4IT Logo

4IT Systems Ltd

024 7633 1997

sales@4-it.co.uk
Twitter RSS Feed Facebook

news

18 Oct 2017 - Windows 10 Fall Creators Update contains Ransomware protection

The Windows 10 Fall Creators Update includes an amazing new feature: Folder protection against ransomware. Here's how to activate this essential security feature.

Ransomware is everywhere nowadays, and it's been nearly impossible to stop it. Microsoft thinks it may have the answer, and has therefore added a new feature to Windows Defender in the Windows 10 Fall Creators Update that is designed to stop the growing form of malware from snagging more victims.

The feature called Controlled Folder Access prevents programs from making any change to files or folders that are set as protected. By default that includes Windows system folders, Documents, Pictures, Videos, Music, Favourites, and Desktop folders for each user.

Exclusions for certain apps can be made, folders can be added, and Controlled Folder Access can be toggled on and off by taking the following steps.

  1. Open Windows Defender Security Center.
  2. Click on the Virus & Threat Protection menu item.
  3. Under that option click on Virus & Threat Protection Settings.
  4. Scroll down to the fourth item in the list that pops up: Controlled Folder Access. Toggle the button to On.
  5. Say yes to the popup window.
  6. Once it's on, the options to select folders and allow app exclusions will appear below the toggle button. Click on them if you want to make changes.

13 Oct 2017 - Windows 10 Fall Creators Update, Microsoft's next big upgrade

What is Windows 10 Fall Creators Update? Everything you need to know about Microsoft's big upgrade.

Rolling out from the 17th October, the ​Windows 10 Fall Creators Update promises to deliver new features big and small to Windows desktops.

The headline features in the free Fall Creators Update are changes to how Windows 10 handles cloud storage, easier sharing with friends and family, better security, longer battery life and a more-intuitive design for the OS and its apps.

As with previous updates, however, don't expect massive leaps forward, more general tinkering around the edges.

Full Article @ TechRepublic

12 Oct 2017 - Kaspersky software 'used by Russian state hackers to trawl for US secrets'

Popular anti-virus software used by hundreds of thousands of people and businesses in Britain was reportedly hijacked by Russian government hackers to trawl for American secrets.

Cyber spies allegedly used software from the Russian firm Kaspersky Lab which is installed on computers around the world to improvise a search tool and look for the codenames of secret US programs.

Discovery of the operation led the American government to last month order the removal of the software from its computers, the New York Times reported.

Full article @ New York Times

 

We recommend Kaspersky customers remove their product and switch to an alternative. We are currently recommending Bitdefender. Please contact us for more information.

07 Oct 2017 - Cryptocurrency mining malware swarms the internet

An increasing number of websites are turning the computers of unsuspecting visitors into cryptocurrency miners. Aside from slowing down CPU performance, these tools violate the privacy of users.

The mining malware we have seen so far is successfully blocked by Bitdefender.

Full details @ Futurism

04 Oct 2017 - Yahoo says all three billion accounts hacked in 2013 data theft

In a shocking legal disclosure on Tuesday, Yahoo admitted that all 3 billion of its accounts were hacked in a 2013 data theft, tripling its earlier estimate of the size of the largest breach in history.

Yahoo said last December that data from more than 1 billion accounts was compromised in 2013, the largest of a series of thefts that forced Yahoo to cut the price of its assets in a sale to Verizon.

Yahoo on Tuesday said “recently obtained new intelligence” showed all user accounts had been affected. The company said the investigation indicated that the stolen information did not include passwords in clear text, payment card data, or bank account information.

But the information was protected with outdated, easy-to-crack encryption, according to academic experts. It also included security questions and backup email addresses, which could make it easier to break into other accounts held by the users.

Full article @ Reuters

23 Sep 2017 - Equifax woes continue after victims sent to phishing site for support

After massive data breach, Equifax sent victims to fake phishing site for support

After a breach of 143 million people's personal information, the official Equifax Twitter account accidentally tweeted a link to a phishing website for victims who needed support.

For nearly two weeks after a data breach exposed the personal information of some 143 million Equifax customers, the credit firm was accidentally directing victims to a phishing website for support.

Full article @ TechRepublic

18 Sep 2017 - Equifax US hack affects 400,000 UK consumers

The huge data breach of Equifax (US) earlier this year has been confirmed to affect around 400,000 UK consumers.

Although Equifax (UK) was not affected, between 2011-2016 UK data was stored on US servers.

The information was restricted to: name, date of birth, email address and a telephone number. “Equifax can confirm that the data does not include any residential address information, password information or financial data,” the company said.

Full article @ ComputerWeekly.com

18 Sep 2017 - CCleaner 5.33 compromised to deliver malware

Avast's CCleaner compromised to deliver malware to unsuspecting users in August and September, anti-virus firm Avast compromised in suspected supply-chain attack.

 

CCleaner, Avast's popular PC tool that has been downloaded some two billion times, has been compromised in a supply-chain attack to deliver malware to unsuspecting victims.

Researchers from Cisco's Talos Intelligence said that, between August 15 and September 12 of this year, version 5.33 of CCleaner was legitimately signed, but contained a multi-stage malware payload that rode on top of the installation.

 

Full article @ Computing.co.uk

19 Aug 2017 - Hacker breaks Apple encryption, exposes iOS mobile security

A hacker going by the handle xerub has just released what he claims to be a full decryption key for Apple's Secure Enclave Processor (SEP) firmware.

This could be a major blow for iOS security because of the importance of the SEP: It handles Touch ID transactions and is completely isolated from the rest of its host device. Your iPhone, iPad, or iPod has no idea what's going on in the SEP, and that means no one else does either"at least until today.

Now that its firmware code is exposed it's open season on SEP vulnerabilities.

More detail @ Hacker decrypts Apple's Secure Enclave

09 Aug 2017 - Tech Support Scammers Target Windows 10 Users

Microsoft's Malware Protection Center has spotted new phishing techniques that direct Windows 10 users to fraudulent tech-support sites.

Tech support scams continue to evolve, with scammers exploring more ways to reach potential victims. Recently, we have observed spam campaigns distributing links that lead to tech support scam websites.

The links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary "technical support services" that supposedly fix contrived device, platform, or software problems.

Summary @ TechRepublic

Microsoft Blog article here

02 Aug 2017 - DDoS attack - All web hosting customers

Our hosting team are currently observing a large scale DDoS attack on a portion of their network.

The networking team are in the process of mitigating this attack and you may see slow performance and intermittent timeouts while they tackle this.

Thank you for your patience and understanding.

27 Jul 2017 - Kaspersky likely casualty of US Russia sanctions.

Kaspersky Lab executives are assessing any potentially negative fallout the rapidly deteriorating Russia-U.S. relations could have on its U.S. business strategy. Long time partners with the endpoint security vendor tell CRN they are watching the rising political tension closely, and acknowledge that economic sanctions threatened against Russia could have a serious impact on their business.

Full article @ CNN

If you are a current Kaspersky customer and would like to look at alternatives please contact us.

24 Jul 2017 - Late Summer Holiday Office Closures (Aug 2017)

The office will be closed from Thursday Aug 24th - Wednesday Sept 13th for a late summer holiday.

As usual all e-mails will be collected and responded to the same day.

All support customers, if you need to contact us your primary method should be by e-mail. If that is not possible please use the alternate contact arrangements you have received.

If you have any outstanding issues or tasks you would like completed please bring these to our attention ASAP.

21 Jul 2017 - Citadel malware developer jailed

A Russian man believed to be one of the developers of the Citadel malware used to steal millions by infecting around 11 million computers around the world.

Moscow-born Russian Mark Vartanyan has been sentenced to five years in prison by a US district court after pleading guilty to computer fraud.

 

Full article @ ComputerWeekly

21 Jul 2017 - Dow Jones massive data leak on Amazon S3 Cloud

Data leaks at Dow Jones, Verizon, and a GOP analytics firm show that companies are forgoing security best practices in order to quickly make it to the cloud.

A recent data breach at Dow Jones exposed data including names, addresses, and partial credit card numbers from millions of customers, according to a Monday report from UpGuard. The reason for the leak? Dow Jones simply chose the wrong permission settings for the Amazon Web Services (AWS) S3 data repository.

Full article @ TechRepublic

13 Jul 2017 - Microsoft July Patch Tuesday fixes 19 Critical flaws

Microsoft's July 2017 Patch Tuesday fixes targeted more than 50 vulnerabilities across Microsoft products and services, including 19 critical flaws and an important fix for Windows NTLM.

Full article @ TechTarget

07 Jul 2017 - Chinaregistry.net.cn spam resurfaces

All customers who own their own domain may receive an "urgent" email from chinaregistry.net.cn claiming another company is trying to register the .cn version of your domain an use it as their "internet keyword".

This e-mail is PURE SALES SPAM. You are simply being goaded in to purchasing the Chinese version of your domain. Furthermore. the "internet keyword" portion of the e-mail is utter garbage.

These e-mails should be deleted, you can also use Outlook to block the sender.

Block or unblock a sender in Outlook

03 Jul 2017 - Microsoft beef up security for Windows 10 Fall Creators Update

Windows 10 will get a number of new security features in its Fall Creators Update, including end-to-end protection that uses cloud intelligence to more seamlessly detect and respond to attacks.

The Fall Creators Update will be released to the general public in October, though many of the updates are already available to those testing the platform as part of the Windows Insider Program.

 

Full article @ TechRepublic

01 Jul 2017 - Petya variant malware attack strikes worlwide

On the tails of the recent WannaCry attack, a Petya variant has struck worldwide affecting up to 20,000 companies.

Whilst the experts still argue as the intent and technicalities of this latest attack, the way you protect yourself remains the same.

 

  • Ensure both Windows and your security solution are fully up to date
  • NEVER open email attachments unless you both expect them AND you know and trust the source
  • Educate your staff about the dangers of e-mail attachments
  • Ensure your backups are running and that they are current
  • On company networks, only give users access to areas they need. Lock down the rest.

 

More details at Tripwire

15 Jun 2017 - Microsoft rush out XP patches to prevent a second Wannacry attack

Microsoft rushes out patch for Windows XP to prevent another WannaCry attack via a Shadow Brokers release.

Microsoft has, for the second month in a row, released a critical security patch for its out-of-support-but-still-widely-used Windows XP operating system, and warned that another WannaCry-style attack could be imminent.

02 Jun 2017 - Samba vulnerability brings WannaCry fears to Linux/Unix

A widespread Samba vulnerability has raised the possibility of attacks similar to WannaCry hitting Linux and Unix systems.

Researchers warn that many Linux and Unix systems contain a Samba vulnerability that could eventually lead to attacks similar to WannaCry or worse, if IT pros don't remediate quickly.

According to the Samba security advisory, the vulnerability (CVE-2017-7494) affects versions 3.5 (released March 1, 2010) and newer. The Samba vulnerability is remotely exploitable and could allow "a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."

 

Full article @ Techtarget

16 May 2017 - Did Intel's new i9 processor details just leak?

Leaked PowerPoint claims to show details of Intel's new high-end desktop CPU range.

The high-end i9 will replace the current top spec i7 and will contain a massive 12 cores running 24 threads.

 

Full article @ computing.co.uk

15 May 2017 - Wannacry Ransomware : Microsoft issues emergency patch for unsupported OS's

Responding to the worldwide attack of the Wannacry ransomware which specifically targeted older unpatched systems Microsoft have release an updated patch specifically for older unsupported Windows versions.

On the first day of the attacks, Microsoft released an updated patch for older Windows systems "given the potential impact to customers and their businesses". Patches are now also available for: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, and Windows 8 x64.

 

The patch can be accessed from clicking the "Microsoft Update Catalog" link in the Microsoft Security Bulletin MS17-010 which details this issue

15 May 2017 - Bitdefender response : Bitdefender Prevents WannaCry Ransomware Attacks

Bitdefender’s next gen machine learning provides zero day protection from WannaCry ransomware attacks

#DontNeedtoCry - On May 12th, the WannaCryptor (WannaCry) ransomware family infected thousands of computers across the world. In just 24 hours, the number of infections has spiked to 185,000 machines in more than 100 countries.

The attack is particularly dangerous for businesses because it takes just one employee to become infected for the attack to spread in the entire network, and sometimes even across countries to other subsidiaries, without any user interaction. This happens because the ransomware has a worm component that leverages a recently discovered vulnerability, affecting a wide range of Windows operating systems, including 2008, 2008 R2, 7, 7 SP1.

The attacks have caused major disruption to hospitals, telecom companies or gas and utilities plants. Among the organizations that took the worst hits is the National Health Service (NHS) in the UK.

Why is this attack particularly dangerous among traditional ransomware attacks?

WannaCry automated the exploitation of a vulnerability which is present in most versions of Windows allowing a remote attacker to run code on the vulnerable computer and use that code to plant ransomware without any human and local action. This never before seen behaviour makes it the perfect tool to attack specific environments or infrastructures, such as servers running a vulnerable version of the Server Message Block (SMB protocol).

Customers running Bitdefender are not affected by this attack wave.

Our next-generation machine-learning and memory introspection technologies ensure that our customers have always been safe from WannaCry, the world’s most aggressive piece of ransomware, AND will be similarly protected from the next such attack.

Endpoints running Bitdefender GravityZone are protected from hour zero against this attack wave and they are not affected by this new family of ransomware as our products detect and intercept both the delivery mechanism and all variations of the WannaCry ransomware known to date. Bitdefender Machine Learning models, available in all editions of Bitdefender GravityZone, are designed specifically to catch never before seen attacks at pre-execution stage.

Moreover, Bitdefender’s newly introduced Hypervisor Introspection solution was able to prevent exploits of the EternalBlue vulnerability from hour zero as well, before it was patched by Microsoft. The solution is capable of detecting memory violations in the raw memory stack, without knowing the vulnerability beforehand, and can therefore effectively prevent the attack.

We encourage you to stay tuned and test our new technologies and innovations like Hypervisor Introspection. We are constantly innovating to keep our customers safe!

Thank you for trusting and promoting Bitdefender solutions!

Bitdefender Team

14 May 2017 - NHS ransomware hack and the failure of the public sector

On Friday a significant portion of the NHS was hit by a ransomware attack that crippled systems and encrypted data. It looks like patient data remains safe, presumably due to backups, but they estimate it will be a number of days until the systems are fully restored.

The details of this attack are interesting. The Windows flaw this attack exploits was fixed by Microsoft on March 14th this year. All updated machines were therefore immune to this attack.

The reason sections of the NHS were hit so badly is that they, unbelievably, were still using Windows XP to run critical systems. Windows XP is now 15 years old and all support ended in 2014. There have been no XP fixes issued for 3 years!

It is quite frankly a shocking lack of competence for the NHS to be in this position, one would hope that heads would roll for this but as it is the public sector I don’t have much faith in that.

This cloud, however, may have a silver lining. For years the private sector has dealt with these attacks with little or no help from the government/police/security services. Perhaps now they will start to take some action?

12 May 2017 - HP laptops secretly recording user keystrokes

HP laptops ship with unintentional keylogger installed.

Swiss cybersecurity group, Modzero, have discovered a preinstalled app on some HP laptop machines is logging every key the user presses, including to enter passphrases for online banking and email accounts.

The researchers complained that they first reported the issue to HP on 28 April, but decided to publish their security advisory yesterday because HP had failed to respond to them.

 

Full article @ Sky News

10 May 2017 - Microsoft out of band patch hits the day before Patch Tuesday

Microsoft rushed to patch a serious vulnerability affecting Windows 8, 8.1 and 10 on Monday.

Even with Patch Tuesday less than 24 hours away, Microsoft didn't wait to patch a dangerous Windows remote code execution flaw that was discovered by Google's Project Zero just days earlier.

Microsoft released the out of band patch Monday evening and revealed the issue (CVE-2017-0290) was in the Microsoft Malware Protection Engine and enables attackers to perform remote code execution (RCE) or trigger a denial of service attack through type confusion and application crashes.

 

Full article at TechTarget Searchsecurity microsite

03 May 2017 - IBM sends malware-infected USB sticks to customers

In a recent support alert issued by IBM, the company admitted it accidentally shipped USB drives infected with malware to some customers.

It's a shocking lapse in quality control but unfortunately not the first time this has happened.

 

Full article @ Techrepublic

28 Apr 2017 - Microsoft urges Windows 10 users NOT to manually install the Creators Update

Microsoft has warned Windows 10 users not to download and install the Creators Update manually, but to wait until the operating system itself is ready to install on their PCs.

Despite the Insiders Program helping to prepare the Update, removing bugs before they reach a supposedly stable version of Windows 10, it appears that early adopters are having various problems with driver compatibility.

Full article @ Computing.co.uk

25 Apr 2017 - Online shoppers losing trust in e-commerce

Users are losing trust in the internet, at least when it comes to online shopping and e-commerce. According to the results of a survey, released on Monday, 49% of people said they are increasingly concerned about their privacy online, and lack of trust is the main issue keeping them from shopping online.

Full article @ Online shoppers losing trust in e-commerce

Display Older News

Explore 4IT Systems Ltd