Wednesday, August 31, 2016

Free tips how to keep kids Safe Online


Do you worry that your kids will receive some harassing messages or become a victim of ever accelerating cyber-criminal?!

Most probably you do.

Internet is very important for kids nowadays. They use it for experiencing new staff, educational purposes and many other great benefits. However, as much as good things it can bring the bad part doesn’t fall behind. That is where parent’s worry starts.

The Internet hides many kinds of cyber dangers and kids always like to try new staff and click on almost everything. Therefore, the parent may worry that a hacker can misuse this very easily.  It is very important to teach kids about the cyber space from start and to get engaged in their online lives so you can see their behavior and advise them accordingly.

The Internet can bring many kind of risks: hidden online predators, illegal online activities, privacy loss, harmful sites and etc. Parent should explain their kids that not everything on the Internet is true and what harm it can bring to them if they believe in everything they see or read.

Below we have highlighted some key tips you should follow to ensure your kid is safe so you can sleep well.

1. Cyber-crime awareness – the first and most important tip is talking to your kids about cyber-crime and how to avoid it. Let them stay aware on the tactics hackers use to trick end users, teach them how a suspicious download button looks like and let them always be open and not scared to come to you if they have downloaded a virus by mistake. A good proactive security solution may be the best fit for this situation since it will block anything before it runs.

2. Passwords – make sure that your home network is secured with a strong password. Moreover, make sure to educate your child that password sharing is not a safe practice and that creating a strong password and keeping it for itself it’s the best way to say safe.  

3. Cyber-bullying – this practice has become, unfortunately, very common in the virtual world especially among young generations. In case your child is being cyber-bullied, teach them to never respond to harassing messages and to report these activities to respective government bodies.

4. Privacy – unfortunately, online privacy is a myth. Everyone can just simply “google” you and get all the information they need about you. But let the found information be safe enough. Teach them to carefully reveal information about themselves, to hide their location tags, and to think twice before posting something on social networks since nowadays everything can be misused.

5. Parental control filtering – there are many options to implement; web filtering, block access to websites you find harmful or inappropriate, configuring parental controls on your router. However, this may work for younger children but for older kids it may not be that successful since they will probably find ways around the filtering you have implemented.

6. Online sites – it is more than important to educate your kids on the importance of safe browsing. Let them stay aware to only interact with secured websites (https protocol) or that are secured by some of the security software vendors. Also, whenever they register and reveal some of their info to any website, legitimat
e or not, let them inform you so you can double check. It is very important to reduce the risk of online identity theft therefore the less information they reveal the safer they are. A good anti-keylogger software would remove the worries since it camouflages all the keystrokes you enter so no one can track what you type.

7. Security solution - To not worry all the time if your kid has downloaded a virus, ransomware or even a keylogger and with that make the whole family harm the best would be to install a comprehensive security solution that will block automatically the downloaded virus and will always inform you if your device is at threat.

It is definitely not easy to educate your kids on the importance of staying safe online since most probably they don’t want to listen, therefore find the best possible way to reach out to them with the message. Till than install a parental control filtering and a security software and reduce the risk as much as possible.




Tuesday, August 23, 2016

Epic Games hacked again –800,000 gamers personal info exposed online


 Just few days ago, we have been mentioning how gamingindustry takes a huge part of the software development industry and how cyber criminals always try to attack with different techniques.

Well, here it comes. Online forums run by Epic Games have been hacked and more than 800,000 personal info from their users is exposed.

The organization which is well known for developing games such as Tournament, Gears of War and Infinity Blad has experienced a major hack last year and now they were hit again.

The hacking attack has put thousands of user’s private information at risk such as: usernames, birth date, passwords, comments section, private messages and other sensitive info.

Below you can find the statement published on Unreal Engine forum site:



Ok. Passwords are safe so they think it’s good to go but most users are not aware that cyber criminals can misuse their other exposed info in many other malicious ways like sending malware to the stolen email addresses, using social engineering tactic, phishing scams and etc.

Question that arises here is: What is causing these major hacks?

According to ESET Blog, the problem appears to be the usage of out-of-date version of the vBulletin software that has SQL injection vulnerabilities which basically means that hackers have a free way to attack and steal users’ info.

After their first major breach, EpicGames should work on their problems but they didn’t since two times their same security vulnerability has been misused by hackers.

What to do now?

EpicGames should definitely work on their problems and fix their security issues right away. On the other hand, gamers should protect themselves by using complex passwords for each of their accounts.
 
For those who have their info exposed with this hack, we recommend installing security software that will block any attempt of cyber criminals to misuse your stolen email address.

Main point here is that it’s the organizations’ responsibility to take care of their clients’/users’ data therefore we advise every business to don’t  play with their luck and to implement the right security solution within their work frames.





Friday, August 19, 2016

What are the most recent ransomware discoveries?


In the period between 2015 and 2016 there is been an increase in the total number of users who encountered ransomware. It rose by 17.7% compared to previous year and, as it seems, it doesn’t show any signs of stopping.

Owners of small businesses are experiencing a great hip of ransomware attacks since they present a great attacking point to cyber criminals. As a matter of fact, a security report states, that 54% of UK companies were hit by ransomware in the last year. The problem that arises here, as National Cyber Security Alliace states, is that 60% of small businesses hit by cyber attacks end up going out of business.

Everyone is a target; therefore we all should take needed precautions and most importantly always
stay informed on the latest variants and ransomware discoveries. CBR listed the latest versions:

El Gato

This one is for Android users. Cat-themed ransomware displays cute cat images once users’ device has been infected and locked. It has the ability to steal users SMS Messages, encrypt their files and also has botnet capabilities. It is not an advanced variant since it is find to be easily decrypted.

Hitler

Here, most probably the name of the ransomware should tell a lot. However, it has been discovered by a Jakub Kroustek, malware analyst who stated that this ransomware was developed by less-skilled hackers that for the attack method used file detection. Once you become a victim it will display a picture of Hitler. It doesn’t even encrypt files, so what it does is that it removes the extension for all the files under different directories. The ransom that the victim had to pay was 25 Euro Vodafone Card. However, if the victim refused to pay, the ransomware would crash victims’ computer and delete all files. So, here a good offline back up would be a good prevention.

Cerber v2

This ransomware variant was more advanced in a sense that it was capable to escape general antivirus checkers due to the fact that it was updating its hash all the time. So general antivirus product were not able to detect it since they were left without the malware signature. Soon, Trend Micro released a free decryptor tool to crash the malware so Cerber presence didn’t last long.

These are only few version that were present, there are many other that are uncovered and many more that still hide it the dark part of the cyber world. Back up your files regularly and install a ransomware protection that is capable to defeat all ransomware variants. Isn’t it better to pay a little for a security protection than huge amounts in ransom?!

At the end it’s your choice. Ransomware analyst at Zemana devoted their time to spare you guys all the headache ransomware can cause. They developed a product that is capable to defeat known and unknown ransomware variants as stated by MRG Effitas. See report here.

Simply, install ransomware protection and stay worry free.




Thursday, August 18, 2016

Sphinx Banking Trojan is part of the Olympic Games in Rio 2016 and definitely it's taking Gold!


Sphinx Banking Trojan is part of the Olympic Games in Rio 2016!

The banking Trojan is targeting banks and payment methods in Brazil. Everyone could expect that a cyber attack will happen during this particular time since thousands of people are visiting and everyone is purely focused on the games and fun.

Cyber attackers have fun also but in their way.

Did you hear about the infamous Zeus? Well, this Trojan is part of that malware family and it contains the Zeus code in itself. The advanced feature of this malware that it learned the mistakes from Zeus baking Trojan and improved by becoming immune to detection so not even Zeus tracking tool can detect it.

Sphinx banking Trojan first appeared last year in August as well, offered most probably by a Russian vendor for $500 per binary (less malware builder) meaning to say that the buyers cannot generate new malware files rather they have to contact the vendor again.

How does Sphinx banking Trojan works?

Just like other banking Trojans, it spreads by creating fake websites that have web injects. So, you think it's your bank but actually  it’s not, so it extracts all the data you enter. It has been even further advanced with social engineering tactics and card reader that is able trick the user to enter their data so the cyber criminals can collect it.

By using this method, the infamous banking Trojan attacked three banks in Brazil as well as Boleto payment methods.

Cyber criminals attack where money is so the popularity of banking Trojans was expected.

Therefore corporations and home users should always be aware of this problem and implement multiple layered security protection. By expecting this kind of globally famous event, as the Olympics, organizations should know that cyber criminal can misuse it easily.

How to stay safe from banking Trojans?

Simple. No need to display step by step guides how to stay safe. Rarely something works. That is the reason why security vendors exist. They invest their time in constant research and behavioral analysis of these kind of malicious activities. So hurry and download an anti-keylogger that has real-time protection and that is specialized in blocking baking Trojans, financial malware, ransomware and similar advanced threats.

Install it and keep it running all the time! If you do this than no worries you are safe!

Useful note: Did you know that Zemana AntiLogger got the perfect score in detecting and blocking banking Trojans, financial malware and advanced keyloggers? See full report here.




Zemana got a perfect score on MRG Effitas Online Banking Certification Q2 2016 report


MRG Effitas, a UK-based independent IT security research company publishes an Online Banking Browser Security Report every year for the last four years. Since 2013, that single report has been replaced by quarterly assessments.

In the latest report Q2 2016 they have tested a group of internet security suits and anti-financial fraud applications whereby Zemana AntiLogger was one of the tested products.

The main purpose of the report is to show the ability of different products in detecting and blocking various financial malware and keyloggers.

As these two security threats have always been and still are major security issues due to the fact that they purpose is to grab user’s name and password from places that are used for online transactions. Another thing financial malware and keylogger can do is to steal login credentials from popular social networking websites such as Facebook, Twitter, LinkedIn, etc or any other platform you share your private data with.

In this assessment (Q2 2016) they ran the following tests:

  • In-the-Wild Real Financial Malware Test - (86 live ITW samples were used)
  • Botnet Test - (detection of financial malware such as ZeusVM/KINS, SpyEye..)
  • Simulator Test – Powershell keylogger test (Tested of the oldest techniques to steal)
  • Simulator Test – (API hooking simulator test)


The below tables show the results and capability of different products tested in the Online Banking / Browser Security Certification Program.



Table 1: Q2 2016 In-the-Wild real financial malware test results


The above table shows the results of testing using In-the-Wild real financial malware where Zemana scored 100%.


Table 2: Q2 2016 Real Botnet tests results

The above table shows the results of testing using real financial malware where Zemana Antilogger detected and blocked financial malware from capturing login data.



Table 3: Q2 2016 Simulator test results

The above table shows the results of testing using the malware simulators where Zemana AntiLogger managed to block successfully all malware simulators.

We are glad that to announce that Zemana AntiLogger has succesfully blocked all the above threats. For you we have even better news. Here you can get Zemana AntiLogger 30% OFF and stay protected 100%.

In case you would like to check out all methodologies used during the report and all details of the above mentioned results you can see the report here.



Wednesday, August 17, 2016

Why cyber security plays an essential part in video games development?


When software development started to become a hit worldwide, security matters were not that important. Everyone just focused on the functionality of the software itself and no one had time to focus on security issues since cyber criminal was not that famous then.

Now with the increase of cyber criminal, security became a top priority throughout all channels and all development phases of software.

Luckily, developers are extremely aware of it and find it as an essential concept.

Software industry has grown rapidly, especially in the past decade. Everyday some new software comes to the surface and with that new challenges arise as well. However, there is a software category that became a BUM in this field and that holds very tight fingers with cyber security.

Video games!

Video games are not a new concept but lately they became one of the software categories that generate massive revenues and have million of active users worldwide.

ESET experts conducted an interview with AndrĂ©s Rossi, CEO of Sismogames – an Argentine company that develops video games for social networks and mobile devices, a niche market that was in 2015 worth $1.97 billion in the US alone.

His opinion on security problems in video games industry is very straightforward:

 “Over the years, I have seen all sorts of incidents, from payment-card frauds, to cyber attacks targeting gamers and the subsequent claim of prizes, to exploitation of servers just for the sake of playing”, he described.

Besides he also noticed that most of these problems occur because of users' irresponsibility:

“Irresponsible as it may seem, what I see most frequently are players who leave their accounts open in machines that do not belong to them, they just leave without logging off or erasing their private data.” 

Even though this irresponsible act shouldn’t even be present among users but actually it is one major problem that causes a lot of security incidents.

Besides, as he states, the security incidents are caused due to the fact that there are many malware that are stored within different flash drives or file attachments that go from user to user.

The importance of cyber security implementation in video games development is a MUST!

He continues that thinking about security implementation while developing a game must be part of the development routine although he believes that the ignorance towards security matters prevails among many video games developers.

He even highlighted the incident with Sony which had its online PlayStation platform compromised.

Online security implementation is something that everyone should work on

While playing a video game, user reveals different kind of sensitive information such as email accounts, Facebook account, credit card details while purchasing some virtual currencies or premium features/items and so on and so forth.

All these games collect very sensitive data, therefore all video games are potential targets to cyber criminals  which means that users data can be easily compromised and exposed.

Having this in mind, and the consequences it can make, each game developer should carefully implement security channels throughout the software in order to prevent possible cyber attacks and data breaches.

Online security as a essential part of video games

It is definitely not easy to focus on many things while developing a game therefore video game developer should work closely with security software companies that can easily implement security channels throughout the game.

The awareness on this matter has to be raised

Security incidents related to video games are increasing each minute. Millions of users trust game developers and reveal their data in order to play and enjoy the game. Therefore security software companies and game developer should work closely and as much possible decrease the security incidents in this industry and share awareness among users on possible security issues.




Tuesday, August 16, 2016

New Android malware has the ability to steal your credentials and even pretend it’s your bank


Security researchers from Kaspersky Lab discovered a new piece of Android malware designed to steal your banking credentials and even pretend it’s your bank in a sophisticated way.

All in all, the malware in the basic terms is similar to other variants. However, it stands out with its ability to intercept and delete sent messages from banking institutions.

This can create a massive impact on online banking users since even if the bank notifies them about the new malicious banking activity, the new malware can delete or customize the message leaving the users unaware that they may soon become a victim and loose a bunch of money.

Some banks practice sending alerts via SMS to users in order to authenticate some unusual banking activity on their accounts.

In Russia, it’s the worst case since the malware can offset any mobile security solution that is popular in Russia and installed on your phone in order to finalize the infection path.

You can download the malware from anywhere without being aware of it

It hides everywhere and it can be downloaded via Google AdSense advertising network, which means – Watch Out! Lot of sites, new, old, good and bad use this network to display advertising and the Trojan hides right there.

The Trojan is downloaded as soon as a page with the advert is visited

Android users are always a target due to the openness of the system. However, it came to a point where Android users can’t even Google around and look out for some great sites or great news because the malware is in there aaaand Voila – you have downloaded last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q.

The scary part-you don’t even notice that you have downloaded it since it doesn’t require any kind of following confirmation or link clicks.

Even though till now the effects are seen in Russia only, it doesn’t assure us that it will not spread to other countries as well.

Download an Android anti-keylogger and stay worry free. Nothing can bypass that!