Fight the bad guys and stay secure

We use and recommended Avast security products to all of our clients. We have been using AVAST products for over 10yrs and have stayed virus free. Not one single client of ours using AVAST has ever had a virus. Are you looking to stay secure in this online world, if so use this link to get a piece of mind.

www.avast.com

Our 400 million users are the 400 million reasons why we lead the digital security pack. Each Avast-loaded device is a source of real-time intelligence about new and current threats. That’s how we stop over 66 million of them every day. By joining Avast, you help to make that network even stronger.

Petya Ransomware

Be careful opening any emails, even from people you know. Make sure your computer is backed up and you have all the latest updates to your Operating system. Run a Anti-Virus and even MalwareBytes, in 2017 you can not be too safe.

Behavioral analysis

This ransomware is delivered via scam emails themed as a job application. E-mail comes with a Dropbox link, where the malicious ZIP is hosted. This initial ZIP contains two elements:

  • a photo of a young man, purporting to be an applicant (in fact it is a publicly available stock image)
  • an executable, pretending to be a CV in a self-extracting archive or in PDF (in fact it is a malicious dropper in the form of a 32bit PE file):

petya_exe

In order to execute its harmful features, it needs to run with Administrator privileges. However, it doesn’t even try to deploy any user account control (UAC) bypass technique. It relies fully on social engineering.

Petya – Taking Ransomware To The Low Level

USB PC KILLER – They are now available, beware!

news_tech

What started as a proof-of-concept from researchers has now come to market. These items are not only available to buy, but they work. Please be cautious of any USB device someone wants to plug into your computer or device.

See the link below for more info and video proof it works.

http://gizmodo.com/you-can-now-buy-a-weaponized-usb-stick-for-55-1786451276

​Chrome to warn about insecure websites

news_security

We all should know by now, that when we use the the web http:// means insecure and https:// means secure. You should never visit a site to do online shopping or any type of transaction that shows http:// and not https://. Well google in January 2017 with its chrome browser #57 will start warning you whenever you are on a insecure site. For more info click here.

Windows Key + R Scam

news_security

There is a growing problem with scam phone calls going around. You may get bogus calls telling you that your computer is infected and you need to press the Windows + R key or you could loose all your data. What this does is open the Run command on your PC and they will have run a command to clean it, but what they are doing is infecting your PC with malware and locking your PC down. What they plan on doing is holding your system ransom until you pay them.

No one is going to call you out of the blue and tell or ask you these things, be smart. Hang up the phone, if you have the ability to block the number do it. You could always tell them you are running a Mac, Linux box or Chrome book which all have no Windows keys.

Windows-key-R

 

Critical Flash exploit could make your PC a brick

news_security

Feel safe with your fully-patched computer? If you use Flash and land on the wrong website, you may get a virus or even a cryptolocker that renders your machine unusable. That’s because a sophisticated “zero-day” exploit stolen from Hacking Team has now been released into the wild. As a reminder, Hacking Team is the infamous outfit that supplies US law enforcement and various governments around the world with digital spying tools. However, the company suffered an embarrassing attack on its own servers, and among the 400GB of data stolen were some nasty tools originally intended for use by agencies like the US Drug Enforcement Agency.

Security experts say attackers have now unleashed those tools on the internet, leaving all computers vulnerable until Adobe patches Flash, which it’s expected to do tomorrow. Malwarebytes called it “one of the fastest documented cases of an immediate weaponization in the wild, possibly thanks to the detailed instructions left by the Hacking Team.” So what can you do about it? Obviously, be careful about which sites you visit, but you may also want to either enable “click-to-play” for the Flash plug-in or disable it completely, as detailed by How-To Geek.

Source: Engadget, Malwarebytes

To protect yourself until Adobe updates flash to prevent the exploit please install this:

https://www.malwarebytes.org/antiexploit/