2023 - Page 5 of 10

Where is Cybersecurity Heading in 2023?

Artificial Intelligence, cryptojacking, cybersecurity, malware, Ophtek, Phishing, Ransomware, remote workersAI, cryptojacking, Cybersecurity, malware, Ophtek, phishing, ransomware, remote workingOphtek, LLC

Aug 2023

We’re already halfway through 2023 and threat actors are showing no signs of slowing up, but just where is cybersecurity heading?

It may feel as though you’re waging a never-ending battle against hackers and, well, that’s exactly what you’re doing. However, the strategies and techniques of threat actors has changed significantly in the last two decades. Back in 2003, for example, ransomware was less prevalent, but now it’s a major player in terms of cyber-attacks. Therefore, it’s always good to keep one step ahead of the hackers and understand where they are likely to go next.

What Will Future Cyber Attacks Look Like?

The future of cybersecurity will be concerned with maintaining defenses against existing threats and tackling new, innovative strategies launched by threat actors. These attacks are expected to be based in the following categories:

Artificial Intelligence: the impact of artificial intelligence (AI) has been huge in the last couple of years, just look at the interest generated by ChatGPT in 2023. However, the power to cause damage with AI is causing just as many headlines. You can, for example, ask AI systems to help generate code to build computer programs. The exact same code which is used to build malware. This means that designing and executing malware could be easier than ever before, and lead to a surge in new attacks.

Remote working: since the pandemic, more and more employees have been working remotely. While this is convenient, and has been shown to enhance productivity, it also increases the risk of falling victim to malware. Although many remote workers connect to their employers through a VPN, they are often accessing this through devices which aren’t secure. Also, as they will not have colleagues directly around them to offer advice, employees will be more vulnerable to, for example, clicking a malicious link.

Phishing: threat actors have been launching phishing attacks for nearly 20 years, and this means that many PC users can easily spot a phishing email. But this doesn’t mean we’re safe. Instead, it’s likely that future attacks will be more sophisticated to be successful. Taking advantage of AI and machine learning, threat actors will be able to craft phishing emails which are both engaging and convincing. This will allow their attacks to be more successful and harvest more stolen data.

Cryptojacking: despite several significant attacks, cryptojacking is yet to hit the mainstream PC user in the same way that ransomware has. Nonetheless, cryptojacking attacks are on the rise. Accordingly, PC users are likely to become more familiar with them in the next few years. Cryptojacking, as the name suggests, involves hijacking a PC and using its computing resources to mine cryptocurrencies. Due to the huge amount of processing power required to mine cryptocurrency, these attacks target entire networks and can grind them to a halt.

Final Thoughts

These four attack strategies may not be troubling you every day, but they could soon become regular headaches. That’s why you need to adopt a proactive approach to cybersecurity. Make sure that you

keep updated on the latest threats, regularly review your security measures, and ensure that your staff are fully trained in cybersecurity best practices.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Vidar Malware Attacks Online Sellers

malware, Ophtek, Phishing, social engineering, Vidar Malware, Virusesmalware, Ophtek, phishing, social engineering, Vidar_Malware, virusOphtek, LLC

Aug 2023

E-commerce means big business in the 21^st century and it proves a highly attractive target to threat actors, as online sellers are now finding out.

Such is the size of the e-commerce industry – estimated to hit $4.11 trillion in 2023 – threat actors have many reasons for attacking online merchants. Taking control of a seller’s account will instantly provide hackers with a treasure chest of personal information about their customers e.g. payment methods, personal identifiers, and email addresses. It’s also common for threat actors to lace these compromised inventories and shops with malicious JavaScript code, this can then record credit card details during the checkout process.

Therefore, this latest attack, which uses the Vidar malware to advance its payload, is one that you need to be aware of.

How is Vidar Causing Havoc in the Digital Aisles?

The attack launched against online sellers uses a combination of social engineering and phishing emails to deceive its targets. Threat actors are posing as disgruntled customers who claim to have had large amounts of money deducted from their bank without an order being processed. Using a bit.ly URL – which is typically used to shorten long URLs, but also hides the true destination of the link – the sender of the email advises the merchant to investigate a screenshot of their bank account. This, they claim, will show proof that funds have been taken.

Clicking this link will take the victim to a malicious website designed to look like a genuine Google Drive account. Here, the victim is encouraged to download a .PDF of the bank statement which the sender claims will demonstrate that an illegal transaction has taken place. However, rather than downloading a .PDF, the victim will instead download a file called bank_statement.scr. And this file contains the Vidar malware.

Vidar was first discovered in 2018 and its method of attack is well known. A classic data miner, Vidar will steal information such as passwords, browser cookies, text files, and also take screenshots of the infected PC. After uploading this data to a remote location, the threat actors can easily download this information and use it to exploit the victim further e.g. sell login credentials on the dark web or access other user accounts using the same information.

Taking Vidar Back to the Store

If you believe that your PC has been breached by Vidar, the good news is that most anti-virus tools will pick it up and eradicate it from your system. Nonetheless, it’s always better to not get infected in the first place. Therefore, make sure you follow these best practices to avoid falling victim to Vidar:

Pick up on suspicious language: phishing emails are full of telltale signs, but you need to know what you’re looking for. Firstly, look out for urgency, fear, and excitement-inducing words. Secondly, watch for requests to disclose personal information or click on suspicious links. And, finally, pay attention to poor grammar or spelling errors.

Only download from trusted sources: it’s advisable to only download files from sources you can verify are genuine. Downloading files from customers, even if they are genuine, should be avoided wherever possible. These files could, as the Vidar attack has shown, contain anything. In a scenario where you need verification, always turn to an IT professional.

Use anti-phishing tools: installing anti-phishing software is a good way to enhance your protection against phishing attacks. These tools can be implemented as either browser extensions or part of a security suite. Once they detect an attempt at phishing, they will block the content and present you with a warning in its place.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Windows WordPad Flaw Exploited to Infect PCs

cybersecurity, DLL_hijacking, email_links, email_sender, Ophtek, Phishing, Updates, WordPadCybersecurity, DLL_hijacking, email_links, email_sender, Ophtek, phishing, updates, WordPadOphtek, LLC

Jul 2023

WordPad, a basic yet popular word processor, is the latest Windows app to fall victim to a vulnerability exploited by threat actors.

Bundled free with almost every version of Windows since Windows 95, WordPad has remained popular thanks to its simplicity. Less complex than Microsoft Word and more advanced than the basic Notepad app, WordPad gives users an effective word processing tool. However, it’s now an app which carries a real threat to your IT security. Due to a flaw in WordPad’s design, threat actors have started to abuse this vulnerability by launching a DLL hijacking attack.

Everything You Need to Know about the WordPad Hack

You may not be familiar with DLL hijacking, so we’ll start by looking at this form of attack. DLL files are library files which can be used by multiple programs all at the same time. This makes it a highly flexible and efficient file, one which can reduce disk space and maximize memory usage. When Windows launches an app, it searches through default folders for DLLs and, if they are required, automatically loads them. What’s important to note, however, is that Windows will always give priority to loading DLLs located in the same folder as the app being launched.

DLL hijacking abuses this process by inserting malicious DLLs in the app’s parent folder. Therefore, Windows will automatically load this malicious file instead of the genuine one. This allows threat actors to guarantee their malware can be launched long after they have left the system. And this is exactly what has happened with WordPad. The hackers begin their attack by using a phishing email to trick users into downloading a file, one which contains the WordPad executable and a malicious DLL with the name of edputil.dll. Launching the WordPad file will automatically trigger the loading of the malicious DLL file.

This infected version of edputil.dll runs in the background and uses QBot, a notorious piece of malware, to not only steal data, but also download further malware. The infected PC is then used to spread the attack throughout its entire network.

Writing QBot into History

While this form of attack is far from new, it has proved successful. Accordingly, it’s important that we hammer home the basics of good cybersecurity, with a particular emphasis on phishing attacks:

Be careful of email links and attachments: Phishing emails often contain harmful links or attachments. Be careful when clicking on links or downloading attachments, especially if they seem suspicious. Hover over the link to check the URL before clicking and only download attachments from trusted sources. If you’re unsure, always verify the email with an IT professional before clicking anything.
Verify the email sender: phishing emails often impersonate genuine organizations or individuals. Therefore, make sure you check the sender’s email address for any inconsistencies or spelling mistakes. And, if you’re still in doubt, contact the sender by phone or in person to confirm they have sent the email.
Always update: software manufacturers routinely issue updates to patch security vulnerabilities and improve performance. It’s crucial that these updates are installed as soon as possible to avoid threat actors exploiting these flaws. The simplest way to do this is by authorizing automatic updates.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Streamlining Productivity: Essential Tools for Business PCs

communication, Ophtek, Productivity_tools, suites, time_task_mgmt, Uncategorized, workflow_automationcommunication, Ophtek, productivity_tools, suites, time_task_mgmt, workflow_automationOphtek, LLC

Jul 2023

In today’s business environment, optimizing PC productivity is essential for organizations to stay competitive. And, to do this, you need the right tools.

PCs have transformed the way we do business, but it’s important that we constantly move forward and avoid becoming complacent. There are always better ways to do things, more effective procedures and, often, easier solutions to our problems. And implementing these into your organization’s day-to-day operations will always pay dividends in terms of productivity and competitiveness. T he best way to achieve this is by adopting the most essential tools for business PCs.

The Most Essential Tools You Need for Business PCs

Take a look at any software catalogue and you’re going to struggle to know where to start. The sheer range of available apps and tools is endless. But we’re going to give you a helping hand. So, if you want to raise your business game and get the most out of your PCs, make sure you work with the following tools:

Communication: strong communication and collaboration tools have become crucial in the last decade, most noticeably during and after the Covid-19 pandemic. Thankfully, modern software development allows seamless teamwork to be a reality no matter how scattered your team are. Tools like Slack, Microsoft Teams, or Google Workspace provide real-time messaging, video conferencing and file sharing capabilities. This means your teams can communicate and work together effectively.
Productivity suites: every business needs to arm themselves with a fully functioning productivity suite. The most common examples of these tools are Microsoft Office 365 and Google Workspace. With these suites integrated into your PCs, your employees will be able to access a wide range of applications such as word processing, spreadsheets, presentations, and email. Best of all, these platforms can be accessed remotely, making them incredibly flexible and perfect for remote employees.
Time and task management: keeping on top of your workload is the number one problem that every employee faces daily. But it doesn’t need to be a struggle. You can quickly minimize this burden by adopting time management tools which will boost your productivity. Todoist, Toggl and Microsoft Outlook all allow you to organize tasks, set priorities, manage schedules, and track time spent on different activities. Your employees, therefore, can break their workload down into manageable tasks and track their progress.
Workflow automation: tools such as Microsoft Power Automate and Zapier can accelerate your organization’s productivity by automating repetitive tasks. Therefore, you could set up email processes which automatically save attachments to the cloud. Or, you could program updates to be emailed to your warehouse once new orders are received. Ultimately, these tools will save your employees time, minimize errors and allow your team to focus on their core duties.

Final Thoughts

Due to the current economic crisis, making competitive gains – no matter how small – has never been more important. Accordingly, adopting the software tools covered above, could make a significant difference to your organization’s productivity.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Netgear RAX30 Routers Rocked by 5 Security Flaws

login credentials, Netgear RAX30, Ophtek, router, router firmware update, Security, WPA2 encryptionFirmware update, Login credentials, Netgear RAX30, Ophtek, router, security, vulnerability, WPA2 encryptionOphtek, LLC

Jul 2023

Routers are an essential part of any modern business which uses IT systems. But what happens when you’re working with a compromised router?

Routers are devices which help to connect different networks together. They receive data packets from one network, analyze the destination address, and then forward the data to the relevant destination network. Essentially, a router is used to facilitate communication between different devices and networks. The internet, of course, is crucial to directing this data and this makes routers highly attractive targets for threat actors.

Therefore, the discovery of a vulnerability within a router presents a significant threat to your cybersecurity. But, when there are five vulnerabilities within the same router, you have a disaster on your hands.

A Quick Guide to the 5 Vulnerabilities

Netgear has had to concede that their Netgear RAX30 routers have been exposed as lacking that seal of quality when it comes to security. A router, after all, is your gateway to the internet, the place where all your communication begins. If this is compromised, then a whole world of trouble is just waiting to take advantage. The five vulnerabilities picked up for the Netgear RAX30 routers are:

CVE-2023-27357: this security flaw allows external attackers to identify and record sensitive information passing through Netgear RAX30 routers.
CVE-2023-27368: an attacker can use this vulnerability to execute malicious code on the compromised routers. And, as user data is not being correctly validated by the Netgear RAX30 router, threat actors are able to avoid having to authenticate their access.
CVE-2023-27369: much like the previous vulnerability, this specific flaw allows attackers to run malicious code, or indeed any code they like, on affected systems.
CVE-2023-27370: unfortunately, for users of the Netgear RAX30 router, sensitive configuration data is stored in plaintext on the router. This allows attackers, who can easily bypass the authentication mechanisms, to steal system credentials with ease.
CVE-2023-27367: the final vulnerability known to be affecting the Netgear RAX30 router is, again, one which allows attackers to exploit it and run malicious code through it.

With all five vulnerabilities scoring highly on the Common Vulnerability Scoring System (CVSS) – with three of them gaining a CVSS of 8 or above – Netgear has a big problem on their hands.

How Do You Safely Secure Your Router?

Netgear has been quick to address the five vulnerabilities, with an updated firmware version released on April 7, 2023. However, it’s important that you always make sure your router is as secure as possible. And you can do that by putting the following into action:

Always change default login credentials: some routers are shipped with default login credentials, but this makes them incredibly easy to guess. In fact, many lists of default credentials can quickly be found online. Accordingly, make sure you always change your router’s login credentials before going online with it.
Enable WPA2 encryption: Another way to protect your router is to enable WPA2 encryption. This will secure the wireless network and prevent unauthorized access. Make sure to use a strong encryption key and avoid using common words or phrases that can be easily guessed.

Always update your router: regular firmware updates and patches ensure that your router remains as safe as possible. However, it’s crucial that you install these as soon as possible. Sometimes it can be time consuming to go through the update process, but it can save you major headaches further down the line.

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 … 3 4 5 6 7 … 10 Next »

Yearly Archives: 2023