Anti-malware tools provide a firm level of defense against hackers, but what happens when the malware can bypass detection tools?

Around 300,000 new pieces of malware are created daily, so it’s important that we can protect ourselves against this constant threat. Anti-malware tools such as Kaspersky and even in-built Windows security systems are crucial for providing this protection. Accordingly, you should find that your systems remain protected for most of the time. However, hackers are industrious individuals and are constantly looking to evolve their techniques. As a result of this ongoing adaptation, it appears that hackers have found a way around current detection methods.

The threat comes in the form of the OpenSUpdater and is one that you need to take seriously.

What is OpenSUpdater?

Digital signatures are used online to demonstrate that code is legitimate and accepted by Windows security checks. They are an important part of online security, but this has made them a viable target for hackers. In the case of OpenSUpdater, their online code samples are carrying manipulated security certificates which, despite these manipulations, are passed as authentic by Windows. More importantly, security tools which use OpenSSL decoding are unable to detect these malicious changes.

OpenSUpdater is free to bypass security measures and avoid being labelled as malware which is quarantined and deleted. The malware’s main method of attack is through riskware campaigns. This involves injecting malicious ads into the browsers of those infected and downloading further malware. The majority of targets so far have been found in the US and the malware typically bundled in with illegal downloads such as cracked software.

How Can You Protect Against OpenSUpdater?

This latest malware threat was detected by Google’s security researchers and has since been reported to Microsoft. A specific fix has not been announced yet, but hopefully something will be implemented shortly. In the meantime, however, it’s vital that you take steps to protect yourself. In particular, make sure you focus on the following:

  • Educate on Phishing Techniques: Phishing is a dangerous hacking technique which uses email to push social engineering attacks. By instilling a threat of urgency to act upon an email’s call to action – such as ‘click here to download a vital security tool’ – hackers are able to deceive victims into downloading all kinds of malware. Thankfully, through continued training, your employees should be able to recognize phishing emails quickly and hit the delete button even quicker.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


A new strain of backdoor malware has been discovered and named as Sidewalk. And the hacking group behind it – Grayfly – mean business.

Believed to have major links to China, Grayfly has been launching global cyber-attacks since 2017 and has also operated under the names of Wicked Panda and GREF. With a keen interest in espionage, Grayfly favors attacking public facing web servers. Once they have their foot in the door, the hackers being installing backdoors across the network to maximize their access. The Grayfly group represent a sophisticated threat and show few signs of letting up in their endeavors.

The Sidewalk malware, which appears to be Grayfly’s latest weapon, has been attacking servers in the US, Mexico and Asia. Accordingly, you need to be on your guard.

How Does the Sidewalk Malware Work?

Sidewalk was first discovered in August 2021 when a new piece of malware was detected by Slovakian researchers. Sidewalk, it was revealed, operates by loading plugins into breached systems to search out and log running processes. This information is then transmitted back to a remote server where hackers can analyze the infected servers in forensic detail. The researchers were keen to note that the Sidewalk malware shared many similarities to Grayfly’s previous hacking tool Crosswalk.

Sidewalk has been concentrating its efforts on a number of targets in the US, Vietnam, Mexico and Taiwan. Given the espionage nature of Grayfly’s operation, it comes as no surprise that a large proportion of the victims are involved in the telecoms industry. Grayfly start these attacks by identifying Microsoft Exchange servers which can be accessed through the public internet. With this in their sights, the hackers install a web shell which grants them the opportunity to run administrative commands on the server. From here they can dig deeper into the server and begin harvesting confidential data such as login credentials.

How Can You Protect Your Public Facing Server?

Public facing servers are crucial for any businesses which need to allow the public to access their services are online. However, as the Sidewalk malware has shown, they’re at the risk of cyber-attacks. Nonetheless, you can protect your public facing servers by practicing the following:

  • Only Allow Strong Passwords: Servers need to use strong passwords to thwart the efforts of hackers. Avoid making common password mistakes and always change any default passwords as soon as possible.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Nothing halts your productivity like a frozen PC. It’s one of the most frustrating problems a PC user will face. But you can easily solve it.

Even the most basic PC will be a complex piece of machinery. Not only are there the electrical and mechanical elements of the hardware, but the software is also at risk of developing problems. Accordingly, a PC can soon run into a major issue. And one of the most common symptoms of this is a frozen PC. No matter how many times you click your mouse or tap at the keyboard, there simply isn’t any response. Your productivity will instantly stop, and you will become highly frustrated. No one wants this, but what’s the answer?

How Can You Unfreeze Your PC?

It’s important to rectify a frozen PC as soon as possible to ensure you can continue being productive. The best ways to successfully solve this are:

  • Access Task Manager: Sometimes, you may find that only one application freezes. This can be particularly frustrating when it’s one that is in constant use. It’s also likely that you won’t be able to hit the close button due to its lack of response. However, by using Task Manager, you should be able to close it. Just hit the Windows button and type in Task Manager in the start box. This will open the Task Manager which displays all the applications currently running. From Task Manager you can right click on any frozen apps and select the End Task command.
  • Manual Reboot: If a PC is completely frozen then it’s unlikely that you will be able to initiate any resolutions due to the lack of available options. In these cases, you will need to carry out a manual reboot. This should only be considered as a final option as manual reboots can result in data loss and file corruption. To complete a manual reboot, hold down the power button on your PC until it turns off – this should usually take around five seconds. Leave the machine turned off for a minute until restarting it.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


The business world is constantly evolving and it’s crucial that your IT infrastructure supports this. However, it’s important that you know when to upgrade.

A good IT infrastructure is the backbone of any successful organization in modern business. But, much like the way in which the business landscape quickly changes, the technology behind these infrastructures can soon be superseded. This leaves you at risk of losing out on gains in productivity. Gains that your competitors are sure to take advantage of.  IT equipment, however, is expensive and there’s little reason for upgrading for the sake of upgrading. You need to be able to recognize the warning signs that you IT infrastructure needs upgrading.

What are the 5 Signs?

Regularly reviewing the capabilities and condition of your IT infrastructure should be considered a vital business task. Any potential issues need to be addressed, but what should you be looking for? Well, you should start by keeping an eye out for the following:

  • Slow System Speeds: Nothing is more frustrating in the world of IT than slow system speeds. PC users want to be able to transfer between apps seamlessly and execute tasks quickly. Accordingly, if you find that your IT systems are consistently running slower then this should be treated as a major warning sign. Either the demands of your network can no longer be met or your systems are simply outdated. Whatever the reason, upgrading your IT infrastructure can quickly remedy the fault.
  • Regular Cyber-Attacks: If you find that your IT systems are regularly being breached by hackers then there’s a good chance it’s down to your IT infrastructure. Often this can be down to a lack of suitable protection. Evaluating your defenses should be a regular task to protect your systems. By regularly monitoring your defenses you should be able to spot vulnerabilities before hackers do.
  • Working with Old PCs: As we’ve already covered, technology changes quickly. And this means that your workstations can soon become outdated. PCs and laptops may not be low-cost items, but eliminating the faults most often associated with them – lack of speed, poor compatibility and limited features – is undeniably essential.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


The threat of legal proceedings always produces a sense of instant anxiety. But this is soon multiplied when it turns out to be a malware attack.

A recent threat to your IT security has been launched by cybercriminals intent on playing on your anxieties. Using a combination of legal threats and malicious links, the hackers aim is to get the BazaLoader malware downloaded to your IT network. The hacker’s strategy, as we’ll see, is one that has been encountered before and demonstrates the everchanging approaches employed by hackers. But what exactly is this new threat? And, more importantly, how do you protect yourself from it?

The Threat of Legal Action

With a generous helping of audacity, this latest attack is launched by the hackers contacting organizations to inform them that their website is involved in a DDoS attack. Rather than being sent from one email address to another, however, the hackers send their communications via the contact forms on websites.

The messages inform the website owners that it appears their website has been hacked and that files on its server are now being used to direct DDoS attacks. The sender of the message, of course, claims that their website is the victim of this DDoS attack. A link is included in the communications which directs the recipients to a Google Drive URL where, it is claimed, instructions to rectify the DDoS attack are housed. But clicking on this link will only set up an automatic download of BazaLoader.

The BazaLoader malware is, as the name suggests, a ‘loader’ form of malware. It’s typically used to download and activate additional malware such as ransomware. This compromises your system even further and, in the case of ransomware, imposes financial demands on your organization. The entire attack is remarkably similar to recent messages sent regarding fake DMCA claims surrounding copyright infringement.

How to Protect Yourself

Naturally, with the information provided above, you should know to tread carefully around any such communications. But, as you can see, the hackers are likely to change their strategy in the future. Therefore, you need to remain on your guard and practice the following:

  • Educate Your Staff on Social Engineering: Attacks such as the BazaLoader one rely on social engineering. This has become a popular strategy for hackers and it’s important that your staff can identify the tell-tale signs. Make a point of regularly refreshing their knowledge to ensure they remain vigilant.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More