Posted by on

used with permission from FTC.gov., by Andrew Smith, Director, FTC Bureau of Consumer Protection

Mention the word “ransomware” at a meeting of small business owners and you’ll feel the temperature in the room drop by 20 degrees. A ransomware attack is a chilling prospect that could freeze you out of the files you need to run your business. When FTC staff met with business owners across the country, you cited ransomware as a particular concern. New resources from the FTC can help protect your company from this threat.

Ransomware: How It Happens

What is a ransomware attack? It can start innocently enough. An employee clicks on a link, downloads an email attachment, or visits a website where malicious code is lurking in the background. With just one keystroke, they inadvertently install software that locks you out of your own files. The cyber crook then demands a ransom, often in the form of cryptocurrency.  Read more...


Posted by on

At the end of May the Cisco Talos security team released information on a new attack on consumer network infrastructure. The attack affects dozens of models of routers commonly used in home and small business networks. It is estimated that over 500,000 devices have been infected and the threat is significant enough that the FBI released a public service announcement (Read Announcement)

New information on this malware has been released indicating that it has additional functionality for persisting through a reboot, as well as for stealing user data. Disinfecting a device will require a factory reset as well as flashing the latest firmware. SpireTech is scanning the networks of our Managed Services customers (VIP Support Program) to identify any potentially vulnerable devices and perform the necessary remediation. If you are one of our Basic Support customers (which does not include our proactive services) we would be happy to work with you to create a plan to identify if you have any vulnerable devices.  Read more...


Posted by on

used with the permission of http://thenetwork.cisco.com, by Stephanie Chan

Google announced Monday a ban on all Chrome extensions in the Chrome Web Store used to cryptojack computers. This newer form of hacking uses these extensions to get into a victim’s computer and use its resources to mine cryptocurrency. A blog post from the tech giant states that around 90% of these cryptojacking extensions were ignoring Google’s policies, instead using these extensions to host crypto-mining code.

Cryptojacking is often done without the victim knowing, and can seriously slow down computer performance by draining the Central Processing Unit (CPU) power. With the increase in the popularity of cryptocurrency like Bitcoin, many criminals are using cryptojacking to pull in profit. A blog by Cisco’s Harini Pasupuleti carefully outlines the way this malware works: malicious users plant JavaScript on a web browser that uses CPU to mine cryptocurrencies. The crime is deemed dangerous because it exhausts the system resources and degrades the victim’s computer performance.  Read more...


Posted by on

What are they and can they affect you?

These are two computer security vulnerabilities that were publicly disclosed on January 3, 2018.  Due to technical issues involved with modern processors, each of these vulnerabilities pose a potential risk for theft of sensitive user and system data that had previously been believed to be secure.  Both vulnerabilities take advantage of a feature of modern Intel CPU’s called Speculative Execution, this allows the processor to speed up branching operations by starting to execute what it thinks is the most likely outcome before the results have returned. In modern Intel processors this technique is beneficial as it significantly increases execution speed in most workloads. However, Meltdown specifically allows an attacker to exploit Speculative Execution and see the contents of Kernel space memory.  Spectre allows programs to execute code they should not be able to, and view data within other user-space programs. Any system that allows arbitrary code to be executed is potentially vulnerable to these types of attacks including javascript executed within your web browser.  Read more...


Posted by on

used with permission from Norton by Symantec, by Nadia Kovacs

adware-madwareIf you’re like most Internet users, you’ve never even heard of grayware, adware or madware. That’s because these are all lower on the threat scale in the world of malicious programming. What’s more, they toe the line between legitimate programs and actively harmful applications.

Here’s your quick guide to the new wave of code you don’t want on your computer:

What Is Grayware?

Grayware is a more succinct name for “potentially unwanted programs.” It’s not a virus and it’s not as obviously malicious as a lot of other problematic code floating around on the Internet. Make no mistake about it, though, that grayware needs to come off of whatever machine it’s on. Not only is it probably already really bothering you every time you use your machine, it’s also probably causing your machine long-lasting problems.

At their most innocuous, grayware infections are just annoying.  Read more...


Posted by on

We’ve had the privilege over the last couple of months to attend a couple of IT and tech industry conferences.  The NSA, FBI, and Homeland Security had speakers at these conferences and they are sending a message:  US Businesses are the target of sophisticated international cyber-crime rings.

Cyber-crime is a booming business

The presentations included details of how these criminals operate, mug shots, methods of intrusion, possible techniques to thwart their attacks, and the ever-present message: as IT professionals and business owners, we must be more vigilant. This isn’t about the big headline-grabbing intrusions we’ve heard about on the news, there are thousands of intrusions we don’t hear about occurring every day.

Typical Anti-virus software isn’t enough

Signature-based scanners, like used with anti-virus software, are easily circumvented. While it is recommended that we use commercial software, it is becoming evident that network-level (i.e. at the firewall) based scanners must also be employed.  While most firewall-based scanning techniques involve scanning inbound traffic, a particularly useful technique is to monitor outbound traffic and external DNS queries.  Read more...


Posted by on

used with permission from Norton by Symantec
by Nadia Kovacs

malware101

Spyware, ransomware, and bots, oh my! A lot of these terms are prevalent on the Internet, but it may seem impossible to know what all these terms mean, and how they actually affect your devices and personal information.

The term, “virus” has been the commonplace word for all malicious software programs for years now; however, a virus is just one type of malicious threat. A virus is classified as a self-replicating piece of malicious code that travels by inserting itself into files or programs. The threats on the cyber landscape have evolved into more than just viruses, and can cause much more damage than viruses can. All of the threats on the Internet landscape are types of malicious software, and therefore now fall under the umbrella term, “malware.”

Malware That Causes Annoying Behaviors

Not all malware is destructive in nature. However, it can still cause extremely annoying behaviors such as generating an overabundance of pop up advertisements or it can cause your computer to run slowly.  Read more...


Posted by on

used with permission from Microsoft Safety & Security Center

malware_symptomsIf your computer starts to behave strangely, you might be experiencing spyware symptoms or have other unwanted software installed on your computer. Here are a few tips on how to detect malicious software:

  • I see pop-up advertisements all the time. Some unwanted software will bombard you with pop-up ads that aren’t related to a particular website you’re visiting. These ads are often for adult or other websites you may find objectionable. If you see pop-up ads as soon as you turn on your computer or when you’re not even browsing the web, you might have spyware or other unwanted software on your computer.
  • My settings have changed and I can’t change them back to the way they were. Some unwanted software can change your home page or search page settings. Even if you adjust these settings, you might find that they revert back every time you restart your computer.
  Read more...