NetSpectre: new Spectre-based attack uses the network

We all expected Spectre to give security experts a headache. The fact that the attack takes advantage of unsolvable vulnerabilities found on CPUs forces us to include mitigations in every way possible, including the OS’ kernel, drivers (from components to GPUs), programs and apps, and third-party apps.

After two new Spectre-based vulnerabilities became known last month, now there comes an attack that affects systems with Intel CPUs. It was dubbed NetSpectre because it can be launched over the network, a greater risk than before because threats previously required some form of local code execution.

NetSpectre is a new remote side-channel attack that is related to Spectre variant 1 (CVE-2017-5753) and abuses speculative execution to perform bounds-check bypass and can be used to defeat ASLR. NetSpectre could allow an attacker to write and execute malicious codes that could potentially be exploited to extract data from previously-secured CPU memory, including passwords, cryptographic keys and other sensitive information. Instead of relying on covert cache channel, researchers demonstrated how NetSpectre works using the AVX-based covert channel that allowed them to capture data at a deficient speed of 60 bits per hour from the target system. Continue reading “NetSpectre: new Spectre-based attack uses the network”

This is how you can protect yourself against this new Trojan that can affect users in several ways

A new threat puts users’ security at risk. This is a new problem for which we must find a solution in order to avoid putting our devices at risk. We are talking about Parasite HTTP, a remote access Trojan (RAT) and an updated version of an already identified banking Trojan. It uses phishing campaigns targeting a wide variety of sectors. Its goal is the same: stealing users’ banking credentials.

Parasite HTTP, a new Trojan

According to Proofpoint researchers, this new malware is being distributed via emails. Said emails come with a Microsoft Word attachment containing hidden malicious macros that would download the RAT from a remote site.

As we have mentioned, this new banking Trojan has been dubbed Parasite HTTP. It has features that make it new, like anti-emulation, sandbox identification, and anti-debugging, to name a few.

The upgraded RAT is an advanced version of a previously detected banking Trojan. Additionally, according to researchers, Parasite HTTP’s modular structure adds newer modules once it compromises a device successfully.

We have to mention that Parasite HTTP is written in C language and has a size of only 49 KB. The malware communicates in an encrypted format and is able to bypass firewalls. Continue reading “This is how you can protect yourself against this new Trojan that can affect users in several ways”

What to do in terms of security if we get a new computer

Security is a key aspect to keep our phone working well. Therefore, we have to use tools and programs to keep malware at bay. Doing this will let us face possible threats that could cause our device to malfunction. However, taking measures is even more important in case of a new or recently bought computer or one that has been formatted to install a new OS from scratch. In this article, we will talk about the security measures we must take if we have a new computer.

First security measures on PCs

When we buy a new PC (or even phones or tablets), it is virtually empty. It has a few built-in apps, but setting the PC up is our responsibility. The first steps can make a difference in the medium and long run. I recently bought a new computer, and since it is my work tool, security is really important. This is why we will use this article to show some basic advices.

The first thing to do is to install security programs and tools regardless of the OS or platforms we use, as they are all vulnerable in some way. A good antivirus is important. Windows 10, the latest version of Microsoft’s OS, is widely used and comes with Windows Defender.

Additionally, I personally think it is really useful to uninstall useless apps that might come with the system and that we might not really need. They are not really bothersome or dangerous in terms of security, but it might be worth uninstalling them and somewhat clean the PC.

Continue reading “What to do in terms of security if we get a new computer”

Passera: protect services used on Android with passwords created by this generator

Protecting the services we use? A lot of users always use the same password to avoid wasting time creating new ones, but this is a huge mistake. Doing so allows cybercriminals to use a hacked service to attack other services. This is why we will use this article to talk about an app for Android devices that you will like. It is called Passera, a free password generator. Do you want to know more about it?

The reason why we wanted to talk about this app for Android is because of the OS’ market share. The amount of services used on Android smartphones and tablets keeps increasing.

This is why this type of apps becomes important for said devices.

A password generator prevents the user from having to come up with a password that is complex enough. Passera is a tool that provides unique passwords to the user easily. It is capable of turning any entered text into passwords up to 64 characters long. Continue reading “Passera: protect services used on Android with passwords created by this generator”

A new ransomware like WannaCry has appeared. This is how you can protect yourself

Ransomware threats have recently turned into one of the most worrisome security threats for users. This type of threat is widely spread nowadays and we are completely sure about not wanting to get infected by it. As we know, hackers take over PCs, encrypting files so the victim has to pay a ransom to decrypt them. This is a serious issue if the infected PC has important personal or work-related information. Today we are talking about a GandCrab ransomware variant and how to be protected against it.

New GanCrab ransomware variant

As we know, WannaCry is an example of the most dangerous ransomware with the most victims. This ransomware variant affected around 300,000 organizations worldwide. The similarity between GandCrab and WannaCry lies in the fact that both of them use the SMB protocol to attack Windows users.

GandCrab attacks victims via compromised websites. According to researchers, this new type of malware is updated every day to attack victims in different countries. Hackers scan the internet to find vulnerable websites to carry out the attacks. The latest version features a long list of websites that were compromised. Continue reading “A new ransomware like WannaCry has appeared. This is how you can protect yourself”