Malware Hidden in Fake Microsoft DirectX Download Page

Antivirus, Direct X, fake emails, fake websites, malicious websites, Microsoft, Ophtek, , , ,
11
May 2021

Microsoft is a name you should be able to trust. But, online, nothing is ever quite as it seems. And that’s why you need to be careful what you click.

DirectX is a crucial component when it comes to processing multimedia materials on Windows PCs. It has been in use for over 25 years now and is an established element of the Windows experience. But it’s this familiarity, and reliance on the software, which makes it the perfect target for hackers. Accordingly, security researchers have discovered a fake web page which claims to carry a genuine version of the software. Unfortunately, the only thing that this download contains is untold trouble and chaos for IT systems.

It’s always important to be aware of the latest threats, so we’re going to take you through the processes involved in this new attack.

Fake Website Spells Danger

The fake website in question has been set up by hackers to look like a genuine site offering a download of DirectX 12 for Windows. The hackers have been careful to disguise the website as genuine by putting some effort into its design. Most malicious websites are basic with the main emphasis being on a download button. While this latest website does rely on a download button, the designers have also included additional pages including: a contact form, copyright infringement details, a privacy policy and a legal disclaimer. This ‘extra effort’ is used in order to create a false sense of security.

Victims of this download scam are likely to find themselves at this website through a number of means: they may have received fake emails urging them to download a new version or they may have found the website through a search engine. Either way, the results of infection are the same. Clicking on the download page will forward users to a remote website where they are prompted to download the software. Two options are put forwards to the user: a 32-bit or a 64-bit version. Both files will then download further malware capable of the following:

  • Stealing confidential data such as login credentials by recording keystrokes
  • Unauthorized transmission of user files
  • Accessing a wide range of cryptocurrency wallets to steal funds

How to Avoid the Dangers of Malicious Websites

The threat of malicious websites is nothing new, but their continued presence online indicates that PC users need continual refreshers on them. Therefore, make sure that your staff practice the following:

  • Only ever download software from the manufacturer’s official website e.g. DirectX software should only be downloaded from Microsoft. And always double check that the website address is genuine. If in doubt, get an IT professional to verify it.
  • Install anti-virus software on your PCs that evaluates websites and blocks those that are suspected of being malicious. This is a common feature of almost all anti-virus software and offers you a valuable moment of thought before proceeding.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Microsoft Exchange Email Vulnerability Hits 30,000 US Firms Hard

Cyber Security, Data Security, email security, Hackers, Microsoft, Online Security, Ophtek, Software Security Patches, , , , ,
09
Mar 2021

Vulnerabilities in the Microsoft Exchange Server software have led to 30,000 US businesses being hacked. And it’s a very dangerous hack.

A total of four vulnerabilities have been discovered in Microsoft Exchange Server (MES) which has allowed hackers to carry out numerous attacks. The hackers appear to be part of a Chinese cyber-espionage group who specialize in stealing email communications. It’s believed that hundreds of thousands of firms have been attacked with at least 30,000 of them being US-based. As email is a crucial part of any modern business, it’s not an exaggeration to say that the MES hack is a major threat.

What is the Microsoft Exchange Server Hack?

The MES hack appeared, at first, to be concerned with stealing email data from organizations that were running the server through internet-based systems. The four vulnerabilities, present through MES versions 2013 – 19, allowed the hackers easy access to emails. However, the hackers – who Microsoft have called Hafnium – did not stop at stealing emails. Once they had access to affected systems, they also installed a web shell. This granted Hafnium the opportunity to gain remote access and full administrator privileges. The web shell is password protected and ensures that disrupting the hackers’ access is highly difficult.

Microsoft quickly formulated a security patch to eliminate the vulnerabilities, but many organizations have failed to install the MES patch. As a result, these organizations remain at risk. And, to make matters worse, Hafnium still has them in their sights. Using automated software, Hafnium is actively scanning the internet for any organizations using unpatched versions of MES. This allows the hackers to continue their campaign of data theft and disruption. It also appears that Hafnium is not fussy about who they target. Industries as wide ranging as NGOs through to medical researchers and legal firms have all been infiltrated by the MES hack.

Protecting Against Vulnerabilities

When it comes to attacks such as the MES hack it’s vital that patches are installed as soon as possible. The longer your system is unpatched then the chances of it being breached are exceptionally high. And, if you give a hacker enough time, there’s the chance of additional malware such as ransomware being installed. Setting your updates to ‘automatic install’ is the simplest and quickest way to minimize this risk. This will ensure that any security updates are in place the moment they are available.

But you can’t rely on a patch alone. Patches are not always available in time. And this means that you run the risk of having your systems breached and data stolen. Therefore, make sure that you also implement these procedures:

  • Monitor traffic entering and leaving your network to identify any potential breaches. Unusual levels of traffic can often indicate that hackers have taken control of your network.
  • Segment your network where possible. By separating your network into several different segments, you are limiting the access that a hacker has if they infiltrate your system.
  • Employ two-factor authentication procedures for gaining administrator privileges. This should make it next to impossible for hackers to take full control of your network.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Support for Microsoft Office 2007 Comes to an End

Microsoft, Office 2007, Office 2010, Office 2016, , ,
17
Oct 2017

maxresdefault (1)

You may have enjoyed a trouble free relationship with Microsoft Office 2007, but support for the suite has now ended. So what does this mean for you?

Well, the truth is that when support ends for a piece of software, you can continue using it almost exactly as you did before. It’s not going to stop working, in fact it will continue working for many years to come. However, without support, the software is effectively out there on its own without any help or protection. Security flaws are no longer closed and any bugs you discover will remain for good. And this isn’t particularly great for a business which wants to remain competitive.

Therefore, you need to make sure that you know how to move forwards from Microsoft Office 2007 and why you have to do this.

The End of Support for Office 2007

Support for Microsoft Office 2007 officially ended on 10th October 2017 as this was the point that Microsoft decided that it wasn’t viable to continue supporting it. It’s common practice for developers to do this, but when it’s a piece of software which includes Microsoft Word, Excel and PowerPoint, it’s kind of a big deal due to the number of people using these applications on a daily basis.

As mentioned previously, you can continue to use Office 2007 but you’re putting yourself at a huge risk of being hacked. You see, hackers see unsupported software as one of the easiest targets out there and, if they find a security flaw, they’re going to exploit it safe in the knowledge that it’s never going to get patched and these legacy attacks can cause major issues. There are also certain features which will no longer be supported e.g. Outlook 2007 can no longer use Office 365 to access Exchange Online mailboxes and this could create huge communication issues for a business.

maxresdefault

What Do You Need to Do?

Quite simply, you need to upgrade and you need to upgrade quickly due to the potential issues we’ve already outlined. Upgrading ensures that your version of Microsoft Office is not only secure, but can also operate in the way your business needs it to. There’s also the added bonus of new features which were never present in Office 2007.

It’s all a matter of cost, of course, but there are several options available when it comes to upgrades. Office 2010 is the next step up, but you have to bear in mind that Microsoft only ever grant their office suites a 10 year lifespan. Therefore, support for Office 2010 is due to be retired in just three years and means that a further upgrade would be needed relatively soon. This doesn’t make for great economics, so, to give yourself the best experience with Office it may be best to look at going straight in for Microsoft Office 2016.

With its lifespan barely started, Office 2016 promises to provide better security and a better work environment for your organization to operate in.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2