Tag Archive for: Urges

NCC-CSIRT urges stronger security measures to prevent ransomware attacks – WorldStage

/in


WorldStage Newsonline– The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has urged organisations to adopt stronger cybersecurity measures.

These measures include ensuring that organisations’ employees use strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it is supported to prevent ransomware attacks as well as advising organisations to ensure regular systems backup.

The NCC-CSIRT’s warning contained in its advisory of August 12, 2022, came after the Yanluowang threat actors gained access to Cisco’s network using an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials synced from their browser.

Ransomware is a malware designed to deny a user or organization access to files on their computer until they pay the attackers.

Cisco reported the security incident on its corporate network but said it did not identify any impact on its business although the threat actors had published a list of files from this security incident on the dark web on August 10.

NCC-CSIRT estimated potential damage from the incident to be critical while predicting that successful exploitation of the ransomware will result in ransomware deployment to compromise computer systems, sensitive products and customers’ data theft and exposure, as well as huge financial loss to organizations by incurring significant indirect costs and could also mar their reputations.

The team said, “The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported.”

It further disclosed that “In response to the attack, Cisco has immediately implemented a company-wide password reset. Users of Cisco products should ensure a successful password reset.

 “As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets. Clam AntiVirus Signatures (or ClamAV) is a multi-platform…

Source…

QNAP urges customers to disable UPnP port forwarding on routers

/in


QNAP

Taiwanese hardware vendor QNAP urged customers on Monday to disable Universal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devices to attacks from the Internet.

UPnP is a set of insecure network protocols with no encryption and authentication that comes with support for peer-to-peer communications between devices.

It also allows them to dynamically join and leave networks, obtain IP addresses, advertise their capabilities, and learn about other UPnP devices on the network and their capabilities.

UPnP Port Forwarding allows network devices to communicate seamlessly and create groups for easier data sharing.

“Hackers can abuse UPnP to attack through malicious files to infect your system and gain control. Despite its convenience, UPnP may expose your device to public networks and malicious attacks,” QNAP said today.

“It is recommended that your QNAP NAS stay behind your router and firewall without a public IP address. You should disable manual port forwarding and UPnP auto port forwarding for QNAP NAS in your router configuration.”

As options for those who need access to NAS devices without direct access to the Internet, QNAP recommends enabling the router’s VPN feature (if available), the myQNAPcloud Link service, and the VPN server on QNAP devices provided by the QVPN Service app or the QuWAN SD-WAN solution.

Internet-exposed NAS devices at risk

QNAP also warned customers in January to secure their NAS devices immediately from active ransomware and brute-force attacks.

The company asked users to check if their NAS is accessible over the Internet and take the following measures to defend them from incoming compromise attempts:

  • Disable the Port Forwarding function of the router: Go to the management interface of your router, check the Virtual Server, NAT, or Port Forwarding settings, and disable the port forwarding setting of NAS management service port (port 8080 and 433 by default).
  • Disable the UPnP function of the QNAP NAS: Go to myQNAPcloud on the QTS menu, click the “Auto Router Configuration,” and unselect “Enable UPnP Port forwarding.”

QNAP also provides step-by-step instructions on disabling SSH and Telnet…

Source…

Cyber-security company urges parents to monitor students use of technology

/in


HUNTSVILLE, Ala. – As students across the Tennessee Valley return to the classroom, many are using district devices for school work. A local cyber-security risk management company says parents need to be aware of the ever-present threat of hackers online.

In the 2020-2021 school year two North Alabama school systems Huntsville City Schools and Madison City Schools experienced cyber-attacks. As kids start logging on to district devices this year, the door to threats is wide open

Gray Analytics says as children connect school devices to various networks there are ways to mitigate risks of cyber hacking or ransomware attacks.

“Any device you have that’s connected to the internet which is basically everything… Is at risk of cyberattack,” explains Gray Analytics Business Operations Vice President Jennifer Elwell.

Up-to-date malware and anti-virus can be the first layer of protection but parents also need to educate their kids about ‘cyber hygiene’.

“If your child doesn’t understand basic cybersecurity principles like not clicking on links if you don’t know where it leads, they could accidentally be the way a cybercriminal gets access to the school system, no one wants that,” says Elwell.

Students need to change their passwords often, verify people’s online identity and avoid connecting to unsecured WIFI networks.

“As our children get back into extracurricular activities they may be taking their device with them to do homework at the gym or at dance. Make sure your child only access the internet through wifi that is password-protected,” says Elwell.

Elwell says it’s important for parents to understand that their kid’s cybersecurity can impact the whole family.

“Once they get onto a child’s device that’s on your network then they can penetrate the other devices on your network which very well could be your work computer,” says Elwell.

Cyber attacks are becoming more frequent, with many cybercriminals using them to hold a network or personal data for ransom.

Gray Analytics says it’s never too early to start talking about cybersecurity because technology is everywhere and even the youngest are at risk for…

Source…

McAfee : Microsoft Urges Customers to Update Windows as Soon as Possible

/in


What happened

Microsoft has shipped an emergency security update affecting most Windows users. This update partially addresses a security vulnerability known as PrintNightmare that could allow remote hackers to take over your system.

How does this affect you?

PrintNightmare could allow hackers to gain control of your computer. This means hackers could perform malicious activities like installing their own apps, stealing your data, and creating new user accounts.

How to fix the issue

Microsoft recommends Windows 10, 8.1, and 7 users update their computers through Windows Update as soon as possible. Note that an additional patch will likely be required to fully fix the issue, so expect another update prompt from Microsoft in the days to come.

Additional protection

For extra protection against malware that may result from a hack like this one, we recommend an all-in-one security solution, like McAfee Total Protectionor McAfee LiveSafe. If a hacker takes advantage of the exploit and tries to install additional malware, McAfee Total Protection/LiveSafe can help protect against those attempts. Learn more about our online security products here.

An alternate solution for tech-savvy Windows users

PrintNightmare exploits a vulnerability in the Windows Print Spooler service. The step-by-step instructions below will guide you through turning off the service to ensure hackers can no longer exploit the security flaw. The Print Spooler will remain off until the PC is rebooted.

Step 1: Press the Windows key, and type Services, clicking on the Services App

[Link]

Step 2: Scroll down to the Print Spooler Service

[Link]

Step 3: Right-click on the Print Spooler Service and click Stop.

[Link]

To stay updated on all things McAfeeand on top of the latest consumer and mobile security threats, follow @McAfee_Homeon…

Source…