Data Security Archives - Page 4 of 5

Windows Defender Needs Defending

Cyber Security, Data Security, Defender, Ophtek, PC Security, Security, Windows DefenderAnti Malware, Ophtek, security, vulnerabilityOphtek, LLC

Jan 2021

You would like to think that your security software keeps you secure and, on the whole, it will. But there is the chance it could be turned against you.

One of the most trusted anti-malware tools is Microsoft’s Windows Defender app. Originally launched in 2005 – as Microsoft AntiSpyware – Windows Defender is a free tool which offers real-time protection against infected files and websites. It’s a highly effective piece of software and one that all Windows users should ensure is running. But, in an ironic twist, Windows Defender has fallen victim to a vulnerability. And, as you would expect, hackers have been keen to capitalize on it.

The Windows Defender Vulnerability

The basic process of Windows Defender is that it scans files and activity on a PC for any malicious potential. If these files are considered suspicious then they will be quarantined by Windows Defender; the user then has the option to either restore or delete the file. However, a problem has been discovered in Windows Defender in the form of CVE-2021-1647. This code, allocated by Microsoft, indicates that it’s a vulnerability in Windows Defender which allows remote access to the app.

By allowing remote access to Windows Defender, this vulnerability grants hackers the chance to turn the app against its user. Instead of scanning malicious files and quarantining them, remote users will program Windows Defender to execute these files. Therefore, a hacker could send infected files to a user safe in the knowledge that Windows Defender will do the hard work for them. It’s a serious threat and one which could cause major problems for your network in a matter of seconds. The exploit has been recorded as active in the digital wild, so this demonstrates that hackers have been aware of it for some time.

Defending Windows Defender

It may sound a tall order to defend a piece of software there to defend you, but this is the world we live in. Thankfully, putting safety measures in place is relatively simple. The vulnerability in question has been fixed thanks to a patch swiftly released by Microsoft. This will be installed automatically and requires no work on the user’s part. Naturally, this does not mean that Windows Defender is 100% secure, the threat of further exploits being discovered remains a possibility. But, by ensuring that automatic updates are in place, your system will be safer than before.

Final Thoughts

Vulnerabilities in PCs are all too common and even Microsoft are not immune from these flaws in their products. The Windows Defender vulnerability – and others such as Zerologon – underline the importance of installing updates. The simplest way to secure your PC is by making sure it has the best chance to defend itself. Accordingly, updates need to be installed as soon as possible. When it comes to Microsoft updates, these can be set to install automatically. This gives you the best chance of staying ahead of exploits and any hackers using them.

For more ways to secure and optimize your business technology, contact your local IT professionals.

5 Things That Are Slowing Your PC Down

Best Practices, Data Security, Data Storage, disk cleanup, Hacking, IT Efficiency, Ophtek, PC Tips, PC Tools, SpeedOphtek, Performance, productivity, security, speedOphtek, LLC

Sep 2020

We live in a high speed age which allows us to be more productive than ever, but if anything can throw a wrench in the works it’s a slow PC.

The experience of a slow and sluggish PC is one that everyone is familiar with. And dealing with this frustration never gets easier. In fact, a PC which regularly slows down can have a serious impact on your job productivity. The complexities of the inner workings of a PC mean that identifying the exact cause is difficult. But this doesn’t mean you need to continue struggling.
It’s possible, with relative ease, to employ a number of methods and practices that will help restore your PCs speed.

5 Steps Towards a Faster PC

If you want to start ramping your productivity back up then make sure you look at the following:

Defragment Your Hard Drive: A PC is, essentially, a data storage device. But the data stored on a PC needs to be retrieved every time it’s required. And the more data you store on your PC the more uneven this data distribution is. The end result is fragmented data that becomes increasingly harder to piece together. Naturally, this means that processes take longer to complete. Performing a disk defragmentation will help to reorganize your data and can easily be achieved with the Microsoft Drive Optimizer app.
Browser Add-Ons: Installing add-ons to your web browser can help to maximize your online productivity, but too many can start to slow down your browsing experience. It’s common, however, to install add-ons that soon fall into disuse and no longer serve any purpose. Therefore, if your speed issues are only apparent when you’re using your browser, it may be worth evaluating your active add-ons and disabling any you don’t need.
Start-up Programs: When a PC loads up it will automatically load up a long list of programs that are listed in your System Configuration. The more programs that are listed in System Configuration then the longer your PC will take to load up. Many of these programs, though, are not necessary during the start-up process e.g. a messaging app that you don’t use regularly. To avoid a bloated start-up experience just head into MSConfig and check what’s included in your start-up.
Hard Drive Space: Your hard drive may, for example, have a capacity of 500GB but it’s not recommended to fill it to breaking point. The operating system on your PC needs a certain amount of hard drive space to carry out essential tasks such as creating temporary files. And if this space isn’t available then your PC will struggle to operate correctly. Regularly evaluating what is on your PC and what can be removed is crucial to avoid this.
Malware: Hackers are keen to take control of PCs through the use of resource-heavy malware. Depending on the nature of the malware, such as a DDoS attack, your PCs memory can soon become overloaded and grind to a halt. Accordingly, you need to maintain good security practices to prevent the impact of malware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Reductor Malware Brings a New Threat to Data Security

Data Security, Internet, malware, Ophtek, Securityinternet, malware, Ophtek, security, vulnerabilityOphtek, LLC

Oct 2019

Each time that malware evolves it becomes more dangerous. And our data becomes less secure. A case in point is the Reductor malware.

We’re used to malware being used to download malicious files and open up remote access to infected PCs, but Reductor is different. It’s new and it does things differently. And it’s this unfamiliarity which makes it all the more dangerous. Focusing its target on web traffic, Reductor brings a new threat to data security. Combating it is crucial, but to do this you need to understand how Reductor works.

It’s not easy to understand how a new piece of malware operates, so let’s drill down into its core and see what we can discover.

The Basics behind Reductor

Reductor, which has only recently been uncovered by Kaspersky, is a sophisticated piece of malware. Its main objective is to compromise encrypted web traffic. But what does this mean? And how does Reductor achieve this? Well, when a website is secure it will use Hypertext Transfer Protocol Secure (HTTPS) to securely transmit data. And this allows sensitive data such as login and credit card details to be encrypted into nonsensical code. Anyone attempting to view this encrypted data will be unable to make use of it.

But Reductor allows hackers to view all of this sensitive data before it’s encrypted. It does this by compromising the Transport Layer Security (TLS) and manipulating the associated security certificates. Reductor also patches the pseudo random number generator (PRNG) to establish how the corresponding data will be encrypted. It’s then possible to decrypt any resulting data with ease. And, despite all this activity taking place, the web traffic does not exhibit any signs of having been altered. Therefore, Reductor is unlikely to arouse the suspicious of any infected users.

Staying Safe from Reductor

Web traffic contains such an immense amount of data that concealing it from prying eyes is crucial. Reductor aims to remove these barriers and exploit as much data as it can. But you can protect yourself by taking note of the following:

Reductor has been located within distribution software including WinRAR and Internet Downloader Manager, so proceed with caution when working with any third-party software.

The infection spread by Reductor appears to infect the Chrome and Firefox browsers, so it is advised that these are regularly scanned for unauthorized files.

Run any downloaded files through anti-malware software to limit the risk of executing carefully concealed malware.

Thankfully, following the discovery of Reductor, the majority of anti-malware manufacturers now offer protection against Reductor and the ability to block it.

Final Thoughts

Privacy concerns have become a major issue over the last decade with malware being at the forefront of this rise. And Reductor is only going to fan these flames further. It’s likely that malware will evolve into something even more sophisticated over the next couple of years, so it’s important to take note of any developments in malware. As ever, proceed with caution online and, most importantly, if something looks suspicious do not click it.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Just How Safe is Your Data with Kaspersky?

Data Security, Javascript, Kaspersky, Online Security, OphtekData Security, Kaspersky, Online Security, OphtekOphtek, LLC

Oct 2019

Cyber-security providers should be able to guarantee you one thing: security. However, it appears that Kaspersky isn’t as secure as you would imagine.

It’s fair to say that, with revenue hitting $726 million in 2018, Kaspersky is a major player in the cyber-security world. And it’s this success that has cultivated the high levels of trust placed in their products. Many would say that going without Kaspersky products in the 21^st century is a foolhardy move. And they certainly are effective at preventing security breaches when it comes to PCs. But stories are now emerging that your data isn’t necessarily safe when it’s in their hands.

We live in an age where it’s important to stay safe online and, accordingly, many people reading this will be using Kaspersky products. It’s crucial to be aware of any potential data risks, so we’re going to examine this story a little closer.

What’s happening with Kaspersky?

Malicious websites can be a nightmare when it comes to protecting your data. Kaspersky understands this threat and has designed software which can identify whether a website is malicious or not. It achieves this by injecting your internet browser with a Javascript code that evaluates the safety of every website you visit. If the evaluation flags a website as unsafe then Kaspersky will prevent you from visiting it. This is all well and good, but the Javascript code employed has a major flaw.

The code injected into your browser is unique. And it can be read by any website. This means that your online activity can be tracked. For example, if your unique code shows up on ophtek.com and avg.com then online marketers would be able to identify a specific interest of yours: internet security. It’s known as cross site tracking and is a method used to tailor online advertisements that are likely to appeal to those viewing them. While this is nothing new, especially when you consider how cookies are used online, it’s unheard of to hear of a cyber-security provider facilitating this.

Avoiding the Security Risks of Kaspersky

Kaspersky has been keen to reduce the concerns of worried consumers and has advised that any data breaches are highly unlikely. Naturally, this is very easy for a multi-million pound corporation to say and has all the hallmarks of a damage limitation exercises.

What has been more useful is the patch released which removes the unique ID associated with the Javascript code. The cross-site tracking issue should, therefore, be remedied with this patch. However, this updated version will still identify users as using Kaspersky – a valuable piece of information that can easily provide a hacker with an insight into your defenses. The only way to truly protect yourself while working with Kaspersky is to go into the settings and untick the ‘Inject script into web traffic to interact with web pages’

For more ways to secure and optimize your business technology, contact your local IT professionals.

Out-of-Office Auto-Replies: A Major Threat to Security

Best Practices, cyber attacks, Cyber Security, Data Security, Ophtek, out-of-office, Safety, Security, spam emailemail, Ophtek, out-of-office, security, vulnerabilityOphtek, LLC

Sep 2019

If you’ve worked away from the office then it’s likely you’ve set an out-of-office auto-reply on your emails. However, this could be very dangerous.

The problem with most out-of-office auto-replies is that they’re usually teeming with sensitive data. And this is data that anyone can harvest simply by sending you an email. There’s no filter on who receives the auto-reply. It’s sent to everyone. And this opens you up to a whole world of danger.

Let’s take a closer look at what these dangers are and how you can avoid them.

The Dangers of Auto-Reply Emails

The type of out-of-office auto-reply email you’re likely to have sent in the past looks like this:

I will be out of the office during the week of October 21 – 27 at the Networking Conference in Houston, Texas. During this time please contact my assistant Ralph Smith on 555-2820 with any service-related issues. If you need to reach me directly then please call me on my cell at 555-1234 and leave a message

Peter Jones – Service Manager – Plant Manufacturing – Jones.Peter@plantmanf.com

This is an informative auto-reply and one that will help anyone that has a genuine interest in working with your business. But it also provides far too much information. It could compromise your safety and also the security of your organization. Social engineering is a criminal’s best friend and, in the above example, you have provided them with several pieces of valuable information:

Availability: It’s not recommended that you reveal where you are and how long you will be there for in an auto-reply. In the example above it advises that Peter will be away from the office and his home for a set amount of time. Criminals, therefore, could plan to rob his home or, even more audaciously, turn up at his office and try to gain access.

Signature: When you’re actively communicating with someone else in business it’s recommended to use a signature block at the end of your emails. This helps to underline who you are in the organization and the various ways you can be contacted. It’s an excellent communication tool, but only when it’s used wisely. You don’t want this information being sent to just anyone, so it’s best to remove this from your out-of-office auto-reply.

Live Email Address: When it comes to email-spam there’s nothing the spammers love more than a confirmation that their spam has landed. And, when you set up an auto-reply, this confirms to any spammer that your email address is live. This information is then logged, automatically by spam bots, and your email address added to further spam lists as a worthy target.

Chain of Command: It’s important to limit the organizational details in your out-of-office auto reply message, so revealing that, for example, Peter’s assistant is Ralph Smith is not a wise move. This not only helps to leak a further individual’s contact details, but it reveals an insight into the chain of command that’s in place. And this could allow a criminal to impersonate Ralph Smith to gain further access to your data.

Final Thoughts

The key to a safer out-of-office auto-reply is to provide minimal specifics when it comes to your excursion. You shouldn’t provide contact details and it’s safer to simply state that you’re unavailable when it comes to your location. By reducing the amount of sensitive data in your auto-reply you should be able to thwart any criminals and any security risks.

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 2 3 4 5 Next »

Category Archives: Data Security

The Windows Defender Vulnerability

Defending Windows Defender

Final Thoughts

5 Steps Towards a Faster PC

The Basics behind Reductor

Staying Safe from Reductor

Final Thoughts

What’s happening with Kaspersky?

Avoiding the Security Risks of Kaspersky

The Dangers of Auto-Reply Emails

Final Thoughts