software updates Archives

A malware infection is always bad news but imagine being infected with multiple strains at once. Welcome to the new threat of malware cluster bombs.

Researchers at the cybersecurity firm KrakenLabs have revealed the dangers of a new malware technique launched by Unfurling Hemlock, a new threat actor group. Their malware cluster bombs have been verified as active in at least 10 countries, but most Unfurling Hemlock’s targets have been US-based. This attack has also been active for some time, with evidence of the earliest infections going back to February 2023.

The mere concept of malware cluster bombs is enough to worry any IT professional, so that’s why we’re going to delve a bit deeper and discuss how you can keep your IT systems safe.

Understanding Unfurling Hemlock’s Attack

This new attack starts, as with many malware attacks, through malicious emails or malware loaders. It would appear, perhaps to cover their own tracks, Unfurling Hemlock are paying other hackers to distribute their malware. The initial attack is focused around a malicious file named WEXTRACT.EXE. Within this executable is a collection of compressed cabinet files, each of which contains a strain of malware.

The final part of the attack comes when all of the malicious files have been extracted and are executed in reverse order. Each cluster bomb is believed to contain multiple strains of malware, so while the number is varied, the impact is always significant. Among these malware strains are a cocktail of different attacks, with botnets, backdoors, and info stealers all detected so far. Unfurling Hemlock’s ultimate aim, aside from causing digital chaos, is unknown, but KrakenLabs believe the threat actor may be harvesting sensitive data to sell.

The malware cluster bomb approach is innovative and effective for two reasons: the opportunities for monetization are increased and the multiple strains in use mean that persistence is enhanced. Ultimately, dropping ten strains of malware onto one device is more likely to provide opportunities for threat actors than a single strain.

Staying Safe from Malware Cluster Bombs

It’s clear that malware cluster bombs represent a serious threat to your IT infrastructure, and that’s why you need to keep your defenses secure. You can put this into action by following these best practices:

Regular Software Updates: ensure that all software, including operating systems and applications, is regularly updated and patched. Automated patch management tools can help make this easier, and Windows allows you to set automatic updates for Microsoft apps. Regular updates protect against known vulnerabilities and exploits which malicious actors often target with malicious files.
Antivirus and Anti-malware Solutions: always use reputable antivirus and anti-malware software across your network. These tools should be regularly updated to recognize and handle the latest threats. High-level security solutions will provide real-time protection, scanning, and removal of malicious files. This is conducted by regular scans and monitoring to ensure potential threats are detected and dealt with promptly.

Employee Education: carry out regular training sessions for employees to recognize phishing attempts, suspicious emails, and other potential threats. Training should include best practices for safe internet use, identifying social engineering tactics, and reporting suspicious activities. Your employees are your first line of defense, so it’s crucial you reduce the likelihood of attacks due to human error.

For more ways to secure and optimize your business technology, c ontact your local IT professionals.

Make Sure Your Software is Updated and Secure

Ophtek, Security, Security Threats, Software, Software Security Patches, UpdatesOphtek, security, software updates, update, updatesOphtek, LLC

Apr 2020

It’s vital, if you want your PC to remain safe and secure, to install all software updates and patches. The alternative is, of course, that you get hacked.

Now, no one wants their PC to get hacked. The fallout from such a scenario can only spell disaster for a business. We’re talking stolen data, disrupted IT operations, financial damage and a major drop in productivity. And no one wants that. Certainly not a business and certainly not their customers. But hacking is a major threat in today’s digital workplace. In the first half of 2019 alone, a total of 4.1 billion records were compromised. It’s a figure which is clearly huge, but it’s also one that could be significantly reduced if organizations updated their software regularly.

So, to help you keep your software updated, we’re going to run through the basics of updating and securing your software.

What are Software Updates?

It’s difficult to create a flawless piece of software. The complexity of coding means that, even when developers feel their application is finished, it’s likely that minor problems will remain. And, in most cases, the only impact of these errors will be felt in the application’s functionality. However, on occasion, these minor flaws can represent major security issues. Hackers, if they are to be commended on anything, are highly persistent. And, if they can find a vulnerability in a piece of software, you can rest assured that they will exploit it.

This is why software updates and patches are crucial. The most common update that most PC users will encounter is an operating system update. These are regularly released by developers in order to counter security issues which have been discovered. These updates, in their simplest terms, patch the software. Following the patch process, your operating system will be considered more secure and functional. Unfortunately, many organizations are either too busy to worry about updates or they fail to understand their importance. And that’s why you need to know the best ways to keep your software updated.

How Do You Update Your Software?

Updating software on a PC is straightforward and simple, but only if you know how. Therefore, it’s important that you practice the following:

Allow Automatic Updates: The sheer number of updates that are required for multiple applications is mind-boggling. And the time taken to action these updates is significant. But, with this in mind, most pieces of software allow you to select an automatic update option. This takes the pain out of authorizing and conducting every new update and patch. The setting is most commonly found in the updates section of an application’s control panel.

Visit Developer’s Websites: It’s good practice to regularly visit the websites of developers to make sure you’re working with the latest updates. Adobe Flash Player and JavaPress, for example, can both be verified by visiting their respective websites. The relevant software is quickly analyzed to determine which version it is. And, if any updates are outstanding, the user will be prompted to install these or upgrade to a new version.

Use a Third Party App: One more solution to keeping on top of software updates is by installing a third party app such as Patch My PC. These applications work with large databases to monitor the release of new updates and patches. They are, to some degree, a luxury as they take the hassle out of updates, but they also provide peace of mind that your software is up to date and secure.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Tag Archives: software updates

What are Software Updates?

How Do You Update Your Software?