Securitate IT - protectie impotriva ransomware si al virusilor informatici

Thanks to NeeP for contributing significant research. You can check out NeeP’s YouTube channel here . Malwarebytes has written quite a bit about tech support scammers, typically focusing on new scam techniques as they arise with new threat actor groups. But sometimes our research discovers scammers who persist with the same techniques, the same pitches, and the same IP abuse, no matter how many times we catch them. We first published on America Geeks (then known as Geeks Technical Support) in 2015, noting their attempts to use Malwarebytes’ intellectual property to pose as us and defraud their customers. After a series of takedowns and abuse complaints, we revisited America Geeks in 2016—still using Malwarebytes image assets, still scamming. And lastly, in March, Malwarebytes Labs researchers found them again using Malwarebytes to sell their scam, this time targeting French users. We were content to continue publishing on America Geeks indefinitely, but then they decided to open ...

I have to admit, I’m not 100 percent sure who Elton Castee is. “Who’s that?” you ask? Digging around revealed that he’s big on YouTube, has done some films , and raises money for dogs , which is very cool. He’s also popular on Instagram, with 400k+ followers. With that in mind, we’ve seen a few reports of his account being compromised (and by “few”, I mean “absolutely loads”), and decided to check it out. Click to enlarge A phony phone giveaway Visiting on the web while not logged in reveals the most recent post looks a little different from the other selfies: Click to enlarge A single white text on black background, which reads as follows: Wassup guys! I am giving away 100 free iPhone X’s and Apple watches on my IG Story! Claim them before it’s too late. Love you guys (emoji heart thing) Visiting the Instagram app while logged in immediately takes you to an Instagram Story . If you’re not familiar with an Instagram story, it’s a rotating set of images/video that you swipe t...

Last week we told you about a Mac cryptominer using XMRig , an overview of Dreamcast related scams , part 1 of decoding Emotet , and what to do about bad coding habits that die hard . We also published the results of our second CrackMe contest . Other news How a pioneer of machine learning became one of its sharpest critics . (Source: The Atlantic) The man who cracked the lottery . Spoiler: it was an inside job. (Source: The New York Times Magazine) New Spectre (variant 4) CPU flaw discovered —Intel, ARM, AMD affected (Source: The Hacker News) Amazon urged not to sell facial recognition tool to police . (Source: ABC News) Does the Facebook app even spy on those who don’t have an account ? (Source: The Register) FBI stats: email fraud still #1 cybercrime . (Source: MailGuard Blog ) Brain Food spam botnet malware found on thousands of websites . (Source: SCMagazine) Amazon Alexa Security – How to stop hacks on voice assistants . (Source: Forbes) Necurs delivering flawed Ammy...

Virtual personal assistants (VPA), also known as smart assistants like  Amazon’s Alexa and Google’s Assistant , are in the spotlight for vulnerabilities to attack. Take, for example, that incident about an Oregon couple’s Echo smart speaker inadvertently recording their conversation and sending it to a random contact. Or that time when the Alexa started laughing out of the blue . Indeed, something has to be done about these hacks , whether they’re by accident or not. Earlier this month, researchers from Indiana University, the Chinese Academy of Sciences, and the University of Virginia found exploitable weaknesses in the VPAs above. Researchers dubbed the techniques they used to reveal these weaknesses as voice squatting and voice masquerading . Both take advantage of the way smart assistants process voice commands. Unsurprisingly, these also exploit users’ misconceptions about how such devices work. How smart assistants work VPA services used in smart speakers can do what the...

If you’re in the area, come visit us at the Privacy & Security conference taking place this Wednesday and Thursday in The Hague. Avast is a proud sponsor of the GSMA Mobile 360 Series , showcasing relevant discussions for mobile network operators (MNOs), but actually important for any business in the wider digital ecosystem. The two-day gathering of industry leaders will focus on the latest evolving cyberthreats and their respective solutions. GSMA organizers deliberately scheduled the event to take place just as the new GDPR rules and regulations kick in and online privacy is a key concern for people around the world.

Do you ever get the feeling you’re being watched? Guess what — every time you pull out your smartphone or tablet and surf the internet, you are. The websites you visit, the items you browse and buy, the videos you stream, and where you were located when you did it. All of this paints a picture of who you are, what you do, and what interests you — all vital information to advertisers and marketers.

Online privacy is under the microscope, no doubt about it — first the US lost net neutrality, then the news breaks about Cambridge Analytica and 87 million Facebook users, and then we’ve got the GDPR which just took effect last  week. Amidst all this opining, lobbying, arguing, and defending, it’s interesting to see who is riled up about the matter and who is not. How concerned are YOU about having your privacy protected online?

As the GDPR took effect in Europe yesterday and privacy continues to be an important issue throughout the world, we took this opportunity to update our own privacy policy because we want our users to clearly understand what data we collect and what we do with it.  

Auto Mechanic 2018 PUP is a potentially unwanted program that states it scans Windows for Malware/Pup Threats, ways to Enhance System Performance, System/User Software Related issues, and Startup/Uninstall and User Items. When Auto Mechanic 2018 scans a computer it will list a variety of detected issues, but state that you need to first purchase a license before you can fix them. My concern is that many of the issues that it detects are not what I feel would cause a problem on a computer. This article was published first at Remove the Auto Mechanic 2018 PUP

Windows Net Proxy Auto Service, or WinNetSvc, is a Windows service that is installed by adware bundles. When this service is installed, it will communicate with a remote server and send information about your computer. This allows the software to identify the computer that has this unwanted program installed. This article was published first at Remove the Windows Net Proxy Auto Service or WinNetSvc PUP

If you find that your browser is connecting to the mi-de-ner-nis3.info site and Chrome is using a lot of CPU in Task Manager, then you are infected with an in-browser miner. Some adware bundles are configuring an autorun that automatically open Chrome in a hidden window and haves it open the https://ift.tt/2kw24jR URL to mine for cryptocurrency in your browser. This article was published first at Remove the Mi-de-ner-nis3.info In-Browser Miner

Online privacy is under the microscope, no doubt about it — first the US lost net neutrality, then the news breaks about Cambridge Analytica and 87 million Facebook users, and then we’ve got the GDPR which just took effect last  week. Amidst all this opining, lobbying, arguing, and defending, it’s interesting to see who is riled up about the matter and who is not. How concerned are YOU about having your privacy protected online?

As the GDPR took effect in Europe yesterday and privacy continues to be an important issue throughout the world, we took this opportunity to update our own privacy policy because we want our users to clearly understand what data we collect and what we do with it.  

Millions of IoT devices based on the Z-Wave wireless protocol are vulnerable to a downgrade attack during pairing sessions.

Several well-rated pet trackers contain flaws stemming from the use of Bluetooth LE, poor certificate handling and more.

BMWs at risk of hacking BMW is in the process of issuing security patches to drivers of its 2017 i3, 2016 X1 and 525Li, and 2012 730Li. The patches will cover fourteen newly-discovered vulnerabilities, four of which can be triggered only through physical connection to the car computer systems, while another four require USB connection to the car. The remaining six vulnerabilities can be exploited remotely. A diligent cybercriminal can gain access to the cars’ infotainment systems, T-Box components, and UDS communication. In light of the findings, BMW has embraced the value of third-party cybersecurity research, and they are working on fixes .

After an Alexa speaker recorded and shared a private conversation, the tech community is casting a wary eye on voice assistant privacy issues.

Emotet Banking Trojan malware has been around for quite some time now. As such, infosec researchers have made several attempts to develop tools to de-obfuscate and even decrypt the AES-encrypted code belonging to this malware. The problem with these tools is that they target active versions of the malware. They run into problems when the authors of the malware change the code. The change could be anything from slight variations to the code structure to drastic changes such as moving from a VBA project to PowerShell scripting. Usually, even a minor code variation breaks the tools. The main goal of this article is to help readers understand the structure and flow of Emotet in detail, so that code variations do not pose challenges to analysts who are trying to decode it in the future. We will also take a deep dive into some important parts of the code itself in order to understand the execution in a detailed, step-by-step process. In the first part of this two-part analysis, we loo...