Thursday, January 7, 2016

New Standard in Business E-Mail

Nearly all businesses rely on email to assist with day-to-day activities. But many businesses haven’t addressed new and seemingly unavoidable vulnerabilities.  If you are running an Exchange server on-premises or if you lack certain email security capabilities, your email could be at risk.
Here are 5 ways your email could be vulnerable:
  1. Unprotected infrastructures.

For on-premises deployments, physical security needs to be considered because the facilities where servers are located may be vulnerable. Many businesses don’t think about these risks until their offices are burglarized and their email servers are stolen or damaged. It’s especially risky for regulated businesses because this constitutes a data breach that may result in public disclosure and even fines.
  1. Lack of support.

Today’s standard requires email to be available 24/7/365.  However, most businesses run lean IT departments and lack the ability to offer 24/7 on-call service.  Unfortunately, when nobody is on-call, this can allow bugs to compound and increase in scale, causing critical security issues or costly downtime.
  1. Natural disasters.

Natural disasters are unavoidable and most businesses lack the ability to protect themselves against local outages or disasters because the necessary solution is extremely complicated to deploy.  As a result, if a disaster was to strike, they are left to deal with costly downtime and lost data.
  1. Cyber threats.

Cybercrime is on the rise and as criminals use more sophisticated tactics, email administrators need to find new ways to combat these threats.  The trouble is many businesses don’t have the right infrastructure or resources to keep up with the changes in technology. This could result in stolen data, passwords or worse, millions of dollars.
  1. Lost data.

Nearly half of all email sent and received today offers some business value to an organization.  But what happens if an employee deletes an email?  Or if someone sues the business?  If emails can’t be found or restored, it could result in permanent loss of data.

To mitigate the risks inherent to today’s email, your business must embrace a “New Standard” that requires high reliability, high security and intellectual property protection.  Does your business meet the standard?

Take this self-assessment to see how vulnerable your business is.

Wednesday, September 9, 2015

Pornography app snaps user's photo, demands ransom

If you've used Adult Player, sorry to hear it: It's an Android porn app that takes a photo of you with the phone's front-facing camera, immobilizes the device, and demands a $500 payment via a locked ransom screen to fix the phone and delete the photo.
This according to security experts at Zscaler, who identified the malware, which it describes as "ransomware [that] acts as a porn app." But even people who paid the Adult Player ransom (via PayPal) have said their phones still don't work, Sky News reports.
According to Zscaler, the only way out is to reboot the device in safe mode, strip the app of its administrator privilege, and then delete the app.
It also notes that Adult Player can't be found in the Google Play store, where, for security reasons, users should buy all of their apps. Other security experts say ransomware is on the rise, and Intel Security warns that the number of new ransomware samples spiked 127% since 2014, the BBC reports.
"One of the reasons for the increase is that it's very easy to make," says Intel Security's CTO, who cites one group who reeled in more than $75,000 in two-and-a-half months.
"Apps like this rely on the embarrassment factor. If you don't pay, your reputation is on the line," he says. Other ransomware includes Porn Droid, which also locked phones and flashed a message demanding $500, Wired reports.
This one claimed that the FBI had locked the phone because it held "forbidden pornographic sites." (On the subject of porn, this porn site wants to give your kid a college scholarship.)

Wednesday, August 12, 2015

Encryptor RaaS (Ransomware as a Service)

A new ransomware has emerged and its very similar to tox as it is created for hackers to easily design encrypting ransomware payloads to distrube from their botnets. Since the creator of Tox was selling his operation, this could very well be the end result of that. The idea is to contract hackers with already operational botnets and campaigns use this page to create encrypting ransomware binaries to their specifications and then hand off 20% of their succussful scams to the Encryptor RaaS author.

All a hacker has to do with this page is just input the bitcoin wallet address they want the funds to go to. Then customize the price they want for immediate payment, late payment, and lastly a timer for what is considered a late payment. Skip forward to infecting a victim and there is no GUI popup. Just all your documents are now encrypted and you have this new instructions text at every directory.

Typically you have to install a layered tor browser to get to here, but tor2web currently is supporting a gateway to the page even if you’re just using a normal browser like firefox or chrome. Here is what you’ll be presented with.

Instructions are fairly clear on how to install a bitcoin wallet and send money to the hackers holding your files ransom. If you wait too long then the price will go up – and is set by the generator we showed earlier. Once you have paid the ransom this page will update showing “PAYED” and will then have a link to the decryptor. The decryptor doesn’t have a GUI either and will just run in the background until all files are decrypted.

MD5 Analyzed: D87BA0BFCE1CDB17FD243B8B1D247E88
Additonal MD5 Analyzed: ECDACE57A6660D1BF75CD13CFEBEDAEE

Webroot will catch this specific variant in real time and heuristically before any encryption takes place. We’re always on the look out for more, but just in case of new zero day variants, remember that with encrypting ransomware the best protection is going to be a good backup solution. This can be either through the cloud or offline external storage. Keeping it up to date is key so as not to lose productivity. Webroot has backup features built into our consumer product that allow you to have directories constantly synced to the cloud. If you were to get infected by a zero day variant of encrypting ransomware you can just restore your files back as we save a snapshot history for each of your files up to ten previous copies. Please see our community post on best practices for securing your environment against encrypting ransomware.

Monday, August 3, 2015

Your smartphone–that mini computer that lives in your pocket–deserves the same protection as your personal laptop and work computer does.
Use the following guidelines to protect your on-the-go information from hackers and thieves.
  • Use a pin or password to protect your smartphone. Do not share the password with strangers and do not keep the password on the phone itself. Longer and more complex passwords are recommended.
  • Download phone apps from trusted sources only, like the Apple Store and Google Play. Do not put any unsolicited software on your phone.
  • Back up your phone regularly. Make copies of important contents–pictures, videos, email, music, documents–and store them on a computer hard drive or through a cloud-based backup service. Click here for PC Magazine’s roundup of top online backup providers.
  • Keep your operating system software and app software current with the latest updates from the manufacturer. Updates will likely include security improvements too.
  • Shut down Wi-Fi and Bluetooth connections when you are done and be sure to use only trusted Wi-Fi providers to conduct business by phone.
  • Some apps need permission to access personal information and some don’t, so be careful and check the privacy settings for any app before you install it on your device.
  • Install a locater app that will help you to find your phone if it is misplaced and another app that will allow you to remotely clear the phone of personal information if it is lost or stolen.
If you use an Android phone, please take this advice­—now.
For your protection, never buy apps from any discount sellers and always use a malware or security scanner to weed out problems with software before an infection can occur, according to a new report from G Data Security Labs.
For recommended malware scanning software, check out this list from Android Authority.
Also, be careful when it comes to giving permission for any app to access your personal information. Not all apps need access to all of your info, so don’t automatically approve every request.
Research from G Data Security Labs says that data on Android phones or tablets can be vulnerable to almost 4,900 new malware files that are introduced every day.
“The report suggests that Android devices are becoming a bigger target for the bad guys and more profitable than in previous years,” said Andy Hayter, security evangelist for G Data.

Two Million Threats Ahead

G Data Security Labs says the number of new malware strains jumped 6.4 percent to 440,000 in the first three months of 2015 from the fourth quarter of 2014. An estimated 2 million new malware strains are expected for all of 2015.
Some of the most dangerous threats target financial information.
“The use of smartphones and tablets for online banking is increasing rapidly. With its dominant market position, the Android operating system in particular is coming to the attention of cyber criminals,” said Christian Geschkat, G DATA Mobile Solutions Product Manager.
“Hence it is no surprise that attackers are developing and distributing financial malware such as banking Trojans especially for this platform,” Geschkat said. “As such, we are expecting a significant increase in financially motivated malware for the Android operating system this year.”
Keep your app purchases confined to the Google Play store or a Google-approved vendor, and you should be OK, but don’t ever let your guard down or assume a piece of software is safe until it’s been tested.

Monday, July 20, 2015

A Brief History of Malware

Malware has come a long way in 30 years. Back in the 70s, the idea of malicious software was an interesting thought experiment. What if computer programs could take control of a computer? What if they could create gigantic data-harvesting networks of thousands… or even millions of computers? What if someone could control that network and use it for illegal activities?
Today, the early days of malware seem like a simpler, more innocent time—a time before botnets, worms, and ransomware. It was a time when you could browse any old website with impunity, and you didn’t see every night on the news that another major retailer had a few million credit cards stolen (including yours). Let’s take a quick look back at the last 30 years, and see how we got to where we are today: the age of malware.

The Good Old Days
Let’s set the stage: It’s 1986. Madonna is everywhere. The word “virus” being applied to computer programs was uttered only in the dark corners of the tech companies of the day. New microchips are making home computers more affordable (but not too affordable). And in Pakistan, a 19-year-old boy and his brother release one of the earliest boot sector viruses.
The program, called Brain, is considered to be the first IBM compatible virus and was responsible for one of the first “real” virus epidemics. Spread via floppy disks, the virus replaced the boot sector of the disk with a copy of the virus. And what was the outcome of this epidemic? Well, not much besides a little bit of lost memory and some annoying messages. It turns out the authors had intended the program to protect their medical software from piracy (the virus displayed a message with their phone number and copyright information) and had no intention of spreading it across the entire world. But, what started as harmless thought experiments and programmer hijinks quickly morphed into something much more serious.

Fast forward to the early 90s. It’s time for viruses to go mainstream. Somewhere along the line in 1992, the news media got ahold of a story about a computer virus named Michelangelo that, supposedly, was going to pretty much blow up the entire business world on March 6th, the birthday of the Renaissance artist.
The story went like this: an unknown number of computers in the world were infected with the virus, which few people realized because the virus was dormant for 364 days of the year. On March 6th, the virus would spring to life, and any infected computers booted on that day were kaput. Since no one knew how many computers were infected, or where those computers were, there was wild speculation in media sources about how much damage it would cause, with some would-be experts citing millions and millions of computers.
What happened on March 6th, 1992? Not much, really. Somewhere between 10 and 20 thousand computers reported data loss, and the media realized, once again, that computers and viruses are boring. All the while, malware writers are getting more and more sophisticated, and they’re getting closer and closer to real breakthroughs that are going to shape the cybercrime industry we know in 2015.

Things Start Looking Scary
In the early 2000s, we start to see the dramatic escalation and explosive growth of malware. In short, it was the beginning of the modern malware era. Although they had been around for a while, autonomous malicious programs called worms were just starting to make a big impact via personal email, reaching thousands or millions of home users.
Cybercriminals had gotten more and more savvy at utilizing exploits on a massive scale, instigating drive-by downloads, buffer overflows, and all manner of mayhem. As the number of threat vectors, malware varieties, and popularization of web-based exploits increased, so too did the number of infections, and cybercriminals started using massive networks of infected computers in concert called botnets.
Cybercriminals use these to create gigantic spam bots or display advertisement revenue machines. Or, they use these to initiate denial of service attacks—when they tell their millions of zombie computers to repeatedly ping or query servers or websites, crashing them in the process.
Malware growth since the early 2000s has been explosive, and exponential. Today, cybercrime is its own industry, with pay-2-hack services, pre-made, easy-to-use kits for consumers, and completely automated malware design (viruses making viruses?!!).

history of malware
Cybercriminals are getting professional. For example, encrypting ransomware, a popular form of malware that locks personal or sensitive files and demands a payment to unlock them, has been making money for cybercriminals for years. But, recently, cybercriminals released variants that have very specific targets, like infecting PC gamers with ransomware that encrypts save files and crucial game files. That’s some highly targeted marketing.
It’s kind of wild to think that in the course of 30 years—less than half of the average human lifespan—that malware has evolved from silly jokes that programmers played on one another into a worldwide, thriving, multi-billion dollar industry with the equivalent of CEOs, managers, and frontline employees.
Malware isn’t the only thing that’s invading this summer. Webroot has teamed up with Pixels to feature a totally different kind of invasion. Find out what’s going on and fight back against all your favorite 8-bit arcade nemeses (and a few heroes) that are invading the cities of the world in Pixels!
How are you going to protect yourself from the invaders?

Tuesday, June 30, 2015

Hosted PBX saves you 50% or more... and we can prove it!

How much can you save with Hosted PBX? Our study looked at 19 companies' phone costs and the results might be surprising. To see how businesses like yours save 50% or more, watch this 1 minute video.
Cost savings are just the beginning. Hosted PBX offers a full suite of Fortune 500 style features, such as auto attendant, hunt groups, music-on-hold, conferencing, and much more. Getting started with Hosted PBX is simple and, of course you can keep your existing phone numbers.