https://spinsafe.com/wp-content/uploads/2024/03/ADG_fb_alt.png625834SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2024-03-09 06:30:092024-03-09 06:30:09Free Windows Security can keep your computer safe | The Arkansas Democrat-Gazette
Trading in cryptocurrency? You might be sitting on a pretty penny in that digital wallet of yours. Feels great, doesn’t it? But here’s the catch with digital currency: keeping it secure isn’t a walk in the park.
Hackers are out there, working overtime to come up with new tricks to swipe your crypto, potentially emptying your wallet in one fell swoop. Yep, for these cyber thieves, your digital cash is the ultimate prize. And the worst part? Most of the time, you won’t even realize you’ve been hit until your balance is zero.
Case in point: there’s this fresh malware out there, specifically targeting macOS, Android, and Windows devices. It sneaks in through pirated software, hunting for your cryptocurrency to make it its own. Here’s how it works.
What is the new malware targeting cryptocurrency users?
The cybersecurity company Kaspersky has uncovered a sophisticated new malware campaign designed to pilfer cryptocurrency from users’ wallets. This campaign leverages pirated or improperly licensed software as a vector for infection, exploiting the common practice of seeking out ‘free’ versions of paid software online.
These cracked applications, distributed through unauthorized websites, are embedded with a Trojan-Proxy type of malware. This malware is not limited to just macOS users, as recent findings have shown; variants targeting Android and Windows platforms have also been discovered, connecting to the same Command and Control (C&C) server. These variants, like their macOS counterparts, are concealed within cracked software, illustrating the widespread risk across different operating systems.
Once the malware is downloaded into your device, it’ll immediately start checking for Bitcoin and Exodus cryptocurrency wallets. If it discovers either one (which is very unfortunate for some users who have both), the malware replaces the wallet and infects it with another version that’s able to steal the cryptocurrency. For some people, this could amount to thousands of dollars. And, it’s all because you unintentionally downloaded the malware to your macOS, Android, and Windows devices.
https://spinsafe.com/wp-content/uploads/2024/03/cryptocurrency.jpg600800SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2024-03-09 03:30:132024-03-09 03:30:13Hackers use pirated software to hijack Mac, Android, and Windows devices
Offline or online, there is always a threat of data being stolen. As the online transactions and dependencies have increased, you should have software in place that can safeguard your data. In this post, we will share a list of the best free anti-hacker software for Windows 11/10.
Free Anti-hacker software for Windows 11/10
Understand one thing – there is no such thing as anti-hacking software. However, the use of these free software can help protect your computer from hackers, and so can be loosely called anti-hacker software:
Windows Security and OneDrive
Ghostpress
Anti-Hacker
Detekt: Open source anti-surveillance software
Network Security Tools.
1] Windows Security & OneDrive
The in-house security software from Windows offers excellent features, so you don’t need a third-party Antivirus or security solution. It provides:
SmartScreen for apps, Edge (for malicious downloads and sites), and Microsoft Store Apps
Exploit protection offers CFG, Data Execution Protection for the system, and applications
Ransomware protection protects your files against lockouts. It can restore locked-out files by Ransomware. One Drive is popularly used to recover data.
Controlled Folder Access makes sure unfriendly applications don’t have access to files and folders without your permission.
Device Guard restricts un-authenticated, unsigned, unauthorized programs as well as Operating System to load.
Credential Guard available only in Windows 10 Enterprise Edition and devices which support Secure Boot and 64-bit virtualization. It offers protection against direct hacking attempts and malware seeking credential information.
2] Ghostpress
Keylogging is an old technique used by software to catch all your keystrokes and then arrange them to figure out the username, password, credit card details, and so on. Because of this, a lot of online websites, including Banks offer virtual keyboard to bypass such software.
Ghostpress is one of the free anti-keylogger software which hides and manipulates all your keystrokes on a love level so that software cannot get the correct data. It includes a security measure that prevents any attacks. To make sure the software is not killed in the background, it offers Process…
https://spinsafe.com/wp-content/uploads/2024/03/Ransomware-Protection.png317600SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2024-03-05 23:31:062024-03-05 23:31:06Best free anti-hacker software for Windows 11/10
The notorious and highly prolific North Korean Lazarus criminal hacking group has been exploiting an admin-to-kernel privilege escalation Windows security flaw using an updated version of its FudModule rootkit.
What Is CVE-2024-21338 And Why Is It So Dangerous?
In a detailed analysis of the exploit, Lazarus and the FudModule Rootkit, Jan Vojtěšek from the Avast Threat Labs explains how researchers found the exploit for this previously unknown zero-day vulnerability in the Windows appid.sys AppLocker driver.
Although the vulnerability itself, which is monitored as CVE-2024-21338, was reported to Microsoft by Avast in August 2023 along with a proof-of-concept exploit, it wasn’t patched until the February 13 Patch Tuesday updates were made available. However, when the updates were distributed, CVE-2024-21338 wasn’t listed as a zero-day with exploits in the wild.
“From the attacker’s perspective, crossing from admin to kernel opens a whole new realm of possibilities,” Vojtěšek says. “With kernel-level access, an attacker might disrupt security software, conceal indicators of infection (including files, network activity, processes,) disable kernel-mode telemetry, turn off mitigations, and more.”
As for the FudModule rootkit, Vojtěšek says this represents “one of the most complex tools Lazarus holds in their arsenal.”
Microsoft Issued Fix As Part Of February Patch Tuesday
Microsoft has now published an updated security advisory recognizes this as a zero-day vulnerability.
Impacting various versions of Windows 10, Windows 11 and Windows Server, users are advised to check the updated security advisory and apply the patch if they have not already done so.
That Microsoft has now issued a patch for this vulnerability means, the Avast analysis says, that Lazarus’ offensive operations will undoubtedly be disrupted.
“While discovering an admin-to-kernel zero-day may not be as challenging as discovering a zero-day in a more attractive attack surface (such as standard user-to-kernel, or even sandbox-to-kernel),” Vojtěšek concludes, “we believe that finding…
https://spinsafe.com/wp-content/uploads/2024/03/0x0.jpg9001350SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2024-03-02 01:30:092024-03-02 01:30:09Dangerous Windows 10, 11, Server Zero-Day Exploited By Lazarus Hackers