Security Crunches | thenortonsetup

security crunches

At a time within which company network directors feel safer than ever — what reasonably security issues ought to a corporation be centered on once most worker pcs run their applications within the cloud? — This month’s edition of our “Tech Headlines Digest” underscore the fact that no computer security answer works 100% of the time, and the way you’ll be able to most with efficiency prepare yourself and your internal IT systems.

In November, hackers continuing to use their new favorite attack vector — malicious image files — to allegedly unfold ransomware over social media. Meanwhile, a security professional from Google expressed the opinion that ancient antivirus software system does not work that the only way to maintain complete network security is to stop all unknown software system from running. Trying to broaden its product choice, antivirus company Symantec has noninheritable LifeLock — a corporation that does not market a pc security product the least bit. Scan on to find out additional concerning the highest school headlines from the most recent edition of the security-focused roundup.

Google Security Specialist Warns Antivirus software system Is Ineffective

The Story: Speaking at the New Zealand hacker conference Kiwicon X, Google security engineer Darren rabbit-eared bandicoot noted ancient antivirus software system as “magic” that “[does] not work.” Elaborating any, rabbit-eared bandicoot explained that antivirus software system will ne’er be actually effective against unknown threats — and once security researchers discover a brand new virus, it’s actually because it’s already compromised some systems. With such a lot of firms currently victimization largely cloud-based apps, Bilby said, computers on company networks solely ought to run a couple of native applications. It is, therefore, safest to whitelist approved applications and block the execution of all different software system.

Small Business Takeaway: victimization cloud-based applications will go a protracted method toward rising the safety of any company network. If your business has already affected to a cloud network, square measure you continue to permitting users to run applications locally? Perhaps it is time to re-think your security policies.

Continue reading “Security Crunches | thenortonsetup”


Criminals are using Old Techniques to take Cyberattack


In all walks of life, there are people who believe that the previous ways in which are the simplest. It seems that despite involvement in a very technologically advanced, perpetually evolving arena, cyberattackers are more and more turning back to constant ways that worked for them at the beginning of the last decade.

The payloads may need modified, however cybercriminals are turning back to tried and trustworthy ways of delivering them, with email spam at level that hasn’t been seen since 2010 — and a lot of those junk messages contain malicious attachments designed to deliver the likes of malware and ransomware than ever before.


The continued drawback of spam email — that not farewell past was at its lowest level for a few time — is ready enter the Cisco 2017 Annual Cybersecurity Report.


While the likes of antispam technology and also the high-profile takedowns of bound cybercriminal operations helped to cut back spam levels in recent years, cybercriminals are more and more harnessing the ability of botnets to build up the quantity of malicious messages.

Also Read: Is Online Privacy Matters?

Total spam volumes jumped to 3,500 emails a second by the top of 2016. Cybersecurity researchers attribute the expansion to the Necurs botnet, the network of zombie devices ordinarily accustomed deliver Locky, the foremost roaring sort of ransomware, and also the Dridex banking Trojan.


Many of the information science hosts inside Necurs are infected for over 2 years, however the botnet uses techniques to remain also hidden as potential. Often, infected hosts are accustomed send spam for 2 or 3 days, then unwearied for 2 or 3 weeks before continued to send malicious messages.


The botnet has become thus roaring that by the half-moon of 2016, Necurs traffic accounted for the overwhelming majority of the seventy five p.c of total spam containing malicious attachments. However whereas the delivery technique has come to well-established ways, the categories of attachments getting used perpetually ever-changing so as to stay campaigns recent and plan to avoid detection.


While malicious workplace Documents and nothing files stay fashionable and roaring ways for delivering malware, cybercriminals are experimenting with new sorts of malicious attachments like .docm, JavaScript, .wsf, and .hta files in spam emails.


The amount of all of those sorts of files fluctuated throughout the last six months of 2016, suggesting that cybercriminals are neutering their ways, actuation the employment of bound sorts of attachment if they assume they are turning into straightforward to observe.


Given the increase of smartphones and alternative internet-connected devices, maybe it is not a surprise that cybercriminals are reverting back to previous ways. Whereas there is been some levels of cybersecurity improvement round the use of PCs and laptops, several users are on the face of it unaware that their smartphone or pill may well be even as susceptible to cyberattacks.


That’s making a simple target for hackers, who are striking smartphones with data-stealing malware, ransomware, and more. In keeping with a survey careful within the Cisco report, this lack of awareness around however smartphones are targeted makes mobile devices security professionals’ biggest sources of concern associated with cyberattacks; fifty eight p.c of respondents recommended that mobile devices are terribly or very difficult to manage.

Tech Threat That Keeps On Evolving

Tech support scams are around forever, however they need incessantly evolved to extend their possibilities of extracting cash from their victims.

Classic technical school support scams typically saw associate unsuspecting human receive a decision from a ‘Microsoft agent’ who told them they required to wash their machine of viruses — all the agent required to try to this were the small print of the user’s account, and their bank details, of course.

And scams like this are still allotted, with older and additional vulnerable individuals typically prime targets.

However, whereas ‘classic’ technical school support scams do still occur, scammers have additionally developed new techniques to extend their possibilities of with success extracting cash from their victims.

Evolution Of Technical Support Scams


There are reports in recent years of scammers exploit comments on high-profile stories on social media sites that link back to technical school support scam pages.

Continue reading “Tech Threat That Keeps On Evolving”

Why Ransomware Keeps Winning?


There are two main reason why ransomware keeps winning. 2016 are the year ransomware holds America prisoner,” as a result of those people attempting to defend against ransomware cannot get ourselves organized, in keeping with a brand new report by the Institute for Critical Infrastructure Technology.

“One reason that ransomware is therefore effective is that the cybersecurity field isn’t entirely ready for its revival,” wrote researchers. Security applications don’t quickly acknowledge ransomware’s malice, because, ransomware itself “effectively acts as a security application. It denies access to knowledge or encrypts the information. The sole distinction is that the owner of the system doesn’t own the management.”

“The alternative reason that anti-ransomware efforts area unit scrubby,” in keeping with the report “is that the opposition isn’t unified during a response procedure.” Whereas security corporations principally advise to never pay ransoms, enforcement has on times suggested to easily pay the ransom once the essential systems or knowledge cannot be recovered by the other means; in reality, some enforcement agencies have, themselves, paid ransomware operators.

Also Read: 10 Simple Hacks To Be More Secure Online

Continue reading “Why Ransomware Keeps Winning?”

How To Avoid Holiday CyberScams


As additional and additional folks area unit looking on-line — a record $3 billion in sales was racked up this past CyberMonday alone — ever additional thieves are active in computer network. Which means you’ve got to pay even additional attention to cybersecurity.

Not solely does one have to be compelled to use caution with on-line purchases, you’ve got to bear in mind of however you are shopping for. Cybercriminals will currently steal info from public local area network systems.

There are the previous standbys of cyberscams, as well as “phishing,” wherever personal money info is invited through emails and “malware,” that is nasty computer code that’s downloaded directly onto your laptop.

Note that today’s cyberscams are unbelievably enterprising. They’re stealing cash and knowledge any manner they’ll. Here’s a sampling of their various thieving, courtesy of RSA Security:

  •  Mobile is that the new law-breaking target with sixty percent of overall fraud originating from a mobile device and forty fifth of total dealing volume stemming from mobile devices.
  • A brand new phishing attack is launched each thirty seconds cost accounting world organizations $9.1 billion annually.
  •  One in twenty malware attacks end in ransomware, and therefore the average ransomware value per victim is $300.
  •  The highest retailers that area unit wedged by eCommerce fraud include: on-line cash transfers (19%) travel & cordial reception (15%) and business services (13%).

How you will be able to defend yourself ?

Continue reading “How To Avoid Holiday CyberScams”

New Ransomware is True Evil Genuis


A new ransomware variant has been discovered exploitation associate innovative system to extend infections: the code turns victims into attackers by providing a pyramid scheme-style discount.
Any user UN agency finds themselves infected with the Popcorn Time malware (named once, however unrelated to, the bit torrent client) is obtainable the power to unlock their files for a money payment, typically one bitcoin ($772.67/£613.20).

But they even have a second possibility, delineated by the developers as “the nasty way”: passing on a link to the malware. “If  two or a lot of folks install this file and pay, we’ll decipher your files for free”.

The affiliate selling theme was discovered by security researchers Malware Hunter Team. For now, it’s solely in development, however if the code gets a full unharness, its innovative distribution technique could lead on to that quickly turning into one among the a lot of widespread variants of this sort of malware.

Like most ransomware, Popcorn Time, encrypts the key files on the Winchester drive of infected users, and guarantees the cryptography key solely to those users UN agency pay (or infect others). However the code additionally indicates a second twist: the ransomware could delete the coding key entirely if the incorrect code is entered fourfold. The in-development software doesn’t truly contain the code to delete the files, however it contains references to wherever that code would be additional.

Advice varies on what users UN agency are infected with ransomware ought to do. Most enforcement organizations advocate against paying the ransoms, noting that it funds additional criminal activities, which there’s no guarantee the files are going to be recovered anyway (some malware makes an attempt to appear like ransomware, however merely deletes the files outright).

Many security researchers advocate equally, however some argue that it mustn’t air the individual victim to sacrifice their own files for the sake of fighting crime at giant. Some ransomware has even been “cracked”, due to the coders creating a range of mistakes in however they encrypt the hard drive. Petya and Telecrypt are two varieties of malware that are thus defeated.