4IT Logo

4IT Systems Ltd

024 7633 1997

Twitter RSS Feed Facebook


15 Jun 2017 - Microsoft rush out XP patches to prevent a second Wannacry attack

Microsoft rushes out patch for Windows XP to prevent another WannaCry attack via a Shadow Brokers release.

Microsoft has, for the second month in a row, released a critical security patch for its out-of-support-but-still-widely-used Windows XP operating system, and warned that another WannaCry-style attack could be imminent.

02 Jun 2017 - Samba vulnerability brings WannaCry fears to Linux/Unix

A widespread Samba vulnerability has raised the possibility of attacks similar to WannaCry hitting Linux and Unix systems.

Researchers warn that many Linux and Unix systems contain a Samba vulnerability that could eventually lead to attacks similar to WannaCry or worse, if IT pros don't remediate quickly.

According to the Samba security advisory, the vulnerability (CVE-2017-7494) affects versions 3.5 (released March 1, 2010) and newer. The Samba vulnerability is remotely exploitable and could allow "a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."


Full article @ Techtarget

16 May 2017 - Did Intel's new i9 processor details just leak?

Leaked PowerPoint claims to show details of Intel's new high-end desktop CPU range.

The high-end i9 will replace the current top spec i7 and will contain a massive 12 cores running 24 threads.


Full article @ computing.co.uk

15 May 2017 - Wannacry Ransomware : Microsoft issues emergency patch for unsupported OS's

Responding to the worldwide attack of the Wannacry ransomware which specifically targeted older unpatched systems Microsoft have release an updated patch specifically for older unsupported Windows versions.

On the first day of the attacks, Microsoft released an updated patch for older Windows systems "given the potential impact to customers and their businesses". Patches are now also available for: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, and Windows 8 x64.


The patch can be accessed from clicking the "Microsoft Update Catalog" link in the Microsoft Security Bulletin MS17-010 which details this issue

15 May 2017 - Bitdefender response : Bitdefender Prevents WannaCry Ransomware Attacks

Bitdefender’s next gen machine learning provides zero day protection from WannaCry ransomware attacks

#DontNeedtoCry - On May 12th, the WannaCryptor (WannaCry) ransomware family infected thousands of computers across the world. In just 24 hours, the number of infections has spiked to 185,000 machines in more than 100 countries.

The attack is particularly dangerous for businesses because it takes just one employee to become infected for the attack to spread in the entire network, and sometimes even across countries to other subsidiaries, without any user interaction. This happens because the ransomware has a worm component that leverages a recently discovered vulnerability, affecting a wide range of Windows operating systems, including 2008, 2008 R2, 7, 7 SP1.

The attacks have caused major disruption to hospitals, telecom companies or gas and utilities plants. Among the organizations that took the worst hits is the National Health Service (NHS) in the UK.

Why is this attack particularly dangerous among traditional ransomware attacks?

WannaCry automated the exploitation of a vulnerability which is present in most versions of Windows allowing a remote attacker to run code on the vulnerable computer and use that code to plant ransomware without any human and local action. This never before seen behaviour makes it the perfect tool to attack specific environments or infrastructures, such as servers running a vulnerable version of the Server Message Block (SMB protocol).

Customers running Bitdefender are not affected by this attack wave.

Our next-generation machine-learning and memory introspection technologies ensure that our customers have always been safe from WannaCry, the world’s most aggressive piece of ransomware, AND will be similarly protected from the next such attack.

Endpoints running Bitdefender GravityZone are protected from hour zero against this attack wave and they are not affected by this new family of ransomware as our products detect and intercept both the delivery mechanism and all variations of the WannaCry ransomware known to date. Bitdefender Machine Learning models, available in all editions of Bitdefender GravityZone, are designed specifically to catch never before seen attacks at pre-execution stage.

Moreover, Bitdefender’s newly introduced Hypervisor Introspection solution was able to prevent exploits of the EternalBlue vulnerability from hour zero as well, before it was patched by Microsoft. The solution is capable of detecting memory violations in the raw memory stack, without knowing the vulnerability beforehand, and can therefore effectively prevent the attack.

We encourage you to stay tuned and test our new technologies and innovations like Hypervisor Introspection. We are constantly innovating to keep our customers safe!

Thank you for trusting and promoting Bitdefender solutions!

Bitdefender Team

14 May 2017 - NHS ransomware hack and the failure of the public sector

On Friday a significant portion of the NHS was hit by a ransomware attack that crippled systems and encrypted data. It looks like patient data remains safe, presumably due to backups, but they estimate it will be a number of days until the systems are fully restored.

The details of this attack are interesting. The Windows flaw this attack exploits was fixed by Microsoft on March 14th this year. All updated machines were therefore immune to this attack.

The reason sections of the NHS were hit so badly is that they, unbelievably, were still using Windows XP to run critical systems. Windows XP is now 15 years old and all support ended in 2014. There have been no XP fixes issued for 3 years!

It is quite frankly a shocking lack of competence for the NHS to be in this position, one would hope that heads would roll for this but as it is the public sector I don’t have much faith in that.

This cloud, however, may have a silver lining. For years the private sector has dealt with these attacks with little or no help from the government/police/security services. Perhaps now they will start to take some action?

12 May 2017 - HP laptops secretly recording user keystrokes

HP laptops ship with unintentional keylogger installed.

Swiss cybersecurity group, Modzero, have discovered a preinstalled app on some HP laptop machines is logging every key the user presses, including to enter passphrases for online banking and email accounts.

The researchers complained that they first reported the issue to HP on 28 April, but decided to publish their security advisory yesterday because HP had failed to respond to them.


Full article @ Sky News

10 May 2017 - Microsoft out of band patch hits the day before Patch Tuesday

Microsoft rushed to patch a serious vulnerability affecting Windows 8, 8.1 and 10 on Monday.

Even with Patch Tuesday less than 24 hours away, Microsoft didn't wait to patch a dangerous Windows remote code execution flaw that was discovered by Google's Project Zero just days earlier.

Microsoft released the out of band patch Monday evening and revealed the issue (CVE-2017-0290) was in the Microsoft Malware Protection Engine and enables attackers to perform remote code execution (RCE) or trigger a denial of service attack through type confusion and application crashes.


Full article at TechTarget Searchsecurity microsite

03 May 2017 - IBM sends malware-infected USB sticks to customers

In a recent support alert issued by IBM, the company admitted it accidentally shipped USB drives infected with malware to some customers.

It's a shocking lapse in quality control but unfortunately not the first time this has happened.


Full article @ Techrepublic

28 Apr 2017 - Microsoft urges Windows 10 users NOT to manually install the Creators Update

Microsoft has warned Windows 10 users not to download and install the Creators Update manually, but to wait until the operating system itself is ready to install on their PCs.

Despite the Insiders Program helping to prepare the Update, removing bugs before they reach a supposedly stable version of Windows 10, it appears that early adopters are having various problems with driver compatibility.

Full article @ Computing.co.uk

25 Apr 2017 - Online shoppers losing trust in e-commerce

Users are losing trust in the internet, at least when it comes to online shopping and e-commerce. According to the results of a survey, released on Monday, 49% of people said they are increasingly concerned about their privacy online, and lack of trust is the main issue keeping them from shopping online.

Full article @ Online shoppers losing trust in e-commerce

25 Apr 2017 - Save time with the Function Keys!

We have all seen function keys before. They are those keys marked F1 to F12 on our computer keyboards. Most of us rarely use these keys when at the computer, but knowing how to use them can be really helpful.

Function keys can save you a lot of time if you know how to use them properly.

F1 : Open Help Screen for almost every program

F2 : Rename file or folder

F3 : Open Search in current application

F4 : Alt-F4 closes current window

F5 : Refresh or Reload page or document

F6 : Moves cursor to the address bar in most internet browsers

F7 : Spell/Grammar check in MS Word

F8 : Access Boot Menu when starting your PC

F9 : Refresh Doc in MS Word. Send/Receive in MS Outlook

F10 : Activates menu bar of open application. Shift + F10 opens right click menu

F11 : Toggle full-screen mode in Internet Browsers

F12 : Open Save dialog in MS Word

18 Apr 2017 - Shadow Brokers' hacking group release NSA Windows spy tools, Microsoft responds

On Friday, hacker group Shadow Brokers released a new trove of alleged surveillance tools and exploits from the National Security Agency's elite hacking team. The tools were designed to target Windows PCs and servers.

You can check the full article @ ZDNet


Microsoft responded in a blog post and listed the majority of the exploits already addressed in previous patches however 3 exploits remained but could not be reproduced.

The caveat in that response is that only Windows 7 and onward, Exchange 2010 and onward were tested. Older versions are no longer supported.


The important lesson to take away from this is to make sure both your software and the security patches are fully up to date. Running legacy software which is no longer supported is a risk.


Full article @ TechRepublic

14 Apr 2017 - Important Information : Windows 10 Creators Update (v1703) & Bitdefender Users

As with previous Windows 10 updates it is advised to uninstall Bitdefender prior to updating windows, then reinstall it after the update has completed.

If Windows is updated whilst Bitdefender is installed you may not be able to browse the internet once the update is completed.

If you have already updated Windows and are now not able to browse the internet, please uninstall Bitdefender, reboot then reinstall Bitdefender.

14 Apr 2017 - 10 tips to make you a Microsoft Excel power user

Excel has been an enterprise mainstay for years, with Microsoft recently increasing its workplace appeal by adding collaboration tools and notifications, among other features. While the spreadsheet program is popular, many users do not know how to take advantage of the plethora of features it offers.


Here are 10 popular TechRepublic articles with tips for becoming a Microsoft Excel power user and getting the most out of the program.


Full article @ TechRepublic

14 Apr 2017 - Windows 10: Chrome vs Firefox vs Edge. Which wins Microsoft's battery-life test?

Microsoft says dialing back Adobe Flash in Edge in the Windows 10 Creators Update has made it the most energy-efficient browser of all.

Microsoft says a PC running its Edge browser will last 77 percent longer than Firefox, and 35 percent longer than Chrome.

To prove its point, Microsoft has once again employed a time-lapse video of three unplugged Surface Books side by side streaming video for several hours with Chrome, Edge, and Firefox.

The Surface running Edge lasts 12 hours and 31 minutes, while the Chrome device peters out after nine hours and 17 minutes, with the Firefox unit lasting seven hours and four minutes.


Full article @ ZDNet.com

13 Apr 2017 - iOS malware spreads to Android

Pegasus malware expands from iOS to Android

One of the more malicious iOS threats -- Pegasus malware -- has made its way to Android devices and it has some dangerous new tricks in its arsenal.


Full article @ Techtarget

11 Apr 2017 - Botnet dismantled after kingpin arrest

The US has led the takedown of the international botnet Kelihos after the arrest in Spain of the Russian Kingpin believed to have operated the botnet since 2010.

The botnet of tens of thousands of infected computers allegedly under the control of Russian Pyotr Levashov was used for malicious activities, including harvesting log-in credentials, distributing hundreds of millions of spam emails and installing ransomware and other malicious software.


Full article @ ComputerWeekly.com

11 Apr 2017 - Wonga data breach could affect 250,000 customers

A data breach at Wonga that exposed customers personal and banking details could affect up to 250,000 people.

The firm, which said it knew something had happened by Tuesday but did not become aware of a data breach until Friday and began notifying customers on Saturday through email and text.


Full article @ Telegraph website

23 Feb 2017 - AMD take aim at Intel with faster cheaper processors

AMD's top-of-the-range Ryzen 7 promises better performance at half the price of rival Intel chips.

Ryzen 7 1800X nine per cent faster than Intel's Core i7 6900K - at less than half the price.


Full article @ AMD's Ryzen 7 to beat Intel Core i7

22 Feb 2017 - EU still unhappy with Microsoft over Windows 10 privacy

EU watchdogs say Windows 10 is still a major privacy concern.

Microsoft made some attempts to clarify its data collection policies in Windows 10, but some EU watchdogs said that it isn't enough.

Full article @ EU Windows 10 Privacy concerns


Worried about Windows 10 snooping? Here's a handy article showing how you can stop it :-

Full article @ Stop Windows 10 Snooping

16 Jan 2017 - Exploring the next Windows 10 major update

Windows 10 will soon be getting a new look and feel, courtesy of the forthcoming Creators Update.

The extent of those tweaks is starting to become apparent from the early builds of Windows released under the Insider program.

Updates include :-

  • Start Menu Folders
  • Web Notes
  • Flash Blocking
  • Microsoft Wallet
  • Edge Improvements
  • Windows Themes
  • Cortana

More details @ TechRepublic

05 Jan 2017 - Microsoft warn about Cerber Ransomware

Microsoft have published an excellent article warning about the dangers of the Cerber ransomware and also dissecting it in great detail to show how you get infected, how it works and what mitigations you can take.

Check out the full article at Microsoft Technet Malware Protection Centre

23 Dec 2016 - Microsoft anounce Vista, Small Business Server 2008 & Windows Server 2008 end of life in 2017

Microsoft announces end of life for the following products in 2017 :-

  • Windows Vista
  • Windows Server 2008
  • Windows Small Business Server (SBS) 2008

End of life means no more on-going support, security patches or OS fixes will be provided by Microsoft.

If you are still using any of the above products, now would be an idea time to consider your migration or replacement options.

18 Dec 2016 - Yahoo announces largest data breach in history. 1bn accounts accessed

Yahoo has admitted that it was hit with the world's largest ever cyber attack involving a breach of customer data. The historic hack, which occurred in 2013, could have resulted in the company losing the personal details and passwords of one billion accounts, it admitted.

Full article @ The Telegraph

01 Dec 2016 - National Lottery hacked, thousands of details leaked

National Lottery operator Camelot says the log-in details of thousands of people who do the lottery online have been stolen.

The online log-in details of National Lottery players have been hacked, but no money has been stolen, according to National Lottery operator Camelot.


Full article @ Computer Weekly

23 Nov 2016 - Locky ransomware being spread via Facebook Messenger

Facebook Messenger is being used by spammers to spread Locky ransomware.

The attack methodology was discovered by malware researcher Bart Blaze, and has been acknowledged by Facebook. It uses Facebook Messenger to spread a malware downloader called Nemucod that takes the form of an .SVG image file.


Locky is a strain of Dridex banking malware. Earlier this year a Locky attack hit a hospital in the US, which had to pay $17,000 in bitcoin to decrypt important data.

As with other ransomware, once activated Locky encrypts files including images, videos, source code and Office files on the infected machine and connected local networks before issuing a ransom demand for payment in bitcoin for them to be decrypted. In this case payment is requested via a site on the "dark web".


Full article @ Computing

18 Nov 2016 - Three Hacked. Data of 6m customers at risk

UK telco Three has been hacked, with up to six million customers' data sets now understood to be under threat.

Three confirmed the breach on Thursday, revealing that hackers used an employee log-in to gain entry into its database of customers eligible for a phone upgrade.


Full article @ Computing

03 Oct 2016 - Amended office hours - 03/10/16-07/10/16

The office will be closed from midday Monday 3rd Oct and will reopen in the afternoon of Friday 7th October.

Telephone and remote support will be available as normal for all support clients.

01 Oct 2016 - Yahoo hack, 500 million accounts stolen

Yahoo confirmed on Thursday data "associated with at least 500 million user accounts" have been stolen in what may be one of the largest cybersecurity breaches ever. The company said it believes a "state-sponsored actor" was behind the data breach, meaning an individual acting on behalf of a government. The breach is said to have occurred in late 2014.

More details @ CNN

The hack leaked user account details (e-mail addresses and passwords), and reiterates the need for the end user to take some basic security measures to reduce their risk exposure when these hacks inevitably occur.

  1. Do NOT use the same password on multiple accounts. Each account should have its own password. In the event of a hack, their access will be limited to that one account.
  2. Use a password generator to create different random complex passwords for each of your online accounts. E.g. passwordsgenerator.net
  3. Use a password manager to help you record and remember your complex passwords. Eg. Roboform or Lastpass

Display Older News

Explore 4IT Systems Ltd