Blog

MICROSOFT HELPS FIXING DESKTOP FLAWS FOR WINDOWS 10

Microsoft has recently released new patches looking upon the threats and flaws which is leading to the elevated risks associated with wormable vulnerabilities. They have also mentioned that users are urged to patch by Microsoft Security Response Centre (MSRC).

What Hackers Did Previously

Hackers Previously Did

Previously the attackers used to attack by sending specially crafted requests to their respective remote service of targeted unpatched windows system via RDP. After successfully sending this they could change, view or delete data; also, they can create a new user account with all rights of a user or administrator.

Microsoft Released Patch

Microsoft Patch

Looking upon this rising issue, Microsoft has introduced a patch against two leading flaws where they have also stated, “the users are urged to patch”. Patching this will lead the user to make its device more secure and prevent their device from the attackers. This will also help prevent their personal data to come into the public eye and will always be protected from these attackers.

Previous Patch

Microsoft Previous Patch

There was a flaw introduced Bluekeep which was patched three months ago. Bluekeep used to threat actors to create malware which used to be propagated between windows devices running vulnerable RDS installations.

To know more please visit our website Ideastack.

Comodo Threat Research Lab uncovers new trick used by hackers to attack enterprises  

A different type of phishing email attack targeting enterprises using SWIFT monetary messaging services has been discovered this month by Comodo Threat Research Lab. SWIFT (Society for Worldwide Interbank Financial Telecommunication) messaging forces are employed by approximately 11,00 banking, business clients and safety organizations.

Cybercriminals are now employing it to aim enterprises by sending a phishing email and mailing malware in their inboxes. The attackers send emails with attachments and direct the recipient to open the add-on to get information about the quantity that has been transferred to their chosen account. However, the add-on contains malware (Trojan.JAVA.AdwindRAT), which is transmitted into the user’s system if it is opened. 

 anti-adware process.

Once it has entered into the system, the malware can evolve and enter the registry, spawn numerous processes, and can also try to get rid of antivirus and anti-adware process. It additionally drops malicious files to make an association with the domain in a secretly hidden encryption network. 

Comodo has warned that this virus can disable Windows restore alternative and the User Account Control. The malware works as a cyberspy, enabling attackers to spy the scheme and access the in order about venture network and endpoints. 

 

The moment attackers have access to all the complex information, they can go through additional viruses into the system to rob some of the most private information of the organizations.  

Comodo rationed that the hackers are using SWIFT systems for hiding in plain sight because of basic human psychology to feel excited arousal for money, especially where bank account affairs are concerned.  

If you are looking to avoid this type of malware attack you must go through  Ideastack VPS server with full protection to all System servers.

Petya/Petwrap ransomware

Petya_Petwrap Ransomware

Affected Countries:

UK, Ukraine, India, The Netherlands, Spain, Denmark, and others.

Behavior:

Encrypts MFT (Master File Tree) tables for NTFS partitions and overwrites the MBR (Master Boot Record) with a custom bootloader that shows a ransom note and prevents victims from booting their computer.

Actions to be taken:

1. Block source E-mail address:

[email protected]

2. Block domains:

http://mischapuk6hyrn72.onion/
http://petya3jxfp2f7g3i.onion/
http://petya3sen7dyko2n.onion/
http://mischa5xyix2mrhd.onion/MZ2MMJ
http://mischapuk6hyrn72.onion/MZ2MMJ
http://petya3jxfp2f7g3i.onion/MZ2MMJ
http://petya3sen7dyko2n.onion/MZ2MMJ
http://benkow.cc/71b6a493388e7d0b40c83ce903bc6b04.bin
COFFEINOFFICE.XYZ

Accueil

3. Block IPs:

95.141.115.108
185.165.29.78
84.200.16.242
111.90.139.247

4. Apply patches:

Refer(in Russian): https://habrahabr.ru/post/331762/

5. Disable SMBv1

6. Update Anti-Virus hashes:

a809a63bc5e31670ff117d838522dec433f74bee
bec678164cedea578a7aff4589018fa41551c27f
d5bf3f100e7dbcc434d7c58ebf64052329a60fc2
aba7aa41057c8a6b184ba5776c20f7e8fc97c657
0ff07caedad54c9b65e5873ac2d81b3126754aac
51eafbb626103765d3aedfd098b94d0e77de1196
078de2dc59ce59f503c63bd61f1ef8353dc7cf5f
7ca37b86f4acc702f108449c391dd2485b5ca18c
2bc182f04b935c7e358ed9c9e6df09ae6af47168
1b83c00143a1bb2bf16b46c01f36d53fb66f82b5
82920a2ad0138a2a8efc744ae5849c6dde6b435d

myguy.xls EE29B9C01318A1E23836B949942DB14D4811246FDAE2F41DF9F0DCD922C63BC6

BCA9D6.exe 17DACEDB6F0379A65160D73C0AE3AA1F03465AE75CB6AE754C7DCB3017AF1FBD

Everything You Need To Know About Encryption

When it comes to computing, encryption is the process by which plain text or any other kind of data is transformed from a legible form to a programmed version that can only be decoded by another unit if they have access to a decryption key. Encryption is one of the most important processes that give data security, especially for end-to-end security of data transferred across networks.

Data Center Security

Encryption is used on the internet on a large scale, mainly to secure user information being transmitted between a browser and a server, including passwords, payment information and other personal information that should be kept private. Organizations and individuals also usually use encryption to secure sensitive data stored on computing devices, servers and mobile devices like phones and/or tablets.encrypted file system

Unencrypted data, that is usually pointed as plain text is encrypted using an encryption algorithm and an encryption key. This methodology generates ciphertext that can only be seen in its unique form if decrypted with the correct key. 

Decryption is simply the inverse of encryption, subsequent the same steps, but taking back the order in reverse which the keys are functional. Today’s most widely implemented encryption algorithms fall into two topics: symmetric and asymmetric.

Hosting Service provider list

Symmetric-key encryption is usually much faster than asymmetric encryption, but the sender must exchange the key used to encrypt the data with the recipient before the recipient can execute decryption on the ciphertext. The need to steadily distribute and manage large numbers of keys means most cryptographer methods use a symmetric algorithm to efficiently encrypt data, but use an asymmetric algorithm to securely swap over the secret key.

Following are a few benefits of Encryption:

Authentication: the origin of a message which can be verified.

Integrity: A proof that the inside of a message have not been transformed since it was sent.

Nonrepudiation: the sender of a message cannot reject transferring the message.

For more information, you can visit: Ideastack

INTERNET SHAMS: BEWARE!

Internet fraud has been an increasing concern for civilians and law-enforcement agencies. Because tracking hackers is difficult and almost next to impossible and catching Internet frauds is even more challenging, the best protection is to avoid fraud attempts. The first part of sidestepping identity theft, viruses and other intrusions is being able to identify frauds when you see it.

Malware Attacking

An Internet fraud is the use of Internet services or software with Internet access to defraud victims or to otherwise take advantage of them; for example, by stealing personal information, which can even lead to identity theft. Internet services can be used to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to others connected with the scheme. Research suggests that online scams can happen through social engineering and social influence. It can occur in chat rooms, social media, email, message boards, or on websites.

ONLINE FRAUDS AND IT’S TYPES:

#1 Identity theft

It’s easy to store and access personal information on the Internet. Unfortunately, that means it’s also easy for people to obtain this information illegally. This is identity theft. Stolen details such as names, addresses, birth dates, and account or card numbers all build up an identity that can be used to commit fraud. Because online trading isn’t face-to-face, it’s easy for someone to hide behind a stolen identity and make fraudulent purchases or requests.

In cases of identity theft, the bug will attempt to retrieve passwords, Social Security numbers, credit card information, home addresses and telephone numbers. Other bugs will embed themselves in the computer’s registry and damage system performance.

#2 Spams

Spam is implicated in a common form of fraud, in which bulk emails are dispersed to millions of email addresses in an effort to corrupt people’s computers, steal identities or pull unknowing individuals into paying for fraudulent products or services. A spam message will offer any number of false dealings to recipients. Popular offerings including low-interest loans, free credit report checks, sweepstake winnings and relationships with “local” singles. These types of scams require people to open a message and click on a link. This opens up the computer to a virus, worm or other “bug” that will corrupt the computer.

#3 Computer hacking

Phishing emails are commonly used by scammers to trick you into giving them access to your computer. They ‘fish’ for your personal details by encouraging you to click on a link or attachment. If you click, malicious software will be installed and the hacker will have access to files and information stored on your computer. A Phishing email often appears to come from an organisation that you know and trust, like a bank or financial institution, asking you to enter your account password on a fake copy of the site’s login page. If you provide your account details, the scammer can hack into your account and take control of your profile.

DDOS Protection

#4 Credit Card Fraud

This scam requests that a consumer registers or inputs credit card information on a fraudulent website. The site may sell products or services. When a reputable, trustworthy vendor asks for credit card information, it won’t save the data without user permission and will take steps to keep user information safe. Fraudulent sites will ask for the same information as does a reputable site, but will steal the information and make purchases using the data the credit card owner gave to the website.

#5 Advance fee scams

An advance fee scam is fairly easy to identify – you will be asked for money or goods upfront in return for giving you credit or money later. These advance fee scams can seem convincing and have taken in many people. One example of an advance fee scam plays out in online auctions. If a buyer sends you a check for much more than you asked, be suspicious. If you accept the check and refund the extra money to the buyer, you may find out later that the check was bad and that you’ve lost the whole amount.

#6 Click fraud

Click fraud occurs when websites that are affiliates of advertising networks that pay per view or per click use spyware to force views or clicks to ads on their own websites. The affiliate is then paid a commission on the cost-per-click that was artificially generated. With paid clicks costing as much as US$100 and an online advertising industry worth more than US$10 billion, this form of Internet fraud is on the increase.

Cybersecurity

Tips to steer clear being Scammed:

So perhaps you’re already familiar with all of these scams, Hurrah! But realize that every day brings a new scam. How can you stay safe? Don’t be greedy. If a stranger contacts you offering money, think twice. Be skeptical. If you get an email from a friend or stranger that strikes you as odd, ask some questions.

Educate yourself. Learn the basics of computer safety and online security. Can you tell a secure website from an unsecure one? Do you know what Verisign is? The more you know, the safer you’ll be.

To know more visit Ideastack.

Last Edited: 06/05/2020

Open chat