Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label PC. Show all posts
ransomware attacks
Cyber Attacks Cybersecurity awareness Gaming PC Microsoft Microsoft Security Response PC Ransomware attack prevention ransomware attacks

How to Protect Your PC from Ransomware with Windows Defender

 

Ransomware is a significant threat that can lock users out of their own files until a ransom is paid to recover the data. CBS News recently highlighted the devastating impact of ransomware, focusing on the Scattered Spider group, which caused millions in damage by targeting Las Vegas casinos. While personal computers are less common targets, it’s still crucial to take precautions. 

The best way to protect your system from ransomware is by avoiding sites or downloads likely to contain malware. However, using additional measures like modern antivirus software or built-in protections in Windows can enhance security. Microsoft Defender, integrated into Windows, offers ransomware protection, but users need to enable it manually. To activate ransomware protection in Windows, you must access the Windows Security app. This can be done by searching for “Windows Security” via the Start Menu or settings. Once inside the app, go to “Virus & threat protection” and activate Controlled folder access. 

This feature limits which applications can alter files in crucial folders, such as Documents, Pictures, and others. While trusted programs like Microsoft Office automatically retain access, unauthorized apps cannot modify or even see these folders until granted permission. This restriction is vital for stopping ransomware from encrypting sensitive files. An essential step to further enhance security is backing up your data. Windows Security facilitates this through integration with OneDrive. By logging into your OneDrive account, either through the Windows PC itself or directly in the OneDrive app, you can ensure automatic backups of your important files. 

This provides an additional layer of security, helping to recover encrypted data without paying a ransom. While OneDrive offers convenient cloud backup, it’s also recommended to keep offline backups. These backups are immune to ransomware that might affect your online accounts. Without an offline backup, relying solely on cloud services still leaves a vulnerability. Turning on ransomware protection comes with minor inconveniences, especially for those who save files in common folders. 

For instance, gamers might experience issues with save files being restricted, but this can be remedied by adding specific apps to the access list or adjusting where files are saved. Overall, securing your PC against ransomware involves enabling the built-in features in Windows, setting up OneDrive backups, and keeping an offline backup for extra safety. Taking these steps ensures you’re prepared in case your files are ever threatened by ransomware attacks.
Read more »
PC
Apple Devices BitLocker encryption Cyber Security Linux Microsoft Operating system PC

Why Windows 11 Requires a TPM and How It Enhances Security

 

When Microsoft launched Windows 11 in 2021, the new operating system came with a stringent hardware requirement: the presence of a Trusted Platform Module (TPM), specifically one that meets the TPM 2.0 standard. A TPM is a secure cryptoprocessor designed to manage encryption keys and handle security-related tasks, making it a critical component for features such as Secure Boot, BitLocker, and Windows Hello. 

The TPM architecture, defined by the ISO/IEC 11889 standard, was created over 20 years ago by the Trusted Computing Group. The standard outlines how cryptographic operations should be implemented, emphasizing integrity protection, isolation, and confidentiality. A TPM can be implemented as a discrete chip on a motherboard, embedded in the firmware of a PC chipset, or built directly into the CPU, as Intel, AMD, and Qualcomm have done over the past decade. 

Most PCs manufactured since 2016 come with a TPM 2.0, as Microsoft mandated that year that all new computers shipped with Windows must have this technology enabled by default. Even some older devices may have a TPM, though it might be disabled in the BIOS or firmware settings. Intel began incorporating TPM 2.0 into its processors in 2014, but the feature was mainly available on business-oriented models. Devices built before 2014 may have discrete TPMs that conform to the earlier TPM 1.2 standard, which is not officially supported by Windows 11. 

The TPM enhances security by providing a secure environment for processing cryptographic operations and storing sensitive data, like private keys used for encryption. For example, it works with the Secure Boot feature to ensure that only signed, trusted code runs during startup. It also enables biometric authentication via Windows Hello and holds the BitLocker keys that encrypt the contents of a system disk, making unauthorized access nearly impossible. Windows 10 and 11 initialize and take ownership of the TPM during installation, and it’s not just limited to Windows; Linux PCs and IoT devices can also use a TPM. 

Apple devices employ a different design known as the Secure Enclave, which performs similar cryptographic tasks. The added level of security provided by a TPM is crucial in protecting against tampering and unauthorized data access. For those with older PCs, upgrading to Windows 11 may require enabling TPM in the BIOS or using a utility to bypass hardware checks. However, the extra security enforced by TPM in tamper-resistant hardware is an essential advancement in protecting your data and ensuring system integrity.
Read more »
Technology
AI capabilities AI Systems AI technology Computer Computing Digital Technology PC Technology

Are The New AI PCs Worth The Hype?

 

In recent years, the realm of computing has witnessed a remarkable transformation with the rise of AI-powered PCs. These cutting-edge machines are not just your ordinary computers; they are equipped with advanced artificial intelligence capabilities that are revolutionizing the way we work, learn, and interact with technology. From enhancing productivity to unlocking new creative possibilities, AI PCs are rapidly gaining popularity and reshaping the digital landscape. 

AI PCs, also known as artificial intelligence-powered personal computers, are a new breed of computing devices that integrate AI technology directly into the hardware and software architecture. Unlike traditional PCs, which rely solely on the processing power of the CPU and GPU, AI PCs leverage specialized AI accelerators, neural processing units (NPUs), and machine learning algorithms to deliver unparalleled performance and efficiency. 

One of the key features of AI PCs is their ability to adapt and learn from user behavior over time. By analyzing patterns in user interactions, preferences, and workflow, these intelligent machines can optimize performance, automate repetitive tasks, and personalize user experiences. Whether it's streamlining workflow in professional settings or enhancing gaming experiences for enthusiasts, AI PCs are designed to cater to diverse user needs and preferences. One of the most significant advantages of AI PCs is their ability to handle complex computational tasks with unprecedented speed and accuracy. 

From natural language processing and image recognition to data analysis and predictive modeling, AI-powered algorithms enable these machines to tackle tasks that were once considered beyond the capabilities of traditional computing systems. This opens up a world of possibilities for industries ranging from healthcare and finance to manufacturing and entertainment, where AI-driven insights and automation are driving innovation and efficiency. 

Moreover, AI PCs are empowering users to unleash their creativity and explore new frontiers in digital content creation. With advanced AI-powered tools and software applications, users can generate realistic graphics, compose music, edit videos, and design immersive virtual environments with ease. Whether you're a professional artist, filmmaker, musician, or aspiring creator, AI PCs provide the tools and resources to bring your ideas to life in ways that were previously unimaginable. 

Another key aspect of AI PCs is their role in facilitating seamless integration with emerging technologies such as augmented reality (AR) and virtual reality (VR). By harnessing the power of AI to optimize performance and enhance user experiences, these machines are driving the adoption of immersive technologies across various industries. From immersive gaming experiences to interactive training simulations and virtual collaboration platforms, AI PCs are laying the foundation for the next generation of digital experiences. 

AI PCs represent a paradigm shift in computing that promises to redefine the way we interact with technology and unleash new possibilities for innovation and creativity. With their advanced AI capabilities, these intelligent machines are poised to drive significant advancements across industries and empower users to achieve new levels of productivity, efficiency, and creativity. As the adoption of AI PCs continues to grow, we can expect to see a future where intelligent computing becomes the new norm, transforming the way we live, work, and connect with the world around us.
Read more »
PC
Cyberattacks CyberCrime Cyberthreats Malicious Devices malware Mobiles PC

Malware Detected on Millions of Mobile Phones

 


In the Google Play Store, you can often find apps that contain malware, adware, or spyware. Some of these apps are even labeled as spyware or malware. The fact that malware is installed through pre-installed apps is a less well-known fact; however, researchers are raising awareness regarding the increasing trend of malware targeting pre-installed software. Hackers only need to subvert one of the hundreds of apps included with millions of affordable Android phones to gain access to their data. It is imperative to realize, however, that managing the problem is significantly more difficult than handling rogue apps that find their way onto the Google Play Store in the first place. 

In a recent report published at Black Hat Asia, Trend Micro researchers claimed that criminals had used malware to infect millions of Android devices. This was before the devices left the factories. 

Hardware in this category focuses on Android mobile devices at lower prices. However, it includes smartwatches, televisions, and other products. 

Microsoft researchers investigating counterfeit software in China found that machines booting for the first time were already compromised with botnet malware right out of the box. This was due to brand-new devices being plugged in for the first time. 

A Chinese businessman is facing a lawsuit from Microsoft for using his domain name to commit computer fraud. 

This lawsuit alleges that Nitol malware on the new computer systems points to 3322.org as the source of the compromise on the system. Several online activities are believed to be related to malicious activities and malware on this website, according to Microsoft. In addition to Nitol, Microsoft points out that the site is hosting 500 other types of malware. Reports have revealed that Microsoft has seen more malicious software stored in this repository than at any other time in history, according to a Washington Post story.

It is known that there have been many cases where devices have been received by customers with malware pre-installed as a part of the package. As a result of a Canadian security consultant's discovery of malware baked into the firmware of an Android TV box he purchased from Amazon, he decided to do some further research on it and found that it contained persistent, sophisticated malware. 

Daniel Milisic found this malware, which can be nullified by a script and instructions he created. This script and instructions can be used by users to disable the malware's communications with the command and control server (C2) as well as disable the payload.  

The devicebeing discussed here is the T95 Android TV box with a processor by AllWinner. This box is widely available on Amazon, AliExpress, and other major online stores. 

A malicious component has been found on this individual device, but it is not clear if this malicious component has been found in all devices from this model or brand. 

Original equipment manufacturers (OEM) are the companies that manufacture gadgets, and they outsource manufacturing. Researchers say that in the current manufacturing pipeline, organizations in the supply chain – for example, firmware suppliers – infect products with malicious code as they are shipped.

The problems could be much more serious and widespread if a virus is introduced into the device at the beginning of the manufacturing process. This could be done by a corrupt employee or a hacker when software is being uploaded or at some other early stage in the production process. 

Due to the lack of transparency maintained by electronics makers and the companies they work with to build their products, it is virtually impossible to know how many devices have been sold or how viruses have spread with any degree of precision.  There is no doubt that the numbers could be huge, given the nature of mass manufacturing. 

Research conducted by Trend Micro has raised alarm about the increased trend of Android devices being sold with malicious software pre-installed, and they are warning users of the dangers associated with this. Malware embedded in system apps or device firmware can be challenging to identify and remove. This is even though you can easily remove an app downloaded from the Play Store. 

“How can you infect millions of devices most quickly and easily?” was the question posed by Trend Micro researcher Fyodor Yarochkin at the conference in Singapore that he attended with colleague Zhengyu Dong.

As Yarochkin points out, infiltrating devices so early in their lifecycle is like putting a liquid in a tree: when the infection is put at the root of the tree, it spreads right out and into every single limb and leaf of the tree. 

During the decline in the price of mobile phone firmware, the insertion of malware began to become more common. It got so intense that firmware providers could not charge a price for their products because the competition among firmware distributors became so intense 

There has been an increase in pre-installed malware infections over the past couple of years, which Yarochkin says is partly due to the competition among mobile firmware developers to yield the cheapest product possible. Several developers started offering firmware for free on their websites once selling firmware became unprofitable. 

In part, the concern comes from the way the preinstalled malware operates, or, more precisely, the depth to which it is embedded in the system. Fortunately, there is still a high chance that malware can be identified and removed by many security software packages. Despite this, malware threats that operate at the kernel level of an operating system, or the BIOS level on a PC, often remain undetected by most antimalware programs. This is due to their nature of functioning at a level far deeper than the operating system. 

In the world of malicious software, there is money to be made. Criminals find several ways to spread malicious software. These methods can also prove clever and innovative. It is certainly possible to plant malware into laptops, smartphones, or tablets before they are even purchased, unboxed, and exposed to the public in the first place. 

Against these threats, what steps can you take?

In the first instance, you should buy your PC, tablet, or smartphone hardware from a respected and established brand. This is when you buy a brand-name computer from HP, Dell, Acer, Sony, etc. There is a low chance of it coming with pre-installed malware out of the box; unless you take the risk. 

A device with a high probability of being malware-free is an iPad, Nexus 7, or Kindle Fire if you purchase them from Apple, Google, or Amazon. 

A PC or knock-off tablet purchased online from an unknown, shady site can be the victim of malware infection if you go bargain shopping. 

You should not assume that your PC or mobile device is inherently safe and malware-free just because it is the first one you purchased. 

Likewise, it might not be advisable to rely on any pre-installed security software, since you cannot verify that it is genuine and is free from malware in the first place. 

To detect and identify any malware that may already be present on your machines, you should install a cross-device security tool that is reliable and able to detect malware.
Read more »
User Security
Boot Guard Cyber Security Intel PC Private Keys User Data User Security

Private Keys for Intel Boot Guard Have Reportedly Been Leaked, Jeopardizing the Security of Many PCs

 

Every other day, hackers are out there committing a new attack, exploiting a vulnerability, or attempting to extort people with ransomware. MSI is the latest victim, with hackers disclosing material acquired from a last-month breach of MSI's systems. 

This has the potential to be a major situation. According to tweets from Binarly founder Alex Matrosov, at least some of the previously stolen 1.5TB of data has been vulnerable. Private keys, some of which seem to be Intel Boot Guard keys, are included in the data. The leak of such keys affects not only MSI computers but also those from other vendors like Lenovo and Supermicro. Supermicro reached out to PC Gamer stating that based on its current review, its products are not affected by this breach.

Boot Guard is a cryptographic system that prevents fraudulent UEFI firmware or modified BIOS from being executed on PCs. Bypassing these checks, an attacker could acquire complete access to a system, access secure data, or utilize it for any variety of illicit activities.

Given the potential of so-called secondary downloads, the use of UEFI keys is especially concerning. Using typical phishing or email delivery strategies, any malware produced as a result of a firmware update including these keys would appear genuine, and antivirus software would ignore it.

The data was released after a group called Money Message claimed responsibility for the hack of MSI's internal systems (via Bleeping Computer(opens in new tab)). MSI was ordered to pay the organization $4,000,000. The release of the data would suggest that MSI didn't pay up.

The consequences of this breach will take time to assess, not to mention the time it may take to devise mitigations. In the following days, we might expect statements from the relevant parties. Meanwhile, exercise caution and avoid downloading any BIOS, firmware, or system software from sources other than the authorized website. This is true of all system software, not just MSIs.  

Read more »
Subscribe to: Posts (Atom)