Hackers are innovative and industrious individuals, a description which is best demonstrated by their recent leverage of MSBuild to deliver malware.

The Microsoft Build Engine (MSBuild) is an open-source platform which allows software developers to test and compile their source codes. Operational since 2003, the platform has proved to be highly popular with developers and, accordingly, supports a large number of users. And it’s this popularity which has made it so attractive to hackers. By targeting these source codes at a development stage, the hackers are able to piggyback their malicious software into genuine software.

While your organization may not be involved in software development, there’s always the risk that you could end up working with software which is pre-loaded with malware. Therefore, we’re going to take a look at this MSBuild hack.

How are Hackers Infecting MSBuild?

Project files housed within MSBuild can be integrated within executable files which allow the hackers to launch their malicious payloads. But, as ever, hackers have been keen to remain stealthy; the infected payload does not run as a file. Instead, the malicious code is loaded into the PCs memory and it is here that the attack is launched. So far, it has been established that at least three forms of malware have been injected into systems via this approach. Redline Stealer, Remcos and QuasarRAT are the most recognisable forms of malware and have the potential to cause great damage.

Redline Stealer is primarily used as a data harvester and, as such, is mostly employed to steal login credentials and sensitive data. Remote access and surveillance, meanwhile, is the heartbeat of Remcos and allows hackers to hijack PCs remotely. Finally, QuasarRAT is another remote access tool and one which grants hackers full control of infected PCs. Naturally, these three malware variants are the last things you want on your system. And, given that they run filelessly and in the memory of a PC, it’s a threat which is difficult to tackle.

Protecting Yourself Against Memory Based Malware

Malware which operates from within the memory of your PC is difficult to tackle, but not impossible. Start by making sure you carry out these best security practices:

  • Monitor Network Activity: Regardless of whether a malware attack is file-based or fileless, there will be noticeable changes in your network activity. Any unusual spikes in data transfer or transmissions to unusual destinations should be investigated immediately.

Unfortunately, not all antivirus software can detect fileless malware such as that involved with the MSBuild hack. Conventional, file-based malware leaves behind digital footprints which are easy to detect, but this is not the case with fileless variants. In order to fully protect yourself, check with vendors whether their software has the capability to combat fileless malware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


A healthy hard drive will keep your data safe and allow you to remain productive. But what happens when your hard drive fails?

It’s important that you know what to do when your hard drive fails. After all, you may be working to a tight deadline on a project. Or you may have data saved to your hard drive which hasn’t been backed up elsewhere. Whatever the scenario, the result is the same: you need that hard drive back. While many of these issues are technical and complex, there are also hard drive issues that you can remedy yourself.

Naturally, you won’t know what these are without a little education, so that’s where we step in. And, today, we’re going to look at common hard drive issues and how to fix them.

How to Save Your Hard Drive

If your hard drive has failed, then don’t panic. There’s a good chance that you can carry out a simple repair in the following scenarios:

  • Corrupted Hard Drive: You’ll know if you have a corrupted hard drive as your PC will tell you in the boot process. And it won’t let you go any further. A corrupted hard drive can occur for many reasons, such as malware attacks and files being deleted, but fixing this isn’t always rocket science. All you have to do is run a ‘system diagnostics’ check. Once your system starts trying to boot up you will need to press the F2 key (this can vary between different manufacturers) and then select the system diagnostics option. This will run a series of tests and try to fix any existing issues.
  • Full Hard Drive: PCs may have hard drives that can hold substantial amounts of data these days, but this doesn’t mean we don’t push them to their limit. And it’s very easy for a hard drive to quickly fill up. When this happens you’ll find that your PC runs slowly and will be unable to perform certain operations. In these instances you will need to either delete files you no longer need (or transfer them to a storage drive) and uninstall any unnecessary applications.
  • Overheated Hard Drive: If a PC is working too hard then it is going to generate heat. Usually, this can be controlled by the internal fan system. But, sometimes, this isn’t enough due to other factors. Blocked air vents, for example, prevent the internal fans from having air to cool and pass around the hard drive. And a build up of dust can also lead to components becoming insulated and generating excess heat. Therefore, always check that your PCs air vents are clear and that dust is not allowed to build up around the vents.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


We’re all used to dealing with insurance for both our personal and business needs, but did you know it was possible to arrange cyber security insurance?

2020 saw financial losses caused by cyber crime topping $1 trillion. Yes, you read that right, $1 trillion. This is a phenomenal figure and one which underlines the damage that cyber breaches can cause. Ransomware, as you would expect, is a major contributor to this figure of $1 trillion and confirms just how important cyber security is. However, no set of defenses are 100% perfect. Accordingly, it’s possible for any organization to suffer financial losses. And this is where cyber security insurance comes in.

To help you understand the benefits of cyber security insurance and how it works, we’re going to take a quick look at the subject.

What is Cyber Security Insurance?

The impact of a data breach can be catastrophic for a business. Not only is there the damage to your reputation, but there are also the financial effects. Ransomware, of course, can pose an immediate financial risk. And many organizations feel pressured into paying the ransom fees demanded by hackers. There’s also the major risk of hackers causing direct damage to your hardware which, in turn, may need replacing. Compounding the impact even further is the threat of legal action from customers who feel as though their data has not been protected effectively.

Clearly, a cyber attack can quickly become very costly for your business. And it won’t be covered by your general liability insurance. This is why cyber security insurance has been developed. It serves to protect your business by covering your organization’s liability for any cyber attacks. This insurance is available from a wide range of vendors and is similar to almost all other forms of insurance. Each policy, which can be tailored to your specific needs, is costed accordingly and then registered against your business.

The Benefits of Cyber Security

But what exactly are the benefits of cyber security? Let’s take a look:

  • Recover Ransomware Losses: The funds demanded by ransomware can be costly and, if paid, can put a serious dent in your finances. Thankfully, with cyber security insurance in place, you can recoup any ransom funds through your insurance vendor.
  • Help Notifying Customers: By law, an organization needs to contact all affected parties when a data breach occurs. The time and energy required to carry out such a communication can be expensive. But the cost behind this exercise can be negated when you have taken out cyber security insurance.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Microsoft is a name you should be able to trust. But, online, nothing is ever quite as it seems. And that’s why you need to be careful what you click.

DirectX is a crucial component when it comes to processing multimedia materials on Windows PCs. It has been in use for over 25 years now and is an established element of the Windows experience. But it’s this familiarity, and reliance on the software, which makes it the perfect target for hackers. Accordingly, security researchers have discovered a fake web page which claims to carry a genuine version of the software. Unfortunately, the only thing that this download contains is untold trouble and chaos for IT systems.

It’s always important to be aware of the latest threats, so we’re going to take you through the processes involved in this new attack.

Fake Website Spells Danger

The fake website in question has been set up by hackers to look like a genuine site offering a download of DirectX 12 for Windows. The hackers have been careful to disguise the website as genuine by putting some effort into its design. Most malicious websites are basic with the main emphasis being on a download button. While this latest website does rely on a download button, the designers have also included additional pages including: a contact form, copyright infringement details, a privacy policy and a legal disclaimer. This ‘extra effort’ is used in order to create a false sense of security.

Victims of this download scam are likely to find themselves at this website through a number of means: they may have received fake emails urging them to download a new version or they may have found the website through a search engine. Either way, the results of infection are the same. Clicking on the download page will forward users to a remote website where they are prompted to download the software. Two options are put forwards to the user: a 32-bit or a 64-bit version. Both files will then download further malware capable of the following:

  • Stealing confidential data such as login credentials by recording keystrokes
  • Unauthorized transmission of user files
  • Accessing a wide range of cryptocurrency wallets to steal funds

How to Avoid the Dangers of Malicious Websites

The threat of malicious websites is nothing new, but their continued presence online indicates that PC users need continual refreshers on them. Therefore, make sure that your staff practice the following:

  • Only ever download software from the manufacturer’s official website e.g. DirectX software should only be downloaded from Microsoft. And always double check that the website address is genuine. If in doubt, get an IT professional to verify it.
  • Install anti-virus software on your PCs that evaluates websites and blocks those that are suspected of being malicious. This is a common feature of almost all anti-virus software and offers you a valuable moment of thought before proceeding.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


One of IT security’s main aims is to avoid data breaches. However, breaches are inevitable in the modern age. Therefore, you need to know how to recover.

The impact of a data breach can be huge and catastrophic for all involved; organizations and their clients can be equally affected when data is stolen. And, in many cases, the clients are the ones who have the most to lose e.g financial and personal data being leaked and spread by hackers. Accordingly, if your organization finds itself in the unenvious position of experiencing a data breach, there is a lot of work to do.

A data breach is a stressful event and cleaning up afterwards can be a real struggle. But, with our tips on what you need to do after a data breach, you should find it a little easier.

Coping with a Data Breach

Once a data breach is confirmed then it’s crucial that you carry out the following:

  • Identify the Stolen Data: Understanding exactly what has been breached is vital when it comes to evaluating the extent of the attack. As long as you have a suitable set of defenses in place, you should have access to intrusion detection systems. These tools will provide an insight into which files were accessed and what the hackers did with them e.g. deleted or copied them. Putting this picture together will allow you to determine your next steps.
  • Prepare a Fix and Test It: A data breach indicates that there is a hole in your defenses, so you should act quickly to plug this. It may involve installing a security patch or it may require a more in-depth response from your IT team. Whatever the solution, you need to put it in to place as soon as possible. This will protect your data and limit any further damage. But you need to make sure this fix works. Test the solution several times to guarantee that the attacker cannot launch the same attack again.
  • Advise All Your Customers: It’s essential that, once your fix has been established, you inform your customers of what has happened. Naturally, they will be anxious as the phrase “data breach” carry a certain amount of dread. Honesty, therefore, is the best policy. Advise your customers of the data that has been breached and how it could affect them. This may be as simple as asking them to change their passwords, but could also extend to contacting their financial providers if the relevant information has been compromised.
  • Evaluate and Build Stronger Defenses: The one benefit (and we’re using that verb lightly) of a data breach is that it prompts you to strengthen your IT defenses. Your organization will need to carry out a full investigation to understand exactly what happened. Was, for example, the breach able to succeed due to out-of-date software? Or was it down to a lack of staff training on the dangers of social engineering? Regardless of the cause, the solution will need to be determined and put in place to prevent future breaches.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More