Questions? Feedback? powered by Olark live chat software

Ask IT

Ransomware Discovered On Some Google Play Store Apps

Researchers from McAfee’s mobile division have discovered a strain of ransomware called “LeakerLocker” on two apps that slipped through Google’s various checks and made their way onto the Google Play Store.

The apps in question were “Booster and Cleaner Pro,” which was billed as an app designed to boost memory on your smartphone, and “Wallpapers Blur HD” which is a wallpaper management app. When Google was informed of the issue, they promptly removed both apps, but there are a few points of interest here.

Firstly, both apps were part of a rewards program, which actually pays users a small sum to install them on their devices. This methodology is becoming increasingly common and has been used in the past to get users to install harmful apps on their devices.

Secondly, the researchers who found the app say that it’s not a scam. What this means is that it doesn’t rely on underhanded tactics in order to install itself, but rather, it relies exclusively on permissions freely granted by the user.

Before Google pulled the plug on these two, the cleaner app was installed between 5k and 10k times, and the wallpaper app was installed between 1k and 5k times. If either of those names sound familiar to you, and you’ve installed, but not yet run the apps, delete them immediately to avoid any potential troubles. If you don’t, you’ll soon find that you can’t get into your phone.

Note that this strain of ransomware doesn’t encrypt your files, but locks your screen and thus makes all your files inaccessible. At that point, your only options are to pay the fee or restore from your most recent backup, neither of which are great options.

While Google has a generally good reputation and a proven ability to stop malicious apps before they ever make it to the play store, as this latest incident underscores, the company isn’t perfect. You can’t ever afford to completely let down your guard.

Used with permission from Article Aggregator

Some Intel Processors Could Crash Systems With Hyperthreading Enabled

If you’re using a machine with a Skylake or Kaby Lake Intel processor, you should know that under certain conditions, it may be prone to crashing if hyperthreading is enabled.

The problem was never formally announced, mostly because what bug reports were released on the topic were spotty and inconsistent. So far, at least, no one seems to be able to pin down what the precise conditions are that cause the crash, resulting in a small subset of bug reports that are highly inconsistent and paint an unclear picture of exactly what the root of the problem is.

In any case, there are three things to note.

Linux users are in luck. Microcode updates are available that address the issue on those machines.

Windows 10 users are out of luck, at least so far. The latest Wintel Microcode updates don’t seem to include the fix, and there’s been no mention, at least to this point, of when that might change.

That brings us to the third major point. For the time being, if you’re using a Wintel machine with either of the processors mentioned above, the best way to ensure you don’t have to worry about the crash problem is to disable hyperthreading.

On the other hand, the crash bug has only happened in a few, widely scattered cases, as evidenced by the spotty and inconsistent bug reports surrounding the issue.

Because of this, many, if not most users will likely opt to simply do nothing and take their chances. In any case, being forewarned is bring forearmed. Even though the crash bug is quite rare, it’s better to know about it and know the decisive fix (at least until a more permanent, Microcode fix is release), so you can make an informed decision as opposed to being caught unaware.

Used with permission from Article Aggregator

New Survey Shows Alarming Trends In Cybersecurity For Businesses

A new survey released by Guidance Software reveals some disturbing trends about the state of cyber security. The survey asked 330 IT and digital security professionals questions about cyber-attacks and their impact on the organizations they serve.

The biggest news was in how many organizations reported that they’d been the victims of a malware attack so far this year, with fully 65 percent reporting in the affirmative. That’s up from 56 percent this same time last year.

Worse, nearly a quarter (23 percent) of respondents indicated that they’d been the victim of a ransomware attack, with nine percent admitting to having paid the ransom to get their files restored. This is significant, because in last year’s survey, none of the respondents indicated having paid a ransom. What’s worse is that nearly half (48 percent) indicated certainty that they’d be hit by a ransomware attack sometime in 2017.

In terms of losses, a quarter of those surveyed indicated that their firms had suffered financially as a direct result of successful attacks over the past year. Of those, 20 percent indicated losses in excess of a million dollars.

Also of interest were the things IT professionals listed as their biggest challenges, with 35 percent citing proper risk assessment, 34 percent citing policy enforcement and 31 percent citing managing the complexity of digital security in general.

To anyone in IT, all three of these challenges will ring familiar. They are persistent hobgoblins that have plagued the industry for years, and unfortunately, that doesn’t show any sign of changing soon.

The silver lining for you as a business owner is knowing that these are the most often cited challenges faced by IT staff. You can assess your own department and begin making the changes necessary to help reduce the impact of all three.

Budgetary constraints may prevent you from solving them outright, but armed with these survey results, you can certainly begin making steady, incremental improvements. Your IT staff will love you for it.

Used with permission from Article Aggregator

Can Your Car Be Hacked Just With A USB Stick?

Jay Turla has been a very busy man since purchasing his new Mazda vehicle. He’s been spending time researching hacks to his car’s infotainment system, and as with most other “smart” products on the market today, he’s finding the system incredibly easy to break into.

He’s not alone. In fact, a whole online community has grown up around the idea of hacking various models of Mazda cars.

A variety of security researchers have confirmed what the online community has known for more than three years. Mazda’s infotainment system contains a raft of bugs that make it incredibly easy to hack the system. In fact, the online community has even built an app that automates the process.

Turla started with the app and began making tweaks and changes to see exactly what he could accomplish in terms of hacking his car. His key finding? All he had to do was plug a USB stick into the car. Once that was done, the scripts would execute automatically and begin making changes.

On the surface of it, that sounds pretty bad, and it certainly underscores the ongoing problem with today’s smart devices – they’re incredibly easy to hack and very few product manufacturers have expressed much interest in providing better security for the devices they make. Mazda is a classic example of this very phenomenon; remember, these bugs have been well-known for more than three years!

From a practical standpoint, though, the ability to easily hack the car’s infotainment system isn’t as bad as it could be. You can’t, for example, use these hacks to auto-start the car, or change any of the critical settings…at least not yet.

While Mazda insists that it’s not possible to impact anything but the car’s infotainment system, the hacking community isn’t convinced. Neither is Turla, who says he plans to continue his research to see just how far he can take his automated hacks.

This is certainly no reason not to buy a Mazda, but it’s something to keep in mind, and here’s hoping that at some point, manufacturers of smart devices start taking security more seriously.

Used with permission from Article Aggregator

Google Gets Huge Fine From EU For Manipulating Search Results

Google is in trouble with the EU. This is nothing new. The search engine giant has been fighting an ongoing battle with the European Union for a number of years now over a variety of claims that they’re unfairly using their dominance in search to skew results against selected competitors. What has changed is that recently, the EU handed down a staggering $2.7 billion dollar fine as evidence has surfaced that the company did indeed skew search results.

Ironically, in this particular case, the suit was brought by another American company, not a European one. It was none other than Microsoft, which has faced its share of legal challenges from across the pond.

The charge was that Google had tweaked their search engine results to promote their own shopping platform (originally billed as Froogle, and later re-branded as Google Shopping).

When Google launched their service, there were already a number of other shopping and price comparison platforms on the web, and Froogle floundered and never found an audience. In fact, a memo turned up in which a Google engineer declared that “Froogle simply doesn’t work.”

That changed in 2008 when the service started taking off, an event which coincided with Google actively pushing it in its search results. When that happened, many of its better developed rival services wound up falling to as far as page four in the search results, which is essentially the kiss of death.

Market studies have shown that products and services on page one of the search results get about 95 percent of all internet traffic. Second page results get about one percent, and anything beyond page to gets essentially zero traffic, which means that Google killed off many of its would-be rivals, simply by denying them visibility.

According to statistics presented by EU investigators, Google Shopping’s rival services lost between 80 percent and 92 percent of their normal traffic after Google began pushing its own product.

The recent announcement opens the door for those now failed rivals to sue the company, and there are two additional EU anti-trust suits pending.

Used with permission from Article Aggregator

A Third Of Former Employees Take Company Information With Them

How safe is your company’s data? According to a new survey released by tech giant Dell, it is not very safe. The statistics revealed by the survey are dismaying. Be sure you want to know before reading any further, because once you do, it may well change the way you view your own employees.

The survey’s key finding was that fully 35 percent of employees report that it’s common to take proprietary company information on leaving their firm.

As bad as that is, the rest of the statistics in Dell’s survey were even worse, with 36 percent of employees regularly opening emails from unknown, untrusted sources, which make them extremely susceptible to phishing attacks.

Forty-five percent of employees admit to engaging in behaviors they know to be unsafe from a cybersecurity standpoint, including using personal email accounts for work, misplacing company-issued devices and connecting to public WiFi to access confidential or proprietary information.

In addition, 72 percent of employees reported being willing to share proprietary, sensitive or confidential information under certain circumstances.

All of this paints a stark picture of a problem with no easy solution.

It’s easy, for example, to say that better employee education is the answer, except that while the exact scope and scale of the problem may not have been known before, it’s certainly no secret that phishing attacks aimed at rank and file employees have been a longstanding problem. To this point, few companies have bothered to attempt to better educate their employees.

Worse, the few that have haven’t seen much of an improvement.

In a similar vein, it would be easy to make the blanket statement that having a robust data policy in place would go a long way toward alleviating the problem. However, talking about it and actually developing and implementing such a policy has, at least to this point, proven to be a daunting undertaking.

The old adage is true: your employees are simultaneously your greatest asset, and your company’s biggest threat.

Used with permission from Article Aggregator

Unsecured Voter Database May Have Leaked 198 Million US Records

Since the 2016 election, there have been lots of hard questions asked about the sanctity of US elections, with mounting conjectural evidence that there was an active attempt by nation-state actors to influence the outcome of the most recent US Presidential election.

Because of that, the security of US citizen voter data has been at the forefront of everyone’s minds. Unfortunately, it seems that there was cause to be concerned.

On June 12, a security researcher named Chris Vickery, who works for UpGuard, discovered an exposed database containing more than 198 million voter records, amounting to some 60 percent of the total US population.

The database was entirely unsecured, and anyone could have stumbled onto it and downloaded it in its entirety.

The database was the responsibility of a company called Deep Roots Analytics, which was the company hired by the Republican National Convention to help them better target campaign advertisements.

Of particular interest were the open access files for Florida and Ohio, two of the most crucial battleground states. Also available to anyone who found the database was a 256GB folder containing detailed voter breakdowns for the 2008 Presidential election, and a 233 GB folder for the 2012 Presidential election, with each of these containing 51 sub-folders, providing a state by state breakdown including the District of Columbia.

Another folder called “Post-Elect 2016” contained information on voters’ views about whether they voted for former President Obama and President Trump’s “America First” foreign policy thrust.

Deep Roots Analytics made the following terse statement in response: “We take full responsibility for this situation.”

Since being informed of the unprotected database, it has been password protected, and the company is assisting with an ongoing investigation. However, the damage has been done, and there’s no telling how many people were able to download the information the database contained, which includes voter names, addresses, party affiliation, voter registration data, ethnicity and more.

If you voted in the 2008, 2012, or 2016 election, odds are good that your information was captured.

Used with permission from Article Aggregator

Amazon Ends Its Unlimited Cloud Storage Tier

All good things must eventually come to an end, and finally, Amazon has bowed to external pressure. The company has just announced the end of their unlimited cloud storage tier.

Users who currently enjoy unlimited storage via the Amazon Cloud will continue to enjoy those benefits until their current contract expires. At that point, they’ll be given the option of either 100GB for $11.99 a year, or 1TB for $59.99 a year. Users will also be able to acquire additional storage in 1TB increments for an additional $59.99 per year per terabyte, to a maximum of 30TB.

Note that Amazon’s “elimination” of its unlimited tier isn’t as complete as Microsoft’s was last year when they nixed it for their Office 365 users. In Amazon’s case, Prime users will still have access to unlimited storage, and users of their photo storage will similarly continue to enjoy unlimited space.

It’s not hard to understand why an increasing number of companies are moving away from unlimited plans. Storage, whether cloud-based or another variety, is cheap, but it isn’t free. Inevitably, a small segment of the user base takes undue advantage of the generosity of companies offering unlimited plans.

One of the reasons Microsoft abandoned their unlimited tier, for example, was the fact that some of its users decided to upload their entire digitized movie collection, which ran in excess of 75TB in the most extreme case. With demands like that being placed on the system, it is hard to properly support users who planned to use the unlimited space for more traditional system backups.

There aren’t many companies still offering unlimited cloud storage. If you currently have such a plan, enjoy it while you can, because in all likelihood, with two of the industry’s biggest players bowing out, it’s just a matter of time before the rest follow suit. If you’re currently using Amazon’s unlimited plan, now is the time to assess how much space you actually need so you can make a good decision about what to do with your data when your current contract expires.

Used with permission from Article Aggregator

Are Hackers Testing The Waters For A Power Grid Attack?

Ever since the discovery of the dreaded Stuxnet worm in the wild, security experts have been concerned that a devastating cyberattack could be launched against critical infrastructure, causing signal lights to go haywire, emergency service phone lines to go down, power grids to go offline and more.

In recent months, we’ve seen what could be construed as “test runs” that foreshadow a much larger, targeted attack, and now, there has been another.

This new attack was made using a custom-built application that experts are calling “Industroyer.”

All indications are that this new strain of malware was created by a skilled developer, and possibly a whole team of them. It’s also likely that it was funded by at least one nation-state actor with an eye toward launching a full-scale cyber war that could easily cripple any industrialized nation.

The latest attack was launched against power stations in the Ukraine, and succeeded in causing widespread blackouts.

The Ukraine has suffered similar attacks over the last two years, presumably launched by Russia.

No one has claimed responsibility for the latest attack. It would be premature to automatically attribute it to Russia, but given that nation’s history with the Ukraine, there’s significant circumstantial evidence that points in that direction.

Unfortunately, attacks like this are virtually impossible to prevent. Globally, the control boards that keep power grids worldwide running have no protection at all, and once hacked, the malware’s owner gains full control over them. They could shut them down, cause them to malfunction in ways that could lead to massive explosions and cause untold chaos and trillions of dollars in damage, depending on the severity and scale of the attack.

Worst of all, there’s no defense against such an attack, and the fear is that the successful attack against Ukraine may be just the tip of the iceberg.

It would take years and hundreds of billions of dollars to upgrade the world’s power grid to protect against a catastrophic failure, and any such move would no doubt create new security loopholes.

Welcome to the future.

Used with permission from Article Aggregator

Heart Pacemaker Devices Found To Have Major Technology Security Risks

Security professionals have been talking for months about the dangers of smart devices, most of which are almost comically (and tragically) lacking in even the most basic security protocols. More recently, the global Wannacry Ransomware attack demonstrated that smart medical devices were vulnerable to attack, with several of them being temporarily shut down by the malware. But exactly how bad is the problem?

Here’s an interesting comparison:

This past week, Google’s Project Zero found a total of eight critical security flaws in Microsoft’s Malware Protection Engine. Microsoft considered this to be such a serious issue that they took the unusual step of issuing a patch outside their normal schedule to address them.

Now, compare that with the number of security flaws found in a line of smart pacemakers by security researchers from WhiteScope, which identified more than 8,600 security flaws, mostly coming from third party libraries.

It should be noted that not all of these flaws are considered critical, and the number spans seven different manufacturers. However, the sheer number underscores the difference in scope and scale, and the point is further driven home by looking at the way smart device manufacturers are responding to the report.

We’ve known since at least 2013 that the vast majority of smart devices being marketed and sold today are highly insecure, and yet, almost none of the equipment manufacturers have done anything about it. This latest report generated a response that was more of the same – almost complete disinterest.

That’s dangerous, because it sets the conditions for what amounts to a perfect storm.
Right now, there are people living all over the world who rely on smart medical devices to keep them alive. The day’s coming when a hacking attack will kill someone.

Granted, even if smart device manufacturers started taking security more seriously, that would still almost certainly happen at some point. Taking no meaningful action at all only hastens the arrival of that day.

Used with permission from Article Aggregator

Time To Upgrade - Majority Of Wannacry Victims Were Running Windows 7

The recent “Wannacry” hacking attack was global in its scale, impacting companies in more than 150 nations before it was stopped by a security expert with a good eye. It was such a dangerous, widespread attack that Microsoft even took the highly unusual step of issuing an emergency patch for Windows XP users, even though they officially killed support for that platform some time ago.

Now that the dust has settled and security experts have had more time to analyze the dimensions of the attack, a startling new detail has emerged.

Overwhelmingly, the people who fell victim to the attack were running Windows 7. In fact, according to data released by Kaspersky Labs, more than 98 percent of impacted users were running that OS.

Like Windows XP, support for Windows 7 has formally ended, and although a quick-thinking researcher was able to stop the initial attack in its tracks by remotely accessing the malware’s kill switch, you can bet that the hackers who launched the attack are taking steps to eliminate that possibility. Once they do, another global assault is all but assured, and next time, there may be no way of stopping it at all. In fact, security researchers have already found beta versions of Wannacry in the wild that have no kill switch, period.

If you haven’t yet gotten around to migrating your old Windows 7 systems to something more robust and up-to-date, now is the time and the clock is ticking.

The hackers aren’t going to wait, and if you delay much beyond the point of reading these words, your company could be caught up in the next attack. This could mean having all the files on the infected computer encrypted, forcing you to either restore from the most recent backup you have, or pay the ransom and hope the hackers play fair and give you the unlock key. This is not a happy situation to find yourself in.

Used with permission from Article Aggregator

Ransomware Hits Medical Devices; Security Becomes Even More Important

As much attention as the recent, worldwide “Wannacry” ransomware attack got for bringing the UK’s health system to its knees and idling factories around the globe, it had another, less noticed, but no less important and terrifying impact.

An unnamed source recently released a screenshot of a “smart” medical device that had been locked and rendered inaccessible, thanks to the malware.

The device, a Bayer Medrad, which is used for imaging MRIs, is one of two devices known to have been hacked. The company assured the public that both devices saw functionality restored within 24 hours, but this event raises a pair of important issues.

First, “smart” devices don’t really deserve the name. Yes, they’re internet capable, but smart, they are not.

Worse, almost none of the smart devices being made and sold today have any protection or security at all. The few that do boast some sort of security only offer basic, bare bones, primitive protections that any teen-aged hacker with a limited tool set could circumvent.

That brings us to the much larger and more ominous second problem. An increasing number of peoples’ lives literally depend on the proper functioning of these devices.
We have now entered an era where a computer virus can kill a human being.

Imagine being hooked up to a machine, without which, you may die. Now imagine that machine being infected by malware, with the hackers demanding hundreds of dollars to restore its functionality.

It’s no longer a question of if that will eventually lead to a death, it’s a matter of when. The worst part is that we could be doing much more to make those kinds of attacks harder, and we’re not. Thus far, the makers of smart devices have been largely uninterested in bolstering security on the products they sell, and one day, probably in the not-too-distant future, someone is going to pay with their life for the lack of foresight.

Used with permission from Article Aggregator