" cyber attacks "

1

Evolution of Locky – A Cat & Mouse Game

In the on-going game of cat and mouse between cyber attackers and defensive internet security providers, the appearance of a new tactic from the Locky family of Ransomware comes as no surprise.

As we discussed in February this year, Locky targets victims through seemingly legitimate email attachments. Once the victim clicks on the attachment the malicious macro begins encrypting the users’ files.
(more…)

The Apple logo hangs inside the glass entrance to the Apple Store on 5th Avenue in New York City,

Apple’s OS X Gatekeeper – Marketing or Reality

For decades now people have believed their Apple devices to be safe from hacker intrusion, they were seemingly unbreakable, but in late 2015 uncertainty set in when a security expert revealed that he had found a way to bypass Apple’s security. The same expert is now suggesting that not much has changed since then with regards to Apple’s security.

The original hole was discovered by using binary code of applications that had already been verified by Apple’s developers to pass through Gatekeeper. Because Gatekeeper was developed to ensure that all applications a user downloads are checked against the application’s Developer ID, if that ID is present that application will be allowed to run. Experts have proved that this is where the problem lies as malware can easily be hidden within Apple-trusted files and then activated once the application has been installed.

Shortly after these gaps in Apple’s security features were exposed Apple released patches to prevent further breaches. However according to experts in the field it appears that the same vulnerabilities remain and can be just as easily exploited today, in the same fashion, as they were back in September. The reason being is Apple has merely blocked the files that were reported but has not made changes to Gatekeeper’s verification process. The belief is that hackers would simply need to find a new trusted file that has not been blocked by the update, this trusted file can then be abused and used to bypass Gatekeeper. Once on the other side the trusted file will execute the malicious files and then begin to install malicious programs not trusted by Apple.

The experts suggest that in order for Gatekeeper to be secure it must be triggered anytime a new process is started, requiring each process to be signed off by an Apple-trusted developer.

Apple has yet to implement such changes. With OSX’s increasing popularity making it more and more of a target for malware creators it may just be time for Apple users to consider further protection of their devices and personal data.

Mac-Viruses

Cyber Attacks are a real threat for South Africans

For as long as there have been computers there have been hackers trying to get into them, and government departments and large organisations were most often the victims.

These days, however, hacker intrusions are a growing concern for us all, from government departments and large corporations to smaller businesses and individuals. South African’s often consider themselves immune to these kinds of threats but in reality they too should be concerned. An increasing number of South Africans and South African businesses have been targeted over the past couple of years and have lost large sums of money in the process.

The most recent tool hackers are using to get into your system is Ransomware, named because hackers use malware to get into the users system, get hold of their data and block them from accessing it. Hackers then demand a ransom be paid to them for the safe return of the user’s data. Malware is downloaded onto your system in a number of ways, such as from an unsecured website download or the download of an email attachment. Hackers will use current trends to entice users into downloading malware, such as the popular new Star Wars film. Once the malware has been downloaded it will being encrypting the data so that when the user tries to gain access they will be blocked and a message from the hacker will appear on screen. Many times, particularly in the case of organisations or influential individuals hackers threaten to expose confidential information.

South African’s need to be aware of and take these threats more seriously, according to research done by Rick Couch & Associates, 70% of South Africans have fallen victim to cybercrime, as well as 47% of South African smartphone users. These statistics are concerning, particularly as cyber criminals are constantly working to find the most profitable opportunities. It is not enough to just have a standard AV solution installed on your system, users need take more aggressive action to prevent Ransomware attacks.

It is important to realise that it is not only large organisations that are being targeted, individuals have also been targeted in their personal capacity. Studies show that many individuals use Gmail for their personal affairs, often revealing personal details in mail to friends and family. What’s concerning is that people often make their Gmail passwords something easy to remember and consider it unnecessary to make the password highly secure. This is a dangerous misconception, as it makes hacking into such email accounts incredibly easy for cybercriminals, once in they will then be able to intercept conversations and entice users to reveal addresses, passwords, banking details and other personal information.

South African’s need to take these threats seriously and become more proactive in protecting themselves against cyber attacks.

Types-of-Credit-Card-Fraud

5 Tips for More Secure Online Shopping

Over 100 000 stores worldwide use online credit card facilities as a method of payment. Cyber-criminals do not steal each individual’s details,  instead they  infect the most sensitive part of the system with malware, that is designed to collect payment data of the entire customer base. 

Far from wanting to make you fear shopping online, cases like this are used to point out the risks we face.

Below are some tips on how to avoid becoming the victim of a cyber-attack when using an e-commerce platform:

(more…)

Smart-TVs

Smart TVs; the New Big Brother

Smart TVs offer countless benefits such as Internet access, social media access, live streaming and communication with other similar devices; mobile phones and tablets.

It’s the age of ubiquitous surveillance, driven by both Internet firms and governments. The Internet of Things is full of eavesdroppers who want to “listen”. Newer cars contain computers that record speed, steering wheel position, pedal pressure, even tyre pressure and third party companies such as insurance companies want to listen. And, of course, your cell phone records your precise location at all times. Add security cameras and recorders, drones and other surveillance airplanes and we’re being watched, tracked, measured and listened to almost all the time.

(more…)

2015-PandaLabs-Forecast

2015 Malware Predictions from PandaLabs

PandaLabs have released their predictions for IT security in 2015, based on reports and attacks in 2014.

CryptoLocker

This type of malware was in the spotlight in 2014, and these types of attacks are set to increase in 2015.

CryptoLocker operates in straightforward fashion: Once it gets into a computer, it encrypts all types of documents that could be valuable to the user (spreadsheets, documents, databases) and blackmails the victim into paying a ransom to recover the files. This type of malware is also known as ransomware.

Payment is most often demanded in bitcoins, so that it cannot be traced by the police, making this type of attack ideal for cyber-criminals – as many users choose to pay in order to recover the “hijacked” information.

Targeted attacks

A small percentage of the millions of new malware strains that appear every month are specifically created to attack previously defined targets. These attacks, known as targeted attacks, are becoming more common and will be highly significant during 2015.

Many companies are unaware that they could be the targets of such attacks and therefore do not have appropriate measures for detecting or stopping them.

(more…)