Watch Out For Malicious PDF Attachments

Malicious PDFs are another hacker’s favourite. Over the past few weeks, we’ve been looking at ways you can be vigilant in the fight against hackers. So far, we’ve looked at two-factor authentication, encryption, and avoiding public WiFi.

This time we’re going to look at PDFs attached to emails.

Why PDF attachments can be bad news

Hackers are sneaky by nature.

On the face of it, a PDF looks quite an innocuous document. After all, you open them every day during your regular working practices. However, there is a darker side to the humble PDF.

Its called steganography – derived from the Greek language meaning ‘covered writing’, where a data file or malicious code can be hidden within another file.

A PDF file is a perfect vessel for hackers because they’re generally thought to be safe. However, if you receive one that contains malicious code, opening it will drop the code on to your device in a similar manner to clicking on a malicious link on a website.

How to stay safe from malicious PDFs

They are challenging to catch and check. That’s why it’s best that whatever PDF reader you use, your anti-virus or endpoint protection is up to date and that your email servers are running current and updated filters.

Software is also available that can test the PDF file before allowing it through to the intended user.

Be vigilant. Stay safe.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.  

Why You Should Avoid Using Public WiFi

Using public WiFi is a no-no unless you want to hand your private data over to hackers.

This is another example of how to fight hackers. We’ve already looked at two-factor authentication and encryption.

Public WiFi might seem like the perfect way to make your monthly-allocated data usage go further, but it’s fraught with dangers.

Public WiFi opens the door to hackers

When you’re out and about, your smartphone will detect many WiFi networks. Some will be locked, requiring a password to log on. Others will purport to be public access, free services.

However, the thing you have to remember is that these free, public access networks are also insecure.

What does that mean?

It means that when you use them, everything you type is in clear text and can be read, accessed, recorded or taken over by anyone with the correct equipment.

Can you make public WiFi safe?

If you rely on these public WiFi services, there is a solution to remove, or at least reduce the risk of hacking.

The solution is to use a Virtual Private Network (VPN), which scrambles your communications making them unreadable.

If a VPN isn’t provided by a business firewall, you can buy applications for about £3 a month. These will scramble all communications through insecure connections.  Once a VPN is being used, there’s no way the ISP or anyone else can read or record what you’re browsing.

The moral of this post

If you have to use public WiFi when you’re out and about, make sure you use a virtual private network. If you don’t you run the risk of losing your privacy and, possibly, your data.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.  

 

Two-Factor Authentication Helps Fight Hackers

Two-factor authentication can help you stop hackers exploit any weakness in your online armoury.

One of the biggest mistakes people make, that could allow hackers to crack their devices, is their password choice.

It’s a pain having to have so many different passwords that are not easily guessable, but it’s also essential in the fight against hackers.

Two-factor authentication banishes the password blues

Passwords have been the go-to security measure for anyone wanting to access and manage the data on their devices.

Despite attempts at creating complex un-breakable passwords, the simplicity of their form makes them easily exposed and simple to hack.

As recent news reports have shown, these hacked passwords can then be sold on the dark web. The problem is exacerbated by the tendency of people to use the same or similar simple passwords across many different accounts.

So how can you sole the password problem?

The solution is to use another additional level of security alongside the usual user ID and password. This is a system called two-factor authentication, and is freely available on Google, PayPal, Amazon and most other common applications.

Generally, it involved a password and then a random code generated by an app or sent by text. This additional security layer makes it almost impossible for hackers to gain access to your data, and therefore helps you stay safe and secure online.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages. 

 

 

How Do Hackers Evade Detection?

Hacking is becoming too frequent a headline for our liking these days. It seems as though the technology that’s been developed to make our lives easier is backfiring thanks to a small army of hackers.

Getting their kicks out of circumventing firewalls and other security measures are putting the rest of us at risk.

So how come these attacks keep happening?

Well, according to BullGuard, before launching an attack, hackers make sure they cover their tracks by:

  • Breaking into poorly secured computers and using these hijacked systems as proxies through which they can launch and route attacks worldwide
  • Using viruses, worms, phishing emails and other malware to take control of internet servers or personal computers to create a network of ‘zombie’ computers, also known as botnets
  • These botnets are then used to launch attacks.
  • As a result, an attack may appear to come from a particular server or computer, but this does not mean the attack originated at that device.
  • Often a string of different proxies are used, typically located in different countries.

It is these factors that make it so difficult to find out where the original attack was launched.

As BullGuard states:

“ It can be done but requires law enforcement from different countries to co-operate with each other.

“On the surface, this may seem straightforward but political agendas can get in the way of forensics. For instance, law enforcement might trace an attack as far as a server IP address in Russia or a router on Chinese territory.

“This doesn’t provide definitive proof that the attack was launched from a server in Russia or a router in China, these devices could be proxies used by the attackers. But political relations, for instance between the US, Russia and China, ensure that the forensics investigations can’t go any further. This is why it is often difficult to catch attackers. That said, circumstantial evidence can certainly point a finger in the right direction.”

Attackers sometimes start small

BullGuard when on to explain:

“Attackers sometimes start their attacks by attacking small, remote and obscure computers or networks or piggyback into networks by infecting other devices. Their ultimate targets are often large organisations with sensitive information.

“But they don’t just press a big red attack button; instead they carry out surveillance and crawl through a victim’s network to find suitable launch points to reach their ultimate targets.

  • Foreign nation state-backed hackers took over outdated Windows servers run by a small company. They then moved across the network onto other servers. Spear-phishing emails were then sent from these compromised servers to more than a hundred targets, including companies working for the US Department of Defense.
  • Attackers exploited a vulnerable web application on public school servers to break into them. They moved around the networks and installed backdoors on the school’s computers to launch more attacks.
  • Malicious hackers breached a community club network and then distributed malware to anyone who connected to the club’s Wi-Fi. The attackers then later piggybacked into corporate networks when the owners of the devices had been infected logged onto their company networks.
  • Chinese spies penetrated an old computer belonging to a welding firm located deep in the Wisconsin countryside. The hackers used the compromised computer to plan and stage attacks on a major Manhattan law firm, one of the world’s biggest airlines, a prominent university and other targets.

“Often these firms or individuals have no idea their computers have been compromised until one day they receive a knock on the door from men in suits and raincoats who have a lot of questions.”

 

 

Cyber Attacks – What Happened In 2017 and What’s In Store For Us This Year?

Cyberattacks

 

2017 was quite a year for cyber attacks. According to Hackmageddon.com, every month saw dozens of serious cyber attacks affecting the personal information of billions of internet users worldwide.

Shocked? We were too.

We were too.

BullGuard outlined some of the biggest ones in a recent blog post.

WannaCry

The WannaCry ransomware spread through 150 countries affecting more than 300,000 computers including the UK’s National Health Service, FedEx, rail stations, universities, car manufacturers and a national telco.

It spread rapidly because of a worm-like component expedited by a large number of organisations using unpatched XP operating systems.

It was considered among the worst breaches of all time because of the amount of sensitive information that was taken.

Yahoo

Yahoo dropped a bombshell in August 2017 announcing that every one of its three billion accounts was hacked in 2013.

This was three times what was first thought to be the case. According to the former Yahoo CEO Marissa Mayer, the company only found out about the breach in 2016 when it reported that 1 billion accounts were hacked.

The company still doesn’t know who was responsible.

National Security Agency

The National Security Agency (NSA) is responsible for spying on other countries and mass surveillance of its citizens.

As you would expect, it has an arsenal of cyber tools for hacking into foreign banks, infrastructure, government departments, etc. However, a group of hackers called Shadow Brokers leaked a suite of hacking tools widely believed to belong to the NSA, which were then used in some of the year’s most significant global cyber attacks, including Wanna Cry.

How embarrassing!

Uber

Back in 2016, hackers stole the data of 57 million Uber customers. The company paid the hackers $100,000 to cover it up. The breach was only made public in November 2017 by the new Uber CEO Dara Khosrowshahi.

It also turns out that Uber was also playing on the other side of the fence too. A former member of Uber’s security team recently revealed details about a secretive unit within Uber dedicated to stealing trade secrets, spying on competitors, using self-destructing messages and dodging government regulators.

What can we expect in 2018?

It doesn’t take a rocket scientist to work out that a prime target of the hackers is going to be the Internet of Things.

Smart devices face the same cybersecurity challenges as your desktop PC, laptop and smartphone. The only difference being that smart devices are attached to real things in the real world.

As BullGuard reports:

“When someone hacks a PC, personal data is at risk. But when someone hacks a robotic manufacturing arm that entire manufacturing line is at risk, if someone hacks a medical monitor a patient is at risk, if some hacks a smart lighting system that smart home is at risk.”

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

Is There a Script Kiddie Watching You?

Webcam

 

A recent article in Trascendit caught our eye. It was about webcams, or more specifically about people watching you through yours.

It’s not a sophisticated hack, but it’s rather unnerving because they’re not doing it for financial gain; instead, they’re doing it for fun.

The people behind it are known as Script Kiddies (or skiddies). They don’t write any complicated software or code to get into your machine; they rely on you to do the damage for them.
They use a simple phishing scam that’s sent directly to your email that’s made to look like any other email from an organisation. But once you click a link the malicious software installs without you realising.

This type of malware isn’t designed to steal your passwords or card details, (at least, not at first) but to give the sender remote access to your machine. It’s called a Remote Access Tool, or just a RAT – and it’s exactly as unpleasant as it sounds.

Once installed, the Script Kiddie has complete control of your machine. They can flip your screen, open your disk drive, open websites, browse your private documents and pictures and log your keystrokes to steal your information. Or, if they prefer, just turn on your webcam and microphone and start watching.
The scariest part of this hack is that it’s almost impossible to know whether you’re a victim.
There are things you can do to make sure that you don’t end up on one of these sites:

  • Learn how to identify phishing emails
  • Don’t use torrents
  • Install antivirus software, and do a full scan every month or so
  • Get yourself awebcam cover – just in case.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Look Out Windows 10 Hackers Are About

Windows 10 hackers

 

This shouldn’t really come as much of a surprise, but hackers have latched on to Windows 10.

Let’s face it, considering the number of spoof emails and malware there is floating around the internet these days, the latest from Microsoft’s stables was not going to remain unscathed for long.

Phishing attempts have already been detected.

One of the latest pretends to be a Windows 10 installer, but in fact installs ransomeware instead. The hackers send out emails claiming to be from Microsoft with an email attachment. The claim is that by unzipping the attached file you’ll receive a Windows 10 upgrade.

Of course, that’s not what you get. This particular one originates from Thailand, but you’ll need to be vigilant because the email’s colour scheme is very similar to the Windows 10 update app.

Protecting yourself from the hackers

The growing number of phishing tricks like this one highlights the need for protection.

Here at MPM IT we recommend BullGuard Internet Security because it guards against ransomeware and it features behavioural-based detection so new malware strains are identified and stopped.

But don’t take our word for it. Recently, it was awarded Best Buy status by the UK’s leading consumer champion, Which?

In their own words, BullGuard Internet Security was as impregnable as Fort Knox!

That’s quite an accolade.

Having the right protection and remaining vigilant at all times is the only way to stay safe and out of the clutches of the hackers.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Cybercriminal Attacks on Apple Devices Set to Increase in 2016

iOS cyber criminals

 

Up ’til now, users have thought of their Apple products as safe as houses.

Unlike Microsoft, that’s been a target for cybercriminals for years, the Apple family has always been thought of relatively risk free – but according to a recent report by the BBC, this may no longer be true.

With their products (and market share) growing in popularity, Apple malware is on the increase. In fact, last year on average between 10,000 and 70,000 Mac computers were infected with malware.

Granted, that’s still small fry when you compare it with Windows desktops, but it’s a worrying trend.

A significant amount of this growth in attacks is accounted for by so-called greyware – applications that may not have malware attached, but can still be annoying to users, by serving up unwanted ads or tracking their web-browsing habits.

Symantec also found seven new threats aimed at Apple’s mobile iOS platform, with jailbroken devices – those that have been unlocked – being particularly vulnerable.

Plus, hackers are also increasingly targeting corporations, where Mac use is now more prevalent.

A corporate espionage group known as Butterfly which attacked multi-billion dollar companies in 2015 developed malware tools that attacked both Windows and Apple computers.

What does the future hold for Mac users?

It has always been the case that iOS has been seen as a more secure platform than Android because of the more closed community that Apple runs for its apps, but that is changing.

According to the security firm, FireEye, although the vast majority – 96% – of mobile malware is targeted at Android devices, iOS is no longer immune.

It also discovered that XcodeGhost, iOS malware that Apple acted quickly to remove from its app store, had found its way into the networks of 210 US businesses. It was thought to be the first large-scale attack on Apple’s app store.

It’s thought the introduction of new payment systems, such as Apple Pay, will add a financial incentives for hackers.

On the whole, Apple is still a safer option than Windows, but it’s worth keeping vigilant to make sure nothing untoward makes it way onto your machine.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BBC

 

Has Your Identity Been Sold to the Hackers?

Stories of database breaches are becoming all too common these days.

You, as a user, are told to change your password immediately regardless of whether you are part of the stolen database.

The problem is you, like me and most other people, are lazy and disorganised and use a single email address as our username on any number of websites just because it’s easy to remember. Plus, when it comes to passwords, rather than having hundreds of different ones, we use only a handful, or (God forbid) the same one for everything.

You might think that Adobe having their list stolen isn’t too much of an issue – after all what’s the hacker going to do with your Adobe account?

The problem is that the hackers work on the assumption that the username you’ve used for your Adobe account is the same one you’ve used for your online banking, credit card account etc.

That’s why it’s essential to know whether your name(s) feature on those stolen lists.

How can you check?

There’s a website you can use called http://haveibeenpwned.com.  Just type in your email or user ID and it searches through cached copies of the stolen lists to see if you’re at risk.

It only takes a few seconds to find out and it’s well worth finding out to make sure your online information stays safe.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.