The WannaCry ransomware, which infected 200,000 business globally and made over $100,000 in ransom payments, is said to be one of the worst cyber attacks in history. However, a new ransomware strain named Nyetya is shaping up to be a more formidable security threat. It has already affected businesses globally, and security firms and researchers believe it to be stealthier and more sophisticated than WannaCry.

Worse than WannaCry

Nyetya is deemed worse than WannaCry mainly because it spreads laterally, meaning it targets computers within networks and affects even systems that have been patched. Because it also spreads internally, it needs to infect only one device to affect several others within a single network.

Cyber researchers trace its origins to a tax accounting software called MEDoc, which infected 12,500 systems in Ukraine. Since the initial infections in June, it has spread to thousands of networks in 64 countries. And although it hasn’t spread as fast as WannaCry, it might have a wider reach soon because it uses three attack pathways to infect a system. It hasn’t made as much money as WannaCry, which is why cyber researchers are concluding that the attacks are not economically motivated.

Read More

The recent WannaCry and Petya ransomware attacks have caused massive disruptions for Windows users. Although ransomware infection has slowed down in the past few weeks, many experts are saying that this is only just the beginning. Soon, newer and far more dangerous strains of malware will be developed. To help people defend against these threats, Microsoft has released new security features.

Controlled folders

With Microsoft’s new Controlled folders access feature, you can list certain documents and folders as “protected.” Only whitelisted apps can access and edit these folders, while any attempted changes by malicious apps are simply blocked by Windows Defender.

In theory, this should slow down a ransomware’s ability to encrypt critical information. Some reports suggest that other threats like malicious file macros and viruses can be prevented by this feature.

Read More

When we write about how antivirus software isn’t enough to keep you safe from malware, it’s not just scare tactics. There are so many ways hackers can break into your system that antivirus solutions will never catch. For a real-world example, look no further than the router exploit kit recently leaked from the CIA.

The Wikileaks CIA documents

For several months, the notorious website famous for leaking government data has been rolling out information it obtained from the Central Intelligence Agency. The documents detail top-secret surveillance projects from 2013 to 2016 and mainly cover cyber espionage.

In the most recent release, documents describe government-sponsored methods and programs used to exploit home, office, and public wireless routers for both tracking internet browsing habits and remotely accessing files stored on devices that connect to compromised networks.

Read More

Microsoft products usually have an end-of-support date, where no more feature updates and security patches will be offered. However, earlier this month, Microsoft has released a security update for Windows XP, an operating system that has been unsupported since 2014. Although releasing a patch for an old system seems unusual, Microsoft does have its reasons.

More WannaCry copycats

The primary reason why Microsoft reassessed their update policy for Windows XP was due to the success of WannaCry, a ransomware worm that encrypted hundreds of thousands of computers worldwide. Even though the attack did not affect XP computers, Microsoft anticipates increased risk of similar attacks for the outdated OS being developed in the near future.

According to Microsoft’s Head of Cyber Defense Operations Center Adrienne Hall, cyberattacks by government organizations and copycat hacking groups are imminent; and this time, they’ll improve upon WannaCry’s shortcomings. In fact, shortly after WannaCry was stopped on May 12th, other strains with more sophisticated code popped up seeking to exploit the same weaknesses.

Read More

Pop-up ads and videos can easily turn people away from a website. Google knows this and has come up with a solution set to launch early next year. With that in mind, here’s everything you need to know about Chrome’s ad blocker.

What is it?

Ad blocker from Chrome actually works like an ad filter, meaning it won’t block all ads from the website, only ones that are determined to be too intrusive, like video autoplay with sound as well as interstitials that take up the entire screen.

A group called the Coalition for Better Ads, which consists of Google, Facebook, News Corp, The Washington Post, and other members will decide whether or not the ads are to be blocked. According to Sridhar Ramaswamy, the executive in charge of Google’s ads, even ads owned or served by Google will be blocked if they don’t meet the new guidelines.

Read More

Protecting your business from crime – both internal and external – takes effort. But with criminals looking to take advantage of you on every front, it's an effort you need to make. But where do you start? To non-security professionals, knowing what to do can be difficult. To make your challenge a little easier, we've boiled down business security to three basic, more manageable steps.