Category : Security

Remove a Virus from a USB using CMD

Viruses change the attributes of a file or folder, such as the read, write, or execute permission, making such files or folders extremely hard to access. In order to recover a file, we can change the attributes of a file and reset the file’s internal structure. Thats why it is a great tool to know how to remove one using CMD. Amar Shekhar, writer for FossBytes, gives us the low down.

A virus can present itself in your system as a file format that can be hidden from a user, present in a form ‘autorun’ or ‘autoexec’, an exec file or a file with different attribute properties. Examples of such would be, Autorun.inf, Ravmon.exe, New Folder.exe,  and svchost.exe. So how do you remove a virus using CMD from any USB ? Assuming you are already on Windows 10 that is.

Using the cmd command called ‘attrib’ command, will change the attributes of a file, folder, or directory responsible for display, setting and removing attributes such as read-only and archive.

Say there is a virus on your drive.

Run command prompt as administrator. 

Change the drive to the one with the virus, in the case of the researcher this is the D drive. Then press Enter. 

Type attrib and press enter. This command lists all of the files inside the current drive, which makes it easy to identify which is housing the autorun.info virus. 

autorun.inf-in-D-drive

To remove the Virus using CMD, type into your command prompt, attrib -r -a -s -h *.* and press Enter. This removes the read only, archive, system and hidden file attribute from all the files. 

  • -r is for removing the read-only files
  • -a is for removing the archive file
  • -s is for removing the system file
  • -h is for removing the hidden file
  • *.* for all the files with all different types of file extensions 

attrib-command-to-remove-virus-using-cmd

To delete the virus, type del autorun.inf and Enter 

virus

  • Once you have pressed enter, that file should get deleted from the current drive. In case, you want to delete that file from a USB stick, then you can change your current drive to USB drive current drive in step 2 and follow the commands.
  • You can again type ‘attrib’ command to see if the deleted file exists or not. As seen above, it does not exist anymore in the D drive.
  • To remove other viruses with extensions such as ‘.ink’, ‘.exe’, just type Del *.ink or Del *.exe respectively to delete those suspicious files.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : http://fossbytes.com

Do you understand the importance of cyber security?

cybersecurity-professionals-top-complaints

 

 

It is extremely important that you as the user understand why in the heck you should be concerned about the security of your device. Sure you may have heard about the tons of malware out there or the ransomware stealing millions from large corporations, but it is easy to disregard such headlines as a user. “What would anyone want with my computer?” proves to be the usual user mindset. It really does pay to be conscious however, and proactive none the less. Malware, and ransomware, a type of malware, is designed by cyber criminals with boatloads of knowledge as to how to steal your information, passwords, bank account numbers, log-ins, sensitive data and of course, your money. The general tactic appears in the form of downloaded malware or ransomware, unsuspecting to the user, waiting idly by until the person on the other side decides to take a dig into your life. Like the monster under your bed, but worse.

Malware  is something to worry about because for one, it is used to indefinitely steal your data and these days..your money. Not to mention the fact that if you happen to lose to cyber theft, not much can be done to help your case. Most cyber criminals operate in foreign countries outside U.S. legal jurisdiction, and to be honest even if they were, you still wouldn’t get your money back. It’s just not the way it works.

Don’t be a victim.

Ask anyone and they will tell you the quickest way to get hacked is by lack of updates for commonly hacked programs, basically leaving your doors unlocked and asking to be robbed, and by being tricked into installing a Trojan, the equivalent of the robber ringing the doorbell and you inviting them to stay for dinner before they rob you dry. Neither is good!

“Sure, there are hundreds of other methods: SQL injection attacks, password guessing, and so on. But nearly everything besides unpatched software and downloaded Trojans is statistical noise. In fact, if you fix the main two issues, you almost don’t need to do anything else.” – Roger A. Grimes computer security columnist for Info World

Malware can be broken down into worms, viruses, Trojans, and hybrids. Viruses spread by infecting other host files and when run initiate the malware to commence. Worms are self replicating, once started they need no further assistance. Trojans need victims to get to business. They do not spread themselves, rather the originating hacker must spread each copy to each victim separately, usually via email. The benefit to this is that unless you experience ransomware, that locks the device, Trojans can be removed once identified.

You’d be surprised the amount of users that still give away their logins to hackers every day. It’s insane. Typically the user is sent a phishing email asking for credentials and claims to be from a legitimate website. Many times the email makes a small call to action such as threatening the termination of service. Trust the website in this case, not the email and go directly to the website to confirm.

Signature-based anti-malware simply cannot keep up with the thousands of malicious programs that hit each month. That is just the truth of the matter. Some of the responsibility must be in the hands of the user, or a good IT management team. A single antivirus program can only get so far, it would be who of you to periodically run a boatload of free antivirus programs at once. Together, the programs together can identify what the single one could not.

 

 

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.infoworld.com

Secure your Dropbox in a few easy steps

dropbox

Many of us use Dropbox for it’s ease of use and accessibility, which is all the more reason to make it extra safe. One-factor authentication is no longer enough to protect against hacking due to incredibly weak passwords, (we are all guilty of this one). Two-step verification requires you to enter both your password and a security code sent to your mobile phone. This is by far one of the easiest ways to beef up your Dropbox security. To enable two-step verification, simply log into your Dropbox account and click your username in the upper-right corner of your Dropbox window. From here you should be able to find Settings from the menu. Click the Security tab, then click Enable under two-step verification.

Another way to ensure security is to unlink old devices. Dropbox has the wonderful ability to span across multiple devices, which can also create a security vulnerability if not cleaned up every so often. You’d be surprised how many old devices end up linked to your account after a few years. Find the Security tab as you did when accessing two-step verification, and scroll down the menu to “Devices“. This will show you a list of all the devices that have access to your Dropbox, complete with the date of their most recent Dropbox activity. Go through the list and unlink the devices you no longer use or need by clicking the X to the right of the device name.

Managing application access aids in narrowing the amount of third-party applications that require full access to your account. An app will retain the full access you originally gave it even if you barely use the app anymore. This is also true for applications that the developer has stopped supporting. This creates a very easy window of opportunity for hackers, with a very easy solution. Prevent future security flaws by revoking access of applications you no longer use. Return to the Security tab, and find Apps Linked in the drop-down menu. A list will appear with all of the applications you have authorized to access your Dropbox account. Same as with devices, click the X to the right of the application to remove the app from having access to your account.


If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcworld.com

Webcam Malware aimed at company employees

aaaaayaaaaa

Attacks face many working employees as the newest form of malware has been aimed at webcams in the workplace. The new malware is used to record employee’s private moment sin order to extort information out of them later. Sounds like everyone’s worst nightmare. The malware is called Delilah, a sweet sounding name for something so morally compromising. Delilah is the world’s first insider threat Trojan. It allows operators to capture sensitive and compromising footage of victims, which is then used to pressure victims into leaking important company secrets. The malware is being delivered via multiple popular adult and gaming sites. Thus far it is not clear if any engineering or software vulnerabilities are the source of the installed malware. The bot comes with a social engineering plug in that connects to the webcam operations so you never know you are being filmed. The attackers are using encrypted channels to communicate with victims. The bot itself needs a high level of management from a human to know who to recruit, choosing who to scam effectively. The bot, once installed, seeks to gather as much personal information about the candidate as possible, in order to bully the victim into complying with attacker requests. This can span to family and friend information as well. At the moment, not much has been accomplished as to checking for the malware. All that is known is that the bot is still buggy, and that because of the number of screenshots it is taking, often makes the screen freeze momentarily.

As security researchers look into this type of malware, more preventative information should follow.

 


 

If you would like to learn more about the information presented in this blog post please visit : www.zdnet.com

D-Link Security Flaw Leaves 414, 949 Devices Totally Exposed

dlink-DIR-615-vpn-router-front-panel

A security vulnerability has come to light in D-link networked products. This vulnerability allows someone with hacking knowledge to easily overwrite administrator passwords in home Wi-Fi cameras. The remote execution flaw makes it easy to access devices and add new users with admin access to the interface as well as download malicious firmware or reconfigure products. Basically losing all control without ever knowing it.

The Senrio research team reported the vulnerability lies within the latest firmware update issued to the D-Link DCS-930L Network Cloud Camera. The flaw is by a stack overflow problem located in DCP service which listens to commands on Port 5978.

“The vulnerable function copies data from an incoming string to a stack buffer, overwriting the return address of the function,” Senrio says.

“This vulnerability can be exploited with a single command which contains custom assembly code and a string crafted to exercise the overflow. The function first copies the assembly code to a hard-set, executable, address. Next, the command triggers the stack overflow and sets the value of the function’s return address to the address of the attacker’s assembly code.”

At the moment 5 of the cameras in the D-Link product line are vulnerable to this flaw. Using the Internet of Things search engine it is estimated that 414,949 devices are open to attack. Over 120 products are recorded as open, which includes routers, modems, access points, and storage products.  According to Senrio, the vulnerability points toward a larger issue of poorly written firmware components used in cheap Systems on Chips (SoCs).

Senrio goes on to say.. “Adoption [of IoT devices] is driven by business rationale but the security exposure is often overlooked. The techniques used to find the WiFi Camera vulnerability are also used to identify vulnerabilities in medical and industrial devices used in hospitals, nuclear power plants, and factories. And often those devices receive just as little security scrutiny as this webcam.”

D-Link said it will be coming up with a patch soon, and that older D-Link models will need to be pulled from the Internet altogether or the owners of said devices will need to accept the risk..


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.zdnet.com

Have a secure summer with these security suites

status_protected

A security suite is a collection of software utilities that protect a machine from viruses and malware. Within each there are usually three levels of protection, being a standalone antivirus utility, an entry-level security suite, and a suite with additional features of protection including firewall, anti-spam, parental controls etc. Antivirus is the core of a security suite, which is why we only advise security suites with a highly effective antivirus software. Why do I need this junk? A firewall offered protection by monitoring all network traffic and keeps a watchful eye on running applications to make sure there is no misuse of your network. Anti-spam software blocks fraudulent emails so they never make it into your inbox, saving you from being the victim of malware or other encryption that is embedded in email attachments. A security suite is the easiest way to get all the benefits of multiple software applications, all in one. Check out our recommendations and rest assured your machine and your information are protected.

Symantec Norton Security Premium – $50 – Firewall, Anti-spam, Parental Controls,  Tune-Up

-Award-winning parental control. 25GB online backup. Protects up to 10 Windows, Mac OS, Android, and iOS devices. Excellent malicious URL blocking and antiphishing test scores. Smart firewall. Spam filtering. Password management. Performance optimization.

Bitfender Internet Security 2016 – $45 Firewall, Anti-spam, Parental Controls, Backup, Tune-Up

-Highly accurate spam filter, tough firewall, revamped parental controls, ransomware protection. Top performing, manages all features well.

McAfee Internet Security 2016 – $40 – Firewall, Anti-spam, Parental Controls

-Protects all your Windows, Mac OS, Android, and iOS devices.  Accurate anti-phishing and anti-spam, along with multi-factor authentication.

McAfee LiveSafe 2016 – $60 – Firewall, Anti-spam, Parental Controls

-Protects all your Windows, Mac OS, Android, and iOS devices. Antivirus rates high in lab tests and our tests. Accurate antiphishing and antispam. Five licenses for Intel True Key password manager. Impressive Personal Locker encrypted storage uses voice and facial recognition for authentication.

Kaspersky Total Security 2016 – $90 – Firewall, Anti-spam, Parental Controls, Backup, Tune-Up

-Top ratings from labs. Very good scores in PCMag’s hands-on tests. Accurate spam filter. Intelligent, no-hassle firewall. Comprehensive parental control. Remote monitoring and management. Many bonus features. Small performance impact in testing.

 


 

If you would like to learn more about the information presented in this blog post please visit : www.pcmag.com

 

Millions of stolen health records up for sale….

healthcare_record

The seller of these ten million health records goes by ‘thedarkoverlord’ and began listing the data last weekend. The seller claims the data to reveal over 9.2 million health insurance records from US patients and is on sale for 750 bitcoins. A rate of $486,000 when released Monday. The data also supposedly entails addresses, names, emails, phone numbers, date of birth, and most unnerving, social security numbers.

A little bit of research by ZDNet reports that the seller’s ad could not be authenticated because the seller did not have any points assigned to his name on the site in which he is selling the $486,000 worth of data. This means that this seller has just popped on the scene, most certainly new to the website. Another site, Motherboard, has contacted some of the users who were able to confirm that the data in a received sample was in fact theirs. The hacker revealed how the data was uncovered, attributing exploitation of a disclosed zero-day flaw in the remote desktop protocol (RDP) as the means for stealing the information. This flaw allows a user to remotely view another user’s desktop, which opens a host of security problems, as you can see, most likely due to poor configuration of remote desktop software. The hacker even said in one of his listings that the data was stored on an “accessible internal network”, in plaintext, which if this is true, would be a direct violation of federal healthcare privacy rules. Healthcare providers and hospitals have been repeatedly the target of attack this year, so it is no surprise that the influx of data up for sale by hackers is patient data.

 


 

If you would like to learn more about the information presented in this post, please visit : www.zdnet.com

 

 

Can entering a password be as easy as taking a selfie?

Most of us have heard of two-factor authentication, but photo login? This is an entirely new concept. Cloud-based security solution, LogMeOnce, has released PasswordLess PhotoLogin which allows users to sign into any website, just like one would expect from any password manager, but with a photo!

Two-factor authentication is a preferred extra layer of security that uses a password and username in combination with something that only the user has on them such as a a piece of information only the user knows or a physical token. With PhotoLogin, this second piece of information is a photo, taken on the desktop and then approved or denied via a trusted mobile device to gain access. So rather than a code being sent to your mobile device, the photo serves as the code.

When you click the PhotoLogin icon on the LogMeOnce home screen, you are prompted to snap a picture of yourself, or really anything you would like, even a stapler or your dog. The photo is then automatically sent to your linked mobile device where you can verify the image. The true protectors can swipe left and see data such as IP address, GPS location, and time stamp. Photos expire in 60 seconds and will self destruct after the first use, which ensures that you photo password is always unique. The LogMeOnce PhotoLogin update is free and available on Chrome, Firefox, Safari, as well as iOS and Android.

507574-logmeonce-photologin

 


 

If you would like to learn more about the material presented in this blog post, please visit: LogMeOnce Password Manager Adds Photo Login

 

 

7 most common IT security mistakes made by startups

1. Personal and professional borders.

Convenience often compromises security. A recent trend is having employees bring their own devices rather than providing company laptops and phones. However easy this may sound, it creates a large window of opportunity for company data to get in the wrong hands. Furthermore, when an employee leaves the organization it makes it increasingly hard to ensure that no sensitive corporate data has been stored on the device.

2. Ignoring two-step authentication.

Two-step authentication is a sure fire way to add an extra layer of security and its easy too. Some are as simple as having a code sent to your iphone while others allow you to confirm your identity with the tap of a finger. Password breaching is becoming more and more common, it is wise to beef up password security up front rather than pay the consequences later on.

3. Insufficient exit protocols.

Companies that depend on part time and freelance employees are often less established in their exit procedures once an employee has left the organization. It is important to have a set of protocols in line so a uniform method is in order. When sensitive data is left on personal employee devices, data loss, account access and information sharing is most certainly in the future. Don’t let this be you! It may not even be the malicious intent of the employee, perhaps they aren’t the data has left with them. Either way, data loss has occurred and sensitive data is out there unprotected, and unmanaged. Make policies known, and if you don’t have data policies and security guidelines in place consider adding this to your organization.

4. Forgoing SSL from the beginning.

SSL (Secure Sockets Layer) is easily implementable from day one.  It should be enabled by default in every website. It reassures your users, while upgrading the security level of your communications.

5. Failing to prioritize security.

Security is often something that startups think can be left untouched until a later date or when the company has reached success. Security should be implemented from day one not only to protect your organization but to protect client information. Security is not a gray area, it should be just as important as payroll, HR, financing, etc. Don’t ignore security best practices, and make sure to stay current on the latest security software and updates to protect your organization from attack.

6. No internal policies and infrastructure.

If you think about it, startups have a great position regarding data security because they have the opportunity to apply the most current and best industry practices from the start. No outdated systems or struggle to get employees on board with new internal policies. One mistake often made by startups is not giving enough attention to internal policies. Invest adequate resources in the infrastructure of your organization, what equipment for you need? How will you manage IT security? Software? Think about proactive responses rather than ignoring the obvious.

7. No suspicious activity notifications.

What will you do if your organization is attacked and all your data is either encrypted or lost entirely? How will this affect you financially? One breach can take you from quick stardom to barely making it by. Don’t let this be you! Stay on top of information security.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: 10 Data Security Mistakes Startups Can’t Afford to Make

best practices of the most secure companies

Companies are threatened by malware, human adversaries, corporate hackers, hacktivists, and can be hacked in the most unsuspecting ways such as over copper wire. Because of this, we have complied a list of best practices used by highly secure companies. Tailor these to fit the needs of your organization and keep your data safe!

Know what you have: Most companies have no idea what they really have going on in the security department. To ensure the security of your organization, establish an accurate inventory of your organization’s systems, software, data, and devices. To be secure you have to know what to protect. The most secure companies have strict control over what runs where, because each platform is another opportunity for vulnerability.

Remove, then secure: Unneeded programs present unneeded risks. The most secure companies look over IT inventory and remove what they don’t need. More often than not, companies have large numbers of patches and other unnecessary junk piled up that no one really knows about…if your company isn’t IT savy…bring in an establish IT company to handle this task for you. They know what needs to be fixed, patched, updated, deleted, etc.

Run the latest versions: Updates have purpose. The latest software and hardware will have the latest built-ins and security features. It is the responsibility of the owner of the product licenses to keep updates current. Older versions look like a big fat glass of water on a hot day for hackers. Don’t give them the opportunity!

Patch with speed: Patch all critical vulnerabilities within a week of the vendor’s patch release. If your company takes longer than a week to patch, the risk of compromise is increasingly high. Basically, if you think about it most of your competitors will patch on time because they are smart or they have a great IT team in their hear. So if they are all secure and your organization is unpatched, hows that going to look to hackers? Like an invitation that’s how. Now, that being said people will still tell me they like to wait to patch in case of glitches that could lead to operational issues. The most secure companies more often than not, experience little to no disturbance because of patch glitches. The odds are more in the favor of being hacked, so patch away!

Education: As with anything that requires a team effort, it is best to educate all users about the threats the company is currently facing or most likely will face. Education that is led by professionals, and involves the entire team, is the most effective. Not everyone will be on the same page when it comes to the inner workings of the IT world, but at least inform employees on the best practices, how to identify suspicious activity, what to do in the event of a security crisis. Yes it is extremely crippling when the vulnerability comes from the mistake of an employee, but the worst thing that can be done in this event is not informing the right people to fix the problem.

2015-12-08-1449558163-8356450-cybers

 

 

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit:Effective IT security habits of highly secure companies