Internet Security

Most companies still work to unlock their computers. Experts detect more than 2,000 cyber attacks against companies from 64 countries using Find My Device option.

Dozens of companies are still working to free their computers, blocked by the data hijacking virus. Some have capitulated and have chosen to pay the pirates, who ask for 300 dollars (264 euros) in bitcoin to release the equipment. The hacker’s address to get the revenue in this crypto-currency has received at least 45 transactions and the equivalent of more than 9,000 euros, according to Blockchain, the platform that supports bitcoin. Information indicating that cybercriminals can not actually unlock stolen data because their email account has been blocked helps to ensure that no payments are being made. Ok, what if your iPhone being hacked by the same cybercriminals who have spread Ransomware.

Although features like “find my iPhone” have helped slow down cell phone thefts, they also provide a new avenue of attack for hackers.

The security feature is now being used by hackers to block the hardware of some Apple users, and blackmail them to pay a ransom, or ransomware, for their devices to be unlocked.

Originally introduced by Apple in 2010, the “Find My Device” service allows users to use the GPS location to find exactly where their iPhone, iPad or Mac is. “Lost Mode” allows users to lock their device remotely, prevent a thief from having access to personal information. But unfortunately, that means that if a cyber hacker steals somebody’s login information, he can use it to ask for redemption to regain access to the device.

The rescue message is displayed on the lock screen itself, often with an address from an account to deposit Bitcoin. In most of the cases, the hacker may demand 0.01 Bitcoin to unlock the device, or about $ 50 dollars.

As in all cases of ransomware, the Find My Device general advice is not to pay for blackmail, as this only encourages hackers to continue with their practice. The best option would be to contact Apple directly to help solve the problem.

Although this is still not a widespread problem, there have been several recent reports from users who find their systems blocked without warning. Macmyth.com claims that it is derived from hacks of third-party services, coupled with the old problem of password reuse. That has led to the blocking of some Apple devices.

It also highlights the fact that one of the key issues with Apple’s Find My Device service is that it does not require two authentication factors. That is understandable considering that an Apple user may have only one device of that brand, and therefore, its use would not be possible if it loses it. But that problem could be solved in the style of Google, which offers a backup on secondary devices for these cases.

Even if you have not been affected by this latest attack, regardless of the brand of your device, it is important to use secure passwords, unique login credentials, and two-factor authentication whenever possible. Although that does not guarantee that you can not be hacked, it makes it more complicated to do so, which is often enough to avoid problems.

Security researchers has found a serious android vulnerability that can steal any password with Android features. The real bad thing: banking trojan use the method long ago.

Two app rights of the Android operating system can be misused to build a universal keylogger, which reads everything the user of the device taps into the keyboard. In addition, an attacker can use it to give a malicious app unlimited rights. This android vulnerability attacks have revealed several security researchers at universities in UC Santa Barbara and Georgia Tech in the US. They gave android vulnerability the name Cloak & Dagger. The gaps are still open, but Google now prevents apps that they use to be loaded into the Play Store. In addition, Android O (the next version of the operating system) will close the gaps.

Researchers at the Georgia Institute of Technology have discovered how good Android features can be used for malicious android vulnerability on smartphone users. Both SYSTEM_ALERT_WINDOW (“draw on top”) and BIND_ACCESSIBILITY_SERVICE are the security gaps. The former allows you to display important messages about the current app’s current output, which is used to help visually impaired users, Criminal attackers can, however, as the security researchers show, abuse both functions in harmless apps: In several videos, they perform as they lurk in the background with their android vulnerability “Cloak and Dagger” method (night-and-fog-action) Track passwords, and secretly install applications with malicious code and full access rights.

The Android Vulnerability Problem:

Each app can use both functions without having to request special privileges. Attackers can now set harmless apps – such as “sweet cat videos” – in the playstore, which displays invisible buttons via a banking app, with which password entries are recorded or when playing a video loads malicious programs from the Internet and secretly with full rights equip. Worse: This behavior is part of Android’s user guide, so there is no security hole that could be easily closed by a patch. Google’s automated testing of new apps lets many such wolves in the sheep fur. In fact, the security portal The Hacker News has already reported on several banking trojans in the Playstore, which also work with this android vulnerability “Cloak and Dagger” methods.

How Can You Protect Yourself From Android Vulnerability?

Currently, there is no complete protection against this android vulnerability! You should pay particular attention to installing apps only from trusted manufacturers, and you should also set up a protection program on your smartphone. In addition, at least Android 6 can minimize the risk of android vulnerability by allowing you to turn off notifications or allow apps to be used: Go to Settings, then Apps, Gear icon, Show other Apps, now Apps With permission and there for all apps except the absolutely necessary (such as trustworthy calendar, alarm clock). The rest will be done by Google: First, the Android vendor has to check the apps in the Playstore more intensively, secondly, to prevent the abuse of SYSTEM_ALERT_WINDOW and BIND_ACCESSIBILITY_SERVICE. The latter is still working for the upcoming Android 8, which is to put now common android vulnerability the craft by new security functions. Whether this current android vulnerability Cloak and Dagger on the current Android versions ever completely stopped.

Anti-virus programs have been around for 20 years and are an essential part of any Windows setup. However, Windows changed and so did its threats. A third-party AV program is no longer crucial and few of them may be harmful.  Needs do vary as some people are more prone to accidents and some are not so sensitive to malware and threats. Some surf parts of the internet that is quire risky and some have the need to protect and secure their valuable information. All of these factors need to be taken into account. A Windows user who is aware of the risks can maybe survive without any anti-virus software altogether. However, users who are less knowledgeable can get their PCs infected by malware even if they have given their system ample protection.

Threats from Malware

Many of the major AV products came into the picture because of many viruses that were developed by amateurs. This is no longer the case as today’s malware is developed by professionals to make some money out of it. Their deliver viruses through emails and websites and want their malware to be hidden and undetectable. Their interest lies in collecting financial details and passwords etc. and this is where ransomware steps in. They hold important and valuable information of users such as personal files and photos, financial data, etc., as hostage and demand for a ransom against it, recently in the form of Bitcoin which has become a secure way to collect cash. The best way of defence against this is to create a backup of all the important data offline.

Coding and screening

When most of the major AV products started out, Windows and its key browsers were not that secure. However, this is no longer the current scenario. In 2002, Trustworthy Computing Initiative or TCi was launched by Microsoft co-founder Bill Gates as an initiative in making security the company’s top priority. Therefore, there was a significant drop in Windows PC infection rates due to modified designs and development of software Microsoft used as a result of TCI training and methodologies. Windows 10 now has a vast arrangement of security and technologies that help mitigate threat to such an extent that the main threats come from Oracle Java and some Adobe software which are all third-party programs.

A huge improvement has been made in the security of web browsers, Google’s Chrome and Microsoft’s Edge in particular. Chrome is secured and has security systems that protect the background operating system from attacks that are web-based. Security improvements have come from systems that allow safe browsing by blacklisting websites that contain malware. Google Safe Browsing is now present n Firefox, Chrome, Apple’s Safari and Vivaldi while there is a built-in SafeScreen filter in Windows 10. If you are apprehensive about a certain website, it can be checked manually at Google’s website. Windows 10 users are well protected as long as their softwares are updated. Updating browsers and other third-party softwares also contribute towards securing a system and this can be done by using Patch My PC, Kaspersky Software Updater or Flexera’s Personal Software Inspector (PSI).

Problem of Anti-Virus Softwares

Anti-virus companies initially started out as protection for susceptible operating systems and browser codes but they have reached a point where weak anti-virus softwares are more harmful than helpful. Usually, programmers won’t acknowledge these problems because they require the AV supplier’s assistance when AV disrupts or crashes their software. At the same time, they cannot tell users to disable their AV as they will be held responsible if something negative happens. This leaves just one solution which includes Microsoft Defender since there is ample data showing that it’s the only suitable AV and browser makers don’t have any reservations about it. Windows Defender may not be the best in protecting systems from malware but at the same time is the least damage.

Strategy for Security against malware

It is a misconception that running an anti-virus program will provide protection against malware.  To secure your system against malware certain steps need to be taken.

First, Windows 10 needs to be run with Windows Defender and cloud-based heuristics, the SmartScreen filter and basic telemetry, which is extensively security related, all need to be turned on. Setting up PCs this way will prevent probably malware problems for months.

Second, Windows should be run as a standard user instead of an administrator which most people do. Linux and MacOs users have already started this practice. 99% of threats and attacks are eliminated by running as a standard user.

Bash for network engineers helps the network engineers to learn thoroughly the Bash shell programming which takes Linux up a notch, including awk/nawk/gawk, sed, grep/egrep

Third, Windows and all of the PC’s software should be kept up to date. Mostly a malware takes advantage of security loop holes that have been previously patched, sometimes a long time ago. For higher levels of security, it is advisable to run Google Chrome or a Chromium-based browser such as Vivaldi for instance.

Fourth, always make sure that all your personal and important data has been backed up at a reliable place. FreeFileSync can be used to copy data folders to n external hard drive on a daily basis which in turn can be backed up to a second external hard disk. Another reliable option are Blu-rays as they are immune to ransomware and malware.

Fifth, periodic scans should be made to check if the anti-virus on your system has skipped something. Microsoft has MSRT or Malicious Software Removal Tool which is to be used before installing any significant updates. Many AV firms including Trend Micro, ESET, Bitdefender and F-Secure provide free online scanners too.

Sixth, note that Windows 10 allows refresh, reset and recovery facilities. If this option is not used, one must be prepared to wipe the hard drive clean and reinstall Windows 10 from the basics. Instructions are provided from Microsoft and all the preferences and authentication are stored in your Microsoft account online. Any apps that were downloaded will be reinstalled by the Windows Store. It is extensively easy to get back to where you left off.

Choosing an Anti-Virus

Users are more prone to attack if they are not on Windows 10. However, there are many free anti-virus programs available that are highly recommended such as Avira or Bitdefender. The best paid anti-virus option would be Kaspersky but Trend Micro is also worth considering. While selecting an AV program, factors need to be taken into consideration such as special features, the user interface, impact on the system’s performance, if it hampers any other software’s performance, the speed with which it scans, etc. There are a minimum of a dozen suitable options, so that one can made an informed choice.