Thursday 24 November 2016

Support Scams and Diagnostic Services

Every so often I get requests for help from people with a computer problem that may or may not be malware-related.
When I have to refuse help, which is more often than I’d like, I try to refer the people concerned to a more appropriate person or forum, and to suggest they do what they can to ensure that the advice is from a reputable and competent source. I’m more cautious about recommending specific resources, even well-known commercial organizations, unless I’m in a position to confirm their competence and bona fides.
Sadly, this reluctance has been reinforced by accusations against Office Depot, which is alleged to have tricked customers into paying for unnecessary repairs to their systems. I'm not sure it's that simple.
Support Scams and Diagnostic Services: an article for ITSecurity UK.
Posted by at No comments:
Labels: , , ,

Saturday 12 November 2016

Apple Security News

News roundup on Apple security issues for Mac Virus.

Recent Apple security news

Includes links to articles on smishing, the move from HFS+ to Apple File System (AFS), and the iOS issue that allows hijacking of phones to make calls, such as the recent calls to 911 call centres. Or centers, if you must. ;) 

David Harley
Posted by at No comments:
Labels: , , , , ,

TeleCrypt

Kaspersky Labs on Telecrypt: The first cryptor to exploit Telegram
Sounds as if data is recoverable without paying the crooks, at present. 
David Harley
Posted by at No comments:
Labels: , ,

Support scammers and TalkTalk

There have been suspicions before that TalkTalk customers have been targeted by tech support scammers who know more about their intended victims (and their issues with TalkTalk) than they should. I’ve alluded to them in some articles on the AVIEN site.
I don’t, of course, know the facts behind those suspicions, but I note that Graham Cluley has encountered another curious incident – I won’t say coincidence…
Brand new TalkTalk customer is targeted by phone scammer – A problem at TalkTalk? Say it ain’t so.
David Harley
Posted by at No comments:
Labels: , , ,

Friday 11 November 2016

Ransomware FAQ from Kaspersky

Everything you need to know about ransomware by John Snow, for Kaspersky.  I think the title is a bit hyperbolic, but it could be a useful introduction. 

 David Harley
Posted by at No comments:
Labels:

Monday 7 November 2016

Wire-Wire Scams: Evolution beyond the 419


West African cybercrime nowadays has moved on from unsophisticated 419s to technically-based, effective Wire-Wire attacks on businesses.

See my article at ITSecurity UK for more information and links: Wire-Wire Scams: Evolution beyond the 419

David Harley
Posted by at No comments:
Labels: , ,

HTML5 bug misused by support scammers

An article by Jérôme Segura for Malwarebytes – Tech support scammers abuse bug in HTML5 to freeze computers – describes the use of a variation on the Tech Support ploy of using Javascript loops to simulate a persistent pop-up ‘alert’. In this case, the attack makes use of a bug that abuses the history.pushState() method introduced with HTML5. According to Segura, ‘the computer that visited this site is essentially stuck with the CPU and memory maxed out while the page is not responding’, though it may be possible to kill the browser process with Task Manager.
Hat tip to David Bisson, whose commentary for Graham Cluley’s blog called the issue to my attention.
David Harley
Posted by at No comments:
Labels: , , ,

AV-Comparatives 'next-gen' test

Independent testing of so-called 'next-gen' products is currently quite unusual: indeed, some next-gen vendors have suggested that their products cannot be tested by independent testers. Though apparently it's OK to do your own tests with the methodologies and samples provided by one of the vendors tested. The dangers of that approach are fairly obvious, but I'll certainly be back to that topic in due course.
AV-Comparatives, however, have bitten the bullet and tested four products:
  • Barracuda NextGen Firewall VF100 7.0.1
  • CrowdStrike Falcon Host 2.0.19.3908
  • Palo Alto Traps 3.4.0.15678
  • Sentinel One Endpoint Protection Platform 1.6.2.5021
The overall reviews and the Malware Protection Tests were performed by AV-Comparatives themselves, while the Exploit Test was performed by MRG Effitas.
This review, and others, are available from the AV-Comparatives Business Reviews page.
David Harley
Posted by at No comments:
Labels: , ,

Wednesday 2 November 2016

Paying the ransom doesn't always pay

Article for AVIEN: To pay the ransom doesn't always pay off

According to Kaspersky, one in five users who pay the ransom don't get their files back.

 David Harley
Posted by at No comments:
Labels: , ,

Tuesday 1 November 2016

Symantec, next-gen and 'single technology'

I tend not to take much notice of product announcements, even ESET's. However, Kevin Townsend's commentary on Symantec's SEP14 is worth reading, and not only because it includes a quote from one of my articles on ITSecurity. ;)

Symantec Unveils Evolutionary Update to Endpoint Protection Offering

Perhaps I should point out that if there is a conspiracy in the so-called first-gen anti-malware industry to use the term 'single technology' as a marketing epithet to attack so-called next-gen products, I didn't get the memo. I suppose you could say that 'multi-layering' is as much a buzzword as 'machine learning', but it seems common sense to me not to put all your eggs in one layer, so to speak. Clearly, I'm not the only security researcher who holds this view, but I'm not in marketing, and my articles on ITSecurity should not be seen as representing anyone's views but my own.

David Harley


Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)