Internet Explorer Features a Zero-Day Threat

Internet Explorer Features a Zero-Day Threat

Zero-day threats are all over the news when they are discovered, but what are they exactly?

In short, zero-day threats are vulnerabilities found in software that are currently being exploited in the wild without the developers having found a fix for them. In other words, the developer has zero days to prepare for such an exploit. One of the latest vulnerabilities of this nature utilizes Internet Explorer, and thankfully, there is now a patch for it.

This threat, dubbed the Double Kill Internet Explorer vulnerability, was found by Chinese developers from a computer security company called Qihoo 360 Core Security.

While they have been reluctant to provide any specifics about what this bug does, this doesn’t mean that you should let up on keeping a lookout for any warning signs. Granted, looking for these warning signs is considerably more difficult when you don’t know how to address or identify them, but it never hurts to err on the side of caution whenever possible.

This zero-day threat uses Word documents to spread. They leverage a flaw in the Windows VBScript engine to install a backdoor into the victim’s device.

Basically, when the Word document is opened, Internet Explorer will also open up in the background, triggering a download to an executable file. This file installs the Trojan horse malware without giving the user any reason to suspect that it exists. The hacker can then access the device at their leisure.

Knowing what the threat is makes it easier to combat, but we still don’t necessarily know much about it for sure.

For example, it’s not clear if all Word documents are affected, or if the threat uses Microsoft Office itself to infiltrate. It’s not even clear what role Internet Explorer has in the attack, or if the documents can be identified before the attack has taken place. Either way, it’s difficult at best to identify zero-day threats, so it’s critical that you keep security best practices in mind to prevent them from becoming major issues.

To get started on improving your security, you need to understand the basics.

For starters, you should never download a file from an unknown source. If you get suspicious emails that claim to be resumes, receipts, or other documents, always approach them with a grain of salt. It’s not always clear whether or not you’ll encounter dangerous entities while conducting business, but you can never be too careful or cautious. Enterprise-level security solutions provide an extra layer of security.

If your organization needs security solutions, WheelHouse IT can help. To learn more, reach out to us at (877) 771-2384.

How to Prevent PoS Breaches

How to Prevent PoS Breaches

Saks Fifth Avenue and Lord & Taylor are adding their names to the growing list of major businesses that have been cyber attacked. Many of these retailers have had their PoS systems breached, resulting in the potential compromise of information for millions of debit and credit cards.

Details about the Attack

One distinctive feature of the Saks and Lord & Taylor breach was that it was not only a PoS breach. Instead, the hackers took over the network to gain access to the confidential financial information. In these types of attacks on major retailers, hackers gain access to the network when privileged accounts are compromised. Traditionally, these cyber thieves gain access through phishing attacks, steal privileged information and elevate their privileges while gaining access to information through the network. The end goal for many of these thieves is the PoS system where the thief can steal information from debit and credit cards.

How to Prevent PoS Breaches

Retailers do not have to stand idly by until they become the newest victims of these PoS attacks. Some ways to reduce the likelihood of falling victim to a cyber attack include:

  • Use EMV or Chip-and-Pin Technology – The latest chip-enabled cards prevent privileged information about payment cards from being exposed. Replacing outdated magnetic strip readers with newer chip-enabled technology can protect cyber attackers from gaining access to his information.
  • Close Security Gaps – Attackers often gain access to PoS systems through employee’s compromised information. Retail networks should be secure and separate from the rest of the network. Additionally, retailers can automate the vault and protect and monitor credentials to prevent these cyber attacks.
  • Require Multi-factor Authentication – Implement multi-factor authentication on privileged accounts to provide greater security measures.

Contact an IT Specialist

If you are concerned that your business may be vulnerable to attack, it is important to talk to a qualified IT specialist. We can review your business’ security measures and assess your level of risk. We can recommend and implement best practices to provide greater security to your network. To schedule a professional consultation, contact us.

Daily Awareness Tips To Secure Your Computer

Daily Awareness Tips To Secure Your Computer

Start with these 3 tips on securing your computer and head on back to WheelHouse IT for the rest!

Securing your computer and guarding against both internal and external computer risks is a necessity for efficiency in day-to-day operations. Companies are investing a lot to ensure that no loopholes that can affect the service delivery of their systems remain open. Some of the approaches they use include having an in-house IT department to monitor such systems regularly.

However, for those who outsource IT services from other providers deploying others ways of protecting their systems from threats is critical. Here are daily precautionary tips that can help you maintain healthy network infrastructure.

Day One: Tip – Exercise Caution When Opening Emails

Some of the password-protected ZIP files you receive may contain malware or malicious software. Usually, a virus scanner cannot scan the contents of these files automatically, which increases the risk exposure if you open affected email attachments. To protect your systems, ensure you only open attachments to emails coming from senders you trust.

Also, disregard any temptation to activate macros when the prompt appears after receiving emails of this nature. The reason is that the threat is sometimes on the macro and not the email itself.

Day Two: Tip – Delete All Sensitive Data

Most probably, you may need to replace your laptop, desktop, or mobile device after using them for some time. Before disposing of any of these, you need to clean off any sensitive data on them using an appropriate data deletion program. You also need to reformat removable media and hard drives to clean every remaining trace of your personal information.

Examples of programs that can help you wipe off such information include Wise Disk Cleaner and CCleaner. Do not forget to erase the details in the registry, which contains valuable information as well.

Day Three: Tip – Logoff Or Lock Your Computer Whenever You Are Away

Logging off or locking the computer while away from the computer even for a few minutes, is something that most users disregard. Failure to do so gives anyone an opportunity to access confidential or sensitive information from your computer. Sometimes, the duration is sufficient to copy a file. Never underestimate the importance of performing this simple activity.

If you need more information on daily awareness tips to secure your computer, contact us today!

How To ALWAYS Remember Unique Passwords

How To ALWAYS Remember Unique Passwords

These days, it is important to realize that EVERYONE is a potential target for hackers. It is not wise to forego your cyber safety because you don’t think you have anything worth taking.

Hackers can get access to your snapchat photos that you thought were long gone, they can track and steal your packages on your Amazon account, they can even see your location and your children’s locations if you have a smartphone. They can weasel their way into your phone and personal computer, they can attack at home or at work. The easiest way they can do this is by tricking you into giving up your passwords.

It is recommended by most cybersecurity experts that you change your password every 4 months, or 3 times a year. It is also recommended that you use a capital letter, a number and an uncommon character such as ‘$’.  This can be a lot to keep up with, especially if you use a different password for every account.

A lot of systems require you to change your password every 4 months to keep your access. Because of these frequent changes, too many people make the decision to write their passwords down in a notebook or, even worse, in a file on their computer.

It is important to pick a password you can remember easily that will also keep your information safe. A fun idea is to make your password a goal, resolution, something you need to remember, or even a personal mantra. Here are some good ideas:

  • L0seTenP0unds
  • Save$500!
  • icAnD0Anything
  • SaraOwesMe$10

Think about how many times you type your password in a day, not only will you be staying safe, you’ll be staying motivated!

Here at WheelHouse IT, we are passionate about maintaining your cyber safety. Your peace of mind is our top priority. Take the time to contact us about your cybersecurity needs so we can work together to protect you, your business, and your family.

Crypto-currency Mining: The New Threat

Crypto-currency Mining: The New Threat

There’s a new bad guy in town to go with malware, ransomware, and spyware. It doesn’t steal information, just computing power. It’s illicit crypto-currency mining.

“Mining” may need a bit of an explanation. Crypto-currencies like Bitcoin need to grow over time. The way it happens is by running very processor-intensive code which generates new Bitcoins or Monero or whatever the unit of currency may be. That’s called mining.

People dedicate whole server farms to this activity. Other, less honest people use someone else’s computers to do the work for them. They rely on the usual tricks, such as phishing email and security holes in Web servers, to plant their software. It then runs quietly, crediting the generated currency to the intruder.

This kind of malware doesn’t necessarily steal data, but it’s bad for the victim in several ways:

  • It uses up processing power, slowing down the machine’s intended functions.
  • It increases electrical power consumption, since active processing draws more electricity than waiting for something to happen.
  • It can make the system less stable and cause crashes.
  • It’s very hard to be sure it isn’t also stealing data, so an incident has to be investigated as a security breach.
  • Even if it isn’t stealing data, it could be a conduit for installing other malware.

The Cost of Mining

One computer will generate just a few cents a day in crypto-currency, but a botnet of thousands of machines can add up to a significant amount of money, especially since the victims pay the electric bill.

Incidents of this kind have been happening at least since 2014, but lately they’ve been increasing at a high rate. Recently a hospital in Tennessee was hit by mining malware.

IoT devices are favorite targets, since many of them are easy to compromise and people aren’t likely to notice. The attack methods are mostly the same ones used for other forms of malware, and the security precautions are the same: Be careful with email, create difficult passwords, use anti-malware software, patch applications and operating systems regularly, and so on.

Mining software is usually harder to detect than other malware, since it doesn’t do obvious damage and doesn’t need to send a lot of information back. Listing processes by the amount of computing resources they use will reveal that something odd is going on. It’s one more thing to guard against in a world full of online threats.

Contact us to learn how we can help keep your systems safe in a dangerous Internet.