Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Virus Attack. Show all posts
Virus Attack
Antivirus Crowdsource Security CrowdStrike Cyber Security data security Microsoft Virus Attack

Global Outage Caused by Anti-Virus Update from Crowdstrike

 

A recent update from the anti-virus firm Crowdstrike has led to a global outage affecting millions of Windows users. The incident is being termed one of the most extensive outages ever, impacting numerous services and companies worldwide. Crowdstrike, a company many may not have heard of before, inadvertently caused this disruption with a problematic update to its Falcon virus scanner. The update led to widespread reports of the infamous Blue Screen of Death (BSOD) on computers running Windows. 

Microsoft quickly clarified that the issue was due to a third-party problem, absolving itself of direct responsibility. Users of Apple and Linux systems were unaffected, which brought some relief to those communities. Crowdstrike has since released a fix for the issue, but the recovery process remains cumbersome. IT professionals have noted that each affected machine requires a manual reboot in safe mode to restore normal operations. This task is complicated by the physical accessibility of the devices, making the resolution process even more challenging. There is currently no indication that the issue was caused by malicious intent or that any data has been compromised. 

Nonetheless, this incident highlights the crucial importance of staying updated with software patches, albeit with a note of caution. The cybersecurity community continues to stress the necessity of regular updates while acknowledging the occasional risks involved. Crowdstrike’s initial response fell short of an apology, which drew significant criticism online. However, CEO George Kurtz later issued a public apology via NBC News, expressing deep regret for the disruption caused to customers, travelers, and affected companies. This gesture, while somewhat late, was an important step in addressing the public’s concerns. This episode serves as a stark reminder of our heavy reliance on remotely managed devices and the vulnerability that comes with it. 

Despite robust systems in place to catch most issues, some problems, like this one, slip through the cracks. The timing of the update, which was pushed out on a Friday, compounded the difficulties, as fewer staff are typically available over the weekend to address such crises. For Crowdstrike customers, detailed instructions for the fix are available on the company’s support website. Many companies with dedicated IT teams are likely coordinating their responses to ensure a swift resolution. 

Unlike many outages that resolve themselves quickly, this incident will take days, if not longer, to fully mend, illustrating the significant impact of a single flawed update in our interconnected digital world.
Read more »
Virus Attack
Apple Devices iOS security iPhone Malware Technology Virus Attack

Your iPhone is at risk - Signs of Viruses You Shouldn’t Ignore!

 

Apple usually excels in shielding us from spam and pop-ups. With the myriad functions Apple packs into iPhones, users engage in diverse activities, from work to photos and gaming. While iPhones are considered less susceptible to cyber threats than Androids due to Apple's closed ecosystem, they aren't completely immune. If your iPhone exhibits unusual behaviour or sluggish performance, it could signal a virus. This guide breaks down how iPhones can contract viruses, how to identify an infection, and step-by-step instructions for removal. 
 Realising your iPhone has a virus is unsettling, but the scarier part is not even knowing it's disrupting the mechanism silently. Your device, data, and life could be at risk. Act promptly to prevent further damage by recognising these signs: 

1. Unwanted Apps

 If mysterious apps appear on your phone, ones you didn't download, a virus may be at play. Check your installed apps in settings and promptly uninstall any unfamiliar ones. 

2. Suspicious Configurations

 Unrecognised configuration profiles on your phone could signal a virus. Take a moment to review and delete any that seem out of place. 

3. Pop-Up Overload

While Apple excels at filtering spam, an overwhelming amount of pop-ups is a red flag. Stay cautious; avoid clicking on links from unfamiliar email addresses. 
 

4. Data Surge

Notice a sudden spike in data usage without a clear cause? It might indicate a virus. Check app data usage in Settings and remove any unfamiliar data-consuming apps. 

Apple’s unique operating system design plays a key role. Unlike traditional systems, Apple's OS ensures each app operates in its own separate space, limiting interactions and making it challenging for viruses to spread. Moreover, all apps on iPhones undergo a stringent vetting process in the official App Store, significantly reducing the likelihood of malware-infected apps. While iPhones are generally less susceptible to viruses, it's important to note that a 100% guarantee of immunity does not exist. Recent data suggests a noticeable surge in virus attacks, stressing on the likelihood of digital threats even within the typically secure iPhone environment. 

To stay ahead and steer clear of malware, it's vital to recognize potential signs of a virus. Keep an eye out for consistent app crashes, unexpected charges on your online accounts, rapid battery drain, and overheating – these could be signals of malware. However, it's essential to remember that these issues might also come from other sources, like malfunctioning apps, low memory space, or a weakening battery.

If you suspect a virus, take these steps:

1. Update iOS: Ensure your iOS is up to date to benefit from Apple's latest security patches.

2. Delete Suspicious Apps: Remove any unfamiliar or suspicious apps.

3. Clear Data and History: Navigate to Settings > Safari > Clear History and Website Data.

4. Power Off and Restart: Restart your iPhone by holding down the power button.

5. Change Passwords: Ensure complexity in your passwords.

6. Enable 2-Factor Authentication: Add an extra layer of security.


These measures often resolve issues. However, if problems persist, further actions may be necessary, potentially leading to data loss.


In a nutshell, the rarity of iPhone viruses emphasises the importance of considering other factors causing unusual behaviour. Regularly update iOS, be cautious of app sources, and  against potential threats. Safeguarding your iPhone involves understanding these intricacies and acting promptly when needed. Your digital world is worth protecting – let’s keep it safe.

Read more »
Virus Attack
Antivirus Discord Email Hacking Hackers Malicious Apps malware Phishing Attacks Virus Attack

Threats of Discord Virus: Ways to Eliminate it

Discord has gained popularity as a tool for creating communities of interest since the launch of its chat and VoIP services, notably among gamers. Discord can be exploited, though, similar to any other platform that contains user-generated material. 

It was discovered in 2021 that hackers carried out a number of malware attacks targeting Discord. Cybercriminals use various techniques to spread more than 20 different varieties that have been found. Due to Discord's broad customizability possibilities, common users are vulnerable to attacks inside and outside the chat server. Recent security analysis on Discord has uncovered a number of cyberattack scenarios connected to its chat service, which can be quite risky for users.

How does the Discord virus infiltrate the system?

The common phrase used to describe malware programs exchanged using the official Discord app is 'Discord Virus.' To get Discord users to run malicious software, cybercriminals use a variety of tactics, the pirated version of Discord Nitro is also frequently offered by attackers. 

The Discord software has a premium edition called Discord Nitro that is packed with more sophisticated capabilities. It is important to understand that the Discord Nitro app cannot be cracked because the premium features are delivered over the servers and not embedded into the app.

The system does display a few typical signs that point to the existence of Trojan infection:
  • The CPU is abruptly utilized more than normal
  • The system regularly glitches
  • Malicious pop-ups are constantly flooding browser
  • The user is not asked to initiate the opening of a window
  • Redirection to suspicious or unreliable websites
How to Update and Fix Discord

1. Operate discord as an administrator

Running the application with administrative rights may be a simple way to fix the Discord Update Failure problem. You can download and run the most recent Discord update due to this enabling the updater to change your device.

2. Give the update.Exe file a new name

A bug with the application's update.exe file was discovered by Discord's troubleshooters. For the best chance of successfully updating Discord to the most recent version, try renaming this file.

Copy "C: Users Username AppData" without the quotations and put it into the Windows + R keyboard shortcut. The username should be changed to the username for your local account.

3. Avoid using windows defender

The Discord Update occasionally crashes due to conflicts with Windows 10's default antivirus protections. Disabling Windows Defender will allow you to try updating Discord.

4. Disable your antivirus temporarily

Antivirus programs have a reputation for causing problems on computers by obstructing your internet service or preventing services and apps from operating as intended.

Discord can give rise to predatory behaviors like cyberbullying. Additionally, extreme organizations utilize Discord to recruit new members and keep in touch with them. You should take precautions against malicious users on Discord and never give out your personal information to anyone.

While utilizing the service, Discord provides a list of precautions to take in order to avoid spam and hacking. One recommendation is to create secure passwords that are less likely to be hacked. Additionally, individuals can defend themselves by scanning for suspected phishing attempts. 


Read more »
Virus Attack
Linux malware Mirai botnet Mozi Botnet Ransom Attack Virus Attack

XorDDoS, Mirai, and Mozi are Most Prominent Linux-targeted Malware

 

Linux-based computers are numerous and are an integral component of the internet backbone, but Linux malware has increasingly targeted low-power Internet of Things (IoT) devices. With billions of internet-connected devices such as vehicles, refrigerators, and network equipment online, IoT devices have become a prominent target for malware and distributed denial of service (DDoS) attacks, in which junk data is aimed at flooding a target and knocking it offline. 

Although ransomware is currently wreaking havoc on the malware scene in a deluge of high-profile attacks, a recent study on Linux security finds it only ranks third among the top threat kinds. Such shift in attitude stems in part from an increasing recognition among Linux hobbyists and system administrators that a compromised Linux system, such as a web server, presents attackers with a high return on investment.' In addition, malware research has improved visibility into the dangers that Linux systems face in recent years. 

In 2021, the XorDDoS, Mirai, and Mozi malware families and variants emerged to be the most prevalent, accounting for over 22% of all IoT Linux-targeting malware, according to an analysis of the current Linux threat landscape. 

XorDDoS is a Linux trojan that has been developed for a variety of Linux architectures, including ARM, x86, and x64. It gets its name from the fact that it uses XOR encryption in malware and network connection with the C2 infrastructure. XorDDoS variations on Linux PCs demonstrate that operators monitor and hunt for Docker servers with the 2375 port open. The port provides an unencrypted Docker socket and remote root passwordless access to the host, both of which can be exploited by attackers to get root access to the machine. 

Mozi is a P2P botnet network that uses the distributed hash table (DHT) architecture and implements its own expanded DHT. Mozi can mask C2 communication behind a significant volume of valid DHT traffic thanks to DHT's distributed and decentralized lookup method. By brute-forcing SSH and Telnet ports, Mozi attacks computers. It then blocks those ports to prevent additional malicious actors or viruses from overwriting them. 

Mirai virus has earned a name for itself in recent years, especially when its creator made the source code public. Mirai, like Mozi, employs brute-force assaults to infiltrate devices using weak protocols and passwords, such as Telnet.

Many business-critical applications use Linux as one of their core operating systems. Protecting Linux servers, which can be found on-premises as well as in private and public clouds, necessitates a solution that delivers runtime protection and visibility for all Linux hosts, independent of location.
Read more »
Virus Attack
cybercriminals Cybersecurity Fake news malware Misinformation Phishing scam Tactics Targeted cyber attacks Virus Attack

Misinformation is a Hazard to Cyber Security

 

Most cybersecurity leaders recognize the usefulness of data, but data is merely information. What if the information you've been given is actually false? Or it is deception? What methods does your cybersecurity program use to determine what is real and what isn't?

Ian Hill, Global Director of Cyber Security with Royal BAM Group defined misinformation as "inaccurate or purposely misleading information." This might be anything from misinformation to deceptive advertising to satire carried too far. So, while disinformation isn't meant to be destructive, it can cause harm. 

The ideas, tactics, and actions used in cybersecurity and misinformation attacks are very similar. Misinformation takes advantage of our cognitive biases and logical fallacies, whereas cyberattacks target computer systems. Information that has been distorted, miscontextualized, misappropriated, deep fakes, and cheap fakes are all used in misinformation attacks. To wreak even more harm, nefarious individuals combine both attacks. 

Misinformation has the potential to be more damaging than viruses, worms, and other malware. Individuals, governments, society, and corporations can all be harmed by misinformation operations to deceive and damage people. 

The attention economy and advertisement-centric business models to launch a sophisticated misinformation campaign that floods the information channels the truth at unprecedented speed and scale. Understanding the agent, message, and interpreter of a specific case of information disorder is critical for organizations to stop it. Find out who's behind it — the "agent" — and what the message is that's being sent. Understanding the attack's target audience — the interpreter — is just as critical.

Misconceptions and deceptions from basic phishing scams, cyberattacks have progressed. Misinformation and disinformation are cybersecurity risks for four reasons, according to Disinfo. EU. They're known as the 4Ts:

  •  Terrain, or the infrastructure that disseminates falsehoods 
  •  Misinformation tactics, or how the misinformation is disseminated
  •  The intended victims of the misinformation that leads to cyberattacks, known as targets.
  •  Temptations, or the financial motivations for disseminating false information in cyberattacks.
 
Employees who are educated on how threat actors, ranging from an amateur hacker to a nation-state criminal, spread false information will be less likely to fall for false narratives and harmful untruths. It is now up to cybersecurity to distinguish between the true and the fraudulent.
Read more »
Virus Attack
China Chinese Hackers email security school breach Sir John Colfox Academy Virus Attack

During ransomware attack, student's GCSE coursework seized

Sir John Colfox Academy, in Bridport, was the target of hackers, believed to be from China, after a member of staff mistakenly opened an email that contained virus and infected the school’s entire computer network. The email claimed to be from a teacher at another Dorset school.

Hackers seized pupil’s GCSE courework of the secondary school and demanded cash or returning it.

The Sir John Colfox Academy has about 1,000 pupils. The coursework was from one subject submitted by Year 11 students, which was saved on the school' system.

Head teacher David Herbert said: "We are liaising with the relevant exam boards about this specific issue."

Police have launched an investigation into the cyber attack.

Neither police nor the school have said how much money was demanded for the return of the coursework, but police say no money has been paid.
Read more »
Virus Attack
Bypass of Sensitive data. Malware Analyzers Virus Attack

Researchers discover Malware Samples Designed to Exploit CPU Vulnerabilities

As of late scientists have found more than 130 malware samples intended to misuse the recently disclosed Spectre and Meltdown CPU vulnerabilities that enable pernicious applications to sidestep memory isolation mechanisms in order to gain access to passwords, photographs, archives, mails, and other sensitive data.

Experts have cautioned that there could soon be remote attacks, not long after Spectre and Meltdown were unveiled on January 3, and to top that a JavaScript-based Proof of-Concept (PoC) misuse for Spectre had likewise been made accessible.

On Wednesday, January 17 an antivirus testing firm AV-TEST, announced that it has obtained 139 samples from different sources, including researchers, analysers and antivirus companies and had likewise observed 77 malware tests apparently identified with the CPU vulnerabilities making the number fairly rising to 119 by January 23. However, the experts do believe that the prevailing malware samples are still in the "research phase" and assailants are in all likelihood searching for approaches to extract more information from computers especially via the means of web browsers



“Most appear to be recompiled/extended versions of the PoCs - interestingly, for various platforms like Windows, Linux and MacOS,” says Andreas Marx, CEO of AV-TEST , further adds “We also found the first JavaScript PoC codes for web browsers like IE, Chrome or Firefox in our database now.”

Fortinet, which is likewise known for dissecting a significant number of the samples, affirmed that a larger part of them depended on accessible PoC code.

Processor and operating system vendors have been dealing with microcode and software alleviations for the Meltdown and Spectre attacks, yet the patches have regularly caused issues, prompting organizations ending refreshes and disabling alleviations until the point that such issues are settled.


Marx, in addition to the installing of the operating systems and BIOS updates, further proposed a couple of more suggestions that have a solid shot of reducing the attacks, two of them being: turning off the PC when it's not required for over an hour, and closing the web browsers amid work breaks. He is certain that by adjusting to these strategies the attack surface would diminish a considerable measure and furthermore save quite some energy.
Read more »
Virus Attack
IT Security News Malware Report password stealing trojans Virus Attack

Passteal : password-stealing malware disguised as keygen and ebooks

Password stealing malwares

Passteal, the malware that steals passwords stored in the browser using a password recovery tools, disguised as Key generators and Ebooks.

This indicates that the malware targets users who frequently use Torrent and other file hosting website to get hold of illegal copies of software.

While older variants use the password recovery tool "PasswordFox", the new variant uses 'WebBrowserPassView' tool to steal credentials stored in major browser apps such as Internet Explorer ver. 4.0-8.0, Mozilla Firefox 1.x-4.x, Google Chrome, and Apple Safari.

Once the malware extracts the data, it stores the stolen credentials in an .XML file and send the file to a remote FTP server.

According to TrendMicro malware report, the password recovery tool enables PASSTEAL to acquire all login credentials stored in the browser- even from websites using secured connections (SSL or HTTPS).
Read more »
Subscribe to: Posts (Atom)