It’s always important to be cautious online, but it’s easy for people to fall victim to malware. Even security experts can fall for the tricks of hackers. 

Yes, even those skilled and highly experienced security researchers can find themselves on the receiving end of malware. The most recent piece of evidence for this phenomena is an attack which is as brazen as it is powerful. It revolves around a piece of bait left, by threat actors, on GitHub, an online repository for developers to store and share their code. And it was a piece of code, disguised as a highly tempting piece of software for a security expert, which led to many of these professionals being left embarrassed.  

How Were the Experts Fooled? 

The GitHub attack involved a piece of software being made available which claimed to be a proof-of-concept (POC). Typically, a POC is a demonstration of a software project, and is used to determine how feasible the project is and the potential of its long-term success. For a security researcher, a POC is a useful way to test for security vulnerabilities, and this is why they are frequently downloaded and analyzed. 

However, this specific ‘POC’ proved to be little more than malware in disguise. Within the fake POC structure was a malware downloader, which was used to download malware and set off a chain of malicious events. Once the malware was downloaded, it began by executing a Linux script to automate specific commands. This allowed the threat actors to start stealing data, which was automatically downloaded to a remote location, by scraping the entire directory of the infected PC. 

The fake POC also allowed the threat actors to gain full access to any of the infected systems. This was achieved by adding their secure shell (a protocol for operating network services) to the authorized keys file on the infected system. All of this was made possible, for the threat actors, due to a vulnerability – known as CVE-2023-35829 – discovered in the Linux operating system, an OS usually used by software developers. 

Avoid the Mistakes of the Experts 

You may be thinking that, if a security expert can fall victim to malware, what hope do you have in the face of targeted attacks? However, as we know, nobody is 100% immune from the efforts of threat actors, and this includes security researchers. As ever, vigilance is key to maintaining the security of your IT infrastructure: 

  • Be wary of malicious websites: while GitHub is far from malicious, the people using it often are. This means you should always do some research on what you’re downloading and who you’re downloading it from. So, for example, try Googling the username of whoever is offering you a download, and see whether there are any trustworthy results or otherwise. Alternatively, ask an IT professional to take a look and assess the risk – contrary to the GitHub attack, they can usually spot malware from a mile away. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More


What exactly happened when LastPass, a password manager service, found itself at the center of a data breach? And what does this mean for your passwords?

Password managers provide a convenient service, one where complex passwords can be generated instantly and then, going forward, auto-fills when requested. LastPass is a successful example of what a password manager can do, but it’s a role which comes with great responsibility. Login credentials, after all, are often the difference between gaining access and being denied access to a user account. Therefore, password managers need to be sure the credentials they hold are highly secure.

However, as LastPass users are now finding out, password managers are highly tempting to threat actors, and far from 100% secure.

How LastPass was Hacked

Used by millions of users all over the world, LastPass has established itself as one of the leading password managers. Unfortunately, this credibility has been rocked by revelations that the service’s encrypted password vaults have been stolen by hackers. The attack – which took place in August 2022 – was ambitious, and its success even more so.

LastPass’ backup copies of their users’ password vaults were stored, apparently securely, on a third-party cloud storage platform. This, in itself, is nothing unusual; storing backup copies of secure data in remote locations is good practice. Nonetheless, once third parties become involved in storing your data, you relinquish control of this data’s security. And this is exactly where LastPass has fallen victim to threat actors.

While the mechanics of the breach remain under wraps, LastPass has had to admit that personal identifiers – including addresses, phone numbers, credit card details and IP addresses – are among the stolen data. The password vaults – which are encrypted – have also been stolen, so this means the threat actors are closer to knowing your password. And, given they now have access to your personal identifiers, it makes brute force attacks easier.

What to Do if You’re a LastPass User

LastPass has been keen to stress that, although stolen, the password vaults are secure due to the encryption protecting them. However, these encrypted passwords are now in the hands of an unauthorized party and means they are seriously compromised. Therefore, it’s crucial all LastPass users take the following decisive actions:

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


The World Cup has arrived and, as ever, it is creating headlines around the world, but it’s also creating numerous opportunities for hacking groups.

Fair play should be at the heart of everything taking place on the pitch during the World Cup, which is being held in Qatar, but matters off the pitch are slightly different. Threat actors thrive on a good opportunity and the popularity of the World Cup – over 3.5 billion people watched the last World Cup final in 2018 – makes it full of potential. And it’s an opportunity which hackers have taken advantage of, with a string of malware campaigns launched before the first ball is kicked.

While these attacks have, so far, mostly targeted countries in the Middle East, it’s likely these efforts will spread globally as the tournament progresses. Therefore, you need to understand the tactics that the hackers are following.

Football Phishing Attacks Hit the Middle East

Security researchers at Trellix have discovered, in the lead up to the World Cup, a significant increase in the number of phishing attacks hitting the Middle East. These phishing campaigns have been shown to be unashamedly cashing in on the interest in the World Cup, with many of the emails claiming to originate from either departments within FIFA or even from specific team managers.

The emails being delivered to unsuspecting victims are used to tempt the recipients into clicking links which, for example, promise to take them to payment pages for match tickets. However, the true destination of these links are malicious websites. As with most malicious websites, the potential for risk is very high, and the websites involved in this latest attack have been found to be housing malware such as Emotet, Qakbot, Remcos, Quad Agent and Formbook. All these malware strains have the potential to harvest data and gain remote access to infected PCs.

How To Defend Against the World Cup Malware

Whilst the malware at the heart of this campaign may not be the most dangerous ever seen, the fact remains that it is malware. And all malware should be considered a major problem for your IT infrastructure. Accordingly, protecting yourself against these phishing campaigns, and any others in the digital wild, is paramount for your cybersecurity. Therefore, make sure you adopt these tactics into your team:

  • Analyze every email: if an email sounds too good to be true, it’s likely it is. Say, for example, you receive an email from a manager of one of the World Cup teams, it’s unlikely they would be contacting you directly. Likewise, if you receive an email regarding payment for something you’ve never ordered – such as World Cup tickets – you should be equally suspicious.
  • Use an anti-malware suite: one of the best ways to protect your organization is by installing an anti-malware suite. This is a collection of tools which provides protection against malicious websites and emails by evaluating their risk level as well as monitoring network connections and installing a firewall.
  • Install all updates: you can maximize your security by ensuring that all software updates are installed and in place. Taking this crucial step will maximize the security of your IT infrastructure by protecting you against software vulnerabilities.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Almost all cyber-attacks are due a common denominator: a mistake. We aren’t perfect, of course, but we can limit number of IT security mistakes we make.

Working on a PC is far from straightforward and, as a result, the sheer number of complex routines you must work through leaves plenty of room for mistakes. At the same time, all a hacker needs to take control of your system is a few milliseconds. Accordingly, even the smallest security mistake can leave your PC at the mercy of a hacker. However, by understanding what the most common, and usually simplest, IT security mistakes are, you can strengthen your IT defenses almost immediately.

Start Eliminating These Mistakes Today

If you want to make sure your IT infrastructure is safe from hackers, then you need to avoid these five IT security mistakes:

  1. Not locking your screen: you may trust your work colleagues, but the fact remains that numerous people will enter your organization’s premises throughout the day. Some may be familiar, some may not. And that’s why it’s crucial you lock your screen. All you have to do is hit the Windows button and the L key; your screen will be locked with a password and the contents of your PC immediately protected.
  • Underestimating your value as a target: threat actors are malicious and, although they are certainly interested in big targets, they’re equally likely to target smaller organizations too. Additionally, many cyber-attacks are automated and don’t discriminate against who they attack. Therefore, never assume that your small business is of no concern to hackers. Remain vigilant and practice good IT security.
  • Passwords on Post-it notes: we all know that remembering passwords is difficult, but the biggest mistake you can make is by writing your password on a Post-it note. And then sticking it to your monitor. Sure, it’s convenient for you, but it’s also highly convenient for anyone looking to compromise your PC. Instead, create passwords you can easily remember, but are difficult for anyone else to crack.
  • Assuming email attachments are safe: ever since email became a mainstay of modern communications, it has carried a huge risk of delivering malware through email attachments. Most concerning of all, these infected attachments may be sent by email contacts you consider safe, it could even be your colleague sitting next to you. Threat actors can easily take control of a victim’s email address book and email malware under the guise of the victim’s email address. And that’s why you should evaluate every email you receive.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


The aim of most hackers is to be discreet, but there’s almost always a tell-tale sign they’re at work. You just have to know what you’re looking for.

Damage limitation is an essential part of cyber-security and, accordingly, the sooner you realize you’ve been hacked, the sooner you can get to work on rectifying the issue. Establishing that you’ve been hacked, however, isn’t always straightforward. Hackers are well known for their stealthy attack strategies, and, in many cases, you’re unlikely to realize that you’ve been hacked. You may, instead, simply think that your network is experiencing technical problems, and that’s why you can’t access your files, or why your PCs performance has ground to a halt. But you also need to consider that you may have been hacked.

How Do You Know You’ve Been Hacked?

There are several clear giveaways that your organization’s digital defenses have been breached, and here are five of the most sure-fire ways to know you’ve been hacked:

  1. Your Files are Encrypted: your day-to-day IT activity will likely center around the regular usage of files e.g. Word documents and Excel spreadsheets. But what happens when you can’t access these? Firstly, your organization’s productivity will plummet and, secondly, it could indicate that you’ve been the victim of ransomware. If your files are encrypted and a message is received demanding a ransom fee to decrypt them, then you’ve been hacked.
  2. Unusual Network Activity: regular traffic patterns should be easily identifiable on your network logs, but anything unusual should be closely scrutinized. Modern hacking methods often find malware communicating with remote locations to transmit information or download further malware. Therefore, any unknown locations that are delivering or receiving data from your organization need to be investigated.
  3. Persistent Pop-Ups: there’s nothing more irritating than a pop-up window when you’re trying to work on something. But when these are regularly popping up, when they shouldn’t be, there’s a good chance you’ve been hacked. Often, these pop-ups will try to convince you to perform an action, such as downloading an anti-malware app due to an infection on your PC. These, of course, are fake and are simply a devious strategy to get you to download further malware on to your PC.
  4. People Ask You If You’ve Been Hacked: one of the most obvious signs that you’ve been hacked is when people start asking you if you’ve been hacked. And this is because malware often hijacks email accounts to help spread spam. As a result, people you know – who are listed in your email address book – will be receiving spam messages direct from your email account. Naturally, these unusual messages will ring alarm bells with the recipients, and they are likely to check in with you to confirm if your email account has been hacked.
  5. Your Credentials are Available Online: hackers like to make money by harvesting valuable login credentials, these can then be sold to other hackers who want to breach security measures and gain quick, unauthorized access to private networks. Thankfully, applications such as Google’s Password Manager can warn you when these credentials turn up in password dumps, this is a good sign to immediately change all your passwords.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More