Virtualization Making It Safer To Open EXE Files On Windows

Recently, Microsoft announced that it will roll out a new feature for Windows 10 that should make the lives of Enterprise and power users a whole lot easier and help maintain their computer security. Before, users dread the thought of running an unknown and untrusted .exe file on their machines. 

Best case scenario, everything goes well but worst case, what was intially thought of as a useful file ends up being a ransomware or perhaps a different kind of malicious program that can put your business operation to a full stop.

The brand new feature, which is referred to as Windows Sandbox, will be a part of a still unspecified 2019 Windows 10 release. However, those who are part of a test group will have the chance to use the feature on or around build 18305.

Whenever you run an untrusted or unknown program, you will have to make a lightweight instance of Windows 10 as well as you desktop, using the .exe file along and away from the rest of the system. So, whatever the results are after running the file will disappear when you exit from the virtual session.

There is one thing you have to do if you want to use the brand new feature and that is to enable the virtualization capabilities of the BIOS in your system. Once you do that, then you are all set to go. Several industry insiders are excited and can’t wait for the new feature to be rolled out. It will provide the business community a simple method to test a software in environment that is safe and secure. Today, the only ways available to do such as task is time consuming and cumbersome, and that is why they are not used by many. 

Hopefully, Windows Sandbox will become a crucial plank in a wider strategy made to stem the tide of various forms of attacks including ransomware, which are creating a large impact on the countless companies. This will substantially improve their computer security Myrtle Beach. Good job Microsoft.

Call SpartanTec, Inc. now if you want to know how to improve the security of your computer network. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Page Caches May Be Vulnerable To Attack

There is another side channel attack that you have to be concerned about. This threat is going after the target’s system’s operating system page cache, where different kinds of sensitive data that’s been accessed by the owner of the device is kept for faster retrieval. Maybe the most ominous aspect and worst part of this newly recognized security threat is that it is not restricted by hardware architecture, and has been discovered to work not only on machines run on Windows but those on Linux as well.

This lets attackers to bypass security protocols and sandboxes.

The research team is a diverse group of IT professionals coming from CrowdStrike, NetApp, Intel, Boston University, and Graz University of Technology. They discovered a few possible methods a hacker may be able to utilize the newly determined attack vector and were even also, in some situations, to send data gathered from the target system to a remote server.

The team emphasized that even though they conducted their tests on Linux and Windows machines, there’s no possible reason their methods will not be successful on other operating systems that are currently being used. This threat can potentially affect the whole computing system. Although many of the experiments of the teams need the would-be hacker to be able to physically access the device, they managed to show that in some cases, a remote attack can also be done.

According to the team, "Our remote attack leverages timing differences between memory and disk access, measured on a remote system, as a proxy for the required local information."

They continued to explain that this can be done by measuring soft pages faults, which take place whenever a page is incorrectly mapped. Additionally, the team managed to send data between the remote web server and target system.

It should also be noted that this kind of attack hasn’t been seen in the wild, however, Microsoft, for one, is wasting no time dealing with it. Window Insider build 18305 already has a mitigation routine set in place. Plus, it is expected to be rolled out to its users in the coming months. Although it is not as devastating, it is still dangerous and well worth to keep on your radar.

Call SpartanTec, Inc. if you want to make sure that all your systems are protected against such a threat. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Many Android VPN Apps Contain Malware Or Exploitable Weaknesses

Most tech savvy netizens these days use VPN to hide their digital privacy. However, a study by Simon Migliano, who is the head of research at Metric Labs, showed that you might still be wasting your time.

Migliano and his team performed an extensive survey of the top 150 VPN Android apps offered on Google’s Play Store and the results are depressing. About 20% of those apps were flagged as possible malware sources. Plus, more than 25% of the apps tested have privacy bugs like DNS leaks, which is a very big issue. DNS leaks show user DNS queries to their internet service providers.

Maybe one of the most troubling concern is that if taken as a whole, these apps have been downloaded for at least 260 million times. That’s a massive number! Millions of people believe they are secure when in fact they are not.

Perhaps some of the problems discovered by Migliano’s team were minor. Most of these apps are asking extremely aggressive permissions, which provides the app as well as the company controlling it more details than what they actually need about you. This includes the when, where, and how you use your device. Out of the top ten free VPN apps that are offered on the Play Store, a shocking seven of them have problems with DNS leaks. These includes:

• Super VPN
• Hi VPN
• Turbo VPN
• VPN Master
• Snap VPN

The only app among the top ten that have been tested that do not have leaks or other risky functions was the Hotspot Shield Basic. So, don’t forget the name of that app in case you are using something else on your device. Don’t just think of it. You have to switch to it! Secure your device now.

Great job to Migliano and his team for their hard work and diligent research!

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Ransomware Continues To Be A Problem For Some

It's been the better part of two years since the outbreak of the Wannacry ransomware epidemic.  Unfortunately, all this time later, some companies are still dealing with the fallout.  According to the latest research, Wannacry is still infecting hundreds of thousands of computers around the globe.

As grim as that sounds, it's not all bad news. After all, the malware has been rendered harmless by the now famous "kill switch" discovered by Kryptos Logic security researcher Marcus Hutchins, who found a glaring flaw in the design of the software. The flaw allowed him to register a domain and encode it with instructions that would keep the ransomware component of Wannacry from activating and actually encrypting files.

That, however, did nothing to get rid of the malicious code infecting legions of PCs around the world. Sadly, much of the code remains in place on infected machines, silently lurking in the background. Kryptos Logic is uniquely positioned to know, since they control the kill switch domain and have continued to monitor traffic to it since building the kill switch on it.  To this day, their site continues to be pinged by new IP addresses as the now toothless infection continues to spread.

It's not hard to see why the removal of a piece of malware that has been rendered suddenly toothless takes a lower priority for busy, and often harried IT security professionals.  Leaving the code in place on infected machines is not without risk, however.
It is possible, however unlikely, that the hackers who built the program to begin with could find a way to get around the kill switch.  If that should happen, then we'll be facing the full fury of the epidemic all over again, something no one in the field of digital security wants to contemplate.

The bottom line is simply this:  If you were impacted by Wannacry when the outbreak initially occurred, it's worth double checking to make sure that all traces of the malicious code are gone from your network.  Better safe than sorry.

Staying clear of ransomeware can be tricky. Call SpartanTec, Inc. of Wilmington today to rid yourself of this hazard.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro