02/11/17

  06:29:00 pm by Admin, Categories: News, Virus - Ransomware - Spyware

The Wall Street Journal, Washington Post and New York Times have all reported that software from Kaspersky Lab was used by the Russian government as a tool for espionage.

A security solution is supposed to bring you comfort and peace of mind—and most of all, keep you safe from this very sort of intrusion! If an incident like this has you feeling unsettled, don’t panic. Switch to VIPRE today for the highest-rated antivirus and anti-malware solution, headquartered right here in the United States, right now available for up to $35 off!*

Don’t be a victim. Bite back against malware—and foreign spies!—with VIPRE!

 Permalink

You must be logged in to see the comments. Log in now!

If you have no account yet, you can register now...
(It only takes a few seconds!)


Form is loading...

11/10/17

  12:44:00 pm by Admin, Categories: News, Security

Timely News as October is National Cyber Security Awareness Month (NCSAM)

A report from Duo Security details a potentially systemic issue that leaves Mac computers susceptible to highly targeted and stealthy attacks.

The report shows Mac users who have updated to the latest operating system or downloaded the most recent security update may not be as secure as they originally thought.

Duo Security’s analysis of more than 73,000 Macs across various industries found the Extensible Firmware Interface (EFI) in many models was not receiving security updates that users thought they were getting. This left users susceptible to previously disclosed vulnerabilities such as Thunderstrike 2 and the recent WikiLeaks Vault 7 data dumps that detail attacks against firmware.

While Apple devices were the focus of the study, experts at the company told The Washington Post that Windows-based machines are even more likely to be at risk, because of the range of manufacturers involved in building PCs.

In 2015, Apple began bundling its software and firmware updates in an effort to ensure users automatically obtain the most current firmware security. This allowed Duo Security to analyze the state of Apple’s EFI security by looking at Mac updates over the past three years.

Duo Security’s key findings are:

Users running a version of the Mac OS that is older than the latest major release (High Sierra) likely have EFI firmware that has not received the latest fixes for known EFI issues. This means those systems can be software-secure but firmware-
On average, 4.2% of Macs running an EFI firmware version that’s different from what they should be running.
At least 16 models have never received any EFI firmware updates. The 21.5” iMac, released in late 2015, has the highest occurrence of incorrect EFI firmware with 43% of sampled systems running incorrect versions.
47 models capable of running 10.12, 10.11, 10.10 did not have an EFI firmware patch addressing the vulnerability, Thunderstrike. 31 models did not have an EFI firmware patch addressing the remote version of the vulnerability, Thunderstrike 2.
Two recent security updates issued by Apple (Security Update 2017-001 for 10.10 and 10.11) contained the wrong firmware with the update. This would indicate regression or a lag in quality assurance.
The National Cyber Security Awareness Month (NCSAM) was created in 2003 by the U.S. Department of Homeland Security and National Cyber Security Alliance to ensure everyone has the resources they need to stay safe and secure online. The goal of NCSAM is to increase the awareness of the ever-evolving cyber security landscape and bring attention to different measures people can take to keep their information protected.

You must be logged in to see the comments. Log in now!

If you have no account yet, you can register now...
(It only takes a few seconds!)


Form is loading...

22/08/17

  12:45:00 pm by Admin, Categories: News, Security, Virus - Ransomware - Spyware , Tags: malware, security

A new malware family detected under the name of CoinMiner is causing users and security firms alike loads of problems, being hard to stop or detect due to the combination of various unique features.

The malware — a cryptocurrency miner — uses the EternalBlue NSA exploit to infect victims and the WMI (Windows Management Instrumentation) toolkit as a method to run commands on infected systems.

In addition, CoinMiner also runs in memory (fileless malware), and uses multiple layers of command and control servers to deploy the multitude of scripts and components it needs to infect victims.

All of these make a deadly mixture of features that spell trouble for outdated machines and systems running antivirus solutions not up to par with the latest infection techniques.

Avoid getting infected with CoinMiner by disabling SMBv1...

You must be logged in to see the comments. Log in now!

If you have no account yet, you can register now...
(It only takes a few seconds!)


Form is loading...

  12:37:00 pm by Admin, Categories: News, Security, Android 101

An advertising software development kit (SDK) embedded in many legitimate apps has been secretly siphoning user data and sending it to the servers of a Chinese company.

Developed by Chinese firm Igexin, the advertising SDK was found in over 500 apps that were uploaded on the official Google Play Store and had been downloaded over 100 million times across the Android ecosystem.

Investigation started after noticing suspicious API requests

Researchers say they got on the trail of the Igexin SDK after they noticed that known malware samples were being downloaded on clean smartphones after the device made a request to the Igexin API server.
Following months of investigation, researchers from mobile security firm Lookout discovered that Igexin developers were using SDK legitimate functions to send malicious commands to legitimate apps.

Based on the permissions the legitimate apps received from users during installation, Lookout says it observed the SDK collecting all sorts of data from users' devices, but mostly call logs.

In addition, the SDK also forcibly downloaded and ran code contained in large encrypted files. This code aided the malicious behavior.
<--More -->

You must be logged in to see the comments. Log in now!

If you have no account yet, you can register now...
(It only takes a few seconds!)


Form is loading...

16/08/17

  10:43:00 am by Admin, Categories: Security

The threat of cyber security is unquestionably growing more serious over time. The impact of attacks on businesses can be devastating, and for many, the source remains unknown - as many as 35% of attacks on UK-based organisations are from an unknown source.

The majority of organisations consider dealing with cyber threats, and ransomware in particular, as a high priority, but many lack confidence in their ability to respond to a successful attack.

These charts are from the results of a survey undertaken in the United Kingdom as part of a larger survey of organisations across the world on ransom-ware and other critical security issues. It was conducted with small to mid-sized businesses during June 2017. with individuals who are responsible for or knowledgeable about cyber security issues at 175 UK organisations.

The full report on the state of ransomware in the UK is available to download for free here.
Download now

You must be logged in to see the comments. Log in now!

If you have no account yet, you can register now...
(It only takes a few seconds!)


Form is loading...

::