Malware – There’s A New One In Town

A powerful malware is spreading through phishing campaigns using a Microsoft Word attachment.

It’s called Smoke Loader, and, according to Bullguard, has several components:

  • It can download browser plug-ins for Firefox, Internet Explorer, Chrome, Opera, QQ Browser browsers and Thunderbird and Outlook email clients
  • These plug-ins steal stored credentials, such as passwords, and also sensitive information transferred over a browser
  • The malware is injected into applications like TeamViewer, an application that allows users to remotely view others desktops

Although it’s been around for some years, it has become increasingly sophisticated.

Its creators have recently added anti-analysis techniques to make forensics difficult. As a result, it’s harder to trace the source of the servers. Plus new runtime AV scanners, tracing, and debugging features to confound researchers who try and find out more about it.

Keep your eyes peeled

The best way to guard against phishing campaigns, other than using good security software, is to be on your guard.

Phishing emails contain some form of bait message, such as an invoice, a parcel for collection or a PDF requiring downloading.

You can protect yourself by:

  • Casting a healthily suspicious eye on an unexpected email promising something
  • Questioning emails from apparently legitimate organisations with which you have had no dealing. Cybercrooks are good at mocking up emails that appear to be legitimate
  • Looking out for spelling or syntax errors; these are often clues that the email is not what it claims to be
  • Never revealing your personal information such as passwords, bank account numbers and card information even if the mail appears to be from your bank. If in doubt call your bank and speak to someone in the fraud department

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Source: Bullguard

Cyber Attacks – What Happened In 2017 and What’s In Store For Us This Year?

Cyberattacks

 

2017 was quite a year for cyber attacks. According to Hackmageddon.com, every month saw dozens of serious cyber attacks affecting the personal information of billions of internet users worldwide.

Shocked? We were too.

We were too.

BullGuard outlined some of the biggest ones in a recent blog post.

WannaCry

The WannaCry ransomware spread through 150 countries affecting more than 300,000 computers including the UK’s National Health Service, FedEx, rail stations, universities, car manufacturers and a national telco.

It spread rapidly because of a worm-like component expedited by a large number of organisations using unpatched XP operating systems.

It was considered among the worst breaches of all time because of the amount of sensitive information that was taken.

Yahoo

Yahoo dropped a bombshell in August 2017 announcing that every one of its three billion accounts was hacked in 2013.

This was three times what was first thought to be the case. According to the former Yahoo CEO Marissa Mayer, the company only found out about the breach in 2016 when it reported that 1 billion accounts were hacked.

The company still doesn’t know who was responsible.

National Security Agency

The National Security Agency (NSA) is responsible for spying on other countries and mass surveillance of its citizens.

As you would expect, it has an arsenal of cyber tools for hacking into foreign banks, infrastructure, government departments, etc. However, a group of hackers called Shadow Brokers leaked a suite of hacking tools widely believed to belong to the NSA, which were then used in some of the year’s most significant global cyber attacks, including Wanna Cry.

How embarrassing!

Uber

Back in 2016, hackers stole the data of 57 million Uber customers. The company paid the hackers $100,000 to cover it up. The breach was only made public in November 2017 by the new Uber CEO Dara Khosrowshahi.

It also turns out that Uber was also playing on the other side of the fence too. A former member of Uber’s security team recently revealed details about a secretive unit within Uber dedicated to stealing trade secrets, spying on competitors, using self-destructing messages and dodging government regulators.

What can we expect in 2018?

It doesn’t take a rocket scientist to work out that a prime target of the hackers is going to be the Internet of Things.

Smart devices face the same cybersecurity challenges as your desktop PC, laptop and smartphone. The only difference being that smart devices are attached to real things in the real world.

As BullGuard reports:

“When someone hacks a PC, personal data is at risk. But when someone hacks a robotic manufacturing arm that entire manufacturing line is at risk, if someone hacks a medical monitor a patient is at risk, if some hacks a smart lighting system that smart home is at risk.”

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

Tips From the Pros to Help You Find the Right Cybersecurity Product For Your Business

keep data safe

 

Making sure you find the right Cybersecurity product for your business is essential but with so many companies out there vying for your cash, how can you be sure you pick the right one?

A recent article on pcworld.com includes some top tips from actual buyers of enterprise security products. Here’s a summary of what they said:

  • Do your research by looking at customer recommendations instead of relying on what the vendors say

  • Test the security product in house

  • “Great security companies are concentrating not just on selling, but they’re interested in supporting your enterprise, and providing consulting [and] best security practices” – Damian Finol, security technical program manager at a major internet firm

  • Approach your product search with a firm plan – “identify what your success criteria is and tell that to the vendor. And then bake that into the service contract” – Quentin Taylor, director of information security at Canon EMEA

  • “Bad vendors tend to use scare tactics, while good vendors listen to your needs and try to help secure your business, even if that means offering free advice” – Jonathan Chow, a CISO at an entertainment focused company

  •  “Be wary of vendors that can’t offer any customer references, or that only offer product demos under strict test conditions” – Brian Honan, CEO of BH Consulting

You can see the full article here.

All sound advice.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Is There a Script Kiddie Watching You?

Webcam

 

A recent article in Trascendit caught our eye. It was about webcams, or more specifically about people watching you through yours.

It’s not a sophisticated hack, but it’s rather unnerving because they’re not doing it for financial gain; instead, they’re doing it for fun.

The people behind it are known as Script Kiddies (or skiddies). They don’t write any complicated software or code to get into your machine; they rely on you to do the damage for them.
They use a simple phishing scam that’s sent directly to your email that’s made to look like any other email from an organisation. But once you click a link the malicious software installs without you realising.

This type of malware isn’t designed to steal your passwords or card details, (at least, not at first) but to give the sender remote access to your machine. It’s called a Remote Access Tool, or just a RAT – and it’s exactly as unpleasant as it sounds.

Once installed, the Script Kiddie has complete control of your machine. They can flip your screen, open your disk drive, open websites, browse your private documents and pictures and log your keystrokes to steal your information. Or, if they prefer, just turn on your webcam and microphone and start watching.
The scariest part of this hack is that it’s almost impossible to know whether you’re a victim.
There are things you can do to make sure that you don’t end up on one of these sites:

  • Learn how to identify phishing emails
  • Don’t use torrents
  • Install antivirus software, and do a full scan every month or so
  • Get yourself awebcam cover – just in case.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Smart Protection: Security of Things

Internet of Things

 

It is the age of IoT (the Internet of Things).

More and more IoT devices are being launched, which on the face of it should be a good thing but think again.

The rise of IoT means there are millions of unsecured routers, webcams, IP cameras, baby monitors, etc., out there ready and waiting for a botnet to come along and cause mayhem. This problem will get bigger as smart connected devices become commonplace.

The good news is that security vendors have recognised the need for smart device protection. However, many of these products are reworked versions of existing security suites that are designed to protect computers so not particularly useful.
Effective smart device protection needs a more robust defence. For example, Dojo by BullGuard is a smart home protection technology that features five protective layers, as Forbes magazine said:

[Recently,] personal security company BullGuard announced it had acquired Israel’s Dojo-Labs, [which] has been working on a product that provides security across devices to the Smart and connected home. Some have called this SoT, the Security of Things, the logical next step in the development of IoT; the much better-known Internet of Things.

“In stealth mode since the winter of 2014, the Israeli startup had been early to realise that a smart home will be wide open to hackers because of the proliferation of devices and the huge challenges of ensuring they are secure.”

This security platform uses artificial intelligence and machine learning to provide the most cutting-edge IoT security available today. It’s also incredibly simple to use.

It is hoped that technologies like this will help redress the balance and provide the much-needed protection that smart device users need as the IoT revolution rolls forward.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

Have You Installed the Emergency Flash Patch?

emergency flash patch

 

As a PC user, you rely on Microsoft’s regular patch updates to make sure your system works smoothly and remains secure.

Adobe and Microsoft release Flash Player updates at about the same time to limit the number of vulnerable users, but in February something went wrong.

We’re not sure what because Microsoft is keeping tight-lipped, but for some reason, the software giant cancelled it’s usual Patch Tuesday that month.

As a result, a critical security fix has been released to resolve the problem with Adobe’s Flash Player on:

  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 RE
  • Windows RT 8.1
  • Windows 10
  • Windows Server 2016

According to The Verge:

“The patch requires a restart, and fixes a problem that could lead to remote code execution. It’s a serious issue, so check Windows Update and install the patch immediately.”

Check your patches

Historically it’s been shown that attackers analyse Flash Player updates to find vulnerabilities, which are then used to attack the users who haven’t patched their systems.

That’s why it’s important to double-check whether you have downloaded the patch.

If you haven’t, your whole system is at risk.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: Spiceworks

2017 Will See More Advanced Cyber Attacks Says Panda Security

Cyber attacks

 

Cyber attacks are getting more sophisticated. Hardly a month goes by without another report such as the one that recently hit the NHS.

Companies are being warned to be more and more vigilant as the cyber criminals find new ways of infecting their increasingly connected worlds.

To look at this further and identify the potential weak spots that could be targeted in 2017 and beyond, Panda Security has ranked the most popular attacks of the year and analysed their evolution.

Cybercrime

Cybercriminals focus their efforts on those attacks which can rake in the most profit, using more effective tactics and professionalising their operations in a way that allows them to make quick and easy money in an efficient manner.

Ransomware

This Trojan Horse will take centre stage with regard to cybersecurity and will cannibalise other more traditional attacks that are based on data theft. The pursuit of profit is the primary motivation of cybercriminals, and ransomware is the simplest and most effective way to achieve this. Some things never change: victims of this hijacking malware will have to decide whether to pay, or not, to recover their data. Of course, paying the ransom does not guarantee the total recovery of stolen data.

Companies

The number of attacks directed at corporations will increase, as these attacks become more and more advanced. Companies are already the prime target of cybercriminals, as their information is more valuable than that of private users.

Internet of Things (IoT)

The next cybersecurity nightmare. The technological revolution has ushered in the complete integration of smaller devices into the grid, which can be converted into entryways into corporate networks.

DDoS Attacks

The final months of 2016 witnessed the most powerful DDoS (Distributed Denial of Service) attacks in history. These attacks were carried out by bot networks that relied on thousands of affected IoT devices (IP cameras, routers, etc.). 2017 will see an increase in this kind of attack, which is typically used to blackmail companies or to harm their business (by blocking web access, online shopping, etc.).

Mobile Phones

Focusing on one single OS makes it easier for cybercriminals to fix a target with maximal dissemination and profitability. Android users will get the worst of it in the next 12 months.

Cyberwar

The precarious situation with regard to international relations can have huge — and serious — consequences in the field of cybersecurity. Governments will want access to still more information (at a time when encryption is becoming more popular), and intelligence agencies will become still more interested in obtaining information that could benefit industry in their countries. A global situation of this kind could hamper data sharing initiatives in the next year.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: Panda Security

Security Advice For New Computer Owners

New PC

 

Security isn’t always the first thing you think of when you get your first computer.

The excitement of getting it out of the box and working your way through the setup procedure is much more fun.

You can’t wait to get on the internet and besides, all that security stuff is just hype to get you to spend more money, right?

Wrong.

Online security threats are real, and if you don’t take it seriously, you could end up losing your data and watch your beloved computer slowly curl up and die.

Here are our top 10 tips for new computer owners. None of them are complicated, but they’re all important.

  1. Your computer is a sturdy piece of kit, but it’s not indestructible. It does like to be cleaned (see your computer’s guide), and it doesn’t like liquid or food
  2. Even though you write a document on your computer, it doesn’t mean it’s there forever, even if you save it – back everything up
  3. The best policy is not to trust anything that comes from the internet until it’s proven safe
  4. Saving is not automatic. If in doubt save it again
  5. The internet is a public entity. Only post things you’re happy for everyone in the world to know
  6. Don’t attempt any DIY fixes. If in doubt don’t touch your machine and get someone who knows what they’re doing (it will be cheaper in the long run)
  7. If you get a call from “Microsoft” hang up, it’s not them
  8. Get paid antivirus
  9. Set a strong admin password and use a non-admin account for everyday use
  10. Above all, if it sounds too good to be true, it probably is

If you follow those tips as you start to get to know your computer, you won’t go too far wrong.

Above all, take care of it, and it will take care of you.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Stay Secure With Two-Factor Authentication

keep data safe

 

Two-factor authentication is a way of adding a second layer of protection to the standard password method of identification.

It’s free and easy to use but isn’t infallible. Critics are quick to point out that because you normally have to use your phone number, it’s just one more bit of information you’re handing over to a third party. However, it is a good step towards protecting your online accounts.

How to use two-factor authentication

To help you boost your online security, here are details of how to use two-factor authentication on your favourite sites.

Paypal

  • Log in to your account on the website. Click on your profile icon then Profile and then settings
  • On the left side of the page, click My Settings and scroll to the bottom of the page
  • Find Security Key and click on Get Started to the right. You’ll have to enter your password again before continuing
  • Your Security Key page will have a message that says there are no keys currently activated
  • Click on the Get Security Key link at the bottom of the page and follow the prompts
  • You’ll then need to enter a phone number. A confirmation code is then sent to the phone number you specify via text
  • The security key page will then list your phone number, and every time you access your account you will need to enter your password and then phone number

Facebook

  • Sign in to your Facebook account. Click the drop-down arrow in the top-right corner and choose Settings
  • Select Security in the left pane, then click Edit to the right of Login Approvals
  • Next, check ‘Require a security code to access my account from unknown browsers’
  • A window opens explaining how log-in approvals work
  • Follow the prompts, which include adding a phone number to your account and entering a confirmation code that will be sent to your number
  • You can also take advantage of the code generator feature within Facebook’s mobile applications
  • The code generator is found within the app by sliding out the More menu and scrolling down to the Settings section
  • There you will find a Code Generator option, which will display a six-digit code when launched

Yahoo

  • Yahoo’s two-step verification can be setup by visiting your account settings page
  • Click on Account Security on the left side of the page
  • At the bottom of the list will be a switch to enable two-step verification. Sliding it to the On position will bring up a prompt asking you for your phone number
  • Enter your number, then click either Send SMS or Call Me to receive a confirmation code
  • Enter the code when you receive it, and you’re done

Dropbox

  • Log in to your Dropbox account from a Web browser, then open the menu in the top-right corner and head to Settings and then Security
  • Click Enable next to the Status for Two-step verification. After entering your password, you’ll be prompted to pick a method of receiving authentication codes in the future
  • You’ll need to choose between receiving codes via SMS or using an authenticator app. SMS only requires a phone number, and you’re set

If you plan to use an authenticator app, follow these steps:

  • Scan the barcode with your authenticator app of choice
  • Enter the six-digit code from SMS or the authenticator app into box on the website
  • Dropbox will show you a 16-digit code to be used in case you lose your device. Keep this emergency backup code in a safe place
  • Click Enable and you’re all set

LinkedIn

  • Open the top-right menu and click on Manage next to Privacy & Settings
  • On the tabs along the bottom-left-hand side, click Account > Manage security settings (bottom of the left column)
  • Under Two-step verification for sign-in, click Turn On. Enter a reliable cell phone number and then click Send Code
  • Enter the code you receive via SMS to log back into the LinkedIn website

Twitter

  • Setting up Twitter’s two-factor authentication requires you to use a computer and visit your security settings page
  • Tick the box next to ‘Send login verification requests to (my number)
  • If you don’t already have a phone number attached to your account, follow the prompts to add one
  • With the box is ticked you’ll receive a series of prompts letting you know that the service is about to be enabled and that you need to connect your mobile phone number to your Twitter account

No security system is completely infallible, but by using the two-factor authenticator system, you’re at least taking the right steps to keep your data safe from prying eyes.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.