in a no-code workplace. It has a library of predefined views, widgets, and templates to accelerate the design process. Optimize and manage structured and fluid processes using workflow management capabilities with advanced analytics. Add integrations with SOAP and REST integration connectors. Use AI and ML to automate your workflows and enhanced security and safety for enterprise application platform scalability. Using the collaborative process designer, accelerate process design and standardize process management with team efforts. 3.4 Decisions Decisions is a powerful low code automation platform and business process management software that is capable of building no-code and low code applications. It helps turn siloed decisions into centralized rules. Its no-code intelligent process automation platform enables the codification of business logic and automation decisions, manages workflows, finds and fixes problems, connects systems to unify operations, and designs seamless experiences. Its visual design interface helps to design, optimize, and launch complex processes without writing code. Building software apps that solve business problems by automating functions to simplify, standardize, and streamline business operations and stay compliant is easy with Decisions. 3.5 Interfacing. Intefacing offers a business transformation suite using low-code rapid application development technology. It primarily supports business process optimization, quality control, continuous improvement, change management, SOP development, digital transformation, business excellence, and stakeholder happiness. It extensively offers eFORMS, process automation, low code database table entity designer, system integration designer, tax monitoring and delegation, custom rules and actions, text and voice messaging services, custom dashboard design, and app mobile touchscreen for better control over your low code mobile app development. Interfacing allows building simple to complex consumer-focused applications and business processes in hours, not days. 3.6 Kissflow Kissflow's enterprise-grade low code application development platform lets businesses take control with no IT background. It helps digitize operations, automate processes, and modernize apps using its components. The software offers a comprehensive suite of features such as application builder, process designer, boards, reports, and analytics, and custom UI. It also provides collaboration, developer sandbox, extensive integrations, external portals, and roles-based access control for application deployment with new builds. Using a visual builder for forms with easy drag-and-drop options, work management, intuitive dashboards, communication, and collaboration, Kissflow has emerged as an industry standard in no-code development. Bring business and IT together with a DevOps approach, streamline ad-hoc requests, manage and control with a central console, and reap returns with high productivity and a lower time-to-market with Kissflow. 3.7 Skuid With Skuid, you can build low-code mobile apps from scratch for multiple platforms that are user-friendly. It allows design interdependence, composite apps, and rapid prototyping. Custom user experience options on Skuid NLX involve design decisions about interaction, navigation, and app structure. Skuid SFX helps build modern, custom Salesforce apps. It helps with lightning customization, portals and communities, and a high-performance engine. Skuid EXP for enterprise HR app creation brings features to maximize platform value, flexible deployment, and people-centered portal creation. Components on Skuid include account dashboards, customer request forms, opportunity management, quick orders, revenue and expense dashboards, dynamic forms, retail data dashboards, and a contact directory. These features help increase app adoption and innovation by 10x. 3.8 TrackVia, Inc. TrackVia helps automate processes in a business to connect and track everything that matters. It allows for seamless integration with existing ERP, CRM, BPM, financial systems, and more. It helps keep up with product and quality, compliance, custom workflows, supply chain management, project management, and field services. Its low-code app development platform enables users to build business apps without code and without limits with the help of its toolkit and a canvas. It brings intelligent workflow automation, single to multiple sandbox environments with unlimited applications and unlimited storage, and records for 1 administrator and 5 users. Its pricing plans include mobile, quick start, business, and enterprise for citizen developers in any industry. 3.9 Ultimus Ultimus offers a highly customizable platform with integration capabilities for business process management. It has a strong focus on security and compliance and offers scalability and dedicated support. Ultimus streamlines app development with a cost-effective platform, empowering non-IT business users to create custom apps easily. Its mobile-ready technology deploys on-cloud or on-premises servers, prioritizes decision-making, and improves the customer experience by eliminating isolated apps and data. A unified inbox and high-productivity portal fuses interactions with customers, employees, and partners. Ultimus avoids high upfront costs with flexible pricing options. 3.10 Xenoss Xenoss's mar-tech, low-code platform offers up to 40% cost savings and the fastest time-to-market in the industry. It has ad-tech and mar-tech parts like a bidding cluster, mission control, campaign front end, account server, logging cluster, predictor optimization engine, aggregator, reporter, DMP profile builder, DMP segment builder, DMP real-time audience DB cluster, health monitoring system, and real-time anti-fraud. Its feature set includes campaign management, budget management, creatives, supply integrations, device targeting, geographic targeting, audience targeting, dayparting, media planning, the DMP, automatic campaign optimization, manual campaign optimization, tracking, reporting, and analysis, support tools, and the data collection web SDK. It offers a customizable and integratable user-friendly platform. With a strong focus on scalability, it offers dedicated support. Its pricing is based on a per-user basis. 4. Strategic Low-Code Development: Trend Forecast Analysis Large companies will keep using low-code platforms for digital transformation in the near future because their visual interfaces and pre-built components can speed up software development. Strategic low-code development will be a must for reducing time-to-market, speeding up digital transformation, and putting security and compliance front and center. More and more people will use industry-specific solutions, AI integration, collaboration, and process automation, which will streamline operations and make them more efficient. Some of the best low code app development platforms will meet security and compliance requirements like HIPAA and PCI, so sensitive information will be safe. AI and machine learning tools will make it easier to solve problems and improve processes. This will bring IT and business operations closer than ever before. These automation platforms will be crucial to making businesses more profitable and stable because they will let them get the most done with the least amount of work.

Read More
SOFTWARE

Empowering Industry 4.0 with Artificial Intelligence

Article | August 8, 2022

The next step in industrial technology is about robotics, computers and equipment becoming connected to the Internet of Things (IoT) and enhanced by machine learning algorithms. Industry 4.0 has the potential to be a powerful driver of economic growth, predicted to add between $500 billion- $1.5 trillion in value to the global economy between 2018 and 2022, according to a report by Capgemini.

Read More
SOFTWARE

How Artificial Intelligence Is Transforming Businesses

Article | July 14, 2022

Whilst there are many people that associate AI with sci-fi novels and films, its reputation as an antagonist to fictional dystopic worlds is now becoming a thing of the past, as the technology becomes more and more integrated into our everyday lives. AI technologies have become increasingly more present in our daily lives, not just with Alexa’s in the home, but also throughout businesses everywhere, disrupting a variety of different industries with often tremendous results. The technology has helped to streamline even the most mundane of tasks whilst having a breath-taking impact on a company’s efficiency and productivity

Read More

The advances of AI in healthcare

Article | February 11, 2020

With the Government investing £250 million into the project, the Lab will consider how to use AI for the benefit of patients – whether this be the deployment of existing AI methods, the development of new technologies or the testing of their safety. Amongst other things, the initiative will aim to deliver earlier diagnoses of cancer. It is estimated that in excess of 50,000 extra patients could see their cancer being detected at an early stage, thus boosting survival rates. More specifically, a study has shown that AI is quicker in identifying brain tumour tissue than a pathologist.This would have a positive knock-on effect in other areas, such as enabling money to be saved (that otherwise would have been spent on further treatment) and reducing the workload of staff (at a time when there is a crisis in NHS workforce numbers).

Read More

Spotlight

RL Canning

RL Canning is a global provider of Information Technology consulting and managed services headquartered in Chicago, IL. We deliver innovative IT services that offer our customers the flexibility to meet unique business needs and the opportunity to transform and perform through services. Our people, and their capabilities, make a difference and share a passion for excellence and commitment to the customer experience

Related News

GandCrab Ransomware Slingers Target MSPs

Infosecurity Magazine | February 15, 2019

A software company has been forced to remind customers to patch a two-year-old flaw in a third-party plug-in, after reports it is being exploited to infect scores of companies with GandCrab ransomware via their managed security provider (MSP). The issue relates to CVE-2017-18362, a flaw which affects the Connectwise Manage plug-in for the Kaseya VSA remote-monitoring tool. ConnectWise Manage is a professional services automation (PSA) product popular among IT support staff in MSPs. “This vulnerability allows a remote attacker to execute arbitrary SQL commands against the Kaseya VSA database, which means they can create administrative users, change user passwords, or even create tasks to deploy software to all endpoints under management,” explained Chris Bisnett, co-founder of Huntress Labs. “This week an unknown attacker leveraged the vulnerable integration to attack MSPs and their customers by tasking all managed endpoints to download and execute a ransomware variant known as GandCrab. This type of attack is particularly devastating because the Kaseya RMM tool has remote administrative (SYSTEM) access to all managed endpoints leading to a quick and complete compromise of all customer assets.” The incident was first revealed in a Reddit post a few days ago with the user claiming if affected a “local mid-sized MSP with about 80 clients” — all of which were apparently infected. Kaseya was forced to issue an update on the ConnectWise plugin bug. “Kaseya takes security very seriously and recommends that all customers using the Connectwise Plugin for VSA upgrade to the newly released version of the Plugin immediately or alternatively remove all versions of this Plugin,” it stated. The news is yet another example of the lengths ransomware authors are now going to in order to get their wares on as many victim machines as possible.

Read More

Ransomware Sees Further Decline, Banking Trojan Use Steps Up

Infosecurity Magazine | February 07, 2019

Ransomware accounted for one tenth of 1% of all malicious email content in Q4, according to a new threat report from Proofpoint. It’s Q4 threat report found that banking trojans accounted for 56% of all malicious payloads in email in Q4, while remote access trojans (RATs) accounted for 8.4%. Proofpoint claimed that this marked a “significant change” for RATs, as in previous years they were rarely used by attackers. The report stated that email remains the top vector for malware distribution and phishing, while email fraud, also known as business email compromise (BEC), continues to grow rapidly. Ransomware message volumes dropped significantly from Q2 to Q4 “suggesting that ransomware campaigns did not generate sufficient returns for threat actors to continue distributing them at scale.” Speaking to the Risky Business podcast in November, Sherrod DeGrippo, Proofpoint’s director of threat research and detection, said that ransomware “has basically evaporated” after it was in the headlines for many months. “I probably attribute that to the fact that cryptocurrency is so difficult for the average consumer to use, and what we’ve seen instead is, back to cryptocurrency, they are bolting on crypto-miners to just about everything: commodity banking trojans, commodity RATs and keyloggers and pretty basic crimeware stuff,” she said. “We’re starting to see banking trojans have crypto-miners bolted on to them so they steal the money from the traditional bank account and then leave the crypto-miner behind.” In an email to Infosecurity, Ed Tucker, CISO and co-founder of Email Auth, Byte and Human Firewall, said that this research highlights that ransomware is actually less of a prevalent threat both to the individual and business, and criminals know that trojans work.

Read More

Ryuk Ransomware Takes Down Cloud Hosting Provider’s Systems

SDxCentral | January 02, 2019

A ransomware attack with ties to North Korea took down cloud hosting provider Data Resolution’s systems on Christmas Eve. The California-based company provides software hosting, cloud computing, and data center services for about 30,000 businesses worldwide. First reported by KrebsOnSecurity, the attackers used a compromised login account to infect servers with Ryuk ransomware. In August, Check Point threat researchers linked Ryuk to the North Korean Lazarus Group, also known as Hidden Cobra. This is the state-sponsored group believed to be behind the WannaCry attack in 2017. And over the weekend, Ryuk malware infected the Los Angeles Times’ Olympic printing plant in downtown Los Angeles. This attack delayed that newspaper’s Saturday editions as well as the West Coast editions of the Wall Street Journal and New York Times, which are also printed at that plant. Data Resolution did not immediately respond to a request for comment. According to security researcher Brian Krebs, the attack gave hackers control of Data Resolution’s data center domain, locking the company out of its own systems and forcing it to shut down its network. A Jan. 2 status update shared with customers said the cloud hosting provider is still working to restore email access and multiple databases for clients and is in the process of restoring service for companies that use it to host Microsoft Dynamics GP, a popular accounting and payroll software. Data Resolution reportedly told customers that no data was stolen.

Read More

GandCrab Ransomware Slingers Target MSPs

Infosecurity Magazine | February 15, 2019

A software company has been forced to remind customers to patch a two-year-old flaw in a third-party plug-in, after reports it is being exploited to infect scores of companies with GandCrab ransomware via their managed security provider (MSP). The issue relates to CVE-2017-18362, a flaw which affects the Connectwise Manage plug-in for the Kaseya VSA remote-monitoring tool. ConnectWise Manage is a professional services automation (PSA) product popular among IT support staff in MSPs. “This vulnerability allows a remote attacker to execute arbitrary SQL commands against the Kaseya VSA database, which means they can create administrative users, change user passwords, or even create tasks to deploy software to all endpoints under management,” explained Chris Bisnett, co-founder of Huntress Labs. “This week an unknown attacker leveraged the vulnerable integration to attack MSPs and their customers by tasking all managed endpoints to download and execute a ransomware variant known as GandCrab. This type of attack is particularly devastating because the Kaseya RMM tool has remote administrative (SYSTEM) access to all managed endpoints leading to a quick and complete compromise of all customer assets.” The incident was first revealed in a Reddit post a few days ago with the user claiming if affected a “local mid-sized MSP with about 80 clients” — all of which were apparently infected. Kaseya was forced to issue an update on the ConnectWise plugin bug. “Kaseya takes security very seriously and recommends that all customers using the Connectwise Plugin for VSA upgrade to the newly released version of the Plugin immediately or alternatively remove all versions of this Plugin,” it stated. The news is yet another example of the lengths ransomware authors are now going to in order to get their wares on as many victim machines as possible.

Read More

Ransomware Sees Further Decline, Banking Trojan Use Steps Up

Infosecurity Magazine | February 07, 2019

Ransomware accounted for one tenth of 1% of all malicious email content in Q4, according to a new threat report from Proofpoint. It’s Q4 threat report found that banking trojans accounted for 56% of all malicious payloads in email in Q4, while remote access trojans (RATs) accounted for 8.4%. Proofpoint claimed that this marked a “significant change” for RATs, as in previous years they were rarely used by attackers. The report stated that email remains the top vector for malware distribution and phishing, while email fraud, also known as business email compromise (BEC), continues to grow rapidly. Ransomware message volumes dropped significantly from Q2 to Q4 “suggesting that ransomware campaigns did not generate sufficient returns for threat actors to continue distributing them at scale.” Speaking to the Risky Business podcast in November, Sherrod DeGrippo, Proofpoint’s director of threat research and detection, said that ransomware “has basically evaporated” after it was in the headlines for many months. “I probably attribute that to the fact that cryptocurrency is so difficult for the average consumer to use, and what we’ve seen instead is, back to cryptocurrency, they are bolting on crypto-miners to just about everything: commodity banking trojans, commodity RATs and keyloggers and pretty basic crimeware stuff,” she said. “We’re starting to see banking trojans have crypto-miners bolted on to them so they steal the money from the traditional bank account and then leave the crypto-miner behind.” In an email to Infosecurity, Ed Tucker, CISO and co-founder of Email Auth, Byte and Human Firewall, said that this research highlights that ransomware is actually less of a prevalent threat both to the individual and business, and criminals know that trojans work.

Read More

Ryuk Ransomware Takes Down Cloud Hosting Provider’s Systems

SDxCentral | January 02, 2019

A ransomware attack with ties to North Korea took down cloud hosting provider Data Resolution’s systems on Christmas Eve. The California-based company provides software hosting, cloud computing, and data center services for about 30,000 businesses worldwide. First reported by KrebsOnSecurity, the attackers used a compromised login account to infect servers with Ryuk ransomware. In August, Check Point threat researchers linked Ryuk to the North Korean Lazarus Group, also known as Hidden Cobra. This is the state-sponsored group believed to be behind the WannaCry attack in 2017. And over the weekend, Ryuk malware infected the Los Angeles Times’ Olympic printing plant in downtown Los Angeles. This attack delayed that newspaper’s Saturday editions as well as the West Coast editions of the Wall Street Journal and New York Times, which are also printed at that plant. Data Resolution did not immediately respond to a request for comment. According to security researcher Brian Krebs, the attack gave hackers control of Data Resolution’s data center domain, locking the company out of its own systems and forcing it to shut down its network. A Jan. 2 status update shared with customers said the cloud hosting provider is still working to restore email access and multiple databases for clients and is in the process of restoring service for companies that use it to host Microsoft Dynamics GP, a popular accounting and payroll software. Data Resolution reportedly told customers that no data was stolen.

Read More

Events