News

Fraudulent callers are posing as HP representatives and asking HP customers for personally identifiable information. In some cases, originating phone numbers appear to be from genuine HP contact numbers.

These scam callers might request the following:

• Your personal information
• A return call
• A fee for technical support services
• Remote access to your computer or device, so they can install malware or viruses in order to charge you a removal fee

To protect yourself, if you receive one of these scam calls, hang up and do not provide any personally identifiable information.

• Do not provide any confidential information, such as customer IDs, passwords, contact information, social security numbers, credit or debit card numbers, PINs, or account information.
• Do not provide remote access to your computer or device.
• Do not transfer funds.
• Do not install any software suggested by the caller.

The security of HP customers' devices and personal information is a top priority for HP. HP does not contact customers to provide unsolicited technical support. If you believe you have been contacted by a scammer and are concerned about your personal information, run a virus scan on your computer or device, or contact your security software provider for assistance.

Security experts have been saying for more than a decade that it is “not if, but when” an organisation will be hacked. Therefore, the focus needs to move to “What to do when you are hacked”.

Cybercrime is big business, a huge underground economy estimated to be larger than the drug trade. Large amounts of money are then invested into developing new cyber-attacks to steal data, hijack systems and find your passwords, credit card and bank details.

Companies need to identify what their critical data is, where it is located, the impact on the company if that data is destroyed or shared, and how quickly they can recover from a breach. The response to a major hack becomes as important as the security measures taken to protect that data.

The attacks are getting more sophisticated and even security professionals fall for phishing.  This highlights the need to report and alert the general public to new scams and attacks as they are detected.

The reality is that “people are the weakest link” in the security chain.  Organisations need to foster an environment that allows employees to do their jobs by providing training and testing to mitigate the risk.

The New Zealand Government has set up CERT NZ to provide trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand.

Computer Culture is constantly updating our Cyber Security solutions to ensure that our customers have the best protection and a way back from a disaster.

Face-detecting systems will soon be regularly used to authorise payments, provide access to buildings and track down criminals and terrorists.

Face recognition might transform everything from policing to the way people interact every day with banks, stores, and transportation services.

Already governments in some countries are using software to identify suspected criminals in video from surveillance cameras.

The technology has taken off in China because of the country's attitudes toward surveillance and privacy. Unlike countries such as the United States, China has a large centralised database of ID card photos.

Facial recognition has existed for decades, but only now is it accurate enough to be used in secure financial transactions. The new versions use deep learning, an artificial-intelligence technique that is especially effective for image recognition because it makes a computer zero in on the facial features that will most reliably identify a person.

One of our senior engineers recently changed his home Internet connection to Vodafone. While he was online reconfiguring his router (which only took 3 minutes), hackers started attacking his router!

 

 

One of our customers was almost a victim of a malicious malware attack. The phishing email shown below arrived in his email.
The malware looked legitimate, and as the company often received courier notifications, 6 employees clicked on the link embedded in the message. 

The good news was that Computer Culture had installed a high-end firewall appliance which prevented the user from downloading the payload.

This attack also gave us an opportunity to test the same malware with our managed antivirus.  AV Defender came through with flying colours, blocking the user from accessing the link.

The attempted hack was yet another example of just vigilant we all need to be and the necessity to be suspicious of mail that provides a link that encourages you to click on.

Each year we see security reports from dozens of companies about how the sky is falling – mainly because the people sponsoring the reports are in the umbrella business. However, some data in a recent Verizon Data Breach Investigations Report was of some concern. Unpatched vulnerabilities are still a huge opportunity for threat actors.

The report looked at over 100,00 incidents with only 3% recognised as actual breaches. An enormous 99.9% of the exploited vulnerabilities took advantage of a reported Common Vulnerabilities and Exposures weakness that had been patched at least a year ago.

Most crucially, the report noted that it’s not just about patching, but also about ensuring you prioritise patching of your most critical and vulnerable systems.

Samsung's Tizen operating system has been found to be riddled with security vulnerabilities that allow for remote-code execution, and for the delivery of malicious code via the OS' app store.

A security researcher is preparing to reveal 40 zero-day exploits that affect Samsung's Tizen operating system. Commenting on the finds, Amihai Neiderman said Tizen “may be the worst code I've ever seen,” he continued on to slate the code by saying it looks like the handy-work of an undergraduate, rather than that of someone with an understanding of security.

While the criticisms are harsh towards Tizen, it should be made clear that no software is ever perfect and there are always exploitable bugs in every nook and cranny. Samsung will be keen to ensure that it quickly patches the OS, though, because it powers 30 million TVs and hopes to run on 10 million Samsung phones by the year's end.

Neiderman claims “It may be the worst code I've ever seen. Everything you can do wrong there, they do it. You can see that nobody with any understanding of security looked at this code or wrote it. It's like taking an undergraduate and letting him program your software.”

So, what exactly do the exploits allow for? Firstly, there are vulnerabilities that allow a hacker to control a device remotely in what is known a remote-code execution. Another exploit allowed Neiderman to hijack the TizenStore app and deliver malicious code to a Tizen device – namely his Samsung TV.

Last month, WikiLeaks released its first Vault7 leak which showed that the CIA could hack Samsung TVs and listen to conversations even if you thought the TV was switched off; there's every chance that the CIA used one of these newly uncovered vulnerabilities. Samsung has said that it's fully committed to working with Neiderman to fix the vulnerabilities.

Author: Luana Pascu

 In 2016, the number of ransomware attacks increased 300 percent from 2015, with over 4,000 attacks detected per day, according to US government statistics. Ransomware is among the worst types of infection, as it not only encrypts network data, but in the end, may cost victims all their data – even if they pay the ransom. It should be a priority for all businesses and organizations in 2017.

Ransomware is not limited to consumer networks; it’s one of the most sophisticated types of malware that targets all internet users, from private individuals to corporate networks to government agencies. Ransomware attacks on enterprises affect shareholders, employees, and customers, and could lead to permanent damage caused by loss of confidential information, negative publicity, and financial loss.

Ransomware infections are hard to remove, as the FBI has confirmed. A proper understanding of the threat landscape would help enterprises build better security strategies to prevent attacks, but that’s not enough and, in many cases, companies are still oblivious to the risks and downplay the danger. Walmart, Target, Apple, EBay, and TalkTalk are only a few of the large businesses that have suffered massive breaches and data loss because of cyberattacks and vulnerabilities.

Employees are the weakest link in an organization so, most often, hackers use social engineering to trick users into clicking on infected advertisements or URLs in emails or into downloading attachments that will infect the corporate network with ransomware. Vulnerabilities and risks in the private sector have increased because of the widespread adoption of the internet of things and BYOD.

Multi-purpose devices used for both home and work tasks are a top risk. It only takes one random click to get infected. Once the device is connected to the company network, the infection can corrupt the entire corporate infrastructure. Organizations must dive deeper into threat analysis and mitigation, instead of sticking to the basics because tech innovation has prompted hacker innovation.

So, how can enterprises safeguard their infrastructure from the latest sophisticated ransomware variants? CISOs should implement prevention methods to mitigate risks in their organizations -- it’s always cheaper to prevent ransomware attacks than to spend money on system and data recovery.

Employees are the most common entry point for hackers seeking a way into your organization, so regular security training to educate them about network security and risk detection may reduce malware infection. Quite often the malicious code is implemented on legitimate websites to trick the untrained. The workforce must learn to distinguish between authentic links and emails, and phishing scams which could lead to ransomware infections or trick them into giving away passwords and sensitive information.

If you’re dealing with a ransomware attack, don’t rush into paying ransom. Previous events have demonstrated chances are quite high that the hackers won’t send a decryption key to restore the data anyway, and you’d be encouraging a criminal business model. And ransom payment doesn’t mean cybercriminals will not target your business again or even demand more money.

“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom,” explains FBI Cyber Division Assistant Director James Trainor. “Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”

When dealing with an infected device, the safest approach is to immediately remove it from your network and reach out to law enforcement. The goal is to keep the malware from spreading across your infrastructure so another step is to change all passwords once the infected device has been disconnected and then once again after the malware has been removed and data restored.

Hackers don’t always need to expend much effort in breaching your network because you make it easy for them from the start. Perform regular system scans and updates of all operating systems, software, and firmware, if possible, and check them for vulnerabilities. Periodically back up company data either on physical devices offline or in the cloud, and secure backups by not keeping them connected full-time to the company infrastructure. In some cases, ransomware infections have also locked cloud-based backups.

When a cyberattack is detected, thoroughly document the vulnerabilities that led to it and the measures taken to restore the system. Based on this learning and industry research, focus on implementing a security strategy to prevent future similar incidents and keep your business free from cybercrime.