508-909-5961 [email protected]

Trojan infects macOS version of HandBrake

If you’ve downloaded the macOS version of HandBreak, a popular video transcoding program that converts multimedia files into different formats, checking your computer’s safety right now would be wise. Users who downloaded the program between May 2 and May 6 have a 50 percent chance of being infected with an Apple Trojan, based on an announcement on HandBrake’s website.

The post Trojan infects macOS version of HandBrake appeared first on Complete Technology Resources, Inc..

Trojan infects macOS version of HandBrake

If you’ve downloaded the macOS version of HandBreak, a popular video transcoding program that converts multimedia files into different formats, checking your computer’s safety right now would be wise. Users who downloaded the program between May 2 and May 6 have a 50 percent chance of being infected with an Apple Trojan, based on an announcement on HandBrake’s website. Here’s everything you need to know.

How to know if your device was infected

HandBrake can be downloaded from its official website and via mirror sites, or sites that provide the same content as the primary site. Infected downloads came from the mirror site, download.handbrake.fr, where the installer file (HandBrake-1.0.7.dmg) was swapped with a Trojan file, OSX.PROTON. This malicious file managed to trick Apple's security approval system into deeming it as safe and legitimate.

One way to find out whether you’ve downloaded the Trojan is to look for an “activity_agent” process in the macOS by accessing the Activity Monitor application. Another way is by checking whether the installer file’s checksums match HandBreak’s public codes. You can do this by comparing your downloaded file’s codes with the ones found on HandBreak’s checksums page. If they don’t match, that means you’ve downloaded an infected installer file. This all might sound like a lot of tech gobbledygook, but these checks are essential to knowing whether or not your system has been infected.

The damage

The OSX.PROTON is considered one of the nastiest Trojans today because it can spy on computers from a remote location. It can monitor your activities, upload malicious files on your computer, steal your password and confidential information by detecting keystrokes or taking screenshots, and take over your entire system by hacking your admin settings.

Downloading an innocuous video transcoding application is not typically considered dangerous. However, downloading apps from unofficial sources definitely poses considerable risks. In such a scenario, a backed up data can save your malware-infected computer.

Precautionary measures

Fortunately, Apple has taken steps to block further infections by releasing an update. If your system has been infected, however, it’s not too late. Follow HandBreak’s suggested steps in removing infected files to mitigate any damage. You should also take additional security measures such as changing passwords from a different device. Better yet, get professional help from IT security experts.

Every time you download an app from an unauthorized source, know that there are risks. If you’re a Mac user, download apps only from the Apple Store; and for Android users, only from the Google Play Store. And to gauge the safety of the apps you want to download, it always helps to read their reviews beforehand.

The HandBreak macOS malware is just one of many that are attacking vulnerable systems. With the help of our network security experts, you can thwart cyber attackers’ attempts to steal your sensitive data, hold your files for ransom, or spy on your online activities. Call us now so we can recommend suitable protections.

Published with permission from TechAdvisory.org. Source.

The post Trojan infects macOS version of HandBrake appeared first on Complete Technology Resources, Inc..

Read More

Mac Malware finds a new way to attack

MacOS has a reputation for being one of the most secure operating systems. But in 2016, its susceptibility to malware grew by an astounding 744% according to one security report. Recently, a new strain of malware was found to infiltrate Macs by bypassing all of its security features.

The post Mac Malware finds a new way to attack appeared first on Complete Technology Resources, Inc..

Mac Malware finds a new way to attack

MacOS has a reputation for being one of the most secure operating systems. But in 2016, its susceptibility to malware grew by an astounding 744% according to one security report. Recently, a new strain of malware was found to infiltrate Macs by bypassing all of its security features. Despite having one of the highest price points in the market, Macs’ reputation for being the safest computers remains untarnished, but will the new malware change that?

How the new malware attacks Macs

The new strain of malware targeted at Macs is called OSX/Dok, which was first discovered in April 2017. OSX/Dok infiltrates Macs through phishing attacks, whereby users receive a suspicious email with a zip file attachment. Like all phishing attacks, it contains a message that tricks the recipient into opening the attachment purportedly about tax returns.

Mayhem ensues once the malware is in the system, gains administrator privileges, takes over encrypted communications, changes network settings, and performs other system tweaks that put the users at its mercy.

What the malware does

The malware targets mostly European networks, but it’s expected to spread into other regions. Even more alarming is its ability to bypass Gatekeeper, a security feature in the MacOS designed to fend off malware. This is because its developers were able to obtain a valid Apple developer certificate, which makes the attachment appear totally legitimate. Although Apple has addressed the issue by revoking the developer’s certificate of the earliest versions of the malware, the attackers remain persistent and now use a new developer ID.

How to avoid the mayhem

The Mac-targeted OSX/Dok malware is easy to avoid if you keep your wits about you when receiving zip files from unknown senders -- these files should be treated as high-risk and be reported to your IT team, quarantined, or junked. Whether you’re using a Mac or a Windows computer, clicking on suspicious ads can download and install apps from third-party sources that put your system at risk.

Mac users are not completely safe, and complacency with security could only result in compromised and irreparable systems, ruined reputation, and lost profits for businesses. For this particular malware, a simple act of vigilance may be all it takes to avoid having your Apple computer bitten by bugs. If you want to double the layer of protection for your business’s Mac computers, call us for robust security solutions.

Published with permission from TechAdvisory.org. Source.

The post Mac Malware finds a new way to attack appeared first on Complete Technology Resources, Inc..

Read More

How virtualization roots out malware

Every IT solution in your organization will encounter malware at some point or another. Some solutions are malware liabilities, others are assets. When it comes to virtualization, there are several cyber security benefits for improving your malware readiness.

The post How virtualization roots out malware appeared first on Complete Technology Resources, Inc..

How virtualization roots out malware

Every IT solution in your organization will encounter malware at some point or another. Some solutions are malware liabilities, others are assets. When it comes to virtualization, there are several cyber security benefits for improving your malware readiness. One of our favorites is called sandboxing, and it’s a good one for you to know about.

What is sandboxing?

Sandboxing is one of the rare concepts in virtualization that the average person can usually grasp in just a couple short sentences. Essentially, sandboxing is the practice of tricking an application or program into thinking it is running on a regular computer, and observing how it performs. This is especially useful for testing whether unknown applications are hiding malware.

Obviously, it gets far more complicated once you delve into the details of how you implement a sandboxing technique, but the short answer is that it almost always involves virtualized computers. The program you want to test thinks it’s been opened on a full-fledged workstation of server and can act normally, but it’s actually inside of a tightly controlled virtual space that forbids it from copying itself or deleting files outside of what is included in the sandbox.

An effective way to quarantine

Virtualization is no simple task, but the benefits of sandboxing definitely make the effort worth it. For example, virtualized workstations can essentially be created and destroyed with the flip of a switch. That means:

  1. You aren’t required to manage permanent resources to utilize a sandbox. Turn it on when you need it, and when you’re done the resources necessary to run it are reset and returned to your server’s available capacity.
  2. When malware is exposed inside a sandbox, removing it is as simple as destroying the virtual machine. Compare that to running a physical workstation dedicated solely to sandboxing. Formatting and reinstalling the machine would take several hours.
  3. Variables such as which operating system the sandbox runs, which permissions quarantined applications are granted, and minimum testing times can be employed and altered in extremely short periods of time.

This strategy has been around for nearly two decades, and some cybersecurity experts have spent their entire careers working toward the perfect virtual sandbox.

Containers: the next step in this evolution

Recently, the virtualization industry has been almost totally consumed by the topic of “containers.” Instead of creating entire virtual workstations to run suspicious applications in, containers are virtual spaces with exactly enough hardware and software resources to run whatever the container was designed to do.

Think of the metaphor literally: Older sandboxes came in a uniform size, which was almost always significantly larger than whatever you were placing into them. Containers let you design the size and shape of the sandbox based on your exact specifications.

Quarantined virtual spaces fit nicely into the sandbox metaphor, but actually implementing them is impossible without trained help. Whether you’re looking for enhanced security protocols or increased efficiency with your hardware resources, our virtualization services can help. Call us today.

Published with permission from TechAdvisory.org. Source.

The post How virtualization roots out malware appeared first on Complete Technology Resources, Inc..

Read More

Watch out for this Microsoft Word bug

Feature updates can come and go, but when Microsoft releases a security update, you need to install it as soon as possible. This is because hackers are constantly looking for software bugs to exploit, and in Microsoft’s case, cybercriminals have found a serious vulnerability in Word.

The post Watch out for this Microsoft Word bug appeared first on Complete Technology Resources, Inc..

Watch out for this Microsoft Word bug

Feature updates can come and go, but when Microsoft releases a security update, you need to install it as soon as possible. This is because hackers are constantly looking for software bugs to exploit, and in Microsoft’s case, cybercriminals have found a serious vulnerability in Word.

The attack
On April 10, cybersecurity firm Proofpoint discovered scammers running email campaigns to trick people into clicking malware-ridden Word attachments. The fraudulent emails, simply titled “Scan Data,” included attached documents that were named “Scan,” followed by randomized digits.

Although the emails seem harmless, clicking on the documents triggers a download for Dridex malware, a Trojan virus designed to give hackers direct access to your banking information. From there, they can simply log in to your online account and make unauthorized transactions under your name.

In 2015, the distribution of Dridex allowed cybercriminals to steal approximately $25 million from European accounts. And if your business fell victim to this malware, there’s a possibility your company might not be able to recover from the loss.

The solution
Fortunately, two days after the discovery of the bug, Microsoft released a security update to disable the dangerous documents, urging users to install the patch as soon as possible. But even though Dridex was inoculated relatively quickly, employees continue to be the biggest problem.

Like most malware attacks, Dridex was distributed via phishing campaigns that preyed on a victim’s trust and curiosity. Hackers added barely any text to the email, yet people were still fooled into clicking on dangerous links.

To make sure Dridex never reaches your company, you must provide comprehensive security awareness training. In your sessions, encourage employees to practice safe computing habits, which include being cautious of online links, setting strong passwords, and avoiding downloads from untrusted and unknown sources.

Much like updating your software, keeping your staff’s security knowledge up to date on the latest threats is also imperative. Ultimately, your goal is to have employees with a security-focused mindset when browsing the web.

Of course, if security training and cybersecurity solutions are not your company’s specialties, you can always rely on a trusted managed services provider like us to protect your business. We can update and secure your systems regularly, and make sure your staff are actively doing their part to reduce security risks. Contact us today!

Published with permission from TechAdvisory.org. Source.

The post Watch out for this Microsoft Word bug appeared first on Complete Technology Resources, Inc..

Read More