Should you uninstall Kaspersky software?

Q: Should I uninstall Kaspersky anti-virus from my computer? A recent Wall Street Journal story about a National Security Agency contractor that had classified documents on his home computer and was allegedly targeted because of his use of Kaspersky Lab anti-virus software has once again put the Russian cybersecurity company in the spotlight. The theory is that hackers used the file inventory process that Kaspersky anti-virus uses to discover the sensitive files and target the contractor. Concerned?  See below for suggestions on how to remove Kaspersky from your computer. Government ban Software from Kaspersky Lab was removed from the U.S. General Services Administration approved list in July and in September, the...

Read more »

Everyth1ng Y0u Kn0w Ab0ut P@ssw0rds 1s Wr0ng

Everyth1ng Y0u Kn0w Ab0ut P@ssw0rds 1s Wr0ng...

Read more »

A Hacker's Tool Kit - Cybercrime is growing ever more pervasive—and costly.

Cybercrime is growing ever more pervasive—and costly. According to researcher Cybersecurity Ventures, the annual cost of cybercrime globally will rise from $3 trillion in 2015 to $6 trillion in 2021. Enabling this boom are thriving marketplaces online, where hackers sell tools and services to criminals. Virtually anything is available for the right price, points out Andrei Barysevich, director of advanced collection (“a fancy name for ‘spy,’ ” he says) at threat intelligence firm Recorded Future. A former consultant for the FBI’s cybercrime team in New York, Barysevich trawled the shadiest corners of the web to compile the cybercrime shopping list above, exclusively for Fortune. In the market for some basic malware? It’ll cost you as...

Read more »

Here is every patch for KRACK Wi-Fi attack available right now

Monday morning was not a great time to be an IT admin, with the public release of a bug which allowed WPA2 security to be broken. As reported previously by ZDNet, the bug, dubbed "KRACK" -- which stands for Key Reinstallation Attack -- is at heart a fundamental flaw in the way Wi-Fi Protected Access II (WPA2) operates. The security protocol, an upgrade from WPA, is used to protect and secure communications between everything from our routers, mobile devices, and Internet of Things (IoT) devices, but there is an issue in the system's four-way handshake which permits devices with a pre-shared password to join a network. According to security researcher Mathy Vanhoef, who discovered the flaw, threat actors can leverage the vulnerability...

Read more »

Petya: Wiper or Ransomware & How to Protect Yourself

Learn the facts about the recent Petya attack that crippled many organizations worldwide.  - Is it your regular run-of-the-mill ransomware or a wiper? - Who is a target? Why did it spread so quickly?- How can organizations better protect themselves against similar attac...

Read more »

How To Protect Android Banking Apps From Malware

The recent case of WannaCry ransomware reminded us to be cautious of the growing malware menace that ended up infecting thousands of systems around the globe. Regardless, the scale of the ransomware attack may give rise to other malware attacks such as Android malware invasions. The latest smartphone statistics from Gartner are not surprising as they reveal the soaring popularity of Android smartphones around the globe. According to the survey, over 350 million smartphones sold in Q4 2016 were running an Android operating system. The ever-increasing popularity and most probably the open-source nature of the OS is perhaps what attracts cybercriminals to make relentless efforts to hack into the device and salvage the personal data...

Read more »

The Malware Used Against The Ukrainian Power Grid Is More Dangerous Than Anyone Thought

Image: CheepShot/Flickr Researchers have discovered a new powerful—and dangerous—malware that targets industrial control systems. Last December, when attackers hacked a power transmission company in Ukraine and cut electricity to tens of thousands of customers for an hour around midnight, it was considered a less severe assault than one that occurred the previous December. The latter attack cut power to more than 230,000 Ukrainians for one to six hours during peak dinner hours in the dead of winter. But new analysis of malware used in the more recent attack suggests it may be more sophisticated and dangerous than previously believed. Researchers who examined the malicious code say it's a modular...

Read more »

Sophos continues to work at protecting customers from the WannaCry ransomware attack – here’s what you need to know.

Sophos continues working to protect customers from the WannaCry ransomware attack. That effort has been successful, but we continue to receive many questions about how this attack happened, what we must do to defend our organizations, and, of course, what’s next? This article is designed to answer those questions. What happened? A fast-spreading piece of ransomware called Wanna (also known as WannaCry, WCry, WanaCrypt, WanaCrypt0r and Wana DeCrypt0r) held computer systems hostage around the globe Friday. National Health Service hospitals (NHS) in the UK was hit hard, with its phone lines and IT systems being held hostage. From there, the attack spilled across the globe. It encrypted victim’s files and changed the extensions...

Read more »

Check if you were hit by the massive 'Avalanche' cybercrime ring

SAN FRANCISCO — The U.S. government has posted links for free scanning programs so companies and individuals can check their computers to make sure they weren't victims of a massive, international cyber criminal operation that was taken down Thursday after a four-year investigation. “This is probably the biggest operation that law enforcement has ever done against cyber crime,” said Catalin Cosoi, chief security strategist with BitDefender, one of the dozens of companies worldwide that worked with law enforcement to attack the group. The U.S. Computer Emergency Readiness Team (US_CERT) has posted links to five scanners on its site. Europol has also posted a list of sites in multiple languages for potentially infected users. The malware only affects systems running the Microsoft...

Read more »

Alert (TA16-336A) Avalanche (crimeware-as-a-service infrastructure)

Systems Affected Microsoft Windows Overview “Avalanche” refers to a large global network hosting infrastructure used by cyber criminals to conduct phishing and malware distribution campaigns and money mule schemes. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI), is releasing this Technical Alert to provide further information about Avalanche. Description Cyber criminals utilized Avalanche botnet infrastructure to host and distribute a variety of malware variants to victims, including the targeting of over 40 major financial institutions. Victims may have had their sensitive personal information stolen (e.g., user account credentials). Victims’ compromised systems may also have been used to conduct...

Read more »