Zerologon is the Latest Microsoft Vulnerability

Ophtek, patches, PC Security, Windows vulnerability, Zerologon, , , ,
13
Oct 2020

Microsoft may be one of the leading names in PC technology, but hackers have recently exposed their Zerologon vulnerability.

A vulnerability is a flaw within a PC which can be exploited and used to gain access to the PC in question. These vulnerabilities can be found in both software and hardware, so pretty much everything on your PC is at risk. Thankfully, the majority of your PC’s apps and components will be secure. But PCs are complex pieces of machinery. The sheer amount of coding involved means that it’s inevitable that mistakes will be made and gaps not plugged. And this is what hackers spend half their lives looking for.

Protecting your PCs is a crucial part of any organization’s security, so we’re going to take a closer look at the Zerologon vulnerability.

What is Zerologon?

Zerologon is not an app or piece of hardware that you will find in your PC, it’s simply the name that has been assigned to this new vulnerability. To understand what the Zerologon flaw is would require degree-level knowledge of how PC software works. But we can describe it in layman’s terms. If a PC is logging on to a specific type of server – one that uses NT LAN Manager – then it performs a specific logon process. But where part of the code behind this logon should contain a random number it actually contains four zeros. And it’s these four zeros that give the vulnerability its name.

How is Zerologon Exploited?

Hackers can exploit the Zerologon flaw within seconds as the number of encryption keys needed to decipher the four zero text is relatively small. With access to a PC account secured, the hacker is then able to begin changing passwords within the network. It’s a strategy which, as well as being quick, also grants full control of the PC. This means that a hacker with unauthorized access has the potential to start injecting malware – such as ransomware – onto the network. And this is where your problems will really begin.

Can You Patch Zerologon?

The good news is that Microsoft has quickly released a patch to address the Zerologon vulnerability. Installing this patch should be labeled a priority to protect your organization’s network. The average time taken on install a patch is between 60 – 150 days which is far too slow. All it takes to install the Zerologon patch is a few seconds, so there are few excuses for delaying it. The best rule of thumb, when it comes to patches, is to install them immediately to nullify any threats.

Final Thoughts

As long as software and hardware is being designed then there will be flaws in their build. Designers are only human and mistakes will happen. Vulnerabilities may be inevitable, but your networks don’t need to fall foul of them. While a PC user will be the last party to know about the emergence of a threat such as Zerologon, they can help their case by installing any patches as soon as possible.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Different Types of Malware to Look Out For

botnets, fileless malware, malvertising, malware, Ophtek, Ransomware, spyware, , , , , ,
06
Oct 2020

The world of malware is a complex one due to the sheer variety of forms it can take. And it’s these differences which make it difficult to deal with.

The term malware is generally used as an all-encompassing term to describe a piece of malicious software. But, over the years, many different strains of malware have emerged as hackers evolve their tools and techniques. These strategies are often put into action to help avoid detection, but sometimes these new strains are the result of changes in technology.

Regardless of the reasons for developing a new malware variant, the end result is the same: a threat to your PC.

It’s vital that these threats are countered to protect your networks and your data; the best way to secure this safety is by understanding the different types of malware.

Identifying the Most Common Malware Variants
It’s difficult to put a precise number on all the malware strains that are out in the digital wild, but these are five of the most common forms:

1. Ransomware: One of the most debilitating forms of malware, in terms of finance and productivity, ransomware has generated many headlines over the last few years. It’s a type of malware which infects PCs and encrypts crucial files. The only way to decrypt these locked files is by paying a ransom, usually demanded in an untraceable cryptocurrency, in order to obtain a key for their release.

2. Malvertising: We all find online adverts irritating, but usually all we have to do is either close or mute the advert. With malvertising, however, things are more sinister. A new take on malware, malvertising laces legitimate online adverts with malicious files . And what’s most troubling about this malware strain is that it doesn’t require any user action e.g. clicking on the advert. If the advert runs then the malware is active.

3. Botnets: Hackers like to strengthen their attacks and one of the simplest ways for them to achieve this is by infecting large numbers of PCs. By collecting together whole networks of PCs, a hacker can use these numbers, and associated processing power, to launch large attacks on other networks and websites. These botnets are created through malware attacks and are causing particular problems within IoT networks.

4. Spyware: Data is crucial to organizations and, due to its value, is also highly prized by hackers. Not only can data be used to access secure systems, but financial data is extremely valuable. Therefore, hackers are keen to steal this data; spyware represents one of the easiest methods of achieving this. Once a PC is infected with spyware it’s every action is monitored, logged and transmitted e.g. keystrokes are recorded to reveal sensitive login details.

5. Fileless Malware: One of the more recent developments in malware, fileless variants are exactly what they sound like: no files necessary. Fileless malware sidesteps the traditional route of operating within the hard drive and, instead, works within a PCs memory. This is a clever approach as anti-malware software concentrates on hard drive activity. From the relative safety of a PCs memory, fileless malware leaves little evidence of its presence.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Things That Are Slowing Your PC Down

Best Practices, Data Security, Data Storage, disk cleanup, Hacking, IT Efficiency, Ophtek, PC Tips, PC Tools, Speed, , , ,
29
Sep 2020

We live in a high speed age which allows us to be more productive than ever, but if anything can throw a wrench in the works it’s a slow PC.

The experience of a slow and sluggish PC is one that everyone is familiar with. And dealing with this frustration never gets easier. In fact, a PC which regularly slows down can have a serious impact on your job productivity. The complexities of the inner workings of a PC mean that identifying the exact cause is difficult. But this doesn’t mean you need to continue struggling.
It’s possible, with relative ease, to employ a number of methods and practices that will help restore your PCs speed.

5 Steps Towards a Faster PC

If you want to start ramping your productivity back up then make sure you look at the following:

  1. Defragment Your Hard Drive: A PC is, essentially, a data storage device. But the data stored on a PC needs to be retrieved every time it’s required. And the more data you store on your PC the more uneven this data distribution is. The end result is fragmented data that becomes increasingly harder to piece together. Naturally, this means that processes take longer to complete. Performing a disk defragmentation will help to reorganize your data and can easily be achieved with the Microsoft Drive Optimizer app.
  2. Browser Add-Ons: Installing add-ons to your web browser can help to maximize your online productivity, but too many can start to slow down your browsing experience. It’s common, however, to install add-ons that soon fall into disuse and no longer serve any purpose. Therefore, if your speed issues are only apparent when you’re using your browser, it may be worth evaluating your active add-ons and disabling any you don’t need.
  3. Start-up Programs: When a PC loads up it will automatically load up a long list of programs that are listed in your System Configuration. The more programs that are listed in System Configuration then the longer your PC will take to load up. Many of these programs, though, are not necessary during the start-up process e.g. a messaging app that you don’t use regularly. To avoid a bloated start-up experience just head into MSConfig and check what’s included in your start-up.
  4. Hard Drive Space: Your hard drive may, for example, have a capacity of 500GB but it’s not recommended to fill it to breaking point. The operating system on your PC needs a certain amount of hard drive space to carry out essential tasks such as creating temporary files. And if this space isn’t available then your PC will struggle to operate correctly. Regularly evaluating what is on your PC and what can be removed is crucial to avoid this.
  5. Malware: Hackers are keen to take control of PCs through the use of resource-heavy malware. Depending on the nature of the malware, such as a DDoS attack, your PCs memory can soon become overloaded and grind to a halt. Accordingly, you need to maintain good security practices to prevent the impact of malware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

A Quick Guide to Your Best Ethernet Cable Options

Cat5, Cat6, Cat7, Ethernet, Network Cable, , , , ,
22
Sep 2020

One of the most crucial parts of any IT networks is the cabling system you use. Ethernet cables are fantastic for connectivity, but which should you go for?

Ethernet cables are the most common choice when it comes to network cables and have been in use for 40 years. Using a twisted cable design, an ethernet cable allows two PC devices to be directly connected to each other. This allows data to flow seamlessly and constantly across a network. The world of cables, however, is a complex one. And, to make things even more confusing, there are numerous options available. So, the question is: which ethernet cable do you go for?

It’s difficult to give a precise, one-size-fits-all answer, but we can help narrow down your options. This is why we’ve put together a quick guide to your best ethernet cable options.

What are Your Ethernet Cable Options?

Every organization will have a different set of network needs, but thankfully there will always be a cable solution. The most commonly used ethernet cables used in business are:

• Cat5e: The least expensive option available, Cat5e is suitable for those working on a budget. However, the downside is that Cat5e is also the slowest ethernet cable you can use. While it is capable of transfer speeds of 1 Gbps over a distance of 328 feet, the Cat5e cable falls far behind more modern cables. Nonetheless, it can still boast reduced transmission errors over these distances thanks to a reduction in interference. For a smaller, less intensive IT network, Cat5e remains a viable option.

• Cat6: The most attractive upgrade of Cat6 over Cat5e cables is the speed on offer. Whereas Cat5e is limited to 1 Gbps, Cat6 can bit transmission speeds of up to 10 Gbps. The Cat6 cables also benefit from improved insulation which minimizes any interference to virtually zero. Where Cat6 struggles, though, is with distance. The 10 Gbps speed can only be maintained over distances up to 164 feet. This limitation may exclude it from being used on larger networks, but it can still handle the demands of modern IT.

• Cat6a: Similar to Cat6 cabling, but with improved specifications, Cat6a ethernet cables are a noticeable step up. Yes, the maximum transmission speed may still be 10 Gbps, but Cat6a cables are all about the distance. Capable of maintaining this speed over 328 feet, Cat6a cables can double the transmission distance of a Cat6 cable. Naturally, this makes them a more viable option in larger businesses where devices may need to be connected over long distances.

• Cat7: With thicker, more extensive shielding in place, Cat7 cables offer the most resistance in terms of cross talk and interference. In terms of speed and distance, Cat7 offers similar specs to that of Cat6a (10 Gbps over 328 feet). However, studies have shown that Cat7 can deliver speeds of 40 Gbps over 164 feet. Thanks to the enhanced shielding, Cat7 cables are recommended for use in large organizations and data centres.

Final Thoughts

With a wide range of options available, your organization should be able to find an ethernet cable solution which suits your needs. And the good news is that each category is backwards compatible e.g. you can mix and match Cat7 cables with Cat5. The distance required will, of course, prove to be the most important factor when it comes to choosing cables. Therefore, you need to ensure that you carefully evaluate your needs before purchasing any cables.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

ATM Manufacturer Rocked by Malware Attack

ATM Attack, malware, Ophtek, Security, , ,
15
Sep 2020

We all use ATMs on a regular basis and are well aware of the need for security when using them. But what happens when the manufacturer gets hacked?
The number of malware attacks and infections in 2020 are, as ever, exceptionally high. With Kaspersky blocking 726,536,269 attacks alone in the first three months it would be surprising if any PC has avoided the attentions of hackers. With a strong set of defenses, however, your PC should have remained safe and secure. But the same cannot be said for NCR Corporation, a manufacturer of ATMs. A lapse in security allowed their network to be breached by a piece of malware known as Lethic.

The fact that a major corporation’s defenses were breached is concerning enough, but what’s most troubling is that it’s located in the personal finance sector. Let’s take a look at what happened and see what we can learn.

How Did Lethic Attack NCR?

A series of computers located in a non-production lab, located outside of the US, owned by NCR have been found to be infected with the Lethic malware. Far from being a new form of malware, Lethic has been out in the digital wild since 2008. You may be wondering how such an old piece of malware can deceive modern defense systems and it’s a good question. To avoid detection, hackers simply alter the code of existing malware to change the structure detected by security systems. It’s a relatively quick method of coding which essentially gives the hacker a new piece of malware.

Lethic has, in the past, generally been used to wage spam campaigns. But it’s capable of much more thanks to its arsenal of trojan tools. These include the ability to download additional malware, data logging and remote access. This is the last thing that any company, especially one involved in ATM manufacturing, wants to leave itself open to. At the moment it’s not clear how Lethic breached NCR, but security firm Prevailion has confirmed that unauthorized data transmissions were detected for over six months. Thankfully, NCR have confirmed that the infected PCs were completely separate from any networks involved in developing ATM software or storing customer details.

Avoiding Malware Attacks

If Lethic had managed to find its way into the operating software for ATMs then NCR would have had a huge disaster on their hands. Nonetheless, all breaches need to be avoided. So, make sure that your organization always follows these best practices:

Install Anti-Malware Software: While these systems can never claim to be effective against 100% of malware, a strong anti-malware app will stop the majority of malware in its tracks. This prevents data loss and network damage quickly and automatically.

Think Before Clicking: Social engineering is a significant factor in deploying malware and this means that emails and the links they contain may not be what they seem. Therefore, always take the time to double check an email to confirm it is genuine.

Always Update: Vulnerabilities in software provide the simplest route into a PC for a hacker. But you can shut off these routes by keeping on top of any software updates/patches. Always install these updates immediately to eliminate any vulnerabilities.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3 4 5 11