Sunday, 7 January 2018

Meltdown and Spectre - How to protect against these CPU security flaws

Metldown and Spectre CPU security flaws are currently making headlines around the world. How do you protect your device from these issues?
What are Spectre and Meltdown?
Spectre and Meltdown are flaws found in processors from Intel, ARM and AMD that could allow hackers to access passwords, encryption keys and other private information from open applications.
These flaws are sending shock waves through the IT world. Actually, it was revealed that they had been present in chip designs for the past 2 decades! It was also revealed that they affect a number of companies’ processors, therefore the flaws could be found on a massive number of devices, from PCs to web servers and even smartphones.

Should Spectre and Meltdown worry me?

You shouldn’t need to panic, because so far it doesn’t look like Spectre or Meltdown have been used in an attack, and device manufacturers are working with Intel, ARM and AMD to fix these flaws.
Intel has claimed that the exploits can't corrupt, modify or delete data. Though, it has emerged that Spectre may need a processor redesign to fix.
However, this does mean that future processors will be free from the Spectre and Meltdown security flaws. So, don’t worry too much!  Still, be aware of any updates for your devices and protect yourself against the Meltdown and Spectre CPU security flaws following the advice here.

Protect yourself against the Meltdown and Spectre CPU security flaws...

... on Android phones:
Google will release a new security update on January 5 that will help protect your Android Phone against Meltdown and Spectre.
If you have a Google-branded phone, such as the Nexus 5X or the Pixel 2 or Pixel 2 XL, then you should get the update promptly, and on Google’s newer devices the update should download and install automatically.
Open the settings app on your Android device, go to ‘System’ and see if you can find new updates waiting for you. It may also be worth following your phone manufacturer on Twitter to keep up with news about the update.

...on iPhones:

Apple has has admitted taht Meltdown and Spectre are affecting all iPhones.
Apple also revealed that it had already released ‘mitigations’ for Meltdown in iOS 11.2, so make sure you keep an eye out for any new updates made available for iOS on your iPhone or iPad, and go into 'Settings' to check what version of iOS you are running.
Apple didn't say it had a fix for Spectre just yet, but it mentioned that “We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.” 

... on Windows PCs:

Windows PCs are likely to be hit hardest by Meltdown and Spectre, regardless if they run on Intel or AMD processors. The good news is that Microsoft seems to be on the case and has said that it has already released a security update on Wednesday for Windows 10, as well as previous versions of Windows.
Windows 10 should download the update automatically, but to be sure, type ‘windows update’ in the search bar of the taskbar, and select ‘Check for updates.’ Download and install any new updates it finds.

... on Macs:

Macs have also been affected by Meltdown and Spectre, and Apple has released a statement admitting the fact that all Macs have been affected.
While this is worrying, Apple also added that it has already released a series of fixes in macOS 10.13.2, so keep an eye out in the Mac App Store for any updates to OS X or macOS, and make sure you’re running the latest version of the operating system.

... on Chromebooks:

Recent Chromebooks should be automatically protected from Meltdown and Spectre, as Google released Chrome OS version 63 in December, which has features included to avoid these flaws.
If you want to know if your Chromebook is updated to version 63, or if an update is coming, check out Google’s list of Chrome OS devices, and check that it says ‘yes’ in the last column.
Following the advice above should help you to stay protected against Meltdown and Spectre.
This blog also has links to several world class Anti Virus software programs (like Zone Alarm) that can help you stay protected against future attacks.

Monday, 1 January 2018

Traditional Antivirus fails to protect 40 percent of users!

Conventional antivirus solutions are failing to protect users from attacks according to a  Malwarebytes report.

The study is based on real-world clean up scans performed by Malwarebytes. Nearly 40 percent (39.18percent) of all malware attacks cleaned on endpoints with an AV installed occurred on endpoints that had two or more traditional AV solutions registered.

In addition 39.16 percent of attacks on endpoints with a non-OS bundled AV installed occurred on an endpoint running one of the four leading traditional AV solutions.

"The results of these scans clearly indicate the ineffectiveness of today's traditional AV solutions and, more importantly, the unknown risks to users that depend only on these AV platforms to stay safe," says Marcin Kleczynski, CEO of Malwarebytes. "Antiquated AV technology is no longer enough to protect from sophisticated cyberthreats. It's crucial that consumers and businesses understand this now before they become a victim of the next attack."

The findings also show the top ransomware types detected on compromised machines are Hidden Tear (41.65 percent) and Cerber (18.26 percent). Botnets most often detected include IRCBot (61.56 percent) and Kelihos (26.95 percent). The most prevalent Trojan types bypassing traditional AV detections are Fileless (17.76 percent) and DNSChangermalware (17.51 percent).

Of ransomware attacks 48.59 percent of Hidden Tear and 26.78 percent of Cerber events were found on a compromised endpoint that had at least one of the four leading traditional AV brands installed.

To show how widespread the problem is, Malwarebytes has produced a real-time heatmap that shows each time Malwarebytes remediates instances of malware on endpoints that have a traditional AV registered. It also shows the numbers of attacks missed by leading antivirus programs.


Delete confidential data for good
Click Here and get award winning roses and chocolate for your special someone!

Sunday, 29 January 2017

"Can You Hear Me?"

Police Warn: New "Can You Hear Me?" Phone Scam Could Cost You A Lot

Now this is scary!

Police are warning cellphone users of a terrifying new scam, multiple news agencies report. The scam is brilliantly simple: all it consists of is a scammer calling from an unfamiliar number (but often one with a familiar area code) and asking, "Can you hear me?" It seems like a simple question, and most people would just answer, "Yes." In this case, however, the hacker records you saying "Yes" and then uses the response to authorize credit card or bill charges.


Friday, 4 November 2016

DDoS attacks so powerful entire countries can be cut from the internet

Liberia has become the latest victim of the Mirai botnet

There has been another worrying development when it comes to massive-scale DDoS attacks, with the latest victim being an entire country – Liberia over in Africa, to be precise.
And as you won’t be surprised to hear if you’ve been following these stories, this is another assault which leverages the Mirai botnet to fire tons of traffic at the victim – that’s been the source of all these big attacks since the first massive volley against security researcher Brian Krebs (which reached some 620Gbps).
As ZDNet spotted, apparently the Mirai botnet employed in the attacks against Liberia is known as Botnet #14, and security expert Kevin Beaumont observesthis is the largest such botnet – consistently capable of producing over 500Gbps – which appears to also be the source of the recent massive attack on Dyn.
The hit on Dyn, which is a DNS provider, caused a massive web outage a fortnight ago, knocking out all manner of sites including Twitter, Netflix and Spotify.
Liberia has apparently suffered at the hands of a number of DDoS attacks which are short by nature, but worrying because they’re pretty much taking the entire country offline.

Glaring weakness 

As Beaumont observes, that’s because Liberia relies on a single pipe for its internet access, and so has a single point of failure (and it’s not the only country like this). Websites hosted in Liberia were downed, and a journalist Beaumont spoke to said that internet connectivity was going offline at times matching the DDoS blasts.
Beaumont noted: “The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state.”
The truth is that few people are on the internet in Liberia anyway – only around one in 20 of the population – but ZDNet also managed to get some confirmation from a person returning to the country, who said they experienced ‘minor interruptions’ to their internet usage on Wednesday evening.
But given the low-profile target country and the very short nature of the attacks, it seems that this is just the botnet’s owner(s) testing out firepower against a nation. It’s what might come next that’s worrying, of course, when the DDoS cannons are aimed and let loose with a sustained barrage.
As we saw with the Dyn affair, the sort of damage these large-scale attacks can now muster is quite frightening. And worse still, there’s the prospect of Mirai being cranked up in terms of its potential power as more easily compromised IoT devices (security cameras, DVRs, routers and so on) are hacked and join the massing botnet ranks.
The other major concern is the use of possible DDoS amplification techniques, such as the one we reported on last month, which could potentially be used to inflict assaults of 35Tbps or even more by seriously powering up these botnet-based attacks.