The Victor crew has heard a lot of news lately about a cyber attack nicknamed WannaCry using ransomware. Ransomware is holds an infected computer hostage until a ransom is paid, usually in bitcoin, money that is virtually untraceable. This latest attack has caused global problems. In the UK, hospitals have been attacked. In the US, FedEx fell victim. If you use a Macintosh computer you are most likely safe as these attacks are targeted at PC users. If you are still running Windows XP you are even more vulnerable as there are no more patches being made for these systems.

Here are some things you can to do to prevent this from happening to you:

Keep your computer up to date. Do the patches for your operating system.
Make sure to do security updates for your security service.
Only open attachments from the person you know and trust.
Be careful of programs or other items you may want to download.
Back up your computer to an external hard drive.
Keep copies of your files on cloud services.

If you do get infected and don’t want to pay the ransom, which has been about $300-$600, you will have to flatten your machine (reinstall your OS). If you have kept your files on a cloud service or on an external hard drive, you will have defeated them. You will need to reinstall all your programs if you haven’t backed up the entire system.

The predictions are that today there will be even more as people turn on their computers if they haven’t been kept up to date.


Antivirus Extensions

The Victor crew came across an article that seemed to be interesting … and disturbing. If you are using an antivirus program or security suite and use their browser extensions, you may be more susceptible to attacks. Many antivirus toolbars are actually rebranded Ask Toolbar extensions that add another layer on the top of your browser, change your search engine and homepage. All it does is make the antivirus company more money.

The article goes on to detail AVG, McAfee, Norton, and Avast problems.

You can read the article here.

Lenovo and Superfish

Last week, there were reports that Lenovo laptops have a security flaw. It is called Superfish adware and the laptops are shipped with this installed. Lenovo has since issued an apology and a removal tool. So what was the big deal?

Superfish came preloaded on their notebook products from September 2014 to February 2015. Many laptops come preloaded with applications but Superfish has ability to intercept SSL and TLS website connections. It can inspect the content and use a third-party library from Komodia which gives the adware the ability to impersonate any SSL website. This puts you at higher risk. It can look at emails, banking, and social media sites you visit. This is especially a problem if you use public wi-fi.

We tried to find out more about Komodia, however the site is currently down either due to ddos attacks over this or just too many connections. We will see if we can find out more about this over the next week.

If you have one of the laptops in question, you can use one of these tools to remove it.

Jody Victor

Source: http://www.zdnet.com/article/lenovos-superfish-its-worse-than-we-thought/

Be careful about your USB devices

A flaw has been found in the design of the USB specification that you need to be aware of. The Victor crew would like you know more about this flaw. It could be found in any USB device you plug into your PC: mice, keyboards, thumb drives, external hard drives, printers, etc.

USB manufacturers do not protect the firmware in their devices so it makes it possible for malware to overwrite the firmware and take control. They can be reprogrammed to steal the contents of anything written to the drive and then in turn spread the malware to other PCs.

Some ways the malware can affect your PC are infecting at boot state before antivirus programs have started, it can emulate a keyboard command, pretend to be a network card, according to Karsten Nohl and Jakob Lell at Security Research Labs. They are presenting these findings at the Black Hat USA 2014 in Las Vegas.

Unfortunately, there isn’t much we can do. We need to be careful of what we are plugging into our PCs and careful of where we are plugging our devices. Do not plug a thumb drive in a public PC and then plug into your own PC.

Android Users Beware

There are new bugs found in the Android operating system that can leave your device, phone or tablet, vulnerable to malware. This is part of a new class of vulnerabilities called Pileup flaws (privilege escalation through updating.) The malicious apps have increased permissions once Android is updated without informing the user.

You can read more about it here on zdnet.com.

~ Jody Victor