4IT Logo

4IT Systems Ltd

024 7633 1997

Twitter RSS Feed Facebook


23 Feb 2018 - Highly Targetted Fraud E-Mail

Today we received a highly targeted fraud e-mail. The e-mail was directed to our accounts dept., purporting to be from our director (Mark Moran) requesting a BACS transfer of £9711 be made to a supplied account number.

The e-mail was footed with the directors full name and included the full confidentiality notice we attach to the bottom of all our e-mail. The true originator e-mail address was hidden as well as the reply address but instead a valid @4-it.co.uk was displayed.

This is the first time we have seen this level of targeting in an e-mail and advise All of our clients to pay close attention to any unsolicited e-mails making unusual payment requests.

14 Feb 2018 - Brazen E-Mail Extortion Attempt!

Over the last 14 years of trading we thought we'd seen all the spam/scam e-mails going but the one we received today took the biscuit, if just for the bare faced cheek of it!

As IT professionals we could immediately tell that the claims made were both ridiculous and laughable but likewise could understand why some basic users could fall for it.

It shares characteristics with most spam/scam e-mails, it's illiterate, uses scary or threatening language and is demanding money. Treat it with the contempt it deserves!

We've included the text of the e-mail below for your enjoyment! :-)

Ticкеt#534445080: 14.02.2018 07:28:38 We cracked your system

I am from the squad of web criminals in Korea.We contact with you by your corp mail because we think that you will check it.

The other day my crew uploaded a malicious program in web-site with porn and after you tapped on a play your system began recording your screen and using cam to cop you masturbating.Finally I guess you realize which content Ive got.Moreover, this program force your device work as dedicated server with many possibilities like keylogger,parser etc. To sum up, my soft collected all information,especially all your contacts from messengers,e-mails,social networks.

If you wanna make me silent you should pay 320 dollars in bitcoins. 1NoBogLFrnXXXXXXXXUCtn9aDDzESsC

Just copy and past it. If I receive this sum we will be silent.There are a lot of information about how to buy bitcoins, just read it... For example you can buy them at localbitcoins, just find seller in your country.If you have a problem with this, you can search the nearest ATM for bitcoin through coin atm radar.

I give you exactly 1 day from the time you read this message for making a payment.Dont try to play with us we use botnet, also I live abroad.If you want proofs I will share it to 8 your friends then we will share their contacts. So you will be able to ask if something strange was received about you.

For some questions just reply.Think better,AmAZinGcRackeR$.

05 Feb 2018 - Adobe responds to North Korean hackers exploiting Flash zero-day for TWO MONTHS

Hackers linked to North Korea have been taking advantage of an Adobe Flash zero-day flaw since November - but the software company has only just got round to issuing a warning about it.

Cyber security researchers and South Korean authorities have long warned that cyber attackers based in the North have been tapping into a new Adobe Flash zero day flaw.


Full article @ Adobe finally responds to claims of North Korean hackers exploiting Flash zero-day for TWO MONTHS



Security flaws in Flash have, over the years, repeatedly been used to attack pcs. It is an insecure and outdated technology and many website creators have abandoned it in favour of the newer features of HTML5. We feel there is no reason to have this on your PC and recommend all users remove it.

The best fix for Adobe Flash security flaws is to uninstall it!

10 Jan 2018 - Emergency Windows Meltdown patch locks some AMD PCs into endless loop

After installing the update users say their PCs are unable to boot and eventually get stuck in an endless loop, as they try to roll back to an earlier version of the OS.

A Windows patch to reduce the risk from exploits for the Meltdown and Spectre CPU flaws is reportedly preventing PCs with older AMD processors from booting.

The recent update, KB4056892, seems to be causing problems for computers running on Athlon X2 processors.

Despite being older machines, the CPUs date from about the mid-to-late 2000s, users say their PCs were running Windows 10 without issue before installing the update.

After installing the update users say their PCs are unable to boot and eventually get stuck in an endless loop, as they try to roll back to an earlier version of the OS.

Full article @ Emergency Windows Meltdown patch locks some AMD PCs into endless loop

09 Jan 2018 - Meltdown and Spectre Important Information

On January 3rd, 2018, Google Project Zero Team published details about critical CPU vulnerabilities dubbed Meltdown and Spectre. This issue affects most CPUs that have been on the market for the past decade.

Full public details about Meltdown and Spectre were scheduled to be released on January 9th, 2018. As a result, not all software vendors managed to release their security patches that mitigate the recently disclosed vulnerabilities.

Microsoft released important Operating System Security patches and guidlines on Jan 3rd, while Apple announced that Meldown vulnerability is fixed since December in it’s MacOSX 10.13.2. Not all Linux Distributions released their security patches and we expect more releases in coming days.

We strongly recommend you apply all validated patches from your Technology providers.

06 Jan 2018 - Meltdown and Spectre security flaw affects ALL chip manufacturers

Contrary to initial reports that just Intel chips were affected by the Spectre and Meltdown security flaws, we now know that chips from Intel, AMD & AIM are ALL affected.

Specific details of the flaws are still being kept secret until software manufacturers can issue security patches which should arrive within the week.

It is reported that these patches could have a significant impact on performance (up to 30%), however until issued this will be difficult to quantify.

21 Dec 2017 - US, UK finally blame North Korea for WannaCry attack

The UK government has publicly blamed a North Korean group for the WannaCry ransomware attack that hit the NHS earlier this year.

The Foreign Office said it is “highly likely” that the North Korea-based Lazarus Group was behind the attack in May.

However, the IT security community had already pointed the finger at North Korea many months ago.


20 Dec 2017 - Christmas opening times.

We are open as normal until 2:30pm Friday 22nd Dec and will reopen at 9am Tuesday 2nd Jan.

If you are a customer requiring support during that period please use the normal support contact details.

Any non clients needing to contact us during our office closure please use the e-mail address sales@4-it.co.uk which will be monitored daily.


We would like to take this opportunity to wish you all a very merry Christmas and a happy and healthy New Year

07 Dec 2017 - Microsoft Edge now available for iOS and Android

After a short 'preview' period and a positive community response, Microsoft today launch their Windows 10 Edge browser for the Android and Apple (iOS) mobile platforms.

Edge can be download free of charge from The Google Play Store (Android) or Apple Store (iOS).

Microsoft Edge for iOS and Android brings familiar features like your Favourites, Reading List, New Tab Page, Reading View, and Roaming Passwords across your PC and phone, so, no matter the device, your browsing goes with you. But what makes Microsoft Edge really stand out is the ability to continue on your PC, which enables you to immediately open the page you’re looking at right on your PC"or save it to work on later.


Full article @ Microsoft Windows Blog

27 Nov 2017 - New Microsoft tech support scam surfaces

Fake tech support sites will now automatically launch a device's phone dialer with a prompt to contact their "support team."

Tech support scam websites, as Microsoft said in the post, used to rely on a loop of popups and browser lockups to fool users into thinking something was wrong. Most browsers now have the ability to prevent sites from creating more dialog windows, effectively stopping those kinds of attacks, so scammers have been forced to adapt.

It you experience ANY kind of "Tech Support" warning or popup we recommend you immediately shut your PC down by using the power button on the device. Then restart your machine, if the fake support popup still persists switch it back off and call us immediately to get your machine professionally cleaned/disinfected.

Full article @ TechRepublic

14 Nov 2017 - US DHS successfully hack Boeing 757

Boeing 757 hacked on the tarmac by Department of Homeland Security in 'controlled experiment'

A team of aerospace experts working with the US Department of Homeland Security conducted a controlled hacking of a Boeing 757 on the ground at an Airport in Atlantic City, New Jersey.

The team of academics and industry experts were able to remotely crack the IT systems of the 757, which uses a form of computerised fly-by-wire system for control. The test demonstrates the inadequacy of security in many modern planes that, nevertheless, rely on IT to stay airborne.

Full article @ computing.co.uk

27 Oct 2017 - NAO blames imcompetent NHS IT for WannaCry attack

The National Audit Office (NAO) has pointed the primary finger of blame at lackadaisical NHS trusts for the spread of the WannaCry ransomware that affected at least 81 out of the 236 NHS trusts across England in May this year.

The ransomware also affected a further 603 primary care and other NHS organisations, including 595 GP surgeries.

A review into IT security across the NHS commissioned by the Secretary of State for Health had warned a year before that healthcare IT systems might be vulnerable to compromise.

That review had recommended that "all health and care organisations needed to provide evidence that they were taking action to improve cyber security, including moving off old operating systems," according to the NAO report published today.

We blogged about this immediately after the attack and laid the blame squarely at the feet of the NHS's incompetent IT provision. Nice to see the NAO eventually agreeing with us!

Full article @ computing.co.uk

27 Oct 2017 - Windows 10 Fall Creators Update arrives

The latest major Window 10 update is here.

This update appears as "Feature update to Windows 10, version 1709".

If you are a Bitdefender Endpoint Security user and experience internet issues after installing this update, simply uninstall Bitdefender, reboot and reinstall.

26 Oct 2017 - BadRabbit Ransomware strikes worldwide

There is a new wave of ransomware attack, #BadRabbit, which struck on October 24th and has hit the market worldwide.

4IT customers running Bitdefender are safe. Endpoints running Bitdefender GravityZone and Bitdefender Elite were protected from zero hour against this attack wave and they are NOT impacted by this new family of ransomware.

Bitdefender GravityZone security solutions detected this threat as

Gen:Heur.Ransom.BadRabbit.1 and Gen:Variant.Ransom.BadRabbit.1.

25 Oct 2017 - Kaspersky admits infiltrating NSA via it's anti-virus software

Kaspersky admits filching NSA hacking tool source code via anti-virus software

Kaspersky has today admitted that it obtained the source code of National Security Agency hacking tools via anti-virus software running on a PC in the US.

The admission comes as part of the company's preliminary results from an internal inquiry over claims that Kaspersky Anti-Virus software was being used by the Russian government as part of its spy network.

In particular, the US government has claimed that a US National Security Agency worker had code exfiltrated by Kaspersky from his PC in 2014, while working on NSA tools at home.

This is a shocking admission and will be hugely damaging to their brand, we recommend customers do NOT use Kaspersky products.

Full article @ Computing.co.uk

18 Oct 2017 - Windows 10 Fall Creators Update contains Ransomware protection

The Windows 10 Fall Creators Update includes an amazing new feature: Folder protection against ransomware. Here's how to activate this essential security feature.

Ransomware is everywhere nowadays, and it's been nearly impossible to stop it. Microsoft thinks it may have the answer, and has therefore added a new feature to Windows Defender in the Windows 10 Fall Creators Update that is designed to stop the growing form of malware from snagging more victims.

The feature called Controlled Folder Access prevents programs from making any change to files or folders that are set as protected. By default that includes Windows system folders, Documents, Pictures, Videos, Music, Favourites, and Desktop folders for each user.

Exclusions for certain apps can be made, folders can be added, and Controlled Folder Access can be toggled on and off by taking the following steps.

  1. Open Windows Defender Security Center.
  2. Click on the Virus & Threat Protection menu item.
  3. Under that option click on Virus & Threat Protection Settings.
  4. Scroll down to the fourth item in the list that pops up: Controlled Folder Access. Toggle the button to On.
  5. Say yes to the popup window.
  6. Once it's on, the options to select folders and allow app exclusions will appear below the toggle button. Click on them if you want to make changes.

13 Oct 2017 - Windows 10 Fall Creators Update, Microsoft's next big upgrade

What is Windows 10 Fall Creators Update? Everything you need to know about Microsoft's big upgrade.

Rolling out from the 17th October, the ​Windows 10 Fall Creators Update promises to deliver new features big and small to Windows desktops.

The headline features in the free Fall Creators Update are changes to how Windows 10 handles cloud storage, easier sharing with friends and family, better security, longer battery life and a more-intuitive design for the OS and its apps.

As with previous updates, however, don't expect massive leaps forward, more general tinkering around the edges.

Full Article @ TechRepublic

12 Oct 2017 - Kaspersky software 'used by Russian state hackers to trawl for US secrets'

Popular anti-virus software used by hundreds of thousands of people and businesses in Britain was reportedly hijacked by Russian government hackers to trawl for American secrets.

Cyber spies allegedly used software from the Russian firm Kaspersky Lab which is installed on computers around the world to improvise a search tool and look for the codenames of secret US programs.

Discovery of the operation led the American government to last month order the removal of the software from its computers, the New York Times reported.

Full article @ New York Times


We recommend Kaspersky customers remove their product and switch to an alternative. We are currently recommending Bitdefender. Please contact us for more information.

07 Oct 2017 - Cryptocurrency mining malware swarms the internet

An increasing number of websites are turning the computers of unsuspecting visitors into cryptocurrency miners. Aside from slowing down CPU performance, these tools violate the privacy of users.

The mining malware we have seen so far is successfully blocked by Bitdefender.

Full details @ Futurism

04 Oct 2017 - Yahoo says all three billion accounts hacked in 2013 data theft

In a shocking legal disclosure on Tuesday, Yahoo admitted that all 3 billion of its accounts were hacked in a 2013 data theft, tripling its earlier estimate of the size of the largest breach in history.

Yahoo said last December that data from more than 1 billion accounts was compromised in 2013, the largest of a series of thefts that forced Yahoo to cut the price of its assets in a sale to Verizon.

Yahoo on Tuesday said “recently obtained new intelligence” showed all user accounts had been affected. The company said the investigation indicated that the stolen information did not include passwords in clear text, payment card data, or bank account information.

But the information was protected with outdated, easy-to-crack encryption, according to academic experts. It also included security questions and backup email addresses, which could make it easier to break into other accounts held by the users.

Full article @ Reuters

23 Sep 2017 - Equifax woes continue after victims sent to phishing site for support

After massive data breach, Equifax sent victims to fake phishing site for support

After a breach of 143 million people's personal information, the official Equifax Twitter account accidentally tweeted a link to a phishing website for victims who needed support.

For nearly two weeks after a data breach exposed the personal information of some 143 million Equifax customers, the credit firm was accidentally directing victims to a phishing website for support.

Full article @ TechRepublic

18 Sep 2017 - Equifax US hack affects 400,000 UK consumers

The huge data breach of Equifax (US) earlier this year has been confirmed to affect around 400,000 UK consumers.

Although Equifax (UK) was not affected, between 2011-2016 UK data was stored on US servers.

The information was restricted to: name, date of birth, email address and a telephone number. “Equifax can confirm that the data does not include any residential address information, password information or financial data,” the company said.

Full article @ ComputerWeekly.com

18 Sep 2017 - CCleaner 5.33 compromised to deliver malware

Avast's CCleaner compromised to deliver malware to unsuspecting users in August and September, anti-virus firm Avast compromised in suspected supply-chain attack.


CCleaner, Avast's popular PC tool that has been downloaded some two billion times, has been compromised in a supply-chain attack to deliver malware to unsuspecting victims.

Researchers from Cisco's Talos Intelligence said that, between August 15 and September 12 of this year, version 5.33 of CCleaner was legitimately signed, but contained a multi-stage malware payload that rode on top of the installation.


Full article @ Computing.co.uk

19 Aug 2017 - Hacker breaks Apple encryption, exposes iOS mobile security

A hacker going by the handle xerub has just released what he claims to be a full decryption key for Apple's Secure Enclave Processor (SEP) firmware.

This could be a major blow for iOS security because of the importance of the SEP: It handles Touch ID transactions and is completely isolated from the rest of its host device. Your iPhone, iPad, or iPod has no idea what's going on in the SEP, and that means no one else does either"at least until today.

Now that its firmware code is exposed it's open season on SEP vulnerabilities.

More detail @ Hacker decrypts Apple's Secure Enclave

09 Aug 2017 - Tech Support Scammers Target Windows 10 Users

Microsoft's Malware Protection Center has spotted new phishing techniques that direct Windows 10 users to fraudulent tech-support sites.

Tech support scams continue to evolve, with scammers exploring more ways to reach potential victims. Recently, we have observed spam campaigns distributing links that lead to tech support scam websites.

The links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary "technical support services" that supposedly fix contrived device, platform, or software problems.

Summary @ TechRepublic

Microsoft Blog article here

02 Aug 2017 - DDoS attack - All web hosting customers

Our hosting team are currently observing a large scale DDoS attack on a portion of their network.

The networking team are in the process of mitigating this attack and you may see slow performance and intermittent timeouts while they tackle this.

Thank you for your patience and understanding.

27 Jul 2017 - Kaspersky likely casualty of US Russia sanctions.

Kaspersky Lab executives are assessing any potentially negative fallout the rapidly deteriorating Russia-U.S. relations could have on its U.S. business strategy. Long time partners with the endpoint security vendor tell CRN they are watching the rising political tension closely, and acknowledge that economic sanctions threatened against Russia could have a serious impact on their business.

Full article @ CNN

If you are a current Kaspersky customer and would like to look at alternatives please contact us.

24 Jul 2017 - Late Summer Holiday Office Closures (Aug 2017)

The office will be closed from Thursday Aug 24th - Wednesday Sept 13th for a late summer holiday.

As usual all e-mails will be collected and responded to the same day.

All support customers, if you need to contact us your primary method should be by e-mail. If that is not possible please use the alternate contact arrangements you have received.

If you have any outstanding issues or tasks you would like completed please bring these to our attention ASAP.

21 Jul 2017 - Citadel malware developer jailed

A Russian man believed to be one of the developers of the Citadel malware used to steal millions by infecting around 11 million computers around the world.

Moscow-born Russian Mark Vartanyan has been sentenced to five years in prison by a US district court after pleading guilty to computer fraud.


Full article @ ComputerWeekly

21 Jul 2017 - Dow Jones massive data leak on Amazon S3 Cloud

Data leaks at Dow Jones, Verizon, and a GOP analytics firm show that companies are forgoing security best practices in order to quickly make it to the cloud.

A recent data breach at Dow Jones exposed data including names, addresses, and partial credit card numbers from millions of customers, according to a Monday report from UpGuard. The reason for the leak? Dow Jones simply chose the wrong permission settings for the Amazon Web Services (AWS) S3 data repository.

Full article @ TechRepublic

Display Older News

Explore 4IT Systems Ltd