Category : Security

Sophos, Did you say.. Free?

You heard right. Sophos is offering free commercial grade security software for users. Sophos free security

Sophos is a security software and hardware company that develops products for encryption, network security, mobile and email security as well as threat management. Although mostly geared toward large enterprise organizations, they haven’t forgot about the security needs of home users.

In addition to their free Sophos Cloud, which can be used in business, commercial, or government organizations, Sophos offers free home protection, a great tool for users. This free version of Sophos Home lets you manage and protect up to ten computers per account. A huge advantage for anyone looking to better protect sensitive data from their home base.

The free security software protects against malicious software and inappropriate websites and viruses. In a world where malware is at the forefront of security concerns, it is best to ensure added protection for all your Mac and PC devices. As an added cherry on top, you can manage security settings for the entire family from any browser.

If you want software that is trusted by IT professionals, we highly recommend trying the new free version of Sophos.

To find out more information about Sophos and sign up for Sophos Home please visit their website:

https://www.sophos.com/en-us/lp/sophos-home.aspx

 

Ransomware seeks victims via TeamViewer

Download-TeamViewerAnyone use Teamviewer? If so, sorry to say,  you may have been hacked.

A new ransomware has been discovered appending the .surprise extension to encrypt important files. Further research into the extension revealed the loader had EDA2 ransomware from memory, and was only attacking those who also had TeamViewer installed. The victim logs showed that TeamViewer had been utilized as a means to reach computers. Someone connected via TeamViewer and proceeded to download the encrypted surprise files onto the unsuspecting desktop.

The two TeamViewer IDs used by the attackers were  479441239 and 479440875.

This surprise ransomware is unique in that it has successfully bypassed AV signature definitions as well as behavior detection. Rather than containing the more typical encryption functions seen in ransomware, this surprise ransomware encompassed an encrypted BASE64 encoded string. This string is loaded into memory and functions from there.

The ransomware scans all fixed disks on the computer for files that contain a particular file extension. When it finds a matching file, it will encrypt it with the AES encryption key and append the .surprise extention to it. The targeted file extensions are a hefty list. It will skip any files containing the $ symbol or contain the c:/windows and c:/program strings in the filename.

Bleeping Computer discovered the 3 files the ransomware creates are as follows:

  • %Desktop%\DECRYPTION_HOWTO.Notepad ransom note.
  • %Desktop%\surprise.bat, which executes the vssadmin.exe Delete Shadows /All /Quiet to remove Shadow Volume Copies.
  • %Desktop%\Encrypted_Files.Notepad file that contains a list of encrypted files

Sadly for those encrypted there is no alternative method to gain access to the files at this time without paying the ransom.

If you would like to educate yourself in greater detail about the material presented in this blog post please visit:

http://www.bleepingcomputer.com/news/security/surprise-ransomware-installed-via-teamviewer-and-executes-from-memory/

Two-Factor Authentication Evaluation Guide

Two-factor Authentication is a type of multi-factor authentication that provides identification of users using a combination of two different components. These components are often something the user knows, possesses, or something that is inseparable from the user. This Guide has been adapted from Duo Security, and illustrates what to consider when deciding upon a vendor for Two-factor Authentication for your company.WP17

Security

 

In order to enforce this extra layer of protection it is important to consider the factors involved. Security and ease of implementation should be of first priority. The vendor in which provides your two-factor authentication should be secure by design. The cloud based service should use multiple, independent PCI DSS Level 1 and ISO 27001-certified, SAS 70 Type II-audited service providers and is split across multiple geographic regions, service providers and power grids for seamless failover. This ensures that you have a reliable vendor that has an infrastructure that is fully scalable and elastic enough to be able to accommodate any number of users. You should be able to add users as you need them without issue. The vendor should also be backed by a strong service level agreement and the service should offer 24/7 operational coverage.

Cloud-based authentication services are easy to use and tend not to require installation of hardware. Selecting a vendor with drop-in integrations for all major VPNs, Unix, and MS remote access points. Something to look for is deployment. The two-factor authentication process is best implemented when it leverages a platform users already have, such as cell phones. Make sure the service you employ works with landlines and tokens to save your IT administrator from having to manage tokens.

Usability

Usability and convenience are a major part of making two-factor authentication a productive solution. A vendor that keeps a lot of “clutter” such as extra steps gets in the way of the login path and makes for a large and unneeded distraction. Allowing users to easily enroll themselves and set their preferred devices to use for authentication makes the login process easier. This should be met by a vendor that supports a wide range of authentication methods including push to mobiles app, passcode and phone call back.

Administration

When choosing the ideal vendor, make sure the administrative needs are met. For instance, consider if the solution allows for visibility insight into user access of your network. Authentication logs should be provided for auditing and reporting. Systems that provide a centralized admin interface give a consolidated view of how the two-factor authentication is working, and allows for better maintenance. It would be best if the system managed the physical tokens rather than forcing you to manage such items. In addition if you are looking for a cost effective solution, cloud hosted vendors have the lowest costs and least amount of hassle because the infrastructure, upgrades and maintenance are all managed by the vendor.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://hosteddocs.emediausa.com/duo-security-twofactor-evaluation-guide.pdf

Transmission BitTorrent App Infects OS X with First Ransomware…

If you recently installed the Transmission BitTorrent App, most likely you are one unhappy user.

WP15The recently released version of Transmission BitTorrent for OS X contained the embedded KeRanger ransomware, the debilitating program designed to lock and encrypt files in order to extort money from consumers. In case you didn’t read our previous post about ransomware, this malware is extremely debilitating to consumers and business owners alike. It locks files and infiltrates all external hard drives and shared networks, making external hard drive back up prevention useless in protecting sensitive data.

The March 4th version 2.90 of the application contained the malware. The Transmission’s website is encouraging all users who have downloaded this version to upgrade to version 2.91 or at a bare minimum delete the 2.90 version from their computers. If you would rather, wiping and restoring your system to an earlier time period is also an option. Make sure if you utilize this option, that you restore your device to a period before the Transmission 2.90 installation.

Now if you find yourself infected, resist paying the $400 asked to restore your files. There is no guarantee that paying this fee will result in any data retrieval and could possibly be a complete waste of your money. If you decide to do nothing, at least remove the malware installed. Leaving the installation only allows the ransomware more opportunity to further exploit your system.WP14

If you would like to do a little investigating of your own, a new blog post from Palo Alto Networks’ threat intelligence team lists the steps for finding out if you have been infected with the KeRanger ransomware.

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.pcmag.com/article2/0,2817,2500391,00.asp?mailing_id=1587787&mailing=DailyNews&mailingID=510C4584BD5C3E3CDD5A15D97D2B87C0

 

Ransomware

 

Ransomware Malware Ransomware is the devilish and extremely debilitating program designed to lock and encrypt files in order to extort money from consumers, business owners, and even government officials. It seems that no one is safe in the fight against ransomware. Most ransomware programs are targeted at the most popular operating system, Windows. Ransomware programs can and will target other systems such as Android applications, Mac OS X and possibly even smart TVs in the near future. Not only is this an unsettling forecast for consumers, but also a call to action for preventative measures to protect your most important data files.

What can be done? Most users have learned the hard way that it is better to back up sensitive data to an external hard drive. However, this type of malware is tuned in to this. When a ransomware program infiltrates a computer, it infects all accessible drives and shared networks, encrypting all files found. This makes for a very irritating discovery of locked data across the board.

Rather than rely on the external hard drive method for backups, it is suggested that consumers adopt a new best practice. Ensure at least three copies of sensitive data are made, and stored in two different formats. At least one of these copies should be stored off-site or offline. This way if ransomware locks files away consumers are not forced into a sticky situation of deciding whether to risk paying for the data retrieval or losing the data forever.

What to do when faced with ransomware? Not much can be done once ransomware has attacked. Most security researchers advise not paying for files to be unlocked, as there is no guarantee that the hackers will provide the deception key once paid. Security vendors also worry about the implications for fueling the fire. The more consumers give in and pay for the safe return of their data, the further encouraged ransomware criminals become to continue this practice of extortion.

If I haven’t said it enough already, I will say it again. Prevention is key. Know how ransomware reaches your computer. Be especially careful of email attachments, word documents with macro code, and malicious advertisements. Always keep the software on your computer up to date. It is especially important to ensure that OS, browsers such as Flash Player, Adobe Reader, and Java are always updated when available. Unless you have verified the senders, never enable the execution of macros in documents. Finally and most importantly, perform daily activities from a limited user account rather than an administrative one. And always, always, utilize a well running and up to date antivirus program.

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.pcworld.com/article/3041001/security/five-things-you-need-to-know-about-ransomware.html

FTC: Debt collection, Impostor scams, and identity theft, oh my!

Debt collection, impostor scams, and identity theft remain at the forefront of consumer concerns, and show no signs of slowing down any time soon. The Federal Trade Commission fielded more than 3 million complaints in 2015 alone, a significant jump compared to the 2.5 million received in 2014. Abusive debt collection was 29% of overall complaints. Debt collection was the top complaint mainly from data contributors who collect complaints via a mobile app, producing a surge in unwanted debt collection mobile phone calls.

WP 2Identify Theft was the second most reported behind abusive debt collection, despite increasing more than 47 percent from 2014. Identity theft has been the top category for the previous 15 years and only recently has dropped down on the Federal Trade Commission’s list of most reported complaint. Tax- or wage- related fraud (45%) was the most common form of reported identity theft, followed by credit card fraud, phone or utilities fraud, and bank fraud. The FTC has combated this by providing a personal recovery plan for victims of fraud, available through the IdentityTheft.gov website.

Imposter Scams, where individuals pose as government officials remained the third most commonly reported complaint. The FTC cleaned up a bit, shutting down a fake Medicare operation and working to educate the public through webinars, town halls, blog posts, and twitter.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.networkworld.com/article/3039912/security/ftc-imposter-scams-identity-theft-and-debt-collection-top-consumer-grumbles.html?token=%23tk.NWWNLE_nlt_networkworld_security_alert_2016-03-02&idg_eid=b0bd995e2814d7f58c50105dd3327c12&utm_source=Sailthru&utm_medium=email&utm_campaign=NWW%20Security%20Alert%202016-03-02&utm_term=networkworld_security_alert#tk.NWW_nlt_networkworld_security_alert_2016-03-02

Cyber Security Threats – Proactive Rather Than Reactive

Word Press PhotosSecurity executives have increasingly urged firms to utilize prevention, encouraging a plan that encompasses Information Technology and business units in order to ensure cyber security.

Why might you ask? As a mere observation, most firms have accepted hackers as a viable threat that will eventually infiltrate their network. Rather than focus on preventative measures, companies have taken to the opposite, strengthening their reactive forces and mitigating the damage a hacker can do once inside. Although important, focus needs to be on cyber security and data breach prevention in addition to recovery after the fact. This change of mindset ensures significant progress can be made to prevent threats, making better use of time and resources for your company.

John Davis, CSO of Palo Alto Networks’ federal division, suggests “Call for a comprehensive risk analysis, mapping out the different segments of the network and examining the needs of the enterprise along with the security concerns.” He encourages information technology teams and cybersecurity teams to work together for a higher level of performance. Prevention tactics bring together these two forces in a more collective manner.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.networkworld.com/article/3039955/security/why-cios-to-be-proactive-not-reactive-to-cybersecurity-threats.html?token=%23tk.NWWNLE_nlt_networkworld_security_alert_2016-03-02&idg_eid=b0bd995e2814d7f58c50105dd3327c12&utm_source=Sailthru&utm_medium=email&utm_campaign=NWW%20Security%20Alert%202016-03-02&utm_term=networkworld_security_alert#tk.NWW_nlt_networkworld_security_alert_2016-03-02

Top Security Suites of 2015

The Best Security Suites for 2015

Malware, hacks, and data breaches are unquestionably possible if you do not tend to your security needs. Keep yourself and your computer protected from harmful intrusions by investing in top notch security. Take a look at the list compiled below as these are the leading security suites of 2015.

 

Bitdefender Total Security 2016 $69.95

  • Scored Excellenbitdefender1t in anti-malware, anti-spam, and anti-phishing tests.
  • No hassle firewall
  • Parental control
  • System tune-up
  • Advanced startup optimization
  • File encryption
  • Anti-theft
  • Password Manager
  • Secure browser

 

 

Kaspersky Internet Security $79.99

  • Spam Filterkap
  • No hassle firewall
  • Parental Control
  • Remote monitoring and management
  • Bonus features

 

 

 

 

 

Symantec Norton Security Deluxe $69.99

  • symantecBest at malicious URL blocking and antiphishing
  • Spam filtering
  • Password Management
  • Performance Optimization tools
  • Online Management
  • Powerful protection for Android and Mac

 

 

 

 

Bitdefender Internet Security 2016 $59.95

  • Accurate spam filterbitdender2
  • Tough firewall
  • Revamped parental Control
  • Password Management
  • Secure browser
  • Ransomware protection

 

 

 

 

Comodo Internet Security Complete 8 $69.99

  • Live remote tech support/Remediaticomodoon for any security problems
  • Virus free guarantee
  • VPN for protection on public networks
  • Local and online backup system
  • 50GB of hosted online backup

 

 

 

 

 

Trend Micro Internet Security 2016 $79.95

  • Great Antivirustrend
  • Accurate spam filter
  • Optimizes PC health
  • Secure deletion
  • Scans social media security settings

 

 

 

 

 

 

Webroot SecureAnywhere Internet Security Complete 2015 $79.99

  • Small and light on Resowebrooturces
  • Quick install and scan
  • Good malicious URL block
  • Full feature password manager
  • Mobile support
  • Remote management
  • PC optimization
  • Online backup and Sync

 

 

 

Check Point ZoneAlarm PRO Antivirus $69.95

  • Powerful firewzoneall
  • 5GB of hosted online backup
  • Credit monitoring
  • Identity protection
  • Password Management

 

Why Weak Passwords Are Harmful: Ashley Madison Hack IT Takeaways | BVA IT Consulting Blog

password_stolen-100577279-primary.idgeAs you may very well be aware, the Ashley Madison debacle revealing account emails of users has also divulged their passwords. A total of 11,716,208 silly, yet remarkably weak passwords were discovered. Passwords such as “password,” “123456,” and “IThinkILoveMyWife?” are a few of the many that were used.  These revelations only reinforce the importance of stronger passwords to keep your information secure. Never use weak passwords, and never underestimate hackers as I’m sure they continue to crack easy passwords like this time and time again. If you do happen to find yourself in a situation where you would use a site such as Ashely Madison create a completely randomized password yourself or use a password manager.

 

Microsoft On Malware and Protecting your Business: How To Protect Your Business From Malicious Software | BVA IT Consulting Blog

Malware is continuing to wreak havoc on devices, notably Android. So what is Microsoft doing to combat such intrusions? Prevention and understanding are key. The definition of malware has extended from the more traditional viruses to the embodiment of varied attack levels including the new, more malicious threats. The Director of the Microsoft Malware Protection Center, Dennis Batchelder, says that crime syndicates, malware supply chain, antimalware vendors, and the antimalware ecosystem are the main participants involved. Microsoft’s Digital Crimes Unit and antimalware security software’s purpose is to proactively intercept new strains of malware. They aim to block malware, stop it in its tracks when first discovered, and seek to prosecute those involved.Malware-spy

From a business owners perspective there are a couple things you can do to protect yourself. A layered approach to cybersecurity is important. Protecting your business from various angles and the level at which you invest into an IT Staff make a big difference in your defense.  Security begins from where and how users interact with the data, to how you transmit data past firewalls, and the level of end-to-end encryption that is put in place. Data at rest must be encrypted to protect against high valued attacks on your servers, and you can complement that with the use of intrusion detection measures and data leakage monitors. The decision must be made on what the price of security is for you, depending on the value of which you want protected and what you are willing to spend for it. For big businesses, handling it in-house may seem more appropriate. However, for small businesses a manageable and more cost effective option would reasonably be hiring a managed service provider (MSP) to tend to security needs.