It appears that you can’t keep a good piece of malware down as Qbot, first seen over 15 years ago, has reared its ugly head once again. 

Qbot was discovered in the late 2000s and, since then, has gone through numerous developments to keep pace with modern IT systems. Also known as Qakbot, this malware has strong capabilities to cause damage, a scenario which can be attributed to its longevity as a threat vector. Qbot has a habit of suddenly emerging after a period of inactivity and its most recent spike in activity was seen at the end of 2022. With a long history of stealing data and being used to deliver further malware, Qbot is a threat which could easily target your IT infrastructure. 

What Does Qbot Consist Of? 

Historically, and still to this day, Qbot has been used to steal login credentials by logging keystrokes and giving remote access to threat actors. Alongside this, it has also been used to download additional malware – such as ransomware – and hijacking email threads. Now, you may not be familiar with email hijacking, but it’s important you’re aware of what this is. 

Qbot is a sneaky piece of malware, and this is most readily demonstrated by its ability to hijack email threads. This is basically when it jumps into your email threads and messes with the messages. It does this to try and trick you into thinking you’re having a genuine conversation. This technique makes you more likely to click on a malicious link. It’s most effective in a work environment where people are used to communicating frequently via email. Qbot has been deploying this attach method regularly since 2020 and has been highly successful. 

How Much of a Threat is Qbot? 

Given its longevity, it should come as no surprise that Qbot is successful. However, Qbot is, in fact, the most prevalent malware currently active in the digital landscape. Therefore, you’re more likely to be infected by Qbot than any other piece of malware. It’s a serious feather in the cap for the developers behind Qbot’s latest incarnation, but it spells trouble for most PC users. This means it’s crucial that you know how to defend your IT systems. 

Staying Safe From Qbot 

The threat from Qbot is very real, but you can strengthen your IT defenses by employing the following best practices: 

  • Always install updates: make sure you install all updates as soon as they become available. Qbot thrives upon vulnerabilities in software, such as the Follina exploit, so keeping everything updated is an easy way to secure your network. It may feel time consuming for what is a small step, but allowing automatic updates ensures it makes a big difference in the long run.
  • Beware of phishing emails: email hijacking is very similar to spear phishing in that it attempts to trick your employees into clicking malicious links. Accordingly, you should you encourage your team to take their time and double-check emails for things like strange links and unusual writing styles. Even a quick 10-second check of an email will reduce your risk of being compromised. 
  • Backup: Qbot is often used to distribute ransomware and, as we know, ransomware can often rob you of your data. Often, it won’t even return your data if you pay the ransom fee. Therefore, protecting your data with regular and multiple backups is essential. With backups readily available, you will be able to navigate away from the threat actors and simply restore your data. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More


Linus Sebastian, owner of popular YouTube channel Linus Tech Tips, has revealed how he woke at 3am in the morning to find his channel hacked. 
 
Linus Tech Tips is a YouTube channel which delivers technology-based content to over 15 million subscribers. Driven by Sebastian’s passion for technology, the channel has been running for 15 years and proven to be wildly successful. So, not surprisingly, it made a tempting target for hackers. As well as Linus Tech Tips, two other channels associated with Sebastian – TechLinked and Techquickie – were also compromised in this attack. 
 
While your organization may not run a YouTube channel, the method in which Linus Tech Tips was hacked could be applied to any IT system. Therefore, it’s crucial that we learn about session hijacking. 

What Happened to Linus Tech Tips

Alarm bells started ringing for Sebastian when he was woken at 3am to reports of his channels being hacked. New videos had been loaded and were being streamed as live events. But, far from being productions sanctioned by Sebastian, they were rogue videos featuring crypto scam videos apparently endorsed by Elon Musk. 

Desperately, Sebastian repeatedly tried to change his passwords, but it made no difference; the videos continued to be streamed. Sebastian was equally puzzled as to why the associated 2FA processes hadn’t been activated. Eventually, he discovered the attack was the result of session hijacking. 

A member of Sebastian’s team had downloaded what appeared to be a PDF relating to a sponsorship deal, but the file was laced with malware. Not only did the malware start stealing data, but it also retrieved session tokens. You may not be familiar with session tokens but, effectively, these are the authorization files which keep you logged into websites. So, when you return to that website, you don’t have to re-enter your login credentials each time. Unfortunately, for Sebastian, it gave the threat actors full and unauthorized access to his YouTube channels. 

How Do You Prevent Session Hijacking? 

Once it had been established that compromised session tokens were behind the breach, YouTube was able to swiftly secure Sebastian’s channels. Nonetheless, the ease with which the threat actors managed to bypass login credentials and 2FA is troubling. This means it’s vital you follow these best practices to protect against session hijacking: 

  • Understand what malware is: the attack on Linus Tech Tips was the result of malware and social engineering combining to deliver a sucker punch. Accordingly, educating your staff through comprehensive and regular refresher courses should be a priority. This will allow your staff to identify threats before they are activated and protect your IT systems from being compromised. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 


Read More


IT documentation is seen by many businesses as a labor-intensive task with little value. However, this is a big mistake as IT documentation is essential. 

The complexity of even the most basic IT infrastructure is vast. Therefore, it makes sense for all organizations to record details about their systems. This can take in simple details such as ID numbers for individual workstations all the way through to more complex configurations including SSL certificates and firewall settings. With this information at your disposal, you will have a much better understanding of your IT infrastructure. While it’s recommended to maintain digital copies of your IT documentation, it also makes sense to keep printed copies in case of an IT emergency. 

Why Do You Need IT Documentation? 

As we’ve already stated, IT documentation isn’t taken very seriously by all organizations. They are, after all, often busy focusing on other objectives. But this outlook can come back to haunt you when there’s a major IT failure within your infrastructure. And, once you’ve done the hard work of establishing a documentation system, maintaining it is relatively straightforward. 

So, for those of you who still need convincing, here are the main reasons that IT documentation is crucial: 

  • Acts as a useful inventory: any modern business will be aware of the need for IT equipment, but managing the sheer number of devices is often difficult. In fact, ask most businesses how many PCs and laptops they own, and they’ll struggle to give you a solid answer. Consequently, this can cause overspending when organizations believe new equipment is required, but readily available equipment has simply been lost in the system. But, with all your inventory recorded, you can make better purchasing decisions. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More


Your server room should act as the heartbeat for all your day-to-day IT operations. But it will only support your productivity if it’s maintained correctly. 

The complexities of a server room are numerous. Not only is there the wide range of technical equipment which needs to be connected, but there are also several health and safety requirements which need to be met. This means that keeping a server room operating is hard work, but it’s a task which is crucial for any modern business. 

Why Do You Need to Maintain a Server Room? 

A well-maintained server room is essential for preserving the reliability of your computer networks and overall IT infrastructure. By providing a secure, controlled environment, you will ensure your server room is optimized for housing IT equipment such as servers, routers, data storage and back-up power supplies. Failing to maintain a server room will jeopardize the long-term health of all your IT operations. Therefore, maintaining your server room is vital for your business to remain operational and productive. 

How Do You Maintain a Server Room? 

Optimizing the performance of your server room is essential, but how do you go about maintaining it correctly? Well, the best way to get started is with the basics, so make sure you implement the following into your server room maintenance: 

  • Practice good cable practices: server rooms rely heavily on cables to connect equipment together, but cables can quickly become a tangled mess. This can cause two major problems: identifying specific cables becomes difficult and the risk of overheating increases significantly. Accordingly, you need to group cables together and label them to allow quick identification. The best way to group cables together is by using velcro straps and you can easily label cables by color coding them e.g. yellow for communication cables and blue for data. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More


At the start of March 2023, a new National Cybersecurity Strategy was launched by the Biden administration. And it promises big things. 

The previous National Cybersecurity Strategy was released by the Trump administration in 2018. However, since then, the world and the internet has changed significantly. An updated strategy makes sense. But what exactly does it seek to change about the way in which we access and navigate our way through the internet? Well, for one thing, it starts by stating that the Biden administration will be investing $65 million in order to provide every American with access to high-speed internet. 

In terms of cybersecurity, however, the 2023 strategy tackles a much broader range of problems

The Ins and Outs of the 2023 National Cybersecurity Strategy 

The paper which outlines the 2023 National Cybersecurity Strategy is 35 pages long. It’s also a complex read. But this doesn’t mean the main takeaways are exclusive to high-level IT experts. This is why we’ve decided to help you by breaking down the five pillars that the paper covers: 

  1. One of the major priorities of the 2023 strategy is to secure our critical infrastructures. This means that essential systems and networks – such as energy grids and water supply systems – are at risk from cyberattacks. And, just imagine, if a group of threat actors disrupted power supplies, it would result in a major catastrophe. Therefore, the Biden administration is aiming to foster collaboration between government agencies and other stakeholders to identify and protect against any vulnerabilities. 
  1. Strengthening our cyber defenses and disrupting threat actors has been identified as a major area for the 2023 strategy to cover. This involves developing strong cybersecurity policies, ones which can quickly detect and respond to cyber-attacks. Once developed, these policies need to be implemented as seamlessly as possible to protect our networks. Naturally, investment in technology and skilled staff will feature heavily in the success of this second pillar. 
  1. The third pillar of the new National Cybersecurity Strategy seeks to make market forces drive security and resilience. This means that companies which own personal data will be expected to develop more secure storage systems, and existing laws will be updated to protect users against the risk of software vulnerabilities. The aim of this pillar is to ensure that developers need to foster higher standards of care. The result will be a safer digital landscape. 
  1. Investment is crucial in any area seeking to make improvements, and the internet always needs improvements. Accordingly, the Biden administration is seeking to improve three key areas: computing technology, clean energy technology and biotechnology/biomanufacturing. This pillar is also concerned with strengthening the US cyber workforce through enhanced education and digital awareness. 
  1. The final pillar in the 2023 strategy focusses on the importance of international partnerships to pursue shared goals. After all, the US alone cannot stop the rise of cybercrime. Common threats need to be addressed by sharing resources and pooling knowledge. The end objective is to deliver higher levels of assurance that digital systems and platforms are safe and secure. 

The latest National Cybersecurity Strategy continues the excellent foundations put in place over the last two decades. It’s a responsible step for the Biden administration to take and, at the very least, will provide peace of mind that the internet remains, on the whole, safe to use. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More