Securitate IT - protectie impotriva ransomware si al virusilor informatici

Last week on Labs, we talked about the significance of SEO poisoning in the world of search marketing, blackmail attempts against financial institutions in Canada, voice command flaws in smart assistants , survey and potential phishing scams on Instagram , and the latest changes in Office 365 . We also shared our latest intel about America Geeks , a band of tech scammers that we profiled in 2015 and 2016. Other news Theoretically, millions of smart devices are at risk of compromise if the Z-Shave attack is done in the wild . (Source: Bleeping Computer) First, SunTrust. Now, Coca-Cola . (Source: Bleeping Computer) I think we saw this coming: robots are extremely insecure and can be used as “cyber weapons.” (Source: Internet of Business) When it comes to securing IoTs, multi-modal biometrics user authentication could become the norm . (Source: ABI Research) Users in India warned of new malware dubbed “virtual girlfriend” and “panda banker” that are capable of stealing money a...

Who doesn’t love a good motorcycle racing game, right? How about one easily available on Google Play, a “safe” place for all your Android app desires? How about a bike racing game that sticks with you so much, you can’t easily uninstall it? And it displays hidden ads? Wait, what!? That’s right! In the slideshow below, a game titled Motorcycle Race—Bike Race (package name: com.bikeme.racersm) has rave  reviews by users who demand to know how to uninstall the game. Click to view slideshow. Rev your engines for heightened privileges So how does one get into such a predicament? That all starts with the install process. Upon installing Motorcycle Race—Bike Race, the first screen asks to Activate device administrator. Okay, so obviously a bike racing game requesting device administrator rights with permission to Lock the screen is a big red flag. However, if you didn’t catch that, there’s another clue that something is amiss. Look at the app name asking for permission: Media Pla...

Introduction As one of the leading companies in computer security, we work hard every day to bring the highest level of protection to all of our users. This requires us to constantly explore new ways of defeating malware, often experimenting with bleeding edge technology or approaches that have never been tried in our environment before - borrowing ideas from fields like biology or physics. Many of these experiments never deliver anything substantial but sometimes the results exceed even our most optimistic expectations. Here, I would like to talk about one such experiment. We started it over six years ago and it evolved into a system that quickly became one of the strongest malware detection engines we use at Avast today.

The low-cost malware lowers the barrier of entry for carrying out advanced data exfiltration.

Huawei stamps out four high-severity bugs impacting 20 server models ranging from its XH, RH and CH lines.

Threatpost talks to Tenable CTO Renaud Deraison about the security risks behind smart cities.

Thanks to NeeP for contributing significant research. You can check out NeeP’s YouTube channel here . Malwarebytes has written quite a bit about tech support scammers, typically focusing on new scam techniques as they arise with new threat actor groups. But sometimes our research discovers scammers who persist with the same techniques, the same pitches, and the same IP abuse, no matter how many times we catch them. We first published on America Geeks (then known as Geeks Technical Support) in 2015, noting their attempts to use Malwarebytes’ intellectual property to pose as us and defraud their customers. After a series of takedowns and abuse complaints, we revisited America Geeks in 2016—still using Malwarebytes image assets, still scamming. And lastly, in March, Malwarebytes Labs researchers found them again using Malwarebytes to sell their scam, this time targeting French users. We were content to continue publishing on America Geeks indefinitely, but then they decided to open ...

I have to admit, I’m not 100 percent sure who Elton Castee is. “Who’s that?” you ask? Digging around revealed that he’s big on YouTube, has done some films , and raises money for dogs , which is very cool. He’s also popular on Instagram, with 400k+ followers. With that in mind, we’ve seen a few reports of his account being compromised (and by “few”, I mean “absolutely loads”), and decided to check it out. Click to enlarge A phony phone giveaway Visiting on the web while not logged in reveals the most recent post looks a little different from the other selfies: Click to enlarge A single white text on black background, which reads as follows: Wassup guys! I am giving away 100 free iPhone X’s and Apple watches on my IG Story! Claim them before it’s too late. Love you guys (emoji heart thing) Visiting the Instagram app while logged in immediately takes you to an Instagram Story . If you’re not familiar with an Instagram story, it’s a rotating set of images/video that you swipe t...

The FBI recently issued an immediate call-to-action for every small office and homeowner out there: power cycle (reboot) your router ASAP. The malware is coming. Chances are your router might be hiding in plain sight — you probably take it for granted since it just does its thing — but it needs your attention, and the sooner the better.   If you are like many, you don’t always update your router firmware (only 14% of those recently surveyed have done so). Or, change the default administrator password (only 18% of those recently surveyed have done so) according to Broadband Genie .  But, this time, you really need to.

A serious vulnerability was patched by developers behind Git that closes the door on a flaw that could lead to arbitrary code execution on a developer's system.

If you’re a user of Microsoft Office products such as Word and Excel, you’re probably aware that they’ve been used as inroads for malware for a long, long time. But what about malware attacks without Macros? Sure . Macro malware for Macs? That, too . Malicious documents and spying tools? Danger, Will Robinson . We have some good news and some bad news. The good news is that monthly subscribers of Office 365 are getting some new protection in the fight against bogus attachments and malicious files; the bad news is the changes don’t currently apply to standalone versions of Office. What’s being changed? Silverlight, Flash, and Shockwave are all getting the chop . If you used to run a malware campaign based around use of these controls, that won’t be the case for much longer. A combination of seeing these features used in rogue campaigns, generally low legitimate use by product users (when was the last time you embedded Shockwave?), and a rapidly approaching end of the line for both F...

FBI advises Americans to reset their routers Last week, we reported how the FBI had seized a key domain to the botnet VPNFilter. That story continued yesterday when the Bureau publicly asked all US residents to reboot their routers. The advice comes with the knowledge that while VPNFilter can take control of a router, part of the malware can be easily kicked off the system with a simple reboot — turning the device off for a moment. This renders the malicious program harmless, though the router can be reinfected. To prevent that, users are also advised to make sure the router’s security is fully up to date and the password has been changed from the default to a suitably complex one. The malware attacks many kinds of routers, most notably Linksys, MikroTik, Netgear, and TP-Link. Each of those companies have posted further detailed instructions to combat VPNFilter on their websites.

To showcase what it can actually do for you, we’ve tested the before and after situation on typical phones. Check out the results!