2021 - Page 2 of 10

Millions of Routers and IoT Devices Targeted by BotenaGo

BotenaGo, Cyber Security, Internet Traffic, IoT Attacks, Ophtek, router, Software Security PatchesBotenaGo, Internet Traffic, IoT, Ophtek, patches, router, securityOphtek, LLC

Nov 2021

Routers and Internet of Things (IoT) devices are essential when it comes to modern business. But this has made them a target for the BotenaGo malware.

Wireless technology is in place in almost every business in the world. The presence of routers allows PCs to connect to the internet and enhance their capabilities. IoT devices, meanwhile, bring wireless functionality to business such as wireless access to printers and data storage. Both routers and IoT devices, therefore, present an enticing opportunity to hackers. Compromising just one of these devices grants backdoor access to IT infrastructures. And this is where they can really cause your organization some damage.

BotenaGo is an innovative new strain of malware which has routers and IoT devices in their targets, so it’s crucial that you learn a little more about it.

What is BotenaGo?

The BotenaGo malware is difficult detect, but it appears that it’s hiding in plain sight. BotenaGo is written in Google’s popular Golang programming language, a process which has become steadily popular with hackers. Golang allows programmers to use the same code across different systems, so this saves significant time when coding. Malware, such as BotenaGo, coded in Golang can, therefore, spread across multiple operating systems with the same code.

BotenaGo is programmed to identify 30 different vulnerabilities and this is why so many routers and IoT devices are at risk. The malware starts by scanning the internet for vulnerable devices and then activates the available exploits. BotenaGo’s next step is to create backdoor on the infected devices, this is typically opened on ports 31421 and 19412. This allows the hackers to take control of the device. Further malware and DDoS attacks can then be launched using the victim’s internet connection.

How to Stay Safe

Malware which uses malicious links and attachments is easy to combat as it requires users to action the payload. The techniques used by BotenaGo, however, rely on system vulnerabilities that the average PC user will be unable to identify. Furthermore, current anti-virus software seems unable to detect BotenaGo. But there are ways you can protect yourself:

Install all Patches: Most exploits arise due to coding errors which have failed to fully protect the software. Hackers regularly comb software to discover these exploits and then use them to gain unauthorized access. And, therefore, software manufacturers release regular security patches, these plug any holes in the software and make it more secure. But the end user needs to make sure they are installed. This can be difficult to maintain manually, but Windows allows you to set all updates to automatic to make it easier.

Monitor Your Internet Traffic: BotenaGo is difficult to detect, but it does leave telltale signs as to its presence. A sudden increase in internet traffic, particularly through ports 31421 and 19412, should be a cause for concern. Accordingly, it’s important that your organization arms itself with traffic monitoring software to identify unusual behavior. Any increase in traffic should be investigated immediately and, where possible, access shut off immediately.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Chrome Users Targeted by Malicious Websites

anti malware, Google Chrome, malicious websites, Ophtek, SecurityAnti- malware, Google Chrome, malicious websites, Ophtek, securityOphtek, LLC

Nov 2021

Google’s Chrome browser is one of the most popular choices for accessing the internet, but this popularity makes it an enticing target for hackers.

A substantial number of business activities are conducted online in the 21^st century. Accordingly, most organizations find themselves accessing the internet with a browser almost every minute of the day. But each time we venture online we open ourselves up to numerous security threats. Malicious websites, of course, are a well-known security risk. At the heart of these threats is a determined effort to conceal their malicious payload. And that’s why a malicious website can be difficult to spot.

Chrome has an estimated userbase of 2.65 billion users and, as such, presents the perfect opportunity for hackers to cast their net far and wide.

How Chrome is Targeted

This latest malware attack specifically targets Chrome users who are running the browser on the Windows 10 operating system. Upon visiting an infected website, Chrome’s legitimate ‘advertising service’ delivers an advert which claims that Chrome requires updating. However, the advert contains a malicious link. Clicking this link will take you to a website entitled ‘chromesupdate’ which is designed to look like an official Google site. Unfortunately, it’s far from genuine.

The only thing that you will be able to download from this malicious website is malware. The payload in question is typical of modern malware, its main objective is to harvest sensitive data and steal cryptocurrency. Therefore, any login credentials you enter, while your PC is infected, can be logged and then transmitted to a remote server. Worst of all, the malware also grants remote access to your workstation. This opens you up to further malware downloads and, potentially, harnessing your machine into a DDoS attack.

How to Protect Your Browsing

Chrome is targeted by this latest campaign due to the manipulation of a Windows environment variable which allows Chrome’s advertising service to be exploited. The simplest way to avoid this attack is by using a different browser. But there’s a much bigger picture at play here. A better approach is to use the browser you are most comfortable with but remain vigilant. To do this, make sure you follow these best practices:

Disable Download Privileges: It’s very easy for a busy employee to lose focus for a second and click on a malicious download. But, in the case of this specific threat, an application update should be something that an IT professional handles. To minimize the risk of malicious downloads taking place, disable download privileges for your employees.

Use Anti-Malware Software: Malicious websites can be detected prior to accessing them thanks to the power of anti-malware software. Backed by huge databases, which are regularly updated, anti-malware software can instantly alert users when they try to access websites known to be malicious.

Don’t Be Rushed: The main strategy employed by malicious websites will be to instill a sense of urgency into their call-to-actions. For example, the threat of an imminent infection if a Chrome update is not installed is designed to create urgency. And it’s this urgency which can catch you off guard. So, if you feel that a website is rushing you into making a decision, always make sure you speak to an IT professional before going any further.

For more ways to secure and optimize your business technology, contact your local IT professionals.

5 Quick Ways to Secure Your PC

Cyber Security, Data Security, email security, modem security, Online Security, Ophtek, PC Security, SecurityCyber Security, Data Security, email security, Modem Security, Online Security, Ophtek, PC Security, securityOphtek, LLC

Nov 2021

IT security can be a complex series of procedures and this can be intimidating to many people. Luckily, there are some easy ways to secure your PC.

Installing and configuring a firewall isn’t something that your average PC user will feel comfortable with. After all, how do you know exactly which services you should be allowing/denying access to? Security tasks such as this should be left to the professionals. But there are lots of quick and easy tips you can put in to place to protect your PC. All you need to do is know how to get started securing your PC. And today we’re going to share 5 quick ways to secure your PC.

How to Secure Your PC

If you want to secure your PC with the minimum amount of fuss, then make sure you:

Verify All Downloads: It’s very easy to fall victim to a malicious email or website. These threats appear to be genuine methods of communication in order to encourage you clicking on their malicious payload. These payloads can take the form of malicious downloads disguised as links or ‘helpful’ apps. A quick way to avoid falling victim in these scenarios is to verify the true destination of links by hovering your mouse cursor over them. You can also perform a Google search to verify the legitimacy of any website.

Lock Your Screen: An unattended PC screen leaves you open to not only external threats, but also internal ones. Therefore, whenever you leave your workstation, make sure that you lock your PC screen. This will password protect your desktop and ensure that no one can access it. You can lock your screen instantly by hitting the Windows key and the L key.

Use a VPN: A virtual private network (VPN) may sound like a complicated enterprise to undertake, but it’s relatively simple to install. A VPN can be installed in minutes and will use high level encryption methods to conceal your identity and data online. So, for example, if you are based within Chicago, you can use a VPN to connect to the internet through a connection based in Australia. This masks your identity and maximizes the security of any data you are transmitting.

Do Not Write Your Passwords Down: The single biggest mistake that a PC user can make is to write their passwords down. Sure, it’s difficult to remember every single password, but there are options to overcome this such as using Google’s Password Checkup. These password managers are far superior to writing your password credentials on a Post-It note and keeping it on your desk. Revealing your login credentials publicly should be avoided at all costs.

Only Use USB Devices That You Own: It’s not worth the risk of damaging your PC, so avoid connecting USB devices you aren’t familiar with. In fact, in a workplace, it’s recommended to disable USB access to individual workstations. If USB access is required then this should only be granted to IT professionals.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Malware Links Are Being Spread Through YouTube

antivirus software, malicious links, malicious websites, malware, Ophtek, Updates, YouTubeAntivirus software, malicious links, malicious websites, malware, Ophtek, updates, youtubeOphtek, LLC

Nov 2021

YouTube is one of the most popular destinations online thanks to the entertainment it offers. But where there are lots of people, there are always hackers.

Close to 43% of internet users visit YouTube at least once a month, so this is a significant amount of traffic. Accordingly, this presents hackers with a huge audience to target. Hacking YouTube directly is difficult, so hackers are unlikely to succeed in embedding malware into videos. However, you can embed URLs into video descriptions. These are usually used to redirect the viewer to a destination that is related to the contents of the video. For example, a video advertising a brand’s product may include a link to that product in the video description. But the truth is, this link could take you anywhere.

Spreading Malware on YouTube

Using malicious links on YouTube is nothing new, but security researchers have noted that this technique has been growing in popularity recently. In particular, two specific Trojans have been detected: Raccoon Stealer and RedLine. One of the main reasons that hackers have been targeting YouTube is down to the Google accounts they have already stolen. Setting up a YouTube channel requires you to have a Google account, so it makes sense for hackers to take advantage of YouTube.

The fake YouTube channels are then used to host videos related to topics such as VPNs, malware removal and cryptocurrency. Each video will center around a particular call-to-action, most likely involving the download of a tool e.g. a malware removal application. Viewers will be encouraged to download this from the link in the video description. These links appear to either use a bit.ly or taplink.cc address to redirect users to malicious websites. The users are then instructed to download the relevant tool. Unfortunately, all it will download is malware.

This malware is used to scan PCs for login credentials, cryptocurrency wallets and credit card details before transmitting it to a remote server. The hacker behind the attack can then harvest this data and continue to steal further data from the victim.

Remaining Vigilant Online

The number of threats we face daily seems to be rising daily and it may feel that being vigilant online is an exhausting job. However, it’s crucial for your safety that you remember the basics of online security:

Be Wary of All Online Links: Even the biggest and most secure websites are at risk of being compromised. YouTube is one of the most popular sites online and yet it still houses hackers in plain view. Therefore, the likelihood of coming across malicious links online is highly likely. Therefore, verify all links before clicking them. A good way to do this is by highlighting the link, copying it and then posting it into Google to see if it brings up any red flags.

Always Use Antivirus Software: It’s likely, at some point, that you will fall for an infected link at some point. But this doesn’t mean you should remain at the mercy of the malware. You can limit the damage caused by malware by always using antivirus software. This will automatically scan your PC throughout the day and identify any malware. In many cases it will even check all downloaded files and scan them before opening.

Install All Updates: Many strains of malware will rely on your PC being home to vulnerabilities in software and hardware. However, by regularly installing upgrades and patches, you can ensure that these holes are plugged to prevent hackers getting a foothold. Make sure that you set all updates to automatic to give yourself maximum coverage in terms of protection.

For more ways to secure and optimize your business technology, contact your local IT professionals.

5 Ways to Maximize Your Productivity on a PC

calendar apps, Clipboard, keyboard shortcuts, monitor, Ophtek, pin apps, Productivitycalendar apps, Clipboard, keyboard shortcuts, monitor, Ophtek, productifity, taskbarOphtek, LLC

Oct 2021

There never seems to be enough hours in the working day, so maximizing productivity is crucial. But how exactly do you go about doing this on a PC?

Using a PC in the workplace has revolutionized the way in which we work. However, the sheer range of possibilities contained within a PC mean that it’s difficult to understand each one. It’s important, therefore, to get to grips with the techniques that will save you time and make life easier. Implementing these into your daily routines is hassle free and will make a difference almost instantly. Not only will this help you as an individual, but it will also benefit your organization. The question is, though, where do you start?

Maximizing Your Productivity

The 5 best ways to give your PC productivity a boost is by carrying out the following:

Use a Calendar App: A lack of focus and planning is the biggest obstacle that productivity can face. But the modern business world is packed full of distractions. Accordingly, navigating your way through the day can feel like an uphill struggle. Thankfully, help is at hand from calendar apps such as those contained with Microsoft Teams and Outlook. These calendars allow you to plan your day and set reminders for crucial tasks e.g. attending meetings, completing reports and chasing suppliers.

Embrace Keyboard Shortcuts: Every second counts in the workplace and you can make significant time savings with keyboard shortcuts. These commands use a series of keyboard strokes to activate pre-programmed commands. Say, for example, you wanted to highlight an entire paragraph of text. You could do this manually by clicking your mouse and dragging the cursor down the page. Or, more quickly, you could place your cursor at the start of a paragraph and hold down Ctrl + Shift + down arrow for instant selection. There are thousands of shortcuts available, so investigate which ones are best for your daily needs.

Pin Apps to Your Taskbar: You will use certain apps more than others, so it’s important you have quick access to them. Unfortunately, searching through a crowded desktop or through the start menu can be frustratingly slow. However, by pinning your most popular apps to your taskbar, you can find and open them within seconds.

Use Clipboard History: The Clipboard feature – which allows you to save a section of text or an image to a PCs memory for later use – has been in place for decades. But it’s now more powerful than ever before. By turning on the Clipboard history feature, you can save multiple items. This means, for example, you can save a selection of images and texts from a website before moving into a Word document to paste them all, as opposed to moving backwards and forwards.

Install a Second Monitor: There may be a cost involved with installing a second monitor, but the benefits easily outweigh this small investment. With a second monitor you are effectively expanding your desktop. This means that you can view two important apps at once to allow seamless interactions e.g. copying details from an email on one screen into a database displayed on the other screen. It’s a strategy which will make working more comfortable and allow you to become more productive.

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 2 3 4 … 10 Next »

Yearly Archives: 2021