Tag Archive

Why you need ransomware protection

Protect your computers …
MALWAREBYTES 3 & ESET Internet Security

MalwareWhy you need ransomware protection
In 2016, the U.S. Department of Justice revealed that the Internet Crime Complaint Center (IC3) had received nearly 7,700 public complaints regarding ransomware since 2005, totaling $57.6 million in damages. Those damages include ransoms paid—generally $200 to $10,000, according to the FBI—as well as costs incurred in dealing with the attack and estimated value of data lost. In 2015 alone, victims paid over $24 million across nearly 2,500 cases reported to the IC3.

Reports of two massive, global ransomware attacks are dominating the news. As workers in Europe are heading home for the weekend, ransomware is shutting down their systems. Here’s what we know so far.

The ransomware is spread using a known, and patched, vulnerability (MS17-010) that came from a leaked NSA set of exploits that we reported on our blog in April. Our research shows the encryption is done with RSA-2048 encryption. That means that decryption will be next to impossible, unless the coders have made a mistake that we haven’t found yet.

The demanded ransom of $300 per device and the potential risks to the public that come with the targets being big utility and healthcare companies seem to be in shrill contrast. We can only hope that the companies that were hit will be able to get their backups deployed quickly and can start the recovery from this cyberattack.

Computer DangerProtection
Consumers and businesses alike should be sure their systems and software are updated with all current patches in order to stop the spread of infection. Both our consumer product, Malwarebytes, and our business product, Malwarebytes Endpoint Security, already provide proactive protection against this threat. Malwarebytes signature-less anti-exploit technology blocks the infection vector, while our anti-malware technology blocks the payload pre-execution. Our anti-ransomware technology prevents users’ files from being encrypted and will stop any future unknown ransomware variants. Malwarebytes combines multiple security layers with the best-informed telemetry to block an attacker at every stage of the kill chain.

https://www.malwarebytes.com/

https://www.eset.com/us/

JungleComputer.com

So What Is Malware

Jungle ComputerSo what is malware? It comes in a bewildering variety of forms. Computer viruses are probably the most familiar type of malware so named because they spread by making copies of themselves. Worms have a similar property. Other types of malware, such as spyware, are named for what they do: In the case of spyware, it transmits personal information, such as credit card numbers.
So after asking “What is malware?” the next logical questions are, “who is creating it, and why?” The days when most malware was created by teenage pranksters are long gone. Malware today is largely designed by and for professional criminals.

These criminals may employ a variety of sophisticated tactics. In some cases, as technology site Public CIO notes, cybercriminals have even “locked up” computer data making the information inaccessible then demanded ransom from the users to get that data back.

But the main risk that cyber criminals pose to heavy computer users is stealing online banking information such as banking and credit card accounts and passwords. The criminal hackers who steal this information may then use it to drain your account or run up fraudulent credit card bills in your name. Or they may sell your account information on the black market, where this confidential information fetches a good price.

learn more


Jungle Computer
67 – 69 Public Square
6th Floor
Wilkes-Barre, Pennsylvania
18701-2500

Talk to a Jungle Computer Professional …
570.970.6555 | PHONE
info@junglecomputer.com

Pennsylvania Contractor License:
# PA114006

Top 10 Online Threats

Jungle ComputerThe strategies hackers use to break into your site can be complicated but the results are usually pretty simple; lost revenue.

Here are the 10 most common threats identified by the Open Web Application Security Project:

1. Injection.

It’s not uncommon for web applications to have injection flaws, especially SQL injection flaws. A hacker who finds one will send malicious data as part of a command or query. The attacker’s message tricks the app into changing data or executing a command it was not designed to obey.


2. Cross-site Scripting.

Cross-site Scripting flaws occur whenever an application sends user-supplied data to a web browser without validating it first. Hackers use these flaws to hijack users away from the site or deface it, thereby costing the site owner in lost business.


3. Insecure Direct Object References.

Applications that lack checks to verify a user is authorized to view particular content can be manipulated to access private data.


4. Broken Authentication.

When account credentials and session tokens aren’t properly protected, hackers can assume users’ identities online.


5. Cross-site Request Forgery (CSRF).

A CSRF attack tricks unknowing site visitors into submitting forged HTTP requests via image tags, XSS, or other techniques. If the user is logged in, the attack succeeds.


Jungle Computer Repair6. Security Misconfiguration.

Security misconfiguration flaws give hackers unauthorized access to system data via default accounts, unused pages, unpatched flaws, unprotected files and directories.


7. Insecure Cryptographic Storage.

Many web applications don’t do enough to protect sensitive data such as credit card numbers, Social Security numbers and login credentials . Thieves may use this data for identity theft, credit card fraud or other crimes.


8. Failure to Restrict URL Access.

Often an app will protect sensitive interactions by not showing links or URLs to unauthorized users. Attackers use this weakness to access those URLs directly in order to carry out unauthorized actions.


9. Insufficient Transport Layer Protection.

Applications often fail to authenticate, encrypt and protect the confidentiality of network traffic. Some use weak algorithms, expired or invalid certificates or use them incorrectly. This allows hackers to “eavesdrop” on online exchanges. An SSL Certificate typically neutralizes this threat.


10. Invalidated Redirects & Forwards.

Web applications often redirect or forward legitimate users to other pages and websites, using insecure data to determine the destination. Attackers use this weakness to redirect victims to phishing or malware sites, or use forwards to open private pages.

https://www.secureserver.net/security/malware-scanner.aspx?ci=89298&prog_id=270511

Defend Your Website

SiteLockSiteLock protects your web investment, keeping you and your customers safe from hackers and other online threats.

Keep your site clean and secure.

Every time shoppers place an order, they’re trusting you to keep them safe from hackers who steal information or spread spyware and viruses. Deliver on that promise with SiteLock. It not only finds malware but the security gaps hackers use to break in.

Jungle ComputerFind. Fix. Prevent.

SiteLock scans your website to find malicious software (malware) before it can harm you or your customers. Hackers insert malware onto legitimate websites in order to steal customer passwords and credit card numbers, deface or destroy the website or use your server to launch attacks on other websites.
Daily scans root out bugs.

We notify you as soon as we find any of the following problems:

  • Search engine/Browser blacklisting
  • Spam blacklisting
  • Application vulnerabilities, including SQLi & XSS
  • Website malware and viruses
  • File changes and suspicious code
  • Bot visits
  • Suspicious or malicious traffic to your site
  • Backdoors left by hackers
  • Our SMART tool takes out the trash.

Automatically removes malware and back-end files to keep your site from being disabled or blacklisted by search engines. (Professional and Premium plans)

Close the deal with our Trust Seal

Seventy percent of web visitors look for proof a site is secure before submitting personal data. Our Trust Seal shows customers they’re safe on your website.

What you get with SiteLock.

  • Daily malware scan
  • Database protection
  • Automated attack blocking
  • SiteLock Trust Seal
  • Search engine blacklist monitoring
  • CAPTCHA security
  • Eliminates comment spam
  • Security alerts
  • Unlimited expert support
  • *Money-back guarantee

Learn more


Jungle Computer LLC.
67 – 69 Public Square
6th Floor
Wilkes-Barre, Pennsylvania
18701-2500

Talk to a Jungle Computer Professional …
570.970.6555 | PHONE
info@junglecomputer.com

Jungle Computer

Jungle ComputerWe offer quality service, support & computers at competitive prices. Jungle Computer offers quality computers, monitors, peripherals, power protection devices, Tablet PCs, All-in-One PCs, networking products, input devices, data storage products, hardware and software, backup solutions and a comprehensive warranty with every computer.

We offer all types of custom built computer systems, computer repairs, upgrades, data recovery, networking, configuration, security along with wireless installations services in our office or on-site to both home and business users in the Wilkes-Barre, Scranton, Hazleton Pennsylvania area.

We are your local virus, spyware and malware removal and prevention specialists.