Shane Chambers No Comments

Defcon 1 – Critical Meltdown and Spectre Bugs Means Billions of Intel Devices Easily Hackable

2018 certainly knows how to make an entrance. The Christmas turkey has barely been finished and we’re told that nearly every electronic device on the planet with an Intel processor (from servers to PCs, smart devices and more) are susceptible to not one, but possibly two of the worst critical hardware related flaws ever known (Meltdown & Spectre). Flaws that can allow a hacker to steal your data without a hint of detection. In cases like these we often hear “but I have the latest next generation antivirus software”, but it’s not going to help you here I’m afraid. “And I have the latest next generation firewall and a state of the art SIEM solution just installed” – no good for fixing this either. You may even be really good and have your staff trained in security awareness and your systems backed up offsite – but unfortunately neither will address the root cause of this global issue. Even Santa couldn’t help fix this one – that’s how serious this is.

Meltdown and Spectre are the names given to two processor vulnerabilities which utilise a process called speculative execution - present on almost every CPU since '95

Meltdown and Spectre could be the worst ever bugs to hit electronic devices, making them easily hackable.

The hardware flaws have been aptly named “Meltdown” and “Spectre”. They sound like something straight out of a James Bond spy movie – and to be honest – the names aren’t far off, given if exploited, spying on you is exactly what a hacker could do. Predictions have already come in from experts that this could be the biggest disaster in IT history, and similar to the KRACK WiFi vulnerability of last year, Meltdown and Spectre could take years to fully fix. While important workarounds are available in some cases and must be put in place (see below) , only a hardware redesign in processor architecture will truly lay these bugs to rest.

To make matters worse, now that the crafty hackers know about it and with the EU GDPR data protection regulation coming into force on the 25th May – we predict, this year is going to see some considerable cyber-attacks that will try to take advantage of at least one of these flaws which may result in some pretty serious data breaches and some serious GDPR related fines. Its time like these one would think “Why did we ever go paperless?”.

Read more

Shane Chambers No Comments

Macro Malware: A Common Weapon for Phishing Attacks

A macro is a small piece of code that runs within a software program such as Microsoft Word or Excel, and is normally used to automate common or repetitive tasks. Macro malware is the practice of hiding a virus in a macro code and enticing unsuspecting users into downloading a Word or Excel file and running the macro script within, which then will download a virus, malware or even ransomware onto that person’s PC. Macro malware was common during the 1990s, but lapsed in popularity through most of the 21st century as increasingly savvy PC users learned how to spot the spam or phishing emails that delivered them, which were often riddled with typos. Nowadays, however, macro malware is seeing a big return due to two factors – Phishing emails are becoming increasingly sophisticated and no longer have obvious typos in them, and ransomware – a very profitable form of malware for criminals – can be easily downloaded via a macro, leading to entire networks being encrypted and held to ransom. It is now critical that all users understand the threats that macro malware can pose, particularly to their organisation, and learn how to spot the attacks before it’s too late.

Excel files are a common means of transmission for macro malware, which can download ransomware to infect entire networks at a time

Read more

Shane Chambers 1 Comment

KRACK – The Vulnerability That Affects Nearly Every Wi-Fi Device on the Planet

On Monday, it was announced publicly that Wi-Fi security, specifically the WPA2 standard, was essentially broken. The culprit is a bug named KRACK (Key Reinstallation Attack) which takes advantage of fundamental flaws in how WPA2 operates, and has exposed many shortcomings in how the industry responds to such attacks as well. WPA2 (Wi-Fi Protected Access II) is hugely prevalent, as it is the current generation of authentication used on wireless networks. That means that almost every wireless device could be affected by KRACK, as most devices use WPA2. This includes everything from laptops and phones to routers and IoT (Internet of Things)/Smart devices.

KRACK is a Wi-Fi vulnerability with a scope almost impossible to measure, and no easy resolutions. We can only learn from it going forward.

Read more

Shane Chambers 1 Comment

Cybercrime as a Service – Online scamming courses, €10 hacking software, & much more

Everyone’s talking about cyber security these days, and there’s a seemingly endless list of protective measures to be taken to prevent cyber attacks. It can be a bit daunting, and at times hard to secure the right budget, so is all this hype about security really necessary? The short answer is – YES. The long answer is that in order to understand why cyber security has taken over the forefront of IT for businesses, you must first understand that cyber criminals are no longer just bedroom hackers; they’re a fully fledged industry.

Cybercrime costs the economy an estimated $450 billion globally

Cybercrime-as-a-Service is on the rise in a big way, with criminals constantly developing more advanced ways to steal businesses’ hard-earned cash over the internet. The industry continues to evolve and adapt and is now highly organised. All one has to do is log onto certain sites on the Dark Web and they’ll be greeted with professional hackers offering ransomware, malware, phishing, DDoS and much more as-a-service.

Read more

Shane Chambers 3 Comments

New Global Ransomware ‘Petya’ May Be Deadlier Than WannaCry

Back in May, the world saw a global ransomware attack on a then-unprecedented scale – WannaCry. This cyber attack affected more than 230,000 computers in more than 150 countries, and is estimated to have cost businesses up to $4 billion. To say that businesses were caught off-guard is an understatement, with the malware utilising vulnerabilities in the long-obsolete Windows Server Message Block (SMB) v1 and through computers with out-of-date Windows security patches. It gets onto a network most often through human error – employees clicking phishing emails – then spreads like wildfire to other machines that are connected to the internet.

This week, however, reports came in from Ukraine and across Europe that a new mass-ransomware attack was underway. Initially theorised to have been a variant of WannaCry, cyber security experts now believe it to be a variant of Petya, a strain first seen in 2016 which was then predicted to be “the next step in ransomware evolution”.

Oops, your important files are encrypted. There is currently no known way to recover files affected by Petya.

Read more