Home Tags Posts tagged with "malware"

malware

As the old adage says, ‘no one is perfect.’ This often applies to people who lock their keys in the car or turn their laundry pink, but it’s a little more problematic when human slip-ups put your small business at risk.

In fact, 95 percent of all cybersecurity incidents involve human error. While that figure may frighten you, there are steps you can take to safeguard your organization against employee-linked data breaches.

Boost Your Cyber Smarts

Employee education is absolutely vital to protecting your small business. This can be done in a number of ways. While some companies choose to walk new hires through cybersecurity training during their first week, other companies may host quarterly or yearly cybersecurity training meetings to refresh everyone’s memories about best practices.

Impress upon your employees the importance of avoiding opening emails from unknown or suspicious sources. Cybercriminals are avid spammers, and their emails frequently contain links and attachments meant to infect your computer with dangerous malware. Phishing scams are included in URLs in an attempt to deceive employees into sharing their passwords and login information.

Some hackers, who are trickier than others, will use spoofing to pose as a friend or coworkers in emails or text messages. The lie is made even more convincing by redirecting the user to fraudulent phishing pages made to look identical to the real thing. The goal, of course, is to fool your team members into divulging valuable information.

While digital threats continue to evolve as do the methods to combat them. Continued cybersecurity training will ready your team to be aware of any risk.

Cut the Phishing Line

But even with the best cybersecurity protocols, accidents happen. Sometimes it’s a careless click, or maybe your employee fell prey to an extra crafty ploy. No matter the case, your business information has been compromised by a phishing attack. What do you do? To remove yourself from a phishing scam:

Begin with changing your passwords immediately: Don’t allow the hacker to gain further access to your other accounts.

Be sure to repot the incident right away: The faster you act, the better your chances of limiting the damage.

Next, check your ‘sent’ email folder: Make sure your contacts haven’t been spammed using your good name.

Finally, do a security sweep: This will uncover any malware programs that may have been downloaded without your knowledge.

Purging Malware & Trojans

Oh no! Your sweep revealed malware infections on your device. It may have even been living inside your computer, undetected for months. Symptoms include slow performance, advertising pop-ups when browsers are closed and bogus security warning from programs you didn’t install.

Removing malware can be incredibly time consuming. So let’s get started.

The first step is to update your antivirus software: The most recent update will better combat whatever is infecting your computer.

Restart your computer in safe mode: This will stop malware from spreading while you hunt down its roots. Start by deleting temporary files. Be sure to investigate any files or programs unfamiliar to you.

While this may be enough to detect and exterminate your computer bug, it is likely that you may need to download additional security software to relieve your system. A computer professional will be able to help you if necessary.

Explore Cybersecurity Insurance Quotes

As you can tell, cyberattacks consume your time and resources, costing your small business thousands in damages and downtime. Shield yourself by investigating cyber security insurance quotes. Providers even offer protection against extortion and reputational damage.

Cyber security quotes may vary, but are very affordable compared to risk posed by cybercriminals. Besides, investing pennies a day is infinitely preferable to dropping tens of thousands of dollars on data breach.

According to experts, cyber-thieves are preparing malware and spam campaigns in a bid to catch out retailers and shoppers during the run-up to Christmas.

One gang had updated the sophisticated malware it used to target tills in stores, security company iSight said.

There had also been an increase in spam and phishing emails crafted to catch out people seeking bargains.

Some crime groups had made fake copies of popular shopping apps in a bid to steal payment-card data.

The warnings are being given just prior to Black Friday and Cyber Monday, which bracket the weekend following the Thanksgiving holiday, when many online and offline stores offer special deals.Black Friday 2015

The 50 biggest retail brands in the US were now hunting through their internal corporate networks to see if they had been infected by the “highly sophisticated” Modpos malware, said iSight senior director Stephen Ward.

The modular malware could lurk unseen on POS equipment, said Stephen Ward, and sought to scoop up payment-card data during the few moments this information was passed around unencrypted in the memory of computerized tills.

“It’s a Swiss-army knife of sorts that can be used for any type of nefarious activity,” he said.

The Retail Cyber Intelligence Sharing Center, a US government-backed organization set up to pass on information about threats aimed at retailers, has sent out advice about the “2015 hacking season”.

“Downtime is expensive, but especially so at this time of year,” it said.

“Retail staff is motivated and focused on sales, at the risk of possibly allowing fraudulent transactions or other types of breaches.”

Reacting quickly to threats could be tricky at this time of year, it said, because systems were often “frozen” to limit downtime.

Stephen Ward said iSight had been tracking the gang behind Modpos for some time, but it had now been revamped for the run-up to Christmas.

Traditional anti-virus systems were unlikely to catch the stealthy malware because of the clever way it was built.

iSight had passed on information about telltale signs that would reveal a retailer had been compromised by Modpos.

Anti-fraud company ThreatMetrix said online retailers were also coming under sustained assault from many different hi-tech crime groups.

It said it had seen signs of an increase in fraud campaigns before the main shopping season got under way and expected a “major spike” in such activity in the run-up to Christmas.

In a report, it said attacks against online retailers had already jumped 25% over earlier in the year and it expected the trend to continue.

“Generally, the third quarter is a slower time for businesses as consumers anticipate spending money during the Christmas and New Year shopping season, but this year it yielded record numbers in attack attempts,” said Vanita Pandey, strategy director at ThreatMetrix.

The vast majority of the attacks were attempts to defraud companies by using fake logins or stolen credentials, said Vanita Pandey.

ThreatMetrix had seen evidence of crime groups using botnets, networks of hijacked computers, to batter away at login screens searching for loopholes and bugs.

Experts also urged people to be vigilant and exercise common sense when browsing offers sent via email or other messaging services.

No-one should ever buy anything offered via unsolicited email.

0

The private email account used by Hillary Clinton while she was secretary of state was targeted by Russia-based hackers, newly released emails show.

Hillary Clinton received at least five emails containing malware.

The “phishing” emails, disguised as speeding tickets, would have enabled the hackers to control her computer.

The infected computer would have sent information to at least three computers overseas, including one in Russia.

A spokesman for HillaryClinton said there was no evidence of a breach.

The hacking attempts were included in thousands of emails released by the State Department.

Photo Facebook

Photo Facebook

Hillary Clinton’s opponents have accused her of putting US security at risk by using an unsecured computer system.

The Democrat presidential hopeful says no classified information was sent or received.

The five emails, sent over a four-hour period in August 2011, show hackers had Hillary Clinton’s email address, which was not public, and contained a virus concealed as a speeding ticket from New York state, where she lives.

The email containing instructions to open and print the speeding ticket misspelled the name of the city concerned, Chatham, came from a supposed New York City government account and contained a “Ticket.zip” file of the kind usually picked up by commercial antivirus software.

Nick Merrill, a spokesman for Hillary Clinton’s presidential campaign, said there was no evidence to suggest she replied to the emails or opened the attachment.

“All these emails show is that, like millions of other Americans, she received spam,” he said.

The state department disclosed that Hillary Clinton used a private server during her time as secretary of state (between 2009 and 2013) after journalists requested copies of her government emails.

Hillary Clinton has admitted that her decision to use a private email server at her New York home was a mistake.

However, the latest set of her emails to be released also reveal frustration within the State Department at the technology it was using while she was in office.

In one email exchange Hillary Clinton’s then head of policy Anne-Marie Slaughter wrote that the department’s technology was “so antiquated” that high-level officials “routinely end up using their home email accounts to be able to get their work done quickly and effectively”.

Anne-Marie Slaughter suggested writing an opinion piece to highlight the problem and Hillary Clinton agreed the idea “made good sense”, but her chief of staff Cheryl Mills warned against “telegraphing” how often senior officials relied on their private email accounts to do government business because it could encourage hackers.

0

Carlos Enrique Perez-Melara, who allegedly created malware purporting to catch out cheating lovers, has made it on to the FBI’s “most wanted” list of cybercriminals.

The FBI says Carlos Enrique Perez-Melara ran a website offering customers a way to “catch a cheating lover” by sending spyware masquerading as a greeting card.

Opening the card downloaded the malware on to the recipient’s computer and recorded keystrokes and messages.

The “Lover Spy” program cost $89.

Carlos Enrique Perez-Melara was indicted in July 2005 but has avoided capture ever since, only now making it on to the FBI’s most wanted list.

He ran the operation from his San Diego home in 2003, the FBI says, while he was in the US on a student travel visa.

Carlos Enrique Perez-Melara allegedly created malware purporting to catch out cheating lovers

Carlos Enrique Perez-Melara allegedly created malware purporting to catch out cheating lovers

The charges against Carlos Enrique Perez-Melara, 33, included making, sending and advertising an interception device, and unlawfully intercepting electronic communications.

The indictment said Lover Spy was designed “with stealth in mind, claiming that it would be impossible to detect by 99.9% of users”.

But Carlos Enrique Perez-Melara has avoided the authorities ever since and his last known location was San Salvador, the FBI said.

The agency appears to have added the hacker to its list partly out of frustration at his elusiveness.

“These are sophisticated folks who know how to hide themselves on the internet,” said John Brown, who oversees the FBI’s cyber-division.

The agency has offered a $50,000 reward for information leading to his arrest.

According to the 2005 indictment, Carlos Enrique Perez-Melara sold the malware to 1,000 customers, who then used it to infect the computers of about 2,000 victims.

Victims took the bait about half the time, the government said.

People who bought the spyware were charged with illegally intercepting electronic communications.

Researchers have found that the teams responsible for the Flame and Stuxnet cyber-attacks worked together in the early stages of each threat’s development.

Flame, revealed last month, attacked targets in Iran, as did Stuxnet which was discovered in 2010.

Kaspersky Lab said they co-operated “at least once” to share source code.

“What we have found is very strong evidence that Stuxnet/Duqu and Flame cyber-weapons are connected,” Kaspersky Lab said.

Alexander Gostev, chief security expert at the Russian-based security company added: “The new findings that reveal how the teams shared source code of at least one module in the early stages of development prove that the groups co-operated at least once.”

Researchers have found that the teams responsible for the Flame and Stuxnet cyber-attacks worked together in the early stages of each threat's development

Researchers have found that the teams responsible for the Flame and Stuxnet cyber-attacks worked together in the early stages of each threat's development

Vitaly Kamluk, the firm’s chief malware expert, said: “There is a link proven – it’s not just copycats.

“We think that these teams are different, two different teams working with each other, helping each other at different stages.”

The findings relate to the discovery of “Resource 207”, a module found in early versions of the Stuxnet malware.

It bears a “striking resemblance” to code used in Flame, Kaspersky said.

“The list includes the names of mutually exclusive objects, the algorithm used to decrypt strings, and the similar approaches to file naming,” Alexander Gostev said.

Recently, a New York Times investigation – based on an upcoming book – singled out the US as being responsible for Stuxnet, under the direct orders of President Barack Obama.

The report said the threat had been developed in co-operation with Israel.

No country is yet to publicly take responsibility for the attack.

Speaking about Flame, a spokesman for the Israeli government distanced the country from involvement following an interview in which a minister seemed to back the attacks.

“There was no part of the interview where the minister has said anything to imply that Israel was responsible for the virus,” the spokesman said.

Last week, the UN’s telecommunications head Dr. Hamadoun Toure said he did not believe the US was behind Flame, and that reports regarding the country’s involvement in Stuxnet were “speculation”.

Prof. Alan Woodward, a security expert from the University of Surrey, described the findings as interesting – but not yet a clear indicator of who was behind the attacks.

“The fact that they shared source code further suggests that it wasn’t just someone copying or reusing one bit of Stuxnet or Flame that they had found in the wild, but rather those that wrote the code passed it over,” he said.

“However, everything else still indicates that Flame and Stuxnet were written designed and built by a completely separate group of developers.

“At the very least it suggests there are two groups capable of building this type of code but they are somehow collaborating, albeit only in a minor way.”