World’s Largest Contract Chipmaker Recovering After Ransomware Attack
Taiwan tech firm and Apple chipmaker, TSMC, said it was recovering from a ransomware attack over the weekend. Apparently one machine was online when it shouldn’t have been and this lead to the infection of more than 10,000 of their manufacturing machines in multiple factories. The ransomware was a variant of WannaCry which is a type of ransomware cryptoworm used by bad guys to encrypt computer data and hold it for ransom. TSMC says they are now back in full production again.
Always make sure you have a good antivirus program installed and up to date! Just as important, make sure you have a good, solid back up of any data that’s important to you!
Microsoft Edge Allows for Web Logins without Remembering Passwords
By leveraging Windows Hello hardware, users can now log into websites using things like IR cameras, fingerprint readers, external security keys, and PINs without having to remember your passwords. Microsoft believes that having these additional means of logging in will not only allows users to log into website more easily, they also think this will assist users with security concerns, and that makes sense from the standpoint of things like key loggers (if a user doesn’t type his password into a field then a key logger can’t grab the password). While this may be true, please keep in mind that the bad buys are always on the lookout to crack the latest security ideas. Additionally you should be sure to follow existing best practices when it comes to passwords. This means be sure you have a safe backup of all your passwords, don’t use the same credentials for multiple sites, etc.
To try this you’ll either Windows Insider Preview 17723 or you can wait for Windows 10 version 1809 to be released.
Source: Windows Blog
Having computer or other technology problems but really busy with work or kids so it’s hard to contact us through the week? For your convenience and to better serve you, we’re happy to announce that starting today we’re open Saturday’s from 9am – 2pm. So give us a call or stop by today and let us serve your technology needs!
While you may know that we’ve been in business serving the computer needs of the Panhandle for the past 15 years, did you know we’re so much more than that? By partnering with Premier Alarm Solutions, located here in Amarillo, we’re now able to offer quality security and smart home devices and services too!
Premier Alarm Solutions is locally owned and operated in Amarillo. Here are just a few of our offerings:
- Residential and commercial cameras and security systems
- SmartHome devices that can integrate with your alarm system
- Free consultations
Please check out some of our other services and packages that we offer.
Don’t be a target for the bad guys! Contact us today to see how we can help protect you!
We’re proud to annouce that we’re now offering our Technology Concierge service. This exciting service let’s you connect directly with a local technology expert — your very own Technology Concierge who can assist you with any technology-related question or problem you may have!
Need a new router but don’t even know what a router is?! Contact your Technology Concierge — they can help with that!
Looking for a new Internet Service Provider because you’re tired of Netflix “buffering” while you’re trying to binge watch your favorite series? Don’t keep suffering! Contact us today to how a Technology Concierge can assist you.
Is your computer running slowly but you don’t want to take it to that “big box” store? Sign up today and let your Technology Concierge help you!
These are just a very few examples of how our Technology Concierges can help you with your technology-related questions or problems. Please check out our Technology Concierge website at cat-man-du.com, give us a call at 806-350-8324, or stop by us and see us in person at our physical location (that’s right: we’re “real” people and we’re local — we’re your friends and neighbors!) at:
8501 SW 34 Ave.
We look forward to serving you!
Florian Bogner, a security auditor from Austria has discovered a vulnerability in many popular antivirus titles that allows a hacker to use the AV quarantine folder to infect a more sensitive area of a computer such as C:\Windows.
Using a phishing email, a hacker can then use a Windows feature called NTFS file junction point to restore malware that the antivirus software already moved into quarantine.
Bogner has contacted popular Antivirus companies like Trend Micro, Kaspersky and Malwarebytes and they have already released updates.
For individuals, it is advised to immediately update Antivirus software and for businesses, it’s advised to disable the ability to restore quarantined files.
Raiffeisen Meine Bank, BankAustria, and Sparkasse customers have been targeted by a banking Trojan named Marcher which launched as a phishing email pretending to be from the victim’s bank. Once the link on the email is clicked, it takes the recipient to a fake website that requests PIN numbers and account information. Then a popup asks the user to install the bank’s “security app” which is actually Marcher.
Normally, a phishing scam like this isn’t newsworthy anymore but this is different because it targets specific banking customers and bundles the attack with the malware infection.
Once installed, Marcher asks for permissions to every aspect of the android device, like SMS, networking, address books and more and it also asks for the victim to re enter credit card numbers for apps that require purchases such as Google Play.
Android users are advised to make sure that they keep their devices updated as well as avoid clicking on email links and installing apps from those links.
We have seen so many new strains of ransomware like WannaCry, GoldenEye, CryptoLocker, Petya and Bad Rabbit (to name a few) that it’s beginning to become a full time job just to keep up with this new strain of computer virus/ malware.
This new strain of ransomware (we’ll just call it Devil to make things simple) began searching through the network to gain control of key machines like servers using a Trojan virus variation. The targeted servers that did not have this Microsoft security update were then infected but this particular malware code did not activate right away but remained hidden. Then, after lying dormant, the ransomware struck and encrypted all machines that it touched.
While this new malware was most likely created for monetary gain, there is much debate in the cyber security world about this, with questions arising about Devil possibly being created simply as a cyber attack. One clue has been found inside the code of Devil when researchers found bits of the Russian language. This has led researchers to believe that Devil originated in Russia and may have been designed to simply damage it’s targets.
The new ransomware is a variant of Petya and is spread via a fake Flash update. So far, several antivirus companies are claiming that their updated security products protect users from bad rabbit.
According to the US-CERT warning, “US-CERT discourages individuals and organizations from paying the ransom, as this does not guarantee that access will be restored. Using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware.”
The website is called ATMjackpot and sells the malware title Cutlet Maker. The name comes from Russian slang “Cutlet” which means a “roll of money.”
The malware coders claim that it works on any Wincor Nixdorf ATM. Most ATMs are vulnerable to hackers because the machines have a computer inside that run an operating system just like a desktop PC. Many ATM computers still use old operating systems like Windows XP which is no longer supported or updated to fight the latest threats. This fact, coupled with open and available USB ports makes the machines the perfect targets for hackers.