4IT Logo

4IT Systems Ltd

024 7633 1997

sales@4-it.co.uk
Twitter RSS Feed Facebook

news

14 Nov 2017 - US DHS successfully hack Boeing 757

Boeing 757 hacked on the tarmac by Department of Homeland Security in 'controlled experiment'

A team of aerospace experts working with the US Department of Homeland Security conducted a controlled hacking of a Boeing 757 on the ground at an Airport in Atlantic City, New Jersey.

The team of academics and industry experts were able to remotely crack the IT systems of the 757, which uses a form of computerised fly-by-wire system for control. The test demonstrates the inadequacy of security in many modern planes that, nevertheless, rely on IT to stay airborne.

Full article @ computing.co.uk

27 Oct 2017 - NAO blames imcompetent NHS IT for WannaCry attack

The National Audit Office (NAO) has pointed the primary finger of blame at lackadaisical NHS trusts for the spread of the WannaCry ransomware that affected at least 81 out of the 236 NHS trusts across England in May this year.

The ransomware also affected a further 603 primary care and other NHS organisations, including 595 GP surgeries.

A review into IT security across the NHS commissioned by the Secretary of State for Health had warned a year before that healthcare IT systems might be vulnerable to compromise.

That review had recommended that "all health and care organisations needed to provide evidence that they were taking action to improve cyber security, including moving off old operating systems," according to the NAO report published today.

We blogged about this immediately after the attack and laid the blame squarely at the feet of the NHS's incompetent IT provision. Nice to see the NAO eventually agreeing with us!

Full article @ computing.co.uk

27 Oct 2017 - Windows 10 Fall Creators Update arrives

The latest major Window 10 update is here.

This update appears as "Feature update to Windows 10, version 1709".

If you are a Bitdefender Endpoint Security user and experience internet issues after installing this update, simply uninstall Bitdefender, reboot and reinstall.

26 Oct 2017 - BadRabbit Ransomware strikes worldwide

There is a new wave of ransomware attack, #BadRabbit, which struck on October 24th and has hit the market worldwide.

4IT customers running Bitdefender are safe. Endpoints running Bitdefender GravityZone and Bitdefender Elite were protected from zero hour against this attack wave and they are NOT impacted by this new family of ransomware.

Bitdefender GravityZone security solutions detected this threat as

Gen:Heur.Ransom.BadRabbit.1 and Gen:Variant.Ransom.BadRabbit.1.

25 Oct 2017 - Kaspersky admits infiltrating NSA via it's anti-virus software

Kaspersky admits filching NSA hacking tool source code via anti-virus software

Kaspersky has today admitted that it obtained the source code of National Security Agency hacking tools via anti-virus software running on a PC in the US.

The admission comes as part of the company's preliminary results from an internal inquiry over claims that Kaspersky Anti-Virus software was being used by the Russian government as part of its spy network.

In particular, the US government has claimed that a US National Security Agency worker had code exfiltrated by Kaspersky from his PC in 2014, while working on NSA tools at home.

This is a shocking admission and will be hugely damaging to their brand, we recommend customers do NOT use Kaspersky products.

Full article @ Computing.co.uk

18 Oct 2017 - Windows 10 Fall Creators Update contains Ransomware protection

The Windows 10 Fall Creators Update includes an amazing new feature: Folder protection against ransomware. Here's how to activate this essential security feature.

Ransomware is everywhere nowadays, and it's been nearly impossible to stop it. Microsoft thinks it may have the answer, and has therefore added a new feature to Windows Defender in the Windows 10 Fall Creators Update that is designed to stop the growing form of malware from snagging more victims.

The feature called Controlled Folder Access prevents programs from making any change to files or folders that are set as protected. By default that includes Windows system folders, Documents, Pictures, Videos, Music, Favourites, and Desktop folders for each user.

Exclusions for certain apps can be made, folders can be added, and Controlled Folder Access can be toggled on and off by taking the following steps.

  1. Open Windows Defender Security Center.
  2. Click on the Virus & Threat Protection menu item.
  3. Under that option click on Virus & Threat Protection Settings.
  4. Scroll down to the fourth item in the list that pops up: Controlled Folder Access. Toggle the button to On.
  5. Say yes to the popup window.
  6. Once it's on, the options to select folders and allow app exclusions will appear below the toggle button. Click on them if you want to make changes.

13 Oct 2017 - Windows 10 Fall Creators Update, Microsoft's next big upgrade

What is Windows 10 Fall Creators Update? Everything you need to know about Microsoft's big upgrade.

Rolling out from the 17th October, the ​Windows 10 Fall Creators Update promises to deliver new features big and small to Windows desktops.

The headline features in the free Fall Creators Update are changes to how Windows 10 handles cloud storage, easier sharing with friends and family, better security, longer battery life and a more-intuitive design for the OS and its apps.

As with previous updates, however, don't expect massive leaps forward, more general tinkering around the edges.

Full Article @ TechRepublic

12 Oct 2017 - Kaspersky software 'used by Russian state hackers to trawl for US secrets'

Popular anti-virus software used by hundreds of thousands of people and businesses in Britain was reportedly hijacked by Russian government hackers to trawl for American secrets.

Cyber spies allegedly used software from the Russian firm Kaspersky Lab which is installed on computers around the world to improvise a search tool and look for the codenames of secret US programs.

Discovery of the operation led the American government to last month order the removal of the software from its computers, the New York Times reported.

Full article @ New York Times

 

We recommend Kaspersky customers remove their product and switch to an alternative. We are currently recommending Bitdefender. Please contact us for more information.

07 Oct 2017 - Cryptocurrency mining malware swarms the internet

An increasing number of websites are turning the computers of unsuspecting visitors into cryptocurrency miners. Aside from slowing down CPU performance, these tools violate the privacy of users.

The mining malware we have seen so far is successfully blocked by Bitdefender.

Full details @ Futurism

04 Oct 2017 - Yahoo says all three billion accounts hacked in 2013 data theft

In a shocking legal disclosure on Tuesday, Yahoo admitted that all 3 billion of its accounts were hacked in a 2013 data theft, tripling its earlier estimate of the size of the largest breach in history.

Yahoo said last December that data from more than 1 billion accounts was compromised in 2013, the largest of a series of thefts that forced Yahoo to cut the price of its assets in a sale to Verizon.

Yahoo on Tuesday said “recently obtained new intelligence” showed all user accounts had been affected. The company said the investigation indicated that the stolen information did not include passwords in clear text, payment card data, or bank account information.

But the information was protected with outdated, easy-to-crack encryption, according to academic experts. It also included security questions and backup email addresses, which could make it easier to break into other accounts held by the users.

Full article @ Reuters

23 Sep 2017 - Equifax woes continue after victims sent to phishing site for support

After massive data breach, Equifax sent victims to fake phishing site for support

After a breach of 143 million people's personal information, the official Equifax Twitter account accidentally tweeted a link to a phishing website for victims who needed support.

For nearly two weeks after a data breach exposed the personal information of some 143 million Equifax customers, the credit firm was accidentally directing victims to a phishing website for support.

Full article @ TechRepublic

18 Sep 2017 - Equifax US hack affects 400,000 UK consumers

The huge data breach of Equifax (US) earlier this year has been confirmed to affect around 400,000 UK consumers.

Although Equifax (UK) was not affected, between 2011-2016 UK data was stored on US servers.

The information was restricted to: name, date of birth, email address and a telephone number. “Equifax can confirm that the data does not include any residential address information, password information or financial data,” the company said.

Full article @ ComputerWeekly.com

18 Sep 2017 - CCleaner 5.33 compromised to deliver malware

Avast's CCleaner compromised to deliver malware to unsuspecting users in August and September, anti-virus firm Avast compromised in suspected supply-chain attack.

 

CCleaner, Avast's popular PC tool that has been downloaded some two billion times, has been compromised in a supply-chain attack to deliver malware to unsuspecting victims.

Researchers from Cisco's Talos Intelligence said that, between August 15 and September 12 of this year, version 5.33 of CCleaner was legitimately signed, but contained a multi-stage malware payload that rode on top of the installation.

 

Full article @ Computing.co.uk

19 Aug 2017 - Hacker breaks Apple encryption, exposes iOS mobile security

A hacker going by the handle xerub has just released what he claims to be a full decryption key for Apple's Secure Enclave Processor (SEP) firmware.

This could be a major blow for iOS security because of the importance of the SEP: It handles Touch ID transactions and is completely isolated from the rest of its host device. Your iPhone, iPad, or iPod has no idea what's going on in the SEP, and that means no one else does either"at least until today.

Now that its firmware code is exposed it's open season on SEP vulnerabilities.

More detail @ Hacker decrypts Apple's Secure Enclave

09 Aug 2017 - Tech Support Scammers Target Windows 10 Users

Microsoft's Malware Protection Center has spotted new phishing techniques that direct Windows 10 users to fraudulent tech-support sites.

Tech support scams continue to evolve, with scammers exploring more ways to reach potential victims. Recently, we have observed spam campaigns distributing links that lead to tech support scam websites.

The links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary "technical support services" that supposedly fix contrived device, platform, or software problems.

Summary @ TechRepublic

Microsoft Blog article here

02 Aug 2017 - DDoS attack - All web hosting customers

Our hosting team are currently observing a large scale DDoS attack on a portion of their network.

The networking team are in the process of mitigating this attack and you may see slow performance and intermittent timeouts while they tackle this.

Thank you for your patience and understanding.

27 Jul 2017 - Kaspersky likely casualty of US Russia sanctions.

Kaspersky Lab executives are assessing any potentially negative fallout the rapidly deteriorating Russia-U.S. relations could have on its U.S. business strategy. Long time partners with the endpoint security vendor tell CRN they are watching the rising political tension closely, and acknowledge that economic sanctions threatened against Russia could have a serious impact on their business.

Full article @ CNN

If you are a current Kaspersky customer and would like to look at alternatives please contact us.

24 Jul 2017 - Late Summer Holiday Office Closures (Aug 2017)

The office will be closed from Thursday Aug 24th - Wednesday Sept 13th for a late summer holiday.

As usual all e-mails will be collected and responded to the same day.

All support customers, if you need to contact us your primary method should be by e-mail. If that is not possible please use the alternate contact arrangements you have received.

If you have any outstanding issues or tasks you would like completed please bring these to our attention ASAP.

21 Jul 2017 - Citadel malware developer jailed

A Russian man believed to be one of the developers of the Citadel malware used to steal millions by infecting around 11 million computers around the world.

Moscow-born Russian Mark Vartanyan has been sentenced to five years in prison by a US district court after pleading guilty to computer fraud.

 

Full article @ ComputerWeekly

21 Jul 2017 - Dow Jones massive data leak on Amazon S3 Cloud

Data leaks at Dow Jones, Verizon, and a GOP analytics firm show that companies are forgoing security best practices in order to quickly make it to the cloud.

A recent data breach at Dow Jones exposed data including names, addresses, and partial credit card numbers from millions of customers, according to a Monday report from UpGuard. The reason for the leak? Dow Jones simply chose the wrong permission settings for the Amazon Web Services (AWS) S3 data repository.

Full article @ TechRepublic

13 Jul 2017 - Microsoft July Patch Tuesday fixes 19 Critical flaws

Microsoft's July 2017 Patch Tuesday fixes targeted more than 50 vulnerabilities across Microsoft products and services, including 19 critical flaws and an important fix for Windows NTLM.

Full article @ TechTarget

07 Jul 2017 - Chinaregistry.net.cn spam resurfaces

All customers who own their own domain may receive an "urgent" email from chinaregistry.net.cn claiming another company is trying to register the .cn version of your domain an use it as their "internet keyword".

This e-mail is PURE SALES SPAM. You are simply being goaded in to purchasing the Chinese version of your domain. Furthermore. the "internet keyword" portion of the e-mail is utter garbage.

These e-mails should be deleted, you can also use Outlook to block the sender.

Block or unblock a sender in Outlook

03 Jul 2017 - Microsoft beef up security for Windows 10 Fall Creators Update

Windows 10 will get a number of new security features in its Fall Creators Update, including end-to-end protection that uses cloud intelligence to more seamlessly detect and respond to attacks.

The Fall Creators Update will be released to the general public in October, though many of the updates are already available to those testing the platform as part of the Windows Insider Program.

 

Full article @ TechRepublic

01 Jul 2017 - Petya variant malware attack strikes worlwide

On the tails of the recent WannaCry attack, a Petya variant has struck worldwide affecting up to 20,000 companies.

Whilst the experts still argue as the intent and technicalities of this latest attack, the way you protect yourself remains the same.

 

  • Ensure both Windows and your security solution are fully up to date
  • NEVER open email attachments unless you both expect them AND you know and trust the source
  • Educate your staff about the dangers of e-mail attachments
  • Ensure your backups are running and that they are current
  • On company networks, only give users access to areas they need. Lock down the rest.

 

More details at Tripwire

15 Jun 2017 - Microsoft rush out XP patches to prevent a second Wannacry attack

Microsoft rushes out patch for Windows XP to prevent another WannaCry attack via a Shadow Brokers release.

Microsoft has, for the second month in a row, released a critical security patch for its out-of-support-but-still-widely-used Windows XP operating system, and warned that another WannaCry-style attack could be imminent.

02 Jun 2017 - Samba vulnerability brings WannaCry fears to Linux/Unix

A widespread Samba vulnerability has raised the possibility of attacks similar to WannaCry hitting Linux and Unix systems.

Researchers warn that many Linux and Unix systems contain a Samba vulnerability that could eventually lead to attacks similar to WannaCry or worse, if IT pros don't remediate quickly.

According to the Samba security advisory, the vulnerability (CVE-2017-7494) affects versions 3.5 (released March 1, 2010) and newer. The Samba vulnerability is remotely exploitable and could allow "a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."

 

Full article @ Techtarget

16 May 2017 - Did Intel's new i9 processor details just leak?

Leaked PowerPoint claims to show details of Intel's new high-end desktop CPU range.

The high-end i9 will replace the current top spec i7 and will contain a massive 12 cores running 24 threads.

 

Full article @ computing.co.uk

15 May 2017 - Wannacry Ransomware : Microsoft issues emergency patch for unsupported OS's

Responding to the worldwide attack of the Wannacry ransomware which specifically targeted older unpatched systems Microsoft have release an updated patch specifically for older unsupported Windows versions.

On the first day of the attacks, Microsoft released an updated patch for older Windows systems "given the potential impact to customers and their businesses". Patches are now also available for: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, and Windows 8 x64.

 

The patch can be accessed from clicking the "Microsoft Update Catalog" link in the Microsoft Security Bulletin MS17-010 which details this issue

15 May 2017 - Bitdefender response : Bitdefender Prevents WannaCry Ransomware Attacks

Bitdefender’s next gen machine learning provides zero day protection from WannaCry ransomware attacks

#DontNeedtoCry - On May 12th, the WannaCryptor (WannaCry) ransomware family infected thousands of computers across the world. In just 24 hours, the number of infections has spiked to 185,000 machines in more than 100 countries.

The attack is particularly dangerous for businesses because it takes just one employee to become infected for the attack to spread in the entire network, and sometimes even across countries to other subsidiaries, without any user interaction. This happens because the ransomware has a worm component that leverages a recently discovered vulnerability, affecting a wide range of Windows operating systems, including 2008, 2008 R2, 7, 7 SP1.

The attacks have caused major disruption to hospitals, telecom companies or gas and utilities plants. Among the organizations that took the worst hits is the National Health Service (NHS) in the UK.

Why is this attack particularly dangerous among traditional ransomware attacks?

WannaCry automated the exploitation of a vulnerability which is present in most versions of Windows allowing a remote attacker to run code on the vulnerable computer and use that code to plant ransomware without any human and local action. This never before seen behaviour makes it the perfect tool to attack specific environments or infrastructures, such as servers running a vulnerable version of the Server Message Block (SMB protocol).

Customers running Bitdefender are not affected by this attack wave.

Our next-generation machine-learning and memory introspection technologies ensure that our customers have always been safe from WannaCry, the world’s most aggressive piece of ransomware, AND will be similarly protected from the next such attack.

Endpoints running Bitdefender GravityZone are protected from hour zero against this attack wave and they are not affected by this new family of ransomware as our products detect and intercept both the delivery mechanism and all variations of the WannaCry ransomware known to date. Bitdefender Machine Learning models, available in all editions of Bitdefender GravityZone, are designed specifically to catch never before seen attacks at pre-execution stage.

Moreover, Bitdefender’s newly introduced Hypervisor Introspection solution was able to prevent exploits of the EternalBlue vulnerability from hour zero as well, before it was patched by Microsoft. The solution is capable of detecting memory violations in the raw memory stack, without knowing the vulnerability beforehand, and can therefore effectively prevent the attack.

We encourage you to stay tuned and test our new technologies and innovations like Hypervisor Introspection. We are constantly innovating to keep our customers safe!

Thank you for trusting and promoting Bitdefender solutions!

Bitdefender Team

14 May 2017 - NHS ransomware hack and the failure of the public sector

On Friday a significant portion of the NHS was hit by a ransomware attack that crippled systems and encrypted data. It looks like patient data remains safe, presumably due to backups, but they estimate it will be a number of days until the systems are fully restored.

The details of this attack are interesting. The Windows flaw this attack exploits was fixed by Microsoft on March 14th this year. All updated machines were therefore immune to this attack.

The reason sections of the NHS were hit so badly is that they, unbelievably, were still using Windows XP to run critical systems. Windows XP is now 15 years old and all support ended in 2014. There have been no XP fixes issued for 3 years!

It is quite frankly a shocking lack of competence for the NHS to be in this position, one would hope that heads would roll for this but as it is the public sector I don’t have much faith in that.

This cloud, however, may have a silver lining. For years the private sector has dealt with these attacks with little or no help from the government/police/security services. Perhaps now they will start to take some action?

Display Older News

Explore 4IT Systems Ltd