viruses Tag

All month is Black Friday – November Specials from PMCS

For the whole month of November PMCS is offering special savings to our customers. Beat the black Friday rush and kick Cyber Monday to the curb: we’ve got you covered for 30 days of sweet savings and awesome offers.

Take your pick of one or all of the offers below for the whole month of November, and stop back each week for details on the products on special.

Business Specials

Free network assessment for businesses
Find out the state of your network – is it running efficiently, do you have too many licenses for your users or not enough? Would your office benefit from a wireless access point, would a guest wifi system benefit you and your customers? PMCS can answer these questions, an in November we can answer them for free! Let us know if you’re interested in a network assessment and we’ll put together a custom profile for you, letting you know where you might benefit from added services or where you’re paying too much.

As an extra bonus customers who ask for a free network assessment and sign a one-year Proactive Maintenance contract with PMCS will receive a FREE long-range wireless access point to bring your business to new heights, a $150.00 Value!

Free server assessment for businesses
Does your server seem slower than it used to? Could it be a bigger, badder, faster machine? We can tell you! Ask for a free server assessment in November and we’ll make recommendations that will protect the health, longevity, and productivity of your biggest business asset. We’ll check your warranty protections, disc utilization, and see if we can get you a great deal on RAM to make your server the lightning fast beast it should be.

Home Use Specials

$20 off purchase of ESET Smart Security for Home Use
Keep your computer protected from online threats with ESET’s award-winning antivirus product. ESET is known industry-wide for their lean, efficient, effective antivirus. Smart Security uses fewer resources on your desktop than most other antiviruses, letting you get great protection without slowing you down. They update their virus definitions constantly to keep you protected from the newest threats.

$20 off a desktop tune-up and virus check
Make sure your desktop is in tip-top shape with a tune-up and virus check. We’ll run our security scans to insure your computer is free of infection, see if you could benefit from a RAM upgrade or hard drive replacement, blow out all the dust that might be slowing down your fan, and make sure your computer is in the best shape it can be.

 

Double Partner Referral Rewards in November

Through all of November our partners can double the reward for our partner referral program; if a client you refer signs a contract with PMCS you will get $250 credited to your account after their first year of service.

ESET Cyber Safety Special 10/24/2017-11/30/2017

As ransomware Bad Rabbit has been making waves online today PMCS customers have been breathing a sigh of relief. ESET was among the few antivirus companies to catch Bad Rabbit in its tracks right off the bat, and that’s part of why PMCS always recommends ESET Antivirus to its customers.

What’s this virus?

Bad Rabbit is a form of ransomware that encrypts your computers hard drive and asks you to pay in bitcoin to have your data decrypted. The ransomware is disguising itself as a legitimate software update for programs like Flash before infecting your system. Bad Rabbit is similar to the NotPetya ransomware that swept the globe in June of 2017.

Users are infected only by clicking on the installer at watering hole sites and downloading the program, so be cautious about what you’re clicking and if you’re ever not sure if a site is safe you can call PMCS at (818)957-5647 to ask if you think a website might cause an infection.

How do I keep my computer safe?

You should always keep safe surfing practices in mind: don’t open attachments from unknown senders, don’t click on links you don’t recognize, only download updates from websites you trust, and always always always use a secure antivirus program. This won’t prevent 100% of infections, but a solid antivirus will save you a lot of headaches.

So what’s this special?

To celebrate the strength of ESET’s Antivirus capabilities AND to encourage our customers to bulk up on their personal computer security PMCS is offering a discount on ESET Smart Security for home use from now (10/24/2017) until the end of November.

Come in to our office to have us install a brand new license of ESET Smart Security for $20 off the retail cost. While you’re here ask about having your computer checked for viruses or let us know if you’re interested in a backup system to secure your data.

The internet is a scary place and threats are around every corner, but PMCS and ESET are here to keep you safe.

 

Microsoft Security – a state of the system

2017 has been a year of security updates. If you feel like you’ve been hearing more about breaches, vulnerabilities, code injection, and problems with computers across the map in the first half of 2017 than you did in all of 2016, well, you’re right.

In early 2017 a group of hackers calling themselves the Shadow Brokers started releasing documentation of vulnerabilities in Windows Operating systems and other commonly used programs. The vulnerabilities themselves are NSA software weapons; backdoors and code meant to enable the NSA to observe computer users was released online free for the taking of anyone who wanted to attempt to use the programs maliciously.

Microsoft and other large software companies like Adobe have been quick to respond to the leaking of the exploits, though Microsoft has come under fire from the public for allowing the vulnerabilities to go un-repaired for years in some cases. But the tech giant has deployed hundreds of patches since the leaks,  even going so far as to update its end-of-lifed Windows XP operating system to prevent attacks on users.

The methods of attack are insidious and frustratingly novel – it’s difficult for antiviruses or careful net hygiene to prevent attacks or infections that have never been seen before. One attack used Microsoft’s built-in Antivirus program, Microsoft Defender, to install malware through the program that was supposed to prevent the installation of malware. The devastating Wanna Cry Malware that spread so rapidly in early May was a result of the Shadow Broker leaks.

Nearly every week since the revelation of the vulnerabilities there has been a new targeted attack taking advantage of known openings in software, leading to dozens of patches being released from major software vendors to fix the bugs in their code.

Microsoft traditionally releases security updates and patches for its myriad operating systems on the second Tuesday of each month, sometimes leading to an influx of problems on the second Wednesday. On Tuesday June 13th a Microsoft Security Update for Windows 7, 8.1, and 10 caused several documented problems with commonly used programs.

There are seven major issues documented in Outlook alone that are causing problems for a number of PMCS clients. You can read further about the problems at Microsoft’s website and reach out to us here if you need help with the workarounds for your Outlook issues.

So where does that leave us?

There are threats that Microsoft is working hard to protect its customers from but the protection from those threats comes at the cost of impaired functionality – it’s a difficult choice to make, between security and convenience, but one with a clear answer.

Your Microsoft systems should have automatic updates enabled to ensure that any patches for known vulnerabilities are applied as soon as possible. It’s not worth the risk to your company’s data, privacy, and security to allow your systems to go without updates. Occasionally you may experience a loss of performance but that loss of performance, or few minutes without email, or difficulty opening attachments is a very small price to pay to protect yourself and your business from all of the threats currently operating online. It’s better to work through a minor fix in the settings of your email than it is to pay a ransom to someone who has locked down your server and is selling your data.

If you’re unsure about how to proceed with automatic updates for your desktop or your server please reach out to PMCS. We can patch and update your servers, configure your devices for automatic security updates. We can also provide you top-of-the-line antivirus protection against the less-exceptional threats out on the world wide web; a strong third-party antivirus is a must since Windows Defender has been compromised and used to spread malware, and PMCS can walk you through all the steps to choosing an antivirus that suits your environment.

The internet is a changing landscape, but you don’t have to walk it alone. Ask for help if you need it, that’s what we’re here for.

Google Spearphishing attack installs malicious app

On Tuesday May 3rd a massive spearphishing campaign targeted Google users by sending a link to a fake “Google Docs” app that downloads a malicious app to your device.

The links are spread through an email that comes addressed to you and “hhhhhhhhhhhhhhhh@mailinator.com.” The link looks legitimate and asks you to allow it permission to access your Google account.

The spam message not only accesses your Google account, it also sends itself to anyone you have as a contact. In addition it bypasses Google’s login alerts and Two Factor Authentication, granting access without setting off any alarms if you approve installation.

If you have received the email that looks like the image above, delete it immediately. If you clicked on it and gave it permissions on your device you need to immediately revoke permissions from the fake app and start changing passwords for anything associated with the email the phishing attack was sent to.

Redditor JakeStream has provided an excellent step-by-step explanation of what the infection process looks like and how to minimize the impact of the attack if you’ve been hit.

Since so many people have been compromised by this attack and since the malicious link is so hard to distinguish from a legitimate link to Google it is safest to refrain from clicking on shared Google documents in the near future.

Google has stated that the malicious page has been disabled and that they are investigating the attack. If you believe that your account has been compromised you can go to the Google Security Checkup page and follow the instructions there to secure your account.

Again if you clicked on the phishing email or if you believe that you were compromised you need to change the passwords for any accounts associated with the email that was attacked. At the moment no one is sure what, specifically, this spearphishing attack was targeting but it likely collected a tremendous number of emails, contact lists, and gained unprecedented access to Google accounts.

If you are concerned that you may have been compromised in this attack and want help to ensure that your computer is clean and secure, please give PMCS a call at (818)957-5647 and we can help you clear your computer of any viruses and recover from an attack.

Infection Risk – Microsoft Word Zeroday Vulnerability a Threat to Your Computer

Exploits take advantage of the vagaries of code.

On April 8th 2017 a zeroday exploitable vulnerability was identified in Microsoft Office as a campaign of infected Word documents targeted users worldwide. The documents were sent out by a group known as Dridex, who are known for abusing Office Macros to install malware, but who have found a route that bypasses macros for this attack.

The Proofpoint Analysis is as follows:

Emails in this campaign used an attached Microsoft Word RTF (Rich Text Format) document. Messages purported to be from “”. [device] may be “copier”, “documents”, “noreply”, “no-reply”, or “scanner”. The subject line in all cases read “Scan Data” and included attachments named “Scan_123456.doc” or “Scan_123456.pdf”, where “123456” was replaced with random digits. Note that while this campaign does not rely on sophisticated social engineering, the spoofed email domains and common practice of emailing digitized versions of documents make the lures fairly convincing.

While this particular email campaign was specifically targeted by a group that regularly attacks banking information it should be a concern for everyone who uses Microsoft Office because it reveals an exploit that others might make use of to send malicious files in the future.

The April 8th attack is disconcerting for several reasons:

  • It is fairly sophisticated and infected files look like a file sent from a hardware in the target’s office.
  • It avoids the most common routes of detection from antiviruses and security protocols by exploiting a new Microsoft vulnerability.
  • Microsoft waited and unusually long time to disclose this vulnerability, which is surprising considering the scope of the attack and exploitation of Microsoft software.
  • Zeroday attacks more commonly target individuals in high-security positions. Seeing an attack of this type launched against a wide base of users is unusual.

A patch for the vulnerability was released by Microsoft on Tuesday, April 11th. Regardless of whether or not your device is patched PMCS recommends the following protocols to protect yourself from infection:

  • Never open emails or documents from unknown sources.
  • Don’t open documents unless you know the sender and know the sender meant to send a file to you.
  • Disable macros on your devices.
  • If you open a file in protected view and cannot understand the document do not disable Protected View.

Protected view is enabled by default on Microsoft Word, but in case you want to ensure that you have the extra protection offered by Protected View, follow the instructions below to make sure Protected View is enabled:

  1. Click the File tab in the upper left corner.
  2. Select Options.
  3. Select Trust Center in the left pane.
  4. Click Trust Center Settings.
  5. Select Protected View.
  6. Check all three options under Protected View and Click Ok.

Zeroday attacks are relatively uncommon but pose a large threat because they are difficult to protect against. Antivirus programs can’t protect against threats that are undefined, so zerodays often meet no resistance from your computer. The best way to avoid being harmed by zeroday attacks is to implement good safety protocols and follow them regardless of whether a new threat has been identified.

If you are concerned that you may be infected or would like to plan to prevent infections in the future please give us a call at (818)957-5647. PMCS has decades of experience preventing infections and repairing the damage done by malware and viruses. We are here to help if you are concerned about this new threat.

 

Ransomware Shows the Importance of Updating Software

People are frequently frustrated by the need to update software. “I paid for Adobe already” or “I bought a Microsoft license years ago, why do I need to pay again for a new one” is a refrain we hear frequently. Ransomware is the perfect example of why using up-to-date software is vital. It perfectly illustrates the risks of relying exclusively on your antivirus for security.

Ransomware can take advantage of macros in outdated versions of programs to encrypt all the files on your computer. It can even encrypt your entire network if your computer is connected to a network. In particular Locky Ransomware is an example that attacks outdated copies of Microsoft Word. It appears as a Word Document in an email, posing as an invoice. Once the document is opened installs malware on your computer if macros are enabled. If macros aren’t enabled the ransomware asks you to enable macros. Here are the simple steps you can take to prevent yourself from being infected:

  • 1 – Don’t open email attachments from people you don’t know. Locky Ransomware poses as an invoice from a vendor. Make sure you are only opening files from companies you work with.
  • 2 – Don’t follow instructions from strangers. Locky Ransomware only works if macros are enabled. If macros aren’t enabled the ransomware asks you to change your settings. If an attachment from a stranger requires you to update or change your settings it is almost certainly going to be to your detriment.
  • 3 – Don’t use outdated software. You should never use software that is outside of the manufacturer support period (for example, Microsoft Office 1997 or Windows XP). Manufacturer support means there are patches and fixes still being written for the software while unsupported software is vulnerable to attack and will not be fixed or patched by the manufacturer.
  • 4 – Keep an up-to-date antivirus. Even though antivirus software won’t catch everything it’s much safer to have an antivirus than to have no protection at all.

If you aren’t sure if your Microsoft Office is up-to-date or if you need an antivirus license for your individual desktop or for an office-wide network please give us a call.

If you think you might have been infected with Ransomware or any other viruses or malicious software please also give us a call and we will do what we can to save your data and protect you in the future.

Reach out to us a (818)957-5647 or through our contact page.