Tag Archive for: Explainer

A brief explainer on signs your computer could be infected

/in


Q: I’m seeing unusual activity on my computer – what are the signs of it being infected?

A: Malware is a general term for any kind of “malicious” software designed to exploit users or cause harm to their devices.

Signs of a malware infection can be somewhat obvious or in some cases very difficult to detect, depending upon the goals of the author of the software.

Malware that’s designed to exploit users for their personal information, ransomware or ID theft is the most dangerous, so it’s important not to ignore strange behavior from your computer.

Slow Performance

One of the most obvious signs of malware is noticeably slower performance.

If you’re waiting a long time for your computer to start up or it seems to lag regularly, it’s not necessarily a sign of malware, but it should be investigated either way.

Your computer has a finite number of resources that malware or running excessive programs can silently be consuming, which can lead to diminished performance.

Determining what is causing the slow performance will help you determine if you have been infected or just have too much automatically loading up when you start your computer.

Browser Changes

Your web browser has become one of the most valuable targets for malware because your daily Internet activity can be monetized by bad actors by redirecting you to their sites and services.

Some malware will hijack your browser and change your start page or default search engine, or change where and how you connect to the Internet, which can force you to malicious websites and cause everything to seem sluggish.

They can also add new toolbars or add-ons that appear in your browser’s headers.

Unusual Notifications

If you see unusual messages or errors popping up, this can be an indication of a form of malware that has infected your operating system. This type of malware can also create new icons on your Desktop or add programs that you don’t recognize.

Message Inquiries From Others

If your friends start asking if you sent a strange email or social media message, it’s possible malware has infiltrated your email program or social media profiles.

Disabled Security Program

Internet security…

Source…

EXPLAINER: The security flaw that’s freaked out the internet

/in


BOSTON (AP) — Security pros say it’s one of the worst computer vulnerabilities they’ve ever seen. They say state-backed Chinese…

BOSTON (AP) — Security pros say it’s one of the worst computer vulnerabilities they’ve ever seen. They say state-backed Chinese and Iranian hackers and rogue cryptocurrency miners have already seized on it.

The Department of Homeland Security is sounding a dire alarm, ordering federal agencies to urgently eliminate the bug because it’s so easily exploitable — and telling those with public-facing networks to put up firewalls if they can’t be sure. The affected software is small and often undocumented.

Detected in an extensively used utility called Log4j, the flaw lets internet-based attackers easily seize control of everything from industrial control systems to web servers and consumer electronics. Simply identifying which systems use the utility is a prodigious challenge; it is often hidden under layers of other software.

The top U.S. cybersecurity defense official, Jen Easterly, deemed the flaw “one of the most serious I’ve seen in my entire career, if not the most serious” in a call Monday with state and local officials and partners in the private sector. Publicly disclosed last Thursday, it’s catnip for cybercriminals and digital spies because it allows easy, password-free entry.

The Cybersecurity and Infrastructure Security Agency, or CISA, which Easterly runs, stood up a resource page Tuesday to help erase a flaw it says is present in hundreds of millions of devices. Other heavily computerized countries were taking it just as seriously, with Germany activating its national IT crisis center.

A wide swath of critical industries, including electric power, water, food and beverage, manufacturing and transportation, were exposed, said Dragos, a leading industrial control cybersecurity firm. “I think we won’t see a single major software vendor in the world — at least on the industrial side — not have a problem with this,” said Sergio Caltagirone, the company’s vice president of threat intelligence.

Eric Goldstein, who heads CISA’s…

Source…

EXPLAINER: Why ransomware is so dangerous and hard to stop

/in


Recent high-profile “ransomware” attacks on the world’s largest meat-packing company and the biggest U.S. fuel pipeline have underscored how gangs of extortionist hackers can disrupt the economy and put lives and livelihoods at risk.

Last year alone in the U.S., ransomware gangs hit more than 100 federal, state and municipal agencies, upwards of 500 health care centers, 1,680 educational institutions and untold thousands of businesses, according to the cybersecurity firm Emsisoft. Dollar losses are in the tens of billions. Accurate numbers are elusive. Many victims shun reporting, fearing the reputational blight.

More recent known targets include a Massachusetts ferry operator, the Irish health system and the Washington, D.C., police department. But the broadly disruptive hacks on Colonial Pipeline in the U.S. in May and Brazilian meat processor JBS SA this week have drawn close attention from the White House and other world leaders, along with heightened scrutiny of the foreign safe havens where cybercriminal mafias operate.

WHAT IS RANSOMWARE? HOW DOES IT WORK?

Ransomware scrambles the target organization’s data with encryption. The criminals leave instructions on infected computers for negotiating ransom payments. Once paid, they provide decryption keys for unlocking those files.

Ransomware crooks have also expanded into data-theft blackmail. Before triggering encryption, they quietly copy sensitive files and threaten to post them publicly unless they get their ransom payments. That can present problems even for companies that diligently back up their networks as a hedge against ransomware, since refusing to pay can incur costs far greater than the ransoms they might have negotiated.

HOW DO RANSOMWARE GANGS OPERATE?

The criminal syndicates that dominate the ransomware business are mostly Russian-speaking and operate with near impunity out of Russia and allied countries. Though barely a blip three years ago, the syndicates have grown in sophistication and skill. They leverage dark web forums to organize and recruit while hiding their identities and movements with sophisticated tools and cryptocurrencies like Bitcoin that make payments…

Source…