Snatch Malware Proves That Safe Mode Isn’t so Safe

malware, Network, Ophtek, Ransomware, Security, Security Threats, , , ,
14
Jan 2020

We’ve all had to boot into safe mode on our PCs at some point and you would assume it’s a safe environment. But the Snatch malware is proving otherwise.

Safe mode is a configuration mode that you can request your PC to boot into at startup. In safe mode, your PC will only execute essential applications. The functions of your PC will be limited, but it’s the perfect environment for fixing problems and removing various forms of malware. But it appears that Snatch is a brand of malware which can thrive in safe mode.

Snatch is a multi-factor threat which can cause real damage to your business, so it’s a slice of malware that you need to be protecting yourself against. To give you a head start, we’ve put together a quick lowdown on Snatch.

What is Snatch?

Snatch is a newly discovered malware variant which contains two key threats: a ransomware function and the ability to log and steal user data. It’s not the first piece of malware to come loaded with these threats, but its infection strategies are unique. Using brute force attacks, Snatch is targeting the PCs of various organizations. So far, this sounds far from unusual as brute force attacks are a fairly conventional form of hacking. But Snatch has a unique strategy.

Following the initial infection, Snatch forces the PC to reboot. And it’s at this point that Snatch informs the PC to boot into safe mode. It’s believed that this unusual, yet clever, step is initiated in order to avoid anti-virus software which is often disabled in safe mode. From here it can execute its malicious payload. Snatch will then begin encrypting files and demanding ransoms that have been as high as $35,000. There is also evidence that surveillance threats are present in Snatch, so data harvesting is likely to start once the infection is unleashed.

Protecting Yourself from Snatch

The Snatch malware has the capability to cause extensive damage to your organization in terms of both finances and credibility. It’s also disturbingly efficient as it deletes any volume shadow copies of the files it encrypts. By deleting these volume shadow copies, Snatch is ensuring that it’s impossible to restore the encrypted files. Therefore, it’s crucial that you protect your PCs from Snatch by:

  • Practice Good IT Security: The backbone of any secure network is based upon the actions of those using it. And this is why it’s important that all your users understand the basics of IT security. By embracing these practices it’s possible to keep your PCs protected from the majority of majority of malware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Making Your Passwords Stronger with Password Checkup

Hacking, Ophtek, Password Security, Security Threats, ,
07
Jan 2020

Passwords are the single most important safety tool at your disposal. But passwords need to be strong. And creating strong passwords is far from easy.

Thankfully, Google has solved this problem for us. All you need to do is get on board with their new service: Password Checkup. Not sure what Password Checkup is? Well, as luck would have it, we’ve put together a quick guide for you.

The Problems with Passwords

There are certain passwords which are used time and time again. And not just by individuals. We’re talking millions of people all over the world using similar passwords. These includes all the old favorites such as Password123, abc123 and Passw0rd. Sure, these are easy to remember. But their ubiquity means that they represent a major security risk.

Modern security techniques, of course, have negated the impact of weak passwords, but only marginally. Two-factor authentication, for example, puts an extra barrier behind passwords. But this is not there to be treated as a security option to fall back on. That’s why you need to start with a strong password and work from there.

But the sheer number of sites and applications we log in to in the 21st century is mind-boggling. Memorizing all of these passwords requires some serious memory skills. The quickest solution to this problem is to write them all down. But, that’s right, you’ve guessed it. Writing down passwords is yet another security threat.

Password Checkup is the Solution

Google, the great innovator of technology, has decided to simplify and improve the password process. And the result is Password Checkup.

Google Chrome and individual Google accounts have long had a built in password manager. This has allowed users to not only generate passwords, but also store them securely. Users, therefore, have been able to browse online securely and access all their services with ease. But this isn’t enough for Google. They want to push the concept a little further.

And this is where the Password Checkup extension comes in. Available from the Chrome web store, all it takes is a simple install process to activate Password Checkup for Chrome. But what does it do? Well, its main objectives are:

  • Identifying whether your username/password combination has been exposed. Breaches of third-party databases are rife. But, thanks to the data at its disposal, Password Checkup can advise you of this and prompt a change of password.
  • To analyze your existing passwords and recommend strengthening them if required. Your passwords may be securely stored in Chrome, but this doesn’t mean they can’t benefit from strengthening further.

The Password Checkup extension isn’t the only method in which you can use the service. You can also log on at passwords.google.com to manage and analyze your stored passwords.

Stay Safe with Password Checkup

All it takes is for one password to be breached to cause untold damage. But Password Checkup helps to nullify this threat. Thanks to its clever technology, Password Checkup keeps you on top of weak and exposed passwords. This knowledge allows you to act quickly and effectively to secure your passwords. And, with Password Checkup soon to be an integral feature of Chrome, the future looks bright and secure.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Quick Tips for Maintaining Your PC

Backup, Best Practices, Company Updates, Ophtek, PC Tools, Updates, , , , ,
31
Dec 2019

Like any other electrical product, PCs are prone to failure due to the number of components involved. But a well maintained PC is likely to last longer.

Your organization’s PCs are likely to be crucial for your day-to-day operations, so you need to make sure they are in good working order. After all, you wouldn’t let your car fall into a state of disrepair. You would make sure your car is regularly serviced and maintained to make sure you could continue getting from A to B. And a PC is no different. But, thankfully, you don’t need to pull on your overalls or take your PC to a garage to maintain it. You can complete regular maintenance’s quickly and easily from your office.

How to Maintain Your PC

If you want to keep your PC working to its full potential and optimize its productivity then make sure you practice the following:

  1. Declutter Your Startup: When your PC starts booting up it also starts loading all the programs which are defaulted to load at startup. However, not all of these are necessary. And the more programs that need to load then the longer the startup time. Therefore, head to Task Manager on your PC and click on the Startup tab. From here you can remove any unnecessary programs and speed up your boot time. 
  1. Install all Updates: It’s important that all recommended updates are installed immediately. These updates aren’t just related to security issues. Sometimes they are released by developers in order to fix bugs in their software and enhance the product. Ultimately, an update is one of the quickest ways to optimize your PC and ensure that it’s well protected. 
  1. Always Shutdown Correctly: The shutdown process on a PC can be a frustrating affair due to the time taken, but it’s important that you follow this procedure to the letter. It may be quicker to turn the PC off at the mains, but this approach can lead to corrupted files. Instead, make sure you save all your files and close each application down before waiting for the PC to run through the shutdown procedure. 
  1. Carry out a Registry Clean: Your PCs registry is a giant database which logs everything that happens on your PC. If you install a program or change your password then this is logged in the registry. And, over time, the amount of data stored here starts building up. This may not be too much of a problem with newer PCs, but if you’re running an older PC this can create performance issues. However, you must proceed with caution and it’s recommended that you use a highly rated registry cleaner to perform the clean to avoid issues. 
  1. Delete Unwanted Programs: It’s natural that your PC will gradually accumulate more and more installed programs over time. But not all of these programs remain relevant. And if you are running programs that are no longer relevant then they are putting an unnecessary strain on your PCs memory. So, every couple of months, make sure that you evaluate the programs installed on your PC. This will give you a clear idea of what can be uninstalled and what can remain. The result will be improved performance for those that remain.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Best Plugins for Browsing Safely in Chrome

Chrome, Google, Ophtek, Plugins, Security, , ,
17
Dec 2019

Google’s Chrome browser is a popular browser and one that it is relatively secure. But it can be made even safer with the correct plugins.

It’s estimated that over half of all web traffic goes through Chrome browsers and this popularity is down to its innovation and simple interface. However, the success of Chrome has made it a target of hackers. And this has been highlighted by the recent WizardOpium vulnerability which required a swift patch from Google. There’s added danger for Chrome users from more generalized online threats such as malicious websites and data security concerns. Thankfully, help is at hand for web users in the form of security plugins.

And, to help you enhance your Chrome experience, we’re going to examine the best plugins for browsing safely in Chrome.

What is a Plugin?

You may not be familiar with plugins, so it’s probably a good idea that we start by explaining them. A plugin is a piece of software which, as the name suggests, ‘plugs in’ in to your browser. Acting as an additional software component, a plugin adds extra features to your browser. The types of plugin availability aren’t just limited to security features either. Adobe’s Flash player, for example, is probably one of the most well-known browser plugins.

Chromes Best Security Plugins

It’s now time to take a look at the best plugins for browsing safely in Chrome:

  • Ghostery: A privacy ad blocker, Ghostery grants Chrome the opportunity to block adverts and stop data trackers from harvesting your data. The plugin allows you to customize which ads and trackers remain active whilst blocking the more suspicious ones. And, best of all, by blocking ads and data trackers you will speed up the load time of webpages.
  • Web of Trust: It’s estimated that there are up to 18.5 million malicious websites online, so you need to be careful where you browse. With a plugin such as Web of Trust you can maximize your safety. Not only does Web of Trust advise you when you land on an unsafe website, but it also displays ‘reputation’ icons next to the results generated by search engines.
  • Blur: Passwords are a crucial element of safe web browsing, but they need to be kept secure. If your passwords are compromised then you’re at risk of having your personal data stolen. Blur helps you to avoid this. It’s a powerful plugin which can generate strong passwords while also encrypting and saving them. This ensures that there’s no need to memorize or write down you passwords; you can just click and go. 
  • HTTPS Everywhere: The best websites are those with a URL which starts with https rather than just http. The additional S of https indicates that it’s a secure website. However, if you have installed the HTTPS Everywhere plugin then, in most cases, it will be able to automatically switch a http site to a more secure https version.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

WordPress Sites are Quietly Downloading Malware

Hacking, Ophtek, Security, Security Threats, WordPress, , , ,
10
Dec 2019

WordPress is a popular platform for building websites, but this popularity has made it a target for hackers. And it’s now being used to launch hacks.

It’s estimated that around 75 million websites use WordPress as the backbone for their content. But not even the largest and most profitable tech companies are immune from hacking. Vulnerabilities are present in almost every piece of software ever designed. And when these vulnerabilities are discovered they will be exploited almost instantly by hackers. WordPress has fallen foul of this all too common scenario and, as a result, 100,000 web users have felt the attentions of these hackers.

Due to the ubiquity of WordPress websites it’s likely that your organization engages with them on a daily basis. It may even be that your organization’s website is hosted through WordPress. Either way, the threat presented is one you want to avoid, so let’s take a look at it.

How were the WordPress Sites Compromised?

Security experts Zscaler were the first people to identify that WordPress sites had been compromised. The nature of the hack is sophisticated, but relatively simple to pull off. After discovering a vulnerability in the ‘theme’ plugin, which is included in WordPress sites, the hackers were able to infect the sites with malicious scripts. These scripts were a form of code which redirected visitors to a Flash Player update alert. However, this urgent update was fake and all that would be downloaded was a malicious file.

The file in question was a Remote Access Trojan (RAT) which allowed remote access to the infected PC. And, with unrestrained access, the hackers were granted the opportunity to download and distribute malware as well as the chance to compromise data. But this isn’t the only way in which the malware infects PCs. Those using the Chrome browser faced an additional threat. Upon visiting the infected WordPress sites, Chrome users were prompted to download an update for the ‘PT Sans’ font. Again, this is a deceptive request and downloads the RAT.

Protecting Against the WordPress Hack

If you own a website which is built on the foundations of WordPress then it’s crucial that you update the associated content management system. This will instantly prevent your website from cultivating the hack and protect your visitors.

Unfortunately, it’s not always possible to tell when a website is using the WordPress system, so you should make sure you practice the following:

  • Scrutinize all Popups: The sheer range of dangerous popups means that they should always be scrutinized. Fake updates tend to stress an extreme urgency which is designed to tempt users into clicking them without checking. Instead, users need to take a second and consult with an IT professional to verify the update is genuine. 
  • Install Anti-Virus Software: It’s vital that your organization uses anti-virus software. Not only can it identify threats such as the WordPress hack, but they are regularly updated. This ensures that your organization is protected from all the latest threats. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 48 49 50 51 52 123