5 Useful Tips for Setting Up a New PC

Antivirus, Compatability, Default Browser, New PC, Ophtek, Power Options, Updates, , , , , ,
18
Jan 2022

An organization which keeps on top of productivity will regularly replace PCs which have become outdated. But what are the best ways to set up a new PC?

A new PC should instantly bring a boost to productivity to its user, but there’s always room for improvement. The complexity of hardware and software mean that it’s virtually impossible to get a PC’s configuration exactly right, especially the first time that it’s started up. However, there are a few useful tips which can help your organization maximize the functionality of its new PCs from day one. It’s merely a question of understanding the procedures behind this and then taking the time to implement them.

Luckily, we’ve decided to save you some time by outlining five useful tips for setting up a new PC.

Getting Your New PC Up to Speed

If you want to get your PC set up correctly and effectively, make sure you are mindful of these best tips:

  1. Check for Updates: While a new PC is ‘new’ it’s not completely new as its likely been sat in a warehouse for some time before being shipped. As a result, there are likely to be new updates available for not just Windows, but many of the applications pre-installed on the PC. Therefore, one of the first things to do is check for Windows Updates. You can then install these updates to ensure your new PC is as secure and productive as it should be.
  2. Run Your Antivirus Software: It’s not unheard of for new PCs to be pre-infected with malware before they leave the factory. Accordingly, it makes sense to run your antivirus software before a new PC is connected to the internet. This strategy ensures that your PC has the best chance of entering your network with the minimum security risk.
  3. Select Your Default Browser: Connecting to the internet is an important part of business life these days, but there are several options when it comes to browsing the internet. As an organization, it’s useful to adopt a company-wide default browser. Not only does this allow technical issues to be minimized, but it makes training much simpler. So, once a PC has been started for the first time, make sure you apply the default setting to your preferred browser.
  4. Check Existing Hardware is Compatible: A new PC doesn’t mean that you have to replace each and every piece of associated hardware. A mouse, for example, should be fine to keep and connect to your new PC. However, these pieces of hardware may not always be compatible with a new PC or operating system. Therefore, take the time to test existing peripherals to confirm if they can be transferred over or need replacing.
  5. Set Power Options for Laptops: If you are dealing with a new laptop then you need to make sure that its power options are optimized. Your employees are unlikely to be proficient in fine tuning this to provide maximum battery life, so make a point of implementing the best settings for them.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Solid State Drives Targeted by Stubborn New Malware

Hackers, malicious code, Ophtek, solid state drive (SSD), Updates, , , ,
11
Jan 2022

A new strain of malware has been developed which allows threats to be delivered to an inaccessible area of a solid state drive (SSD).\

The attack in question is not currently active, but the possibility of this attack has been modeled and proved successful by a group of Korean security researchers. However, hackers are persistent and they have likely been investigating such an attack for some time – similar strategies have already been employed to hide malware on hard disk drives (HDD). And, thanks to the rapid rise of SSDs over the last decade, threats to their security are only going to become more common.Combatting threats that have stealth on their side is crucial for protecting your IT infrastructures, so you need to take this threat very seriously. Let’s take a look at why and how your SSDs are at risk.

How Does This New Attack Work?

The Korean researchers have found a specific vulnerability in the design of certain SSDs which makes hacking them that little bit easier. An SSD which employs flex capacity (a technique where storage devices adjust their space to enhance performance) is the main target of this latest threat. Such an SSD contains an area known as over-provisioning which is located in an inaccessible area of the SSD. This area takes up, depending on the current demand, between 7 – 25% of the SSD capacity. And this over-provisioning area is invisible to the PCs operating system.

Due to the invisible nature of this over-provisioning space, it cannot be reached by applications such anti-virus tools or user intervention. However, it’s possible to exploit the size of this ‘hidden’ area and enlarge it by manipulation through the SSD firmware manager. Not only does this allow a hacker to deposit malware here, but it gives them access to the over-provisioning space – where sensitive data may remain for several months. It’s this sophisticated attack method which makes it difficult to detect and even more difficult to remove.

What Should You Do If You Have an SSD?

It’s believed that the attack required to exploit the over-provisioning area is not currently active. But it remains a viable threat and it’s only a matter of time before a hacker formulates a successful strategy. The sophisticated nature of this exploit means that tackling such an attack is difficult for an average PC user to complete. Solving this vulnerability lies with the manufacturers of SSDs who need to rethink the design of their systems.

Ideally, real time monitoring of these hidden areas needs implementing, with a view to providing a ‘wipe’ option when the over-positioning capacity increases rapidly. Nonetheless, it remains good practice to install every update and patch which is released for your SSD. Software within the SSD software will regularly need updating and these could be used to strengthen the defense of your SSD. Therefore, prioritizing and automating updates remains important to protect your PCs.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Malware Found in Illegal Downloads of Spider-Man Film

cryptojacking, firewall, malware, mining malware, moreno, Ophtek, torrents, , , , , ,
04
Jan 2022

Hackers have decided to cash in on the popularity of Spider-Man by infecting copies of his latest movie with cryptocurrency mining malware.

Going to the movies is an expensive activity these days and, as a result, many people are turning to illegal torrents. These torrents are shared by hundreds of different people, each sharing the entire film as a file, with downloaders able to download parts of the file from these multiple sources. It may sound like the perfect answer to paying and queuing at the movies, but it’s an act which infringes copyright and is 100% illegal. And, of course, there’s the little matter of malware being bundled into these torrents. Nonetheless, it’s estimated that around 28 million users download and share illegal files every day.

Illegal downloads are here to stay, so it’s important that you understand the dangers they carry in terms of cybersecurity. And the Spider-Man example is the perfect place to start.

Using Spider-Man to Spread Malware

The latest Spider-Man movie is ‘Spider-Man: No Way Home’ and it was released to theatres in December 2021. Within days of the movie’s premiere, poor quality copies – often filmed from within a theatre – started appearing on torrent sites such as The Pirate Bay. However, there were also torrents available which contained a nasty surprise. Several torrents which claimed to be of No Way Home contained a file with the name of ‘spiderman_net_putidmoi.torrent.exe’ – ‘net_putidmoi’ being Russian for No Way Home.

But far from presenting you with a copy of the new Spider-Man movie, activating this file would launch cryptocurrency mining malware. The malware automatically added exceptions to Windows Defender in order to avoid detection on the infected system. With this concealment in place, the malware could then harvest the PCs processing power to mine a cryptocurrency known as Monero. While mining cryptocurrency is legal, the hijacking of PCs to power this process is highly illegal and dangerous.

How Do You Avoid These Types of Infection?

The malware involved in the Spider-Man hack has not been shown to compromise any personal information. But it will slow your PC down. And a more dangerous piece of malware could easily start compromising your data. Therefore, it’s essential that you avoid falling victim to malware hidden in torrents. The best way to stay safe is:

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What are Zero-Click Attacks?

malicious code, Ophtek, Pegasus spyware, Software Security Patches, zero-click attacks, , , ,
28
Dec 2021

One of the less mentioned security threats for PCs is the zero-click attack. Nonetheless, zero-click attacks are one of the most dangerous threats we face.

Traditional cyber security measures tend to focus on PC users following best practices to protect their PC. And, overall, it’s an effective approach. Understanding the importance, for example, of verifying a link in an email before clicking is crucial. But there’s only so much that individuals can do to protect themselves. If hackers can remove this ‘human’ factor from gaining access to a PC then they should, in theory, be home free. And, with a zero-click attack in their toolbox, hackers can quickly exploit even the most vigilant PC users.

How Does a Zero-Click Attack Work?

The most common technique employed in carrying out a zero-click attack is:

As you can see from the above description, at no point does the victim have any involvement. It’s this element of the strategy which makes it most troubling for PC users. The technique involved could, for example, involve a message being sent over Skype, a message which is not even opened by the recipient. Yet, the fact that it has been received on a PC means that it can unleash a malicious payload. Perhaps the most famous example of a zero-click attack is the Pegasus spyware hack which allowed hackers to gain access to users’ smartphones via a single WhatsApp message being received.

How Can You Combat Zero-Click Attacks?

It may seem difficult to protect yourself against the unprotectable and that’s why concern has been rapidly building around zero-click attacks. Thankfully, most zero-click attacks – such as Pegasus – have only targeted a tiny proportion of people, mostly government officials and high-ranking journalists. But this is far from a guarantee that you can’t fall victim to a zero-click attack.

As ever, key to protecting your PC and your devices is by installing security patches when they become available. Don’t put them off “until tomorrow” as it only takes a zero-click attack a few seconds to exploit a vulnerability. With your software and hardware running with optimal protection, it’s less likely to become another statistic of security failure. Encryption is also central to keeping your data safe should you find your device breached. Remember: all sensitive documents should be encrypted and backed up.

Final Thoughts

We’re used to malware and ransomware grabbing all the headlines, so that’s why many of us feel confident about battling these threats. But zero-click attacks are more enigmatic, a factor which works heavily in their favor. The discretion achieved by foregoing the need for user error positions zero-click attacks as a favorite of hackers. It may be a method of attack which doesn’t generate many column inches at present, but it’s likely to become more popular as hackers look at more innovative approaches. For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

E-Commerce Servers Targeted by NginRAT Malware

Hackers, malware, NginRat Malware, Ophtek, Security, , , ,
21
Dec 2021

Hackers are attracted to big, successful targets. And, online, you don’t get much bigger than e-commerce, so that’s where the NginRAT malware comes in.

The e-commerce industry is one of the most lucrative sectors online. Not surprisingly, hackers have been targeting this industry since the earliest online transactions took place. As the e-commerce landscape has provided such a long running target, hackers have developed their attack methods significantly in this niche. And this means that it’s getting harder and harder to protect against them. NginRAT is the latest development in this area, and it’s already launched attacks against e-commerce servers in the US, France and Germany.

The threat of NginRAT is very real and it’s one which demands your attention. Therefore, it’s important that you know what you’re dealing with and what you can do about it. And that’s why we’re going to take a closer look at it today.

What is the NginRAT Malware?

The name NginRAT may sound unusual, but the naming procedure employed here is relatively simple:

  • Ngin: This part of the name refers to the Nginx servers where NginRAT hides in order to avoid detection.
  • RAT: The second part of the NginRAT name stands for Remote Access Trojan. This means it is a malware strain which uses back door access to provide remote access to an infected machine.

NginRAT, itself, is actually delivered to victims through another piece of malware known as CronRAT. Once NginRAT has been deployed on a host server, it begins modifying the functionality of this host in order to hijack the Nginx application. This not only allows NginRAT to remain cloaked from security tools, but also lets it inject itself into Nginx web server use. From here, NginRAT is in a position where it can record user data. Now, as Nginx servers are typically used in e-commerce, this means that the hackers can steal sensitive data such as credit card details.

Can You Detect and Remove NginRAT?

The NginRAT is considered a sophisticated piece of malware and it’s unlikely that your average anti-malware tool is going to detect it. However, while it may be sophisticated, it’s far from unbeatable. Security researchers have discovered that it uses two specific variables to launch itself within Nginx servers: LD_PRELOAD and LD_L1BRARY_PATH. For the average PC user, identifying these variables will be beyond their scope. But an IT professional should be able to isolate these processes and begin a removal process.

Final Thoughts

If your organization is involved in the world of e-commerce, then it pays to be vigilant against malware such as NginRAT. The potential damage that a RAT can cause is immeasurable. Aside from the financial repercussions for yourselves and your customers, there is also the reputational damage to contend with. Unfortunately, tackling the NginRAT malware is far from easy. Investing in server monitoring services will not act as a comprehensive band-aid, but it will improve your chances of detecting any malicious activity. For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 27 28 29 30 31 58