Showing posts with label eset. Show all posts
Showing posts with label eset. Show all posts

Wednesday, December 18, 2013

ESET’s Threat Predictions for 2014

ESET predicts the three new trends for 2014: battle on internet privacy, new assaults on Androids, and a new wave of malware in the hi-tech industry.


eset_wallpaper


The concern for privacy on mobile devices has sky rocketed.

After the reaction from Edward Snowden’s leaks, the US National Security Agency (NSA) reveals that Internet users are fearful about their privacy and security in the digital age.

ESET experts are ensuring data is locked down (using encryption) which is the first step towards substantial security.

“The challenge to internet privacy has not meant a decrease in cases of people affected by any malicious code or other kind of computer threat,” the researchers write. “Concern about privacy is a good starting point, but it is essential for people to be aware of all aspects of Information Security. Otherwise, it is not possible to mitigate the impact of computer threats.”

ESET predicts an increase in serious threats targeting Android phones and tablets.  Detections show malware increased more than 60% between 2012 and 2013.  The increase is predicted to continue thru 2014.

The Latin American Research Laboratory for ESET in Buenos Aires points out that malware infested Androids use native PC attack methods to discover vulnerabilities.  Then they are exploited through malicious code.

Filecoders like ransomware Cryptolocker is the year’s most well-known attacks.  Cryptolocker is still spreading worldwide and is expected to continue in 2014.  Bitcoin and other e-currencies are targets for cybercriminals, along with threats against smart cars, game consoles, and smart TVs.

Here is the full Trends 2014 Report: The Challenge of Internet Privacy.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+


References:
ESET’s Threat Trends Predictions 2014: – We Live Security
http://www.welivesecurity.com/2013/12/17/esets-threat-trends-predictions…
December 17, 2014
Posted by at No comments:
Labels: ,

Wednesday, September 25, 2013

Filecoder: Your data is being held at ransom

Trojans put messages into user files and try to demand a ransom from victims in exchange for a decryptor utility.  Ransomeware is commonly known as a locked screen on your desktop, which tries to scare you into making some kind of payment to regain access to your computer again.

This is an old issue but it is noted to be a significant increase in Filecoder activity this summer.

ESET has detections of this malware category flagged as Win32/Filecoder, Win32/Gpcode, and other family names.

Statistics on ESET LiveGrid telemetry shows Win32/Filecoder detections have risen by 200% just in the last few months.  From January to June 2013 the detections have been at a normal level, but the spike since July is alarming.




Russia is most affected by these malware families, although these campaigns are spreading throughout the entire world.

file-infection-graphhttp://www.hyphenet.com/blog/filecoder-your-data-is-being-held-at-ransom/
Photo Credit: We Live Security

 

Infection Trajectory

Cybercriminals that incorporate Filecoder randomware use various methods of getting the malware to victims' systems:
  • Downloads from malware-laden websites
  • E-mail attachments
  • Trojan-downloader or backdoor
  • Manual instillation (this hurts the most)
  • Infection vectors
A scenario of the Win32/Filecoder.Q or the Win32/Filecoder.AA/Win32/Filecoder.W spreads through back-doors such as the Poison-Ivy R.A.T.  Victims are being sent the Poison-Ivy backdoor through email and are enticed to execute the malware onto their computer.  The C&C (command and control) server waits for the commands then the attacker would send the Filecoder Trojan  to the infected mainframe.

The Trojan is not stored as a file on the hard drive, but is ran in the memory of the computer.

There are other cases where the attacker manages to install Filecoder ransomware through Remote Desktop Protocal.   The keylogger is infected and weak passwords enable the attacker to gain full access to the aimed machine.

This "break in" disables antivirus protection while installing malware onto the compromised desktop.
Sometimes manual installation is needed due to the fact that a number of variants call for "user interaction", to set the encryption password.


 

Encryption Methods

Various encryption methods are used like:
  • Blowfish - a keyed symmetrick block cypher
  • AES - an encryption of electronic data based on the Rijndael cipher
  • RSA - an algorithm for public-key cryptography based on factoring large integers
  • TEA - a block cipher with implementation of a few lines of code
  • Hard coded in binary numbering system
  • Entered manually by command-line or dialog box
  • Randomly created and sent to the machine
It is a good idea to password-protect any anit-malware software you have on your computer to prevent it from being adjusted by an attacker.


password-protect


It is also equally important to backup your computer regularly, make sure all your anti-virus software is up-to-date and all setting preferences are correct.

Here is a good reference for cybersecurity: How FireEye has redefined cyberdefense on USATODAY.com: http://www.usatoday.com/videos/tech/2013/09/24/2861507/

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

References:
Filecoder: Holding your data to ransom - We Live Security
http://www.welivesecurity.com/2013/09/23/filecoder-holding-your-data-to-ransom/
September 23, 2013
Posted by at No comments:
Labels: , , ,

Friday, February 17, 2012

FREE Webcast: Creating & Managing a Cybersecurity Policy: Tips for the SMB

Cybersecurity Masters Series

Many small and medium-size businesses (SMB) operate under the mistaken impression that their size, or the minimal security steps that they have already taken, will protect them from cyberattacks.

Attend this LIVE Webcast
Wednesday, March 21st at 10 AM Pacific


According to the U.S. Chamber of Commerce's publication, Commonsense Guide to Cyber Security for Small Businesses, "This assumption is both inaccurate and dangerous. Attacks on information systems operated by small and mid-size companies are growing rapidly and are having a severe impact on business operations... Neither the size of your company nor the type of your business guarantees protection from an attack. If you use the Internet, you are vulnerable."

Join Stephen Cobb, Security Evangelist at ESET to discover:

  • How vulnerable SMBs like yours really are

  • How you can establish a cybersecurity policy for your organization

  • How you can to defend your company--and its employees, partners and customers--against online attacks


Register >>



About the Cybersecurity Masters Series


ESET's Cybersecurity Masters webinar series is designed to connect you with the experts. As an IT Security professional you will gain access to analysis and commentary from industry experts on the Cybersecurity front. » View the Series

Additional Webcasts


» Detection Methods - View
» Surviving Mobile - View
» Selecting AV Security - View

Hyphenet is an Authorized Partner of ESET


Along with ESET, Hyphenet is a proud sponsor of the Cybersecurity Masters Webinar Series.

Don’t miss out on the latest tech news and computer security alerts! Follow Hyphenet on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.
Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)