Business Solutions & Software Group Blog

First hackers created a formidable ransomware. Then, when word got out about how to avoid this ransomware, they began to bundle a second ransomware to create an encryption catch-22. Now, the developers of the Petya and Mischa ransomware have adopted a Ransomware-as-a-Service model and have opened their nefarious malware up to distribution.

If your employees are given an Android device to use for work, or if they bring in their own as a part of a Bring Your Own Device strategy, you may want to pay special attention to what follows.

Ransomware is a major problem in both the personal and private sectors of computing, but up until very recently, Apple users had little to fear from potential ransomware hacks. Security researchers at Palo Alto Networks have discovered what’s known to be the first completed ransomware on an Apple device. The threat, called KeRanger, is officially “in the wild,” and is a danger to any Mac user.

KeRanger is the first-ever completed ransomware that specifically targets the OS X operating system. In 2014, Kaspersky Labs found an incomplete form of ransomware for Mac, but it wasn’t a viable threat at the time. Now, however, KeRanger is free to usher in a host of more dangerous threats that could target Apple’s coveted operating systems.

This ransomware is spread through a torrenting software called Transmission. Torrenting is a type of software designed to share large files. It’s most widely used to distribute pirated content, like copyrighted films, tv shows, music, and more.

The KeRanger threat as explained by CNet:

If a user installed one of the infected versions of Transmission, an executable file embedded within the software would run on the system. At first, there'd be no sign of a problem. But after three days, KeRanger would connect with servers over the anonymous Tor network and begin encrypting certain files on the Mac's system.

Researchers claim that KeRanger is still under development, but it’s also trying to find a way to encrypt the victim’s backup data. If this happens, users will have virtually no chance of getting their data back without paying the dreaded ransom. Consider how important of a precedent this sets for ransomware; if a ransomware is capable of encrypting not just the files on your local PC, but also the files on your network and your backup files, it could become the most dangerous threat on the Internet.

To counteract this threat, Apple has revoked the security certificate that KeRanger exploits, and has updated its XProtect antivirus software. Transmission has also removed the infected version of its installer, so those who download the client won’t get the ransomware. However, those who have installed Transmission sometime between March 4th and 5th may be affected by KeRanger. If you want detailed instructions on how to identify if you’ve been targeted by KeRanger, and to learn how to best protect yourself from it, you can visit Palo Alto Networks’ site.

Most ransomware makes it borderline impossible to decrypt your files on your own. This is how hackers extort money from users. They play off of the irrational actions caused by fear. This is why it’s so important to protect your business’s assets from ransomware, before you fall prey to it. Implementing a solid security solution is a great way to do so, and you should generally avoid torrenting files in the office anyway. Also, it’s especially important that your employees understand security best practices when browsing the Internet.

The most obvious and important course of action to remember is that your business needs to protect its assets from ransomware, before you get infected. To make sure that your network is protected from ransomware, give Business Solutions & Software Group a call at (954) 575-3992.

Today’s various versions of ransomware are dangerous. By forcibly locking down important files on a victim’s computer, threats like CryptoLocker and CryptoWall are posing significant threats to both businesses and ordinary computer users. However, a new type of ransomware has appeared called CryptoJoker; and we assure you, there’s nothing funny at all about this one.

Cyber security continues to be a major pain point for small and medium-sized businesses, even if they’re taking the fight to the latest threats with solutions like antivirus and firewalls. Significant progress has been made, yet new threats are born every day. In fact, you might be surprised to find out that a monstrous 27.3 percent of all malware in the world was created just last year. 

Any business worth their gigabytes will practice extreme caution when surfing the Internet. Hackers tend to make users’ lives more difficult, even for those who are part of a small or medium-sized business. Teaching your employees security best practices in hopes that they’ll avoid suspicious websites isn’t a foolproof strategy, and thanks to malvertising, ensuring that your organization stays secure is more difficult.

Computer users, beware; there’s an intrusive malware spreading across the Internet that’s capable of locking users out of their web browsers and redirecting them to fake IT support phone numbers. The hacker’s goal is likely to steal sensitive information from users, so it’s especially important that you don’t call this fake phone number.

ATMs are probably everyone’s favorite kind of computer. You swipe your card, enter in your PIN, and withdraw cash immediately. Many people forget that an ATM is simply a computer in disguise, though; one that can be infected with malware just as easily as any old PC can. A new type of ATM malware, GreenDispenser, is making its rounds in Mexico, and could potentially make its way to other countries if left unchecked.

Malware and viruses are so common nowadays in the technology world that it’s no surprise when new ones are created. Thus, it should come as no surprise that hackers are looking to spread smartphone malware to unsuspecting users around the world. Kemoge, a new malicious adware for the Android mobile operating system, has spread to 20 countries, and is taking the mobile device world by storm.

In the wake of a ransomware takeover, it seems like the world can’t go a few months without some sort of data loss disaster occurring. The antics of hackers grow more dangerous and difficult to dodge, and IT departments have their hands full dealing with the fallout. What’s keeping you from contracting this ransomware, and how can you keep your business from suffering its consequences?

With spring arriving, “winter is coming” as the new season of the critically-acclaimed television series Game of Thrones returns to millions of viewers worldwide. Ironically, there’s also a type of malware gaining traction in the online community that matches its bark with its bite, aptly dubbed Dyre Wolf. This threat has the potential to cost businesses as much as $1.5 million per hack, and takes advantage of the ever-common spear phishing tactic.

Normally, you can trust the software that comes preinstalled on a new computer. Unfortunately, this isn’t the case with the shopping-search app Superfish, which came installed on every Lenovo device sold between September and December 2014. If you’ve got the Superfish app on your computer, then you need to remove it before it does some superbad damages. Here’s how you do it.

This past August, we reported on a new vulnerability with USB firmware called BadUSB. This vulnerability was discovered by Karsten Nohl of SR Labs. The BadUSB vulnerability was presented at the Black Hat security conference as a theoretical risk, but now, the code has leaked and this risk has become a reality. Oops.

Working with technology can get pretty complicated and technical at times. We're here to help. We've got plenty of technology tips to share with the world, and we're going to unleash them on you once a week. For more helpful tech tips, search our previous blog articles. This week's tip will help you spot a nasty APT hack on your company's network.

For users of Unix-based operating systems, there's a new threat on the loose. The vulnerability, promptly called the Bash bug, or "shellshock," is targeting systems equipped with Linux and Mac OS X. The bug allows remote users to execute arbitrary code within the operating system.

Your office is likely full-to-bursting with devices utilizing USB technology. It's been a popular way to connect external devices to PCs since the 1.1 version was released in 1998. However, it may be the technology's popularity that will cause its downfall as hackers develop ways to use the device to their advantage.

When it comes to hackers, they are shrouded in darkness and treachery. They lurk in the shadows, waiting for us to make a mistake and to steal our life savings, or other equally nefarious things. But there are a few assumptions that they make concerning their prey, and they wish to hide these from us at all costs.

Two weeks ago, the National Communications Administration managed to weaken a set of malware designed to steal banking and personal credentials from unsuspecting users. They warned the world that GameOver Zeus and Cryptolocker ransomware would be back with a vengeance, and that immediate action could prevent a whole lot of pain later.

Look out, users of Windows; the Greek god of thunder is angry, and he's sent the Zeus family of malware out into the world. The one in question, GameOver Zeus, is particularly nasty. Thankfully, the Department of Homeland Security, Federal Bureau of Investigation, and Department of Justice managed to find a way to disrupt it, but that doesn't mean that GameOver Zeus is out of the game - in two weeks, the threat will return with a vengeance.