4IT Logo

4IT Systems Ltd

024 7633 1997

sales@4-it.co.uk
Twitter RSS Feed Facebook

news

19 Aug 2017 - Hacker breaks Apple encryption, exposes iOS mobile security

A hacker going by the handle xerub has just released what he claims to be a full decryption key for Apple's Secure Enclave Processor (SEP) firmware.

This could be a major blow for iOS security because of the importance of the SEP: It handles Touch ID transactions and is completely isolated from the rest of its host device. Your iPhone, iPad, or iPod has no idea what's going on in the SEP, and that means no one else does either"at least until today.

Now that its firmware code is exposed it's open season on SEP vulnerabilities.

More detail @ Hacker decrypts Apple's Secure Enclave

09 Aug 2017 - Tech Support Scammers Target Windows 10 Users

Microsoft's Malware Protection Center has spotted new phishing techniques that direct Windows 10 users to fraudulent tech-support sites.

Tech support scams continue to evolve, with scammers exploring more ways to reach potential victims. Recently, we have observed spam campaigns distributing links that lead to tech support scam websites.

The links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary "technical support services" that supposedly fix contrived device, platform, or software problems.

Summary @ TechRepublic

Microsoft Blog article here

02 Aug 2017 - DDoS attack - All web hosting customers

Our hosting team are currently observing a large scale DDoS attack on a portion of their network.

The networking team are in the process of mitigating this attack and you may see slow performance and intermittent timeouts while they tackle this.

Thank you for your patience and understanding.

27 Jul 2017 - Kaspersky likely casualty of US Russia sanctions.

Kaspersky Lab executives are assessing any potentially negative fallout the rapidly deteriorating Russia-U.S. relations could have on its U.S. business strategy. Long time partners with the endpoint security vendor tell CRN they are watching the rising political tension closely, and acknowledge that economic sanctions threatened against Russia could have a serious impact on their business.

Full article @ CNN

If you are a current Kaspersky customer and would like to look at alternatives please contact us.

24 Jul 2017 - Late Summer Holiday Office Closures (Aug 2017)

The office will be closed from Thursday Aug 24th - Wednesday Sept 13th for a late summer holiday.

As usual all e-mails will be collected and responded to the same day.

All support customers, if you need to contact us your primary method should be by e-mail. If that is not possible please use the alternate contact arrangements you have received.

If you have any outstanding issues or tasks you would like completed please bring these to our attention ASAP.

21 Jul 2017 - Citadel malware developer jailed

A Russian man believed to be one of the developers of the Citadel malware used to steal millions by infecting around 11 million computers around the world.

Moscow-born Russian Mark Vartanyan has been sentenced to five years in prison by a US district court after pleading guilty to computer fraud.

 

Full article @ ComputerWeekly

21 Jul 2017 - Dow Jones massive data leak on Amazon S3 Cloud

Data leaks at Dow Jones, Verizon, and a GOP analytics firm show that companies are forgoing security best practices in order to quickly make it to the cloud.

A recent data breach at Dow Jones exposed data including names, addresses, and partial credit card numbers from millions of customers, according to a Monday report from UpGuard. The reason for the leak? Dow Jones simply chose the wrong permission settings for the Amazon Web Services (AWS) S3 data repository.

Full article @ TechRepublic

13 Jul 2017 - Microsoft July Patch Tuesday fixes 19 Critical flaws

Microsoft's July 2017 Patch Tuesday fixes targeted more than 50 vulnerabilities across Microsoft products and services, including 19 critical flaws and an important fix for Windows NTLM.

Full article @ TechTarget

07 Jul 2017 - Chinaregistry.net.cn spam resurfaces

All customers who own their own domain may receive an "urgent" email from chinaregistry.net.cn claiming another company is trying to register the .cn version of your domain an use it as their "internet keyword".

This e-mail is PURE SALES SPAM. You are simply being goaded in to purchasing the Chinese version of your domain. Furthermore. the "internet keyword" portion of the e-mail is utter garbage.

These e-mails should be deleted, you can also use Outlook to block the sender.

Block or unblock a sender in Outlook

03 Jul 2017 - Microsoft beef up security for Windows 10 Fall Creators Update

Windows 10 will get a number of new security features in its Fall Creators Update, including end-to-end protection that uses cloud intelligence to more seamlessly detect and respond to attacks.

The Fall Creators Update will be released to the general public in October, though many of the updates are already available to those testing the platform as part of the Windows Insider Program.

 

Full article @ TechRepublic

01 Jul 2017 - Petya variant malware attack strikes worlwide

On the tails of the recent WannaCry attack, a Petya variant has struck worldwide affecting up to 20,000 companies.

Whilst the experts still argue as the intent and technicalities of this latest attack, the way you protect yourself remains the same.

 

  • Ensure both Windows and your security solution are fully up to date
  • NEVER open email attachments unless you both expect them AND you know and trust the source
  • Educate your staff about the dangers of e-mail attachments
  • Ensure your backups are running and that they are current
  • On company networks, only give users access to areas they need. Lock down the rest.

 

More details at Tripwire

15 Jun 2017 - Microsoft rush out XP patches to prevent a second Wannacry attack

Microsoft rushes out patch for Windows XP to prevent another WannaCry attack via a Shadow Brokers release.

Microsoft has, for the second month in a row, released a critical security patch for its out-of-support-but-still-widely-used Windows XP operating system, and warned that another WannaCry-style attack could be imminent.

02 Jun 2017 - Samba vulnerability brings WannaCry fears to Linux/Unix

A widespread Samba vulnerability has raised the possibility of attacks similar to WannaCry hitting Linux and Unix systems.

Researchers warn that many Linux and Unix systems contain a Samba vulnerability that could eventually lead to attacks similar to WannaCry or worse, if IT pros don't remediate quickly.

According to the Samba security advisory, the vulnerability (CVE-2017-7494) affects versions 3.5 (released March 1, 2010) and newer. The Samba vulnerability is remotely exploitable and could allow "a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."

 

Full article @ Techtarget

16 May 2017 - Did Intel's new i9 processor details just leak?

Leaked PowerPoint claims to show details of Intel's new high-end desktop CPU range.

The high-end i9 will replace the current top spec i7 and will contain a massive 12 cores running 24 threads.

 

Full article @ computing.co.uk

15 May 2017 - Wannacry Ransomware : Microsoft issues emergency patch for unsupported OS's

Responding to the worldwide attack of the Wannacry ransomware which specifically targeted older unpatched systems Microsoft have release an updated patch specifically for older unsupported Windows versions.

On the first day of the attacks, Microsoft released an updated patch for older Windows systems "given the potential impact to customers and their businesses". Patches are now also available for: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, and Windows 8 x64.

 

The patch can be accessed from clicking the "Microsoft Update Catalog" link in the Microsoft Security Bulletin MS17-010 which details this issue

15 May 2017 - Bitdefender response : Bitdefender Prevents WannaCry Ransomware Attacks

Bitdefender’s next gen machine learning provides zero day protection from WannaCry ransomware attacks

#DontNeedtoCry - On May 12th, the WannaCryptor (WannaCry) ransomware family infected thousands of computers across the world. In just 24 hours, the number of infections has spiked to 185,000 machines in more than 100 countries.

The attack is particularly dangerous for businesses because it takes just one employee to become infected for the attack to spread in the entire network, and sometimes even across countries to other subsidiaries, without any user interaction. This happens because the ransomware has a worm component that leverages a recently discovered vulnerability, affecting a wide range of Windows operating systems, including 2008, 2008 R2, 7, 7 SP1.

The attacks have caused major disruption to hospitals, telecom companies or gas and utilities plants. Among the organizations that took the worst hits is the National Health Service (NHS) in the UK.

Why is this attack particularly dangerous among traditional ransomware attacks?

WannaCry automated the exploitation of a vulnerability which is present in most versions of Windows allowing a remote attacker to run code on the vulnerable computer and use that code to plant ransomware without any human and local action. This never before seen behaviour makes it the perfect tool to attack specific environments or infrastructures, such as servers running a vulnerable version of the Server Message Block (SMB protocol).

Customers running Bitdefender are not affected by this attack wave.

Our next-generation machine-learning and memory introspection technologies ensure that our customers have always been safe from WannaCry, the world’s most aggressive piece of ransomware, AND will be similarly protected from the next such attack.

Endpoints running Bitdefender GravityZone are protected from hour zero against this attack wave and they are not affected by this new family of ransomware as our products detect and intercept both the delivery mechanism and all variations of the WannaCry ransomware known to date. Bitdefender Machine Learning models, available in all editions of Bitdefender GravityZone, are designed specifically to catch never before seen attacks at pre-execution stage.

Moreover, Bitdefender’s newly introduced Hypervisor Introspection solution was able to prevent exploits of the EternalBlue vulnerability from hour zero as well, before it was patched by Microsoft. The solution is capable of detecting memory violations in the raw memory stack, without knowing the vulnerability beforehand, and can therefore effectively prevent the attack.

We encourage you to stay tuned and test our new technologies and innovations like Hypervisor Introspection. We are constantly innovating to keep our customers safe!

Thank you for trusting and promoting Bitdefender solutions!

Bitdefender Team

14 May 2017 - NHS ransomware hack and the failure of the public sector

On Friday a significant portion of the NHS was hit by a ransomware attack that crippled systems and encrypted data. It looks like patient data remains safe, presumably due to backups, but they estimate it will be a number of days until the systems are fully restored.

The details of this attack are interesting. The Windows flaw this attack exploits was fixed by Microsoft on March 14th this year. All updated machines were therefore immune to this attack.

The reason sections of the NHS were hit so badly is that they, unbelievably, were still using Windows XP to run critical systems. Windows XP is now 15 years old and all support ended in 2014. There have been no XP fixes issued for 3 years!

It is quite frankly a shocking lack of competence for the NHS to be in this position, one would hope that heads would roll for this but as it is the public sector I don’t have much faith in that.

This cloud, however, may have a silver lining. For years the private sector has dealt with these attacks with little or no help from the government/police/security services. Perhaps now they will start to take some action?

12 May 2017 - HP laptops secretly recording user keystrokes

HP laptops ship with unintentional keylogger installed.

Swiss cybersecurity group, Modzero, have discovered a preinstalled app on some HP laptop machines is logging every key the user presses, including to enter passphrases for online banking and email accounts.

The researchers complained that they first reported the issue to HP on 28 April, but decided to publish their security advisory yesterday because HP had failed to respond to them.

 

Full article @ Sky News

10 May 2017 - Microsoft out of band patch hits the day before Patch Tuesday

Microsoft rushed to patch a serious vulnerability affecting Windows 8, 8.1 and 10 on Monday.

Even with Patch Tuesday less than 24 hours away, Microsoft didn't wait to patch a dangerous Windows remote code execution flaw that was discovered by Google's Project Zero just days earlier.

Microsoft released the out of band patch Monday evening and revealed the issue (CVE-2017-0290) was in the Microsoft Malware Protection Engine and enables attackers to perform remote code execution (RCE) or trigger a denial of service attack through type confusion and application crashes.

 

Full article at TechTarget Searchsecurity microsite

03 May 2017 - IBM sends malware-infected USB sticks to customers

In a recent support alert issued by IBM, the company admitted it accidentally shipped USB drives infected with malware to some customers.

It's a shocking lapse in quality control but unfortunately not the first time this has happened.

 

Full article @ Techrepublic

28 Apr 2017 - Microsoft urges Windows 10 users NOT to manually install the Creators Update

Microsoft has warned Windows 10 users not to download and install the Creators Update manually, but to wait until the operating system itself is ready to install on their PCs.

Despite the Insiders Program helping to prepare the Update, removing bugs before they reach a supposedly stable version of Windows 10, it appears that early adopters are having various problems with driver compatibility.

Full article @ Computing.co.uk

25 Apr 2017 - Online shoppers losing trust in e-commerce

Users are losing trust in the internet, at least when it comes to online shopping and e-commerce. According to the results of a survey, released on Monday, 49% of people said they are increasingly concerned about their privacy online, and lack of trust is the main issue keeping them from shopping online.

Full article @ Online shoppers losing trust in e-commerce

25 Apr 2017 - Save time with the Function Keys!

We have all seen function keys before. They are those keys marked F1 to F12 on our computer keyboards. Most of us rarely use these keys when at the computer, but knowing how to use them can be really helpful.

Function keys can save you a lot of time if you know how to use them properly.

F1 : Open Help Screen for almost every program

F2 : Rename file or folder

F3 : Open Search in current application

F4 : Alt-F4 closes current window

F5 : Refresh or Reload page or document

F6 : Moves cursor to the address bar in most internet browsers

F7 : Spell/Grammar check in MS Word

F8 : Access Boot Menu when starting your PC

F9 : Refresh Doc in MS Word. Send/Receive in MS Outlook

F10 : Activates menu bar of open application. Shift + F10 opens right click menu

F11 : Toggle full-screen mode in Internet Browsers

F12 : Open Save dialog in MS Word

18 Apr 2017 - Shadow Brokers' hacking group release NSA Windows spy tools, Microsoft responds

On Friday, hacker group Shadow Brokers released a new trove of alleged surveillance tools and exploits from the National Security Agency's elite hacking team. The tools were designed to target Windows PCs and servers.

You can check the full article @ ZDNet

 

Microsoft responded in a blog post and listed the majority of the exploits already addressed in previous patches however 3 exploits remained but could not be reproduced.

The caveat in that response is that only Windows 7 and onward, Exchange 2010 and onward were tested. Older versions are no longer supported.

 

The important lesson to take away from this is to make sure both your software and the security patches are fully up to date. Running legacy software which is no longer supported is a risk.

 

Full article @ TechRepublic

14 Apr 2017 - Important Information : Windows 10 Creators Update (v1703) & Bitdefender Users

As with previous Windows 10 updates it is advised to uninstall Bitdefender prior to updating windows, then reinstall it after the update has completed.

If Windows is updated whilst Bitdefender is installed you may not be able to browse the internet once the update is completed.

If you have already updated Windows and are now not able to browse the internet, please uninstall Bitdefender, reboot then reinstall Bitdefender.

14 Apr 2017 - 10 tips to make you a Microsoft Excel power user

Excel has been an enterprise mainstay for years, with Microsoft recently increasing its workplace appeal by adding collaboration tools and notifications, among other features. While the spreadsheet program is popular, many users do not know how to take advantage of the plethora of features it offers.

 

Here are 10 popular TechRepublic articles with tips for becoming a Microsoft Excel power user and getting the most out of the program.

 

Full article @ TechRepublic

14 Apr 2017 - Windows 10: Chrome vs Firefox vs Edge. Which wins Microsoft's battery-life test?

Microsoft says dialing back Adobe Flash in Edge in the Windows 10 Creators Update has made it the most energy-efficient browser of all.

Microsoft says a PC running its Edge browser will last 77 percent longer than Firefox, and 35 percent longer than Chrome.

To prove its point, Microsoft has once again employed a time-lapse video of three unplugged Surface Books side by side streaming video for several hours with Chrome, Edge, and Firefox.

The Surface running Edge lasts 12 hours and 31 minutes, while the Chrome device peters out after nine hours and 17 minutes, with the Firefox unit lasting seven hours and four minutes.

 

Full article @ ZDNet.com

13 Apr 2017 - iOS malware spreads to Android

Pegasus malware expands from iOS to Android

One of the more malicious iOS threats -- Pegasus malware -- has made its way to Android devices and it has some dangerous new tricks in its arsenal.

 

Full article @ Techtarget

11 Apr 2017 - Botnet dismantled after kingpin arrest

The US has led the takedown of the international botnet Kelihos after the arrest in Spain of the Russian Kingpin believed to have operated the botnet since 2010.

The botnet of tens of thousands of infected computers allegedly under the control of Russian Pyotr Levashov was used for malicious activities, including harvesting log-in credentials, distributing hundreds of millions of spam emails and installing ransomware and other malicious software.

 

Full article @ ComputerWeekly.com

11 Apr 2017 - Wonga data breach could affect 250,000 customers

A data breach at Wonga that exposed customers personal and banking details could affect up to 250,000 people.

The firm, which said it knew something had happened by Tuesday but did not become aware of a data breach until Friday and began notifying customers on Saturday through email and text.

 

Full article @ Telegraph website

Display Older News

Explore 4IT Systems Ltd