Nasty malware could be hiding on your Android. Here’s how to spot it

Swamped with ads? Don’t recognize an app? Start here to deal with it.  Android malware can find ways to trick you. A mobile app called Ads Blocker, for instance, billed itself as a useful service for cutting back on pesky mobile ads, which can pop up to cover your screen just when you’re about to access something important. But users would soon find the app was malware that just served up more ads, according to security researchers. …

CNet.com click the link to read the rest of the story.  Get our free tools here.

How do you keep your android phone free of malware?
Join the conversation on our Facebook Page!

Cybersecurity: Four ways you can keep the hackers away

CIOs are under more pressure than ever before when it comes to cybersecurity concerns, especially now that many or even all of the staff in their organisation are working from home, perhaps using unfamiliar software and hardware as they try to do their jobs on lockdown.  The array of devices and applications that they have to take responsibility for has been rapidly expanded by the coronavirus crisis, and criminals have been keen to exploit any organisations thrown off-balance by the rapidly changing circumstances, which means taking a fresh look at what IT security really means. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business?Join the conversation on our Facebook Page!

New Trickbot malware update makes it even harder to detect

Trickbot malware has been updated with a new method of propagation that makes it even harder to detect.  Starting life as a banking trojan, Trickbot first emerged in 2016 but in the years since it has been repeatedly re-purposed for other means including being used as a fully-fledged information stealer, as well as providing backdoor access to infected machines, enabling cyber criminal groups to use it as gateway for delivering other malware onto already compromised networks. Trickbot can also operate as a botnet to help spread itself to additional victims, commonly using phishing email spam campaigns to distribute malicious attachments that execute it on a Windows machine if opened. Once executed on a machine, Trickbot can also exploit the EternalBlue vulnerability to move laterally around a network. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How are you protecting your business from this?Join the conversation on our Facebook Page!

Hidden Android malware infects thousands of smartphones

A carefully managed hacking and espionage campaign is infecting smartphones with a potent form of Android malware, providing those behind it with total control of the device, while also remaining completely hidden from the user. Mandrake spyware abuses legitimate Android functions to help gain access to everything on the compromised device in attacks that can gather almost any information about the user. The attacker can browse and collect all data on the device, steal account credentials for accounts including banking applications. secretly take recordings of activity on the screen, track the GPS location of the user and more, all while continuously covering their tracks…

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your mobile devices?Join the conversation on our Facebook Page!

This new ransomware is targeting Windows and Linux PCs with a ‘unique’ attack

A newly uncovered form of ransomware is going after Windows and Linux systems in what appears to be a targeted campaign.  Named Tycoon after references in the code, this ransomware has been active since December 2019 and looks to be the work of cyber criminals who are highly selective in their targeting. The malware also uses an uncommon deployment technique that helps stay hidden on compromised networks. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your business from ransomware?Join the conversation on our Facebook Page!

Ransomware creates virtual machines to fool your antivirus software

The operators of the RagnarLocker ransomware are installing the VirtualBox app and running virtual machines on computers they infect in order to run their ransomware in a “safe” environment, outside the reach of local antivirus software.  This latest trick has been spotted and detailed today by UK cyber-security firm Sophos and shows the creativity and great lengths some ransomware gangs will go to avoid detection while attacking a victim.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Have you been hit by ransomware?Join the conversation on our Facebook Page!

71% of Security Pros See Threats Jump Since COVID-19 Outbreak

Cybercriminals are exploiting fears around the COVID-19 pandemic to tailor their threats, and businesses are feeling the effects: 71% of security professionals surveyed have seen an increase in security threats or cyberattacks since the coronavirus outbreak began, researchers report.

DarkReading.com click the link to read the rest of the story.  Get our free tools here.

What threats are you seeing?Join the conversation on our Facebook Page!

There’s now COVID-19 malware that will wipe your PC and rewrite your MBR

With the coronavirus (COVID-19) pandemic raging all over the globe, some malware authors have developed malware that destroys infected systems, either by wiping files or rewriting a computer’s master boot record (MBR).  With help from the infosec community, ZDNet has identified at least five malware strains… This image appears just before it gets worse…

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you stop these? Try Cylance?Join the conversation on our Facebook Page!

 

New Zoom Users beware: Hackers Now Targeting You

As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake “Zoom” domains and malicious “Zoom” executable files in an attempt to trick people into downloading malware on their devices. …

TheHackerNews.com click the link to read the rest of the story. Our FREE Tools can help!

Are you using zoom yet? Update software now?Join the conversation on our Facebook Page!

 

Routers hacked to point you to coronavirus-themed malware

For almost a week, a group of hackers has been breaking into people’s routers and changing DNS settings in order to point unsuspecting device users to coronavirus-related sites pushing malware. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your home from these threats?Join the conversation on our Facebook Page!

Nasty phishing scams aim to exploit coronavirus fears

Cyber criminals are aiming to take advantage of fears over coronavirus as a means of conducting phishing attacks and spreading malware, along with stealing login credentials and credit card details.  Cybersecurity companies have identified a number of campaigns by hackers who are attempting to exploit concerns about the COVID-19 outbreak for their own criminal ends.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Have you seen any of these attacks?Join the conversation on our Facebook Page!

Ransomware victims are paying out millions a month. One has cost them the most

Over six-and-a-half years, ransomware victims have handed over vast amounts of bitcoin to crooks. Some variants of the malware have generated more ransom than others. …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Has you company been hit with this?Join the conversation on our Facebook Page!

Women! Hackers are demanding nude photos to unlock files in a new ransomware attack

Ransomware typically encrypts files and demands payment in bitcoin or other cryptocurrencies, but security firm Emsisoft reported Wednesday that it had discovered a variant making another sort of demand: explicit photos. … In other cases, scammers on dating apps have requested nude photos from would-be suitors, then held them for ransom by threatening to leak the photos. …

FastCompany.com click the link to read the rest of the story.  Get our free tools here.

What would you do?Join the conversation on our Facebook Page!

Watch Out: This Verizon Smishing Scam Is Crazy Realistic

Text message scams are becoming more common, and the latest scam we’ve seen is the most sophisticated yet. The scammer impersonates Verizon, sending you an “account security” text message that takes you to a shockingly convincing copy of Verizon’s website.  We opened the link to see the scam in action. Don’t try this at home: If you receive a scam message, we recommend against opening any links attached to it. You should also delete the message and block the sender. …

HowToGeek.com click the link to read the rest of the story.  Get our free tools here.

Have you seen any text message scams?Join the conversation on our Facebook Page!

Macs saw almost double the number of malware threats than Windows PCs last year

Macs don’t get viruses,” or so the long-time saying goes. But according to Malwarebytes’ annual State of Malware report, that’s far from true. In fact, there was almost double the number of threats targeting Macs compared to Windows PCs in 2019.  The report states that Macs saw an average of 11 threats per endpoint in 2019, whereas Windows systems had an average of 5.8 threats—the first time Macs outpaced PCs when it comes to malware threats. …

TechSpot.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your Mac’s?Join the conversation on our Facebook Page!

Someone is uninstalling malware from infected PCs

A mysterious entity appears to have hijacked the backend infrastructure of the Phorpiex (Trik) botnet and is uninstalling the spam-bot malware from infected hosts, while also showing a popup telling users to install an antivirus and update their computers… “This is truly happening,” Yaniv Balmas, Head of Cyber Research at Check Point …

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Who do you think is doing this?Join the conversation on our Facebook Page!

New ransomware strain is now stealing data before encrypting it

The data theft takes place before the execution of the actual ransomware binary that encrypts the data. It is part of a recent trend in the ransomware scene.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

How does your business deal with these never ending threats!

Join the conversation on our Facebook Page!

New Ransomware overcomes PC security by rebooting into Safe Mode

SophosLabs researchers have been investigating an ongoing series of ransomware attacks in which the ransomware executable forces the Windows machine to reboot into Safe Mode before beginning the encryption process. The attackers may be using this technique to circumvent endpoint protection, which often won’t run in Safe Mode. …

Sophos.com click the link to read the rest of the story. Our FREE Tools can help!

What would you do, if your computers were encrypted by ransomware?Join the conversation on our Facebook Page!

New ransomware attacks target your NAS devices, backup storage

The number of ransomware strains targeting NAS and backup storage devices is growing, with users “unprepared” for the threat, researchers say. … Once deployed on a system, the malware will usually encrypt files or full drives, issue its victim with a ransom note, and demand payment in return for a way to decrypt and restore access to locked content. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

How are you protecting your backups from ransomware?

Join the conversation on our Facebook Page!

New trojan is stealing doctors passwords and spreading ransomware

A newly discovered hacking campaign by a ‘sophisticated cyber criminal operation’ is targeting healthcare and education organisations with custom-built…  trojan malware which gives attackers… control of Windows systems with the ability to monitor actions and steal sensitive data. The malicious functions of the remote access trojan , dubbed PyXie RAT, include keylogging, credential harvesting, recording video, cookie theft, the ability to perform man-in-the-middle attacks and the capability to deploy other forms of malware onto infected systems.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

What are you doing to keep ahead of these attacks?

Join the conversation on our Facebook Page!

Microsoft: New Dexphot malware has infected 80,000+ computers

Microsoft security engineers detailed today a new malware strain that has been infecting Windows computers since October 2018 to hijack their resources to mine cryptocurrency and generate revenue for the attackers.  Named Dexphot, this… botnet reached almost 80,000 infected computers. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have any of your computers been part of a botnet?

Join the conversation on our Facebook Page!

fake software update downloads malware when you click ‘later’

The hacking campaign has two variations, according to tech security company Zscaler, which has been tracking it. In the first version, the crooks hack into insecure WordPress sites using the theme plugin vulnerability and inject malicious redirect scripts into the compromised site. This allows them to display a fake Flash Player update alert to the user over the compromised site, which aims to trick website visitors into starting a software update. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you determine whether an update is real or not?

Join the conversation on our Facebook Page!

Beware of public USB charging stations

Travelers are advised to avoid using public USB power charging stations in airports, hotels, and other locations because they may contain dangerous malware, the Los Angeles District Attorney said in a security alert published last week. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you use public charging stations?

Join the conversation on our Facebook Page!

New ‘unremovable’ xHelper malware has infected 45,000 Android devices

Over the past few months, many users have complained about xHelper’s near “unremovable” state… While the trojan is currently engaging in spam and ad revenue, it also possesses other, more dangerous features. xHelper can download and install other apps, a function that the xHelper could at any point to deploy second-stage malware payloads, such as ransomware, banking trojans, DDoS bots, or password stealers.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you safe using an Android phone?

Join the conversation on our Facebook Page!

New IoT botnet army targeting small office and home routers

Tens of thousands of Wi-Fi routers are potentially vulnerable to an updated form of malware that takes advantage of known vulnerabilities to rope these devices into a botnet for the purposes of selling distributed denial of service (DDoS) attack capabilities to cyber criminals.  A new variant of Gafgyt malware – which first emerged in 2014 – targets small office and home routers from well-known brands

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Are you using one of these routers?

Join the conversation on our Facebook Page!

This easy-to-use information-stealing trojan malware is quickly gaining popularity among cyber criminals

Racoon Stealer isn’t sophisticated, but it has stolen credit card information, passwords and more from hundreds of thousands of victims, and an aggressive marketing campaign means its popularity is still growing, security researchers warn.  A new kind of easy to use trojan malware is gaining popularity among cyber criminals, providing them with simple means of stealing credit card data, passwords and cryptocurrency — and it has already infected hundreds of thousands of Windows users around the world.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Have any of your associate’s been hit, yet??

Join the conversation on our Facebook Page!

The Keys To A Digital Disaster Recovery Plan For Business Leaders

As a small business owner, I found out that I was the perfect target for cybercriminals when I read certified IT professional Darren Coleman’s book, Easy Prey: How to Protect Your Business from Data Breach, Cybercrime, & Employee Fraud. It inspired me to arm myself with some common sense and the realization that I am responsible for my viral life just as I am for my real life. …

Forbes.com click the link to read the rest of the story. Our FREE Tools can help!

How do you keep informed of the threats to your business?Join the conversation on our Facebook Page!

Ransomware incident to cost Danish company a whopping $95 million

Demant, one of the world’s largest manufacturers of hearing aids, expects to incur losses of up to $95 million following what appears to be a ransomware infection that hit the company at the start of the month.  This marks one of the most significant losses caused by a cyber-security incident outside of the NotPetya ransomware outbreak…

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

What would it cost your business, if it took weeks to recover?

Join the conversation on our Facebook Page!

The ultimate smartphone guide to killing spyware and stalkerware

This guide will run through what spyware is, what the warning signs of infection are, and how to remove such pestilence from your mobile devices. …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Did you find anything on your smartphone?

Join the conversation on our Facebook Page!