Nasty malware could be hiding on your Android. Here’s how to spot it

Swamped with ads? Don’t recognize an app? Start here to deal with it.  Android malware can find ways to trick you. A mobile app called Ads Blocker, for instance, billed itself as a useful service for cutting back on pesky mobile ads, which can pop up to cover your screen just when you’re about to access something important. But users would soon find the app was malware that just served up more ads, according to security researchers. …

CNet.com click the link to read the rest of the story.  Get our free tools here.

How do you keep your android phone free of malware?
Join the conversation on our Facebook Page!

Home Router Alert!! All Have Known Flaws & Most Are Unpatched

There are no routers in the study from the Fraunhofer Institute without known security flaws.  Germany’s Fraunhofer Institute for Communication (FKIE) has carried out a study involving 127 home routers from seven brands to check for the presence of known security vulnerabilities in the latest firmware. The results are appallingThe FKIE study found that 46 routers hadn’t got a single security update within the past year and that many routers are affected by hundreds of known vulnerabilities. …

A Private Satellite Wi-Fi network is cheaper and easier than ever

The ubiquity of cellular coverage is something that’s easy to take for granted. Even if you live in a relatively rural area, seeing zero bars on your smartphone is quite rare these days. But it still happens. Another problem is network saturation as a result of too many people trying to make use of the network at any one time.  Then there’s the issue of reliability during emergencies. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How you ever needed an internet connection and can’t get one?Join the conversation on our Facebook Page!

 

Has your iPhone, iPad, or iPod touch been hacked? Here’s how to find out

Has your iPhone, iPad, or iPod touch been hacked? Probably not, but there’s so much information on a smartphone — not to mention the fact that it can also be used to precisely pinpoint its owner — that more and more tools exist to help unscrupulous people get a foot in the door of your digital fortress. The good news is that tools exist to help you determine whether your device has been compromised. One such tool that I’ve been testing is Certo AntiSpy. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How you ever wondered if your iPhone has been hacked?Join the conversation on our Facebook Page!

New ThiefQuest ransomware discovered targeting macOS users

Security researchers have discovered this week a new ransomware strain targeting macOS users.  Named OSX.ThiefQuest (or EvilQuest), this ransomware is different from previous macOS ransomware threats because besides encrypting the victim’s files, ThiefQuest also installs a keylogger, a reverse shell, and steals cryptocurrency wallet-related files from infected hosts. “Armed with these capabilities, the attacker can main full control over an infected host,” …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your Mac?Join the conversation on our Facebook Page!

Adobe wants users to uninstall Flash Player by the end of the year

Adobe plans to prompt users and ask them to uninstall Flash Player from their computers by the end of the year when the software is scheduled to reach End-Of-Life (EOL), on December 31, 2020.  The move was announced in a new Flash Player EOL support page that Adobe published earlier this month, six months before the EOL date. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you still using Flash on your website?Join the conversation on our Facebook Page!

Ransomware attacks on the rise

Ransomware attacks against shipping companies have spiked in number and severity over the past year, according to security firms. Norwegian shipbuilder Vard, part of Italy’s Fincantieri, was hit last week but has declined to give details …

LlyodList click the link to read the rest of the story.  Get our free tools here.

How do you dealing with the increase in ransomware?
Join the conversation on our Facebook Page!

Cybersecurity: Four ways you can keep the hackers away

CIOs are under more pressure than ever before when it comes to cybersecurity concerns, especially now that many or even all of the staff in their organisation are working from home, perhaps using unfamiliar software and hardware as they try to do their jobs on lockdown.  The array of devices and applications that they have to take responsibility for has been rapidly expanded by the coronavirus crisis, and criminals have been keen to exploit any organisations thrown off-balance by the rapidly changing circumstances, which means taking a fresh look at what IT security really means. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business?Join the conversation on our Facebook Page!

Hackers are targeting your smartphone as way into the company network

The number of phishing attacks targeting smartphones as the entry point for attempting to compromise enterprise networks has risen by more than a third over the course of just a few months.  Analysis by cybersecurity company Lookout found that there’s been a 37% increase in mobile phishing attacks worldwide between the last three months of 2019 and the first few months of 2020 alone.  Phishing emails have long been a problem for desktop and laptop users, but the increased use of mobile devices – especially as more people are working remotely …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business mobile phones?Join the conversation on our Facebook Page!

Microsoft’s Firmware Scanner Takes Security to a Whole New Level

Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) is extending its protection capabilities to the firmware level with a new Unified Extensible Firmware Interface (UEFI) scanner.  Hardware and firmware-level attacks have continued to rise in recent years, as modern security solutions made persistence and detection evasion on the operating system more difficult. Attackers compromise the boot flow to achieve low-level malware behavior that’s hard to detect, posing a significant risk to an organization’s security posture.  Windows Defender System Guard helps defend against firmware attacks by providing guarantees for secure boot through hardware-backed security features

Microsoft.com click the link to read the rest of the story.  Get our free tools here.

Has your firm begun using Microsoft ATP yet?
Join the conversation on our Facebook Page!

Ripple20 vulnerabilities will haunt the IoT landscape for years to come

Cyber-security experts have revealed today 19 vulnerabilities in a small library designed in the 90s that has been widely used and integrated into countless of enterprise and consumer-grade products over the last 20+ years.  The number if impacted products is estimated at “hundreds of millions” and includes products such as smart home devices, power grid equipment, healthcare systems, industrial gear, transportation systems, printers, routers, mobile/satellite communications equipment, data center devices, commercial aircraft devices, various enterprise solutions, and many others.  Experts now fear that all products using this library will most likely remain unpatched due to complex or untracked software supply chains. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you going to protect your IOT devices?Join the conversation on our Facebook Page!

New Trickbot malware update makes it even harder to detect

Trickbot malware has been updated with a new method of propagation that makes it even harder to detect.  Starting life as a banking trojan, Trickbot first emerged in 2016 but in the years since it has been repeatedly re-purposed for other means including being used as a fully-fledged information stealer, as well as providing backdoor access to infected machines, enabling cyber criminal groups to use it as gateway for delivering other malware onto already compromised networks. Trickbot can also operate as a botnet to help spread itself to additional victims, commonly using phishing email spam campaigns to distribute malicious attachments that execute it on a Windows machine if opened. Once executed on a machine, Trickbot can also exploit the EternalBlue vulnerability to move laterally around a network. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business from this?Join the conversation on our Facebook Page!

Forget sextortion scams, we’re more worried about deepfake ransomware

Appetite for deepfake scams is expanding among users of underground forums, leading to concerns the technology could be used as part of extortion-based ransomware attacks. Deepfakes are AI-generated videos and images that transplant the face of another individual – traditionally a celebrity or politician – into a scene in which they were not originally present. In recent years, deepfakes have been used primarily in the dissemination of fake news and the creation of hoax pornography – and have become increasingly convincing. Here’s why you shouldn’t watch ‘inappropriate content’ on remote working devices: Adult streaming site leaks info on millions of users, Stalkerware now poses a greater privacy risk than ever.  According to a report from security firm Trend Micro, deepfake technology could soon be used to blackmail members of the public or workforce into divulging sensitive information or paying significant ransom fees.

TechRadar click the link to read the rest of the story.  Get our free tools here.

Know anyone hit with this scam?
Join the conversation on our Facebook Page!

The PC is suddenly in fashion again, but there are tough times ahead

Remote working may have caused many people to value their laptop and desktops a lot more, but the PC industry is likely to struggle as companies and consumers cut back on spending. PCs may have been viewed as yesterday’s news thanks to the rise of smaller form factors like smartphones, tablets and wearables, but trusty laptops and desktops (and variations on them like Chromebooks and even Raspberry Pis) have proven their worth during lockdown for workers and kids doing home schooling.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you upgrading your remote users PC’s?Join the conversation on our Facebook Page!

Hidden Android malware infects thousands of smartphones

A carefully managed hacking and espionage campaign is infecting smartphones with a potent form of Android malware, providing those behind it with total control of the device, while also remaining completely hidden from the user. Mandrake spyware abuses legitimate Android functions to help gain access to everything on the compromised device in attacks that can gather almost any information about the user. The attacker can browse and collect all data on the device, steal account credentials for accounts including banking applications. secretly take recordings of activity on the screen, track the GPS location of the user and more, all while continuously covering their tracks…

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your mobile devices?Join the conversation on our Facebook Page!

Dark Web selling access to corporate networks

The Dark Web is an underground marketplace where criminals trade in all sorts of illegal or malicious items. One valuable product up for sale consists of information that can help hackers break into corporate networks. Comprised of malware and services, this type of information has seen an increase in Dark Web postings over the past couple of years.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Do you know if access to your business is being sold?

Join the conversation on our Facebook Page!

That used or refurbished Android phone might be unsafe: 6 things to know

If your Android phone isn’t running the latest software, your security and privacy might be in jeopardy. Phones released years ago run outdated versions of Android. That may well mean that they don’t have critical security updates that can keep you — and your data — safe from prying eyes. If you’re concerned about security and privacy on your previously owned phone, here are some things you should consider.

CNet.com click the link to read the rest of the story.  Get our free tools here.

Have you updated all of your mobile phone software?
Join the conversation on our Facebook Page!

Your insurance policy probably doesn’t cover ransomware payments

Long aware they’ve been in hackers’ crosshairs, law firms are currently under attack by a new breed of ransomware and attackers.  However, when law firms are hit with a ransomware attack, some are shocked to find out their insurance policies don’t include coverage for ransomware payments. Indeed, ransomware is a 21st century business threat that older insurance policies weren’t drafted for, observers say.

Law.com click the link to read the rest of the story.  Get our free tools here.

Are you certain that your business is properly covered?
Join the conversation on our Facebook Page!

Zoom won’t add end-to-end encryption so it can aid the police

Zoom’s decision not to add end-to-end encryption to free users’ calls keeps the door open for law enforcement cooperation, CEO Eric Yuan told analysts in a Tuesday conference call, as previously reported by Bloomberg. “Free user, for sure, we don’t want to give that because we also want to work together with FBI, with local law enforcement…” Yuan said. End-to-end encryption, which the videoconferencing company is currently working on, secures connections all the way from each device to every other device on a call. It’ll only be enabled on paid accounts…

CNet.com click the link to read the rest of the story.  Get our free tools here.

Do you want end to end encryption on your account?
Join the conversation on our Facebook Page!

This new ransomware is targeting Windows and Linux PCs with a ‘unique’ attack

A newly uncovered form of ransomware is going after Windows and Linux systems in what appears to be a targeted campaign.  Named Tycoon after references in the code, this ransomware has been active since December 2019 and looks to be the work of cyber criminals who are highly selective in their targeting. The malware also uses an uncommon deployment technique that helps stay hidden on compromised networks. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your business from ransomware?Join the conversation on our Facebook Page!

Ransomware creates virtual machines to fool your antivirus software

The operators of the RagnarLocker ransomware are installing the VirtualBox app and running virtual machines on computers they infect in order to run their ransomware in a “safe” environment, outside the reach of local antivirus software.  This latest trick has been spotted and detailed today by UK cyber-security firm Sophos and shows the creativity and great lengths some ransomware gangs will go to avoid detection while attacking a victim.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Have you been hit by ransomware?Join the conversation on our Facebook Page!

The Darkweb store is selling access to 43,000+ hacked servers

MagBo, a shadowy online marketplace where hackers sell and buy hacked servers, is doing better than ever and has soared in popularity to become the largest criminal marketplace of its kind since its launch in the summer of 2018. … Today, MagBo has become the de-facto go-to marketplace for many cybercrime operations. Some groups register on the MagBo platform to sell hacked servers, while others are there just to buy. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Is your server safe?Join the conversation on our Facebook Page!

That old Android phone might not be safe to use: 6 things to consider

If your Android phone isn’t running the latest software, your security and privacy might be in jeopardy. … Manufacturers such as Samsung, Sony, Google and HTC only provide support to a phone for so long. Each new handset that’s released and each new version of Android require new threat assessment and patching. That’s a lot of work…

CNet.com click the link to read the rest of the story.  Get our free tools here.

Do you use an old android?
Join the conversation on our Facebook Page!

How to use an authenticator app to improve your online security

Want to avoid having your online accounts hacked? Enable two-factor authentication, a crucial security measure that requires an extra step when signing in to high-value services. I explain how to set up 2FA and which accounts to focus on first. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Do you use 2fa?
Join the conversation on our Facebook Page!

Phishing emails caught exploiting DocuSign and COVID-19

Cybercriminals are exploiting DocuSign, the coronavirus, and the transition to remote working to try to capture account credentials. … The phishing email itself tries to look legitimate by copying the content and images of real emails from DocuSign. … Clicking on the button to review the documents redirects the user several times, first through the SendGrid link and then through two compromised websites. These redirects are created specifically to confuse the user and to get past URL detection security. In the end, the page that comes up is a malicious one …

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Have you encountered this yet?

Join the conversation on our Facebook Page!

Best password managers for business in 2020

Everyone needs a password manager. Period, full stop. It’s the only possible way to maintain unique, hard-to-guess credentials for every secure site you, your family members, and your team access daily.  The 15 programs listed in this guide share many core features.  On a Windows PC, a Mac, or a mobile device, you install a stand-alone program or browser extension that does the work of saving sets of credentials in a database whose contents are protected with high-grade, 256-bit encryption. To unlock the password database, you enter a decryption key (your master password) that only you know. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

What do you like your current password manager?
Join the conversation on our Facebook Page!

 

Spear-phishing campaign compromises executives at 150+ companies

A cybercrime group operating since mid-2019 has breached the email accounts of high-ranking executives at more than 150 companies, cyber-security firm Group-IB reported today.  The group, codenamed PerSwaysion, appears to have targeted the financial sector primarily, which accounted for more than half of its victims; although, victims have been recorded at companies active across other verticals as well.  PerSwaysion operations were not sophisticated

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you prepared for these attacks?
Join the conversation on our Facebook Page!

 

7 Cybersecurity tips for small businesses with remote workers

Small businesses have been facing a mountain of problems since the coronavirus outbreak took hold of the world’s economy and shifted most people to working from home. Millions of small businesses around the world, which previously had no experience dealing with cybersecurity, suddenly had to deal with a deluge of new issues… start small…  Troy Gill, manager of security research at Zix-AppRiver, said all small businesses should start simple and work their way up. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you helping your team and your business remain safe?
Join the conversation on our Facebook Page!

 

Best encryption software for business in 2020

If strong encryption and security practices are not in place, businesses are not only opening themselves up to potential cyberattacks, but also the loss of corporate and customer information, fines for non-compliance with laws including HIPAA and GDPR, financial damage, and the loss of reputation.  Below, we list our favorite encryption solutions, suitable for users, SMBs, and enterprise players…

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you encrypting everything in your workplace?
Join the conversation on our Facebook Page!

“Smart WiFi” users must reset your password

Router vendor Linksys has locked user accounts on its Smart WiFi cloud service and is asking users to reset passwords after hackers have been observed hijacking accounts and changing router settings to redirect users to malware sites.  Linksys’ decision only impacts Smart WiFi accounts.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you using Smart Wifi?Join the conversation on our Facebook Page!