HitByMalware

If you were hit on the head by malware, would you even notice?

Did you know that in most cases, you do not realize when you have been hit by malware?

At least the site that has been said to be the source for a recent attack on Facebook, Apple and Twitter, claims to have known nothing of being compromised before reading about the security breaches on the news. Bloomberg.com tells the iPhone software development site was most likely used for a waterhole attack by East-European criminals.

Most malware programs use the vulnerabilities in popular software to get installed so that you do not even recognize the threat. New exploits are detected around the world all the time, and for example Java is usually at the top of the targeted software list. The amount of malware is alarmingly high, almost 60% of respondents of a Ponemon study confirmed over 25 malware incidents in their environments each month.

Sophisticated malware contaminates your pc or mobile just by a visit to an infected website, by opening an Office document, pdf or other document with an exploit. You will not notice anything peculiar. The days of the very obvious spam mails with malware in them is over. Today, the mails and sites with infection look just as original and trustworthy as any other and you would be “happily” unaware of anything out of the ordinary going on. Until the reality hits in and the repercussions of the attack get real.

The biggest amount of vulnerabilities comes not from the operating system, but from 3rd party software. Exploit kits are in the wild only a few moments after a fix to a vulnerability is released.

Administrators currently don’t necessarily have visibility to what 3rd party software is installed. Keeping up with all the patches and updates for all used software, and making the necessary updates takes a lot of time and effort.  For example, this June alone, my colleagues counted well over 100 vulnerabilities just in the most common software for Windows workstations.

To make it more challenging, usually, after all the necessary updates are done, the admin has to start it all over again when new security updates are available. Often as soon as the next day…

The F-Secure experts can offer a solution: Software Updater not only studies the available patches, but also installs security updates automatically and covers both the operating system and 3rd party software. However, administrators can easily define exclusions for the automatic mode if and when necessary.

Cheers, Eija

More posts from this topic

amazon Echo, voice-activated, internet of things

Yes, Your Voice-Activated IoT Devices Are Always Listening

What's easier than typing, clicking or even swiping left? For most of us, speaking. Until we can get actual USB ports in our brain, our mouths may be the quickest way to make our our desires known to our devices. And as it Internet of Things develops, we're going to be doing more and more talking to machines, including our thermostat, light bulbs and possibly even our drones. Fans of Siri and the Amazon Echo are already familiar with the benefits of a conversational interface. But, as with any new technology that gains widespread adoption, privacy and security concerns are inevitable. We spoke to F-Secure's Cyber Gandalf Andy Patel about what users of voice-activated technology should know as they make the leap into this newer realm of connectivity that has long been imagined by science fiction visionaries from Philip K. Dick to Star Trek's Gene Roddenberry. So are these voice-activated devices listening all the time? Yes. In order for a device to react to a voice command without the user pressing a button to activate the feature, the device must listen all the time. How could this be used against us? If a device streams voice data to a server for processing, a few privacy and security implications arise. If the data is being streamed in an insecure way, it can be intercepted by a third party. If the speech data is stored insecurely, it can become compromised in the case of a data breach. It can also potentially sold to a third party. Speech is processed into text. That text might be stored, it might be associated with its source, and it could also be leaked. When the speech processing service returns data to the device that requested the processing, it could also be intercepted. Are the any real privacy concerns for owners of voice-activated devices? Some companies outsource their speech recognition services and cannot properly account for the processes and collection methods used by those companies. Along those lines, just last year, Samsung TV voice recognition made the news for recording owners' chatter. Voice command systems can also be maliciously hijacked. Last year, a group of French researchers demoed a method for remotely controlling Siri from a distance, using sounds that triggered Siri’s voice control, but that couldn’t be recognized by a human. So what will voice-activated technology look like in five or ten years? Big names are interested in voice control because they attach it to AI and machine learning systems -- which are, in turn, fed by the Big Data they’ve collected -- for an interactive experience. The end goal would be a scenario where you could ask your computer to perform arbitrary tasks in the same manner as on Star Trek.

July 21, 2016
BY 
Traveling and using public wifi - privacy is at risk

Free Wi-Fi is a vacation must, but are we paying with our privacy?

We used to search holiday magazines to find the hotel that offered the biggest pool and then triple check that the hotel has air conditioning. If we were really picky, we wouldn’t look twice at a hotel that didn’t offer cable TV. Now we see the perfect summer holiday in a different light. We can’t possibly leave our smartphones, tablets and laptops behind. A survey by Energy Company E.ON revealed that the most important feature hotels must have to even be considered is free Wi-Fi. Why do we find it so difficult to disconnect ourselves from the digital world? Even when we’re sitting in the beautiful sunshine, sipping on cocktails and splashing in the sea? Partly our digital dependence is practical, of course. The web helps us navigate around our holiday destinations finding the best attractions, the coolest bars and most remote beauty spots. But if we’re honest, many of us would admit that we’re so digitally connected because we don’t want to miss anything happening on Facebook, Instagram, Snapchat, Twitter and all the other social apps filling our electronic wonders. We continue to check in, trying to make our friends jealous by posting the latest update about our perfect holiday. Now that we’ve settled that an internet connection is a top holiday priority, why don’t we just use our phone network? Simple: we’ve all heard the horror story of someone getting crazy high bill after spending just a few days in Spain. So, we’re constantly on the search for a local bar or café that offers free Wi-Fi. It’s a fantastic feeling to be wiser than our internet provider – they can’t spring us with unheard-of charges. But connecting to public Wi-Fi comes with its own risks, and, I would argue, scarier ones than an unexpected post-holiday bill. For example, take a look at this infographic. It shows the personal data that can be intercepted and the risks you face to your privacy when you connect to public Wi-Fi without using a VPN. If the thought alone of anyone being able to snoop on what you do online isn’t enough to want to run away from ever connecting to public Wi-Fi again, then think about the bigger risks. The worst case scenario here is you could become a victim of stalking, receive threats, or have your identity stolen. This might sound farfetched, but with what information you reveal on public Wi-Fi, is it worth the risk? If you use a VPN like Freedome while on public Wi-Fi, all your internet traffic will be encrypted. This means instead of your internet traffic connecting directly to the websites from your device, revealing exactly what you’re doing online to the Wi-Fi provider, the VPN will garble your internet traffic and keep what you’re doing online anonymous. You internet privacy and safety is our biggest concern here, and Freedome will definitely provide that security. But here’s a little extra to boost your internet love and consumption when on holiday abroad: When in another country, you might not be able to stream your favorite content from back home. But with Freedome VPN, you can be “virtually” back in your home country, accessing all your favorite content as if you never left.

July 20, 2016
BY