A vulnerability has been discovered within AMD processors which has the potential to expose affected PCs to incredibly stealthy strains of malware.

AMD processors are used to power computers, and this is achieved by executing instructions within software applications. Therefore, everything you do on a PC is powered by a processor e.g. running Windows, processing data, and calculations. Some processors are more powerful than others, and the type chosen depends on the user’s need e.g. a diehard gamer will need a high-performance processor to get the best gaming experience, while someone working in a small office will need something less powerful to complete word processing tasks.

As AMD is a highly popular manufacturer of PC processors, we’re going to take a close look at this vulnerability and discuss the impact it could have on your PC users.

Understanding the AMD Chip Vulnerability

The vulnerability in AMD’s chips was discovered by the security firm IOActive, who has named the vulnerability Sinkclose. The flaw was first found in October 2023, but it appears Sinkclose has been present in AMD processors for close to two decades, a remarkable amount of time for a vulnerability to go unnoticed.

Sinkclose affects a specific operating mode within the processors named System Management Mode. This function is used to control systemwide processes including power management and system hardware control. Key to the Sinkclose vulnerability is the fact that System Management Mode also offers high privilege access. And it’s this access which, potentially, could allow a threat actor to run malicious code undetected.

Gaining access deep enough within a PC to even tackle the System Management Mode is difficult for even the most skilled hackers, but it’s not impossible. After infecting a machine with a bootkit – a form of malware which executes very early in the boot process – a threat actor could make their way deep within the system. And if a threat actor does manage to install malware through the Sinkclose vulnerability, the location of the infection means it would survive multiple reinstallations of Windows.

Are You Safe from Sinkclose?

With the Sinkclose vulnerability potentially active since 2006, and IOActive warning that all AMD chips dating back to this period could be affected, the potential damage is huge. AMD has been quick to respond and, since Sinkclose was first identified last year, has been working on an update ever since. Patches for AMD Ryzen and Epyc chips have recently been issued, but clearing up this debacle looks to be a long-term project for AMD.

While the threat is currently difficult to exploit, if threat actors discover an effective method to abuse it, countless PCs could be at increased risk of being compromised. Therefore, it’s crucial you follow these best practices to maintain the security of your PCs:

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Google’s Chrome browser is one of the most popular choices for accessing the internet, but this popularity makes it an enticing target for hackers.

A substantial number of business activities are conducted online in the 21st century. Accordingly, most organizations find themselves accessing the internet with a browser almost every minute of the day. But each time we venture online we open ourselves up to numerous security threats. Malicious websites, of course, are a well-known security risk. At the heart of these threats is a determined effort to conceal their malicious payload. And that’s why a malicious website can be difficult to spot.

Chrome has an estimated userbase of 2.65 billion users and, as such, presents the perfect opportunity for hackers to cast their net far and wide.

How Chrome is Targeted

This latest malware attack specifically targets Chrome users who are running the browser on the Windows 10 operating system. Upon visiting an infected website, Chrome’s legitimate ‘advertising service’ delivers an advert which claims that Chrome requires updating. However, the advert contains a malicious link. Clicking this link will take you to a website entitled ‘chromesupdate’ which is designed to look like an official Google site. Unfortunately, it’s far from genuine.

The only thing that you will be able to download from this malicious website is malware. The payload in question is typical of modern malware, its main objective is to harvest sensitive data and steal cryptocurrency. Therefore, any login credentials you enter, while your PC is infected, can be logged and then transmitted to a remote server. Worst of all, the malware also grants remote access to your workstation. This opens you up to further malware downloads and, potentially, harnessing your machine into a DDoS attack.

How to Protect Your Browsing

Chrome is targeted by this latest campaign due to the manipulation of a Windows environment variable which allows Chrome’s advertising service to be exploited. The simplest way to avoid this attack is by using a different browser. But there’s a much bigger picture at play here. A better approach is to use the browser you are most comfortable with but remain vigilant. To do this, make sure you follow these best practices:

  • Use Anti-Malware Software: Malicious websites can be detected prior to accessing them thanks to the power of anti-malware software. Backed by huge databases, which are regularly updated, anti-malware software can instantly alert users when they try to access websites known to be malicious.
  • Don’t Be Rushed: The main strategy employed by malicious websites will be to instill a sense of urgency into their call-to-actions. For example, the threat of an imminent infection if a Chrome update is not installed is designed to create urgency. And it’s this urgency which can catch you off guard. So, if you feel that a website is rushing you into making a decision, always make sure you speak to an IT professional before going any further.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Anti-malware tools provide a firm level of defense against hackers, but what happens when the malware can bypass detection tools?

Around 300,000 new pieces of malware are created daily, so it’s important that we can protect ourselves against this constant threat. Anti-malware tools such as Kaspersky and even in-built Windows security systems are crucial for providing this protection. Accordingly, you should find that your systems remain protected for most of the time. However, hackers are industrious individuals and are constantly looking to evolve their techniques. As a result of this ongoing adaptation, it appears that hackers have found a way around current detection methods.

The threat comes in the form of the OpenSUpdater and is one that you need to take seriously.

What is OpenSUpdater?

Digital signatures are used online to demonstrate that code is legitimate and accepted by Windows security checks. They are an important part of online security, but this has made them a viable target for hackers. In the case of OpenSUpdater, their online code samples are carrying manipulated security certificates which, despite these manipulations, are passed as authentic by Windows. More importantly, security tools which use OpenSSL decoding are unable to detect these malicious changes.

OpenSUpdater is free to bypass security measures and avoid being labelled as malware which is quarantined and deleted. The malware’s main method of attack is through riskware campaigns. This involves injecting malicious ads into the browsers of those infected and downloading further malware. The majority of targets so far have been found in the US and the malware typically bundled in with illegal downloads such as cracked software.

How Can You Protect Against OpenSUpdater?

This latest malware threat was detected by Google’s security researchers and has since been reported to Microsoft. A specific fix has not been announced yet, but hopefully something will be implemented shortly. In the meantime, however, it’s vital that you take steps to protect yourself. In particular, make sure you focus on the following:

  • Educate on Phishing Techniques: Phishing is a dangerous hacking technique which uses email to push social engineering attacks. By instilling a threat of urgency to act upon an email’s call to action – such as ‘click here to download a vital security tool’ – hackers are able to deceive victims into downloading all kinds of malware. Thankfully, through continued training, your employees should be able to recognize phishing emails quickly and hit the delete button even quicker.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Computer networks are complex pieces of technology, but, thankfully, when it comes to protecting them, the processes are relatively simple.

If you’re an organization that works with PCs then the chances are that the backbone of your IT infrastructure will be a network. Packed full of benefits that enhance accessibility, speed and communication, a PC network is crucial for productivity. However, due to the incredible amount of data being transmitted across a network, these bastions of connectivity are squarely in the targets of hackers. And that’s why it’s important that your network is protected from any external threats.

You can, of course, invest heavily in a wide range of security solutions to protect your network, but it’s vital that you make sure you follow the basics as your best defense. So, if you want to know what these are, just take a look at our guide on the basics of protecting your network.

Always Use a Firewall

Your organization’s network is private and, therefore, the last thing you want is for third parties to be accessing the network and viewing its traffic. The most popular and effective method for preventing this is by installing a firewall. A piece of software that analyses incoming and outgoing activity, a firewall is a multi-layered form of defense that can monitor network activity, report unusual behavior and enforce security policies.

Work with Two-Factor Authentication

It’s highly likely that you’re familiar with the process of using login credentials to access networks and applications, but have you ever used two –factor authentication? While the standard practice of entering a login name and a password is highly secure, two-factor authentication makes it doubly so. The concept of two-factor authentication is that users have to go through two forms of authentication to gain access to the network e.g. after entering a username and password, users must then activate a link emailed to a secure email account.

Install Anti-Malware Software

Malware is any form of malicious software that aims to exploit vulnerabilities in your PCs (and their users) to gain access to your network. Naturally, this is the last thing you want, but it’s almost impossible to manually identify every threat entering your network. Therefore, it’s essential that you install anti-malware software to help protect your network. Capable of identifying the vast majority of active threats (and regularly updated against new ones), anti-malware software provides you with peace of mind that your defenses are strong.

Segment Your Networks

A simple way to enhance the security of your network is by segmenting it into individual sub-networks. Not only does this approach enhance the performance of each ‘segment’, it also increases the security of the network as a whole. For example, if a hacker manages to gain access to one of the segments, they will only have access to that one segment. The other sub-networks will be fenced off with their own unique security measures and, therefore, make it much harder for a hacker to gain access to the entire network.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


OnsitePCSolution_MalwareBytes_Logo

Since its first release in 2008, Malwarebytes Anti-Malware has been one of the go-to tools for malware detection and removal.

It’s no wonder that its critical reception among computer journals has been stellar. Let’s take a look at what makes Malwarebytes synonymous with anti-malware for end users.

1. Installs easily and quickly with no reboot required

If you have to equip multiple computers with anti- malware software, installation ease and time is an important consideration.

OnsitePCSolution_malwarebytes-installation

2. The free version of the software is great at detecting malware than most paid versions of other programs

When you download Malwarebytes, you have the option of choosing between the free and the premium versions.

malwarebytes_home_page

While the free version is a manually activated scanner, the premium version gives you real time protection, allowing for a relatively worry- free web browsing experience.

As an added bonus, Malwarebytes allows you to try the premium version for 30 days before committing to purchase it. Simply check the Enable free trial of Malwarebytes Anti- Malware PRO option during installation.

3. Minimal system resource usage

It uses little CPU and memory compared to other applications such as Webroot and Spybot and especially less than programs like Norton and McAffee.  You will likely want to perform other tasks on your PC when your anti-malware application scans for threats.  This also means it doesn’t grind your PC’s progress to a snail’s pace.

Bonus: Detected the most malicious virus of 2013, CryptoLocker.

Malwarebytes was one of the few programs that could successfully detect early variations of CryptoLocker. This infection allowed criminals to ransom the personal files of hundreds of thousands of PC users worldwide.

If these reasons aren’t enough to opt for Malwarebytes as your personal defense against malware threats, consider the case offered by Techrepublic.

For more information on malware or other issues affecting your PC, consult your local IT professionals.

Read More