Updates Archives - Page 4 of 7

5 Useful Tips for Setting Up a New PC

Antivirus, Compatability, Default Browser, New PC, Ophtek, Power Options, Updatesantivirus, Compatability, Default Browser, New PC, Ophtek, Power Options, updatesOphtek, LLC

Jan 2022

An organization which keeps on top of productivity will regularly replace PCs which have become outdated. But what are the best ways to set up a new PC?

A new PC should instantly bring a boost to productivity to its user, but there’s always room for improvement. The complexity of hardware and software mean that it’s virtually impossible to get a PC’s configuration exactly right, especially the first time that it’s started up. However, there are a few useful tips which can help your organization maximize the functionality of its new PCs from day one. It’s merely a question of understanding the procedures behind this and then taking the time to implement them.

Luckily, we’ve decided to save you some time by outlining five useful tips for setting up a new PC.

Getting Your New PC Up to Speed

If you want to get your PC set up correctly and effectively, make sure you are mindful of these best tips:

Check for Updates: While a new PC is ‘new’ it’s not completely new as its likely been sat in a warehouse for some time before being shipped. As a result, there are likely to be new updates available for not just Windows, but many of the applications pre-installed on the PC. Therefore, one of the first things to do is check for Windows Updates. You can then install these updates to ensure your new PC is as secure and productive as it should be.
Run Your Antivirus Software: It’s not unheard of for new PCs to be pre-infected with malware before they leave the factory. Accordingly, it makes sense to run your antivirus software before a new PC is connected to the internet. This strategy ensures that your PC has the best chance of entering your network with the minimum security risk.
Select Your Default Browser: Connecting to the internet is an important part of business life these days, but there are several options when it comes to browsing the internet. As an organization, it’s useful to adopt a company-wide default browser. Not only does this allow technical issues to be minimized, but it makes training much simpler. So, once a PC has been started for the first time, make sure you apply the default setting to your preferred browser.
Check Existing Hardware is Compatible: A new PC doesn’t mean that you have to replace each and every piece of associated hardware. A mouse, for example, should be fine to keep and connect to your new PC. However, these pieces of hardware may not always be compatible with a new PC or operating system. Therefore, take the time to test existing peripherals to confirm if they can be transferred over or need replacing.
Set Power Options for Laptops: If you are dealing with a new laptop then you need to make sure that its power options are optimized. Your employees are unlikely to be proficient in fine tuning this to provide maximum battery life, so make a point of implementing the best settings for them.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Solid State Drives Targeted by Stubborn New Malware

Hackers, malicious code, Ophtek, solid state drive (SSD), Updateshackers, malicious code, Ophtek, solid state drive (SSD), updateOphtek, LLC

Jan 2022

A new strain of malware has been developed which allows threats to be delivered to an inaccessible area of a solid state drive (SSD).\

The attack in question is not currently active, but the possibility of this attack has been modeled and proved successful by a group of Korean security researchers. However, hackers are persistent and they have likely been investigating such an attack for some time – similar strategies have already been employed to hide malware on hard disk drives (HDD). And, thanks to the rapid rise of SSDs over the last decade, threats to their security are only going to become more common.Combatting threats that have stealth on their side is crucial for protecting your IT infrastructures, so you need to take this threat very seriously. Let’s take a look at why and how your SSDs are at risk.

How Does This New Attack Work?

The Korean researchers have found a specific vulnerability in the design of certain SSDs which makes hacking them that little bit easier. An SSD which employs flex capacity (a technique where storage devices adjust their space to enhance performance) is the main target of this latest threat. Such an SSD contains an area known as over-provisioning which is located in an inaccessible area of the SSD. This area takes up, depending on the current demand, between 7 – 25% of the SSD capacity. And this over-provisioning area is invisible to the PCs operating system.

Due to the invisible nature of this over-provisioning space, it cannot be reached by applications such anti-virus tools or user intervention. However, it’s possible to exploit the size of this ‘hidden’ area and enlarge it by manipulation through the SSD firmware manager. Not only does this allow a hacker to deposit malware here, but it gives them access to the over-provisioning space – where sensitive data may remain for several months. It’s this sophisticated attack method which makes it difficult to detect and even more difficult to remove.

What Should You Do If You Have an SSD?

It’s believed that the attack required to exploit the over-provisioning area is not currently active. But it remains a viable threat and it’s only a matter of time before a hacker formulates a successful strategy. The sophisticated nature of this exploit means that tackling such an attack is difficult for an average PC user to complete. Solving this vulnerability lies with the manufacturers of SSDs who need to rethink the design of their systems.

Ideally, real time monitoring of these hidden areas needs implementing, with a view to providing a ‘wipe’ option when the over-positioning capacity increases rapidly. Nonetheless, it remains good practice to install every update and patch which is released for your SSD. Software within the SSD software will regularly need updating and these could be used to strengthen the defense of your SSD. Therefore, prioritizing and automating updates remains important to protect your PCs.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Malware Links Are Being Spread Through YouTube

antivirus software, malicious links, malicious websites, malware, Ophtek, Updates, YouTubeAntivirus software, malicious links, malicious websites, malware, Ophtek, updates, youtubeOphtek, LLC

Nov 2021

YouTube is one of the most popular destinations online thanks to the entertainment it offers. But where there are lots of people, there are always hackers.

Close to 43% of internet users visit YouTube at least once a month, so this is a significant amount of traffic. Accordingly, this presents hackers with a huge audience to target. Hacking YouTube directly is difficult, so hackers are unlikely to succeed in embedding malware into videos. However, you can embed URLs into video descriptions. These are usually used to redirect the viewer to a destination that is related to the contents of the video. For example, a video advertising a brand’s product may include a link to that product in the video description. But the truth is, this link could take you anywhere.

Spreading Malware on YouTube

Using malicious links on YouTube is nothing new, but security researchers have noted that this technique has been growing in popularity recently. In particular, two specific Trojans have been detected: Raccoon Stealer and RedLine. One of the main reasons that hackers have been targeting YouTube is down to the Google accounts they have already stolen. Setting up a YouTube channel requires you to have a Google account, so it makes sense for hackers to take advantage of YouTube.

The fake YouTube channels are then used to host videos related to topics such as VPNs, malware removal and cryptocurrency. Each video will center around a particular call-to-action, most likely involving the download of a tool e.g. a malware removal application. Viewers will be encouraged to download this from the link in the video description. These links appear to either use a bit.ly or taplink.cc address to redirect users to malicious websites. The users are then instructed to download the relevant tool. Unfortunately, all it will download is malware.

This malware is used to scan PCs for login credentials, cryptocurrency wallets and credit card details before transmitting it to a remote server. The hacker behind the attack can then harvest this data and continue to steal further data from the victim.

Remaining Vigilant Online

The number of threats we face daily seems to be rising daily and it may feel that being vigilant online is an exhausting job. However, it’s crucial for your safety that you remember the basics of online security:

Be Wary of All Online Links: Even the biggest and most secure websites are at risk of being compromised. YouTube is one of the most popular sites online and yet it still houses hackers in plain view. Therefore, the likelihood of coming across malicious links online is highly likely. Therefore, verify all links before clicking them. A good way to do this is by highlighting the link, copying it and then posting it into Google to see if it brings up any red flags.

Always Use Antivirus Software: It’s likely, at some point, that you will fall for an infected link at some point. But this doesn’t mean you should remain at the mercy of the malware. You can limit the damage caused by malware by always using antivirus software. This will automatically scan your PC throughout the day and identify any malware. In many cases it will even check all downloaded files and scan them before opening.

Install All Updates: Many strains of malware will rely on your PC being home to vulnerabilities in software and hardware. However, by regularly installing upgrades and patches, you can ensure that these holes are plugged to prevent hackers getting a foothold. Make sure that you set all updates to automatic to give yourself maximum coverage in terms of protection.

For more ways to secure and optimize your business technology, contact your local IT professionals.

3 Million Windows PCs at Risk of Login Credential Theft

attachments, email links, malware, Ophtek, Updates, Windows PCattachments, links, Login, malware, Ophtek, updates, Windows PCOphtek, LLC

Jul 2021

Login credentials are a sure-fire way to protect your IT systems. But hackers are now using a new piece of malware to steal them from your organization.

User ID / Password combinations have been a cornerstone of IT security since the earliest days of computers. Traditionally, it was almost impossible to guess both of these values. The only option a hacker had was to literally look over the shoulder of the user as they entered the details. But a lot has changed in the way we use computers since then. And the possibilities created by the internet mean that hackers can now steal login credentials from anywhere in the world. All they need is some malware and a potential victim.

A new piece of malware has recently been discovered which has been used in a large scale attack, so it’s important we take a closer look.

What is this Latest Attack?

This latest malware – discovered by Nord Security and currently unnamed – to hit the digital headlines is classified as a Trojan. As the name suggests, a Trojan is a piece of malware which disguises itself as genuine software, but contains malicious code. Little is known about the origins of this latest malware or its exact mechanisms, but its strength is beyond question. This has been demonstrated by the malware carrying out the following:

Infecting three million Windows PCs
Stealing 1.2TB of data which includes email addresses, cookies and over six million individual files
Using infected PCs in-built webcams to take photos of the victims

How Do You Avoid Falling Victim to Malware?

Malware is a complex threat to tackle due to the ease with which it can be constructed by hackers. This allows the hacker to give their malware an individual blueprint with unique features that are difficult to detect. Even the best defenses in the world can easily fall victim to malware. Nonetheless, you are far from helpless when it comes to combatting the threat of malware. To help strengthen your defenses, make the following part of your security structure:

Always Verify Links: Almost every website and email will contain at least one link. But these links can easily be disguised to contain something nasty. A link may, for example, claim to take you to a Microsoft security fix, but the true destination within the link may be for a malicious website. Therefore, always make sure you hover your cursor over links to reveal their true destination.

Double Check Email Attachments: Highly powerful malware can easily be packed into a small file and delivered as an email attachment. Accordingly, you need to be suspicious of all files entering your organization. Even if an email is received from a reputable source you need to remain vigilant. Genuine email addresses can easily be hacked and used to spread malware. If something doesn’t feel right about an email then check with an IT professional.

Install all Updates: All software and hardware is prone to vulnerabilities due to the amount of code involved in their operation. And these vulnerabilities provide hackers with quick and easy access to your IT systems. Thankfully, manufacturers regularly issue security patches to plug these holes. Make sure that these are always installed quickly to minimize any risk.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Database of 26 Million Stolen Passwords Discovered

Cyber Security, Data Security, Ophtek, Password Security, Two Factor Authentication, UpdatesCyber Security, Data Security, Ophtek, password security, two factor authenticationOphtek, LLC

Jun 2021

Passwords are one of the most common security measures, but they’re still considered a risk. And 26 million stolen passwords have just been found.

We all use passwords on a regular basis throughout our working day. Logging on to remote servers and online platforms all require a set of login credentials. And, on the whole, they provide an adequate level of security. But security which is considered only adequate will always remain a tempting prospect to hackers. Login credentials will typically consist of only two pieces of information: username and password. Naturally, with only two data values required – which can be entered from any keyboard – login credentials represent some major security concerns.

That’s why the discovery of this database, containing 26 million sources of information, is considered a major alert.

What’s in the Database?

Coming in at a huge 1.2TB, the database – which was discovered by NordLocker – contains the following:

26 million login credentials
2 billion browser cookies
1.1 million email addresses
6.6 million various files including Word, PDF and image files

These numbers are, of course, huge. And it’s a safe bet that some serious data has been compromised along the way. It has also been revealed that the malware made a point of creating an image file by taking a screenshot via active webcams on infected devices. This, again, is troubling as it underlines the danger contained within the malware for compromising personal data.

The actual malware behind these data harvests is currently unknown. It is believed, however, that its method of attack is fairly standard. Upon infection, the malware will connect to a remote server where it can transmit any stolen data. The compromised data, as NordLocker found, was being hosted on a cloud-based hosting service and has now been taken down. But it’s likely that this database has already been traded and is out in the digital wild.

How Do You Protect Yourself?

Attacks such as this are sadly commonplace in the modern age, but there is a lot that you can do to protect your organization’s data:

Use Two-Factor Authentication: The combination of a username and password may seem strong, but it can be made even stronger by two-factor authentication. This additional layer of security requires the use of a unique piece of data transmitted to a device separate from your IT network.

Install All Updates: The attack in question could easily have been caused by a vulnerability put in place by outdated technology. Both software and hardware require regular updates to patch any issues that may be discovered post-launch. And it’s your responsibility to install these as soon as possible to close any potential back door attacks.

Regularly Monitor Network Activity: If significant amounts of data are being stolen and transmitted to a remote server, this activity will be associated with a rise in outgoing network activity. Therefore, it pays to keep a close eye on any spikes in traffic to minimize the impact of any breach.

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 2 3 4 5 6 7 Next »

Category Archives: Updates