There are more free information security tools out there than you can highlight with a fist full of whiteboard pointers. While many are trial ware-based enticements designed to lure decision makers to purchase the pricey premium counterparts of these freebies, many are full-blown utilities. A few important categories include threat intelligence tools, tools to build security in during the development stage, penetration testers, and forensics tools. (click on the picture above for the full story)
WannaCry took down wide swaths of the internet over the weekend, then disappeared. Here’s what you need to know, without the hype.
(click on the picture for the full article.)
So I don’t need to worry about it right now?
Wrong. Very wrong. This is one of those rare times when the Windows sky is falling. We already have reports from Matt Suiche of a new WannaCry variant that’s been sinkholed with 10,000 infections logged. The clones are coming, and many of them won’t be easy to stop. You have to get your Windows PC patched now.
More cyber security freebies than you knew existed.
Like it or not, your PC is susceptible to malware. This page will teach you how to locate the bad stuff, then remove it from your system.
Click on the Skull and Cross Bones to Sniff out and kick out Windows malware for free.
For videos on how Sysinternals Process Explorer works click on the YouTube link below.
For a video for how VirusTotal click on the video below.
New Android malware poses as popular game, but enlists phones into botnet
The malware has evaded Google Play’s malware scans for weeks.
At least five instances of the app have so far been able to evade Google Play’s malware scans for almost a month, since it was first submitted to the app store.
When the user installs the app, it will automatically join a botnet — a network of devices controlled by an attacker — which disguise ad clicks to generate money
How to find your patch level.
The Security Patch Level can only be found on devices running Android Marshmallow.
The good news for Android Marshmallow (6.0) users is that the release includes very important improvements that go a long way to protect your device. One addition allows you to quickly find out the security patch level on your smartphone or tablet. It all started with the Stagefright vulnerability. Once the dust settled from that disaster, Google (and Samsung) made a promise to start rolling out monthly security updates. To that end, they decided to include a field in the device settings that would list for users to see when the last security patch was applied to the operating system.
“The hope of an anti-malware program that can perfectly detect malware and malicious hacking is pure folly. Keep an eye out for the common signs and symptoms of your computer being hacked as outlined above. And if you are risk-adverse, as I am, always perform a complete computer restore with the event of a breach. Because once your computer has been compromised, the bad guys can do anything and hide anywhere.”
Sure sign of system compromise No. 1:
Fake antivirus messages
Sure sign of system compromise No. 2:
Unwanted browser toolbars
Sure sign of system compromise No. 3:
Redirected Internet searches
Sure sign of system compromise No. 4:
Frequent random popups
Sure sign of system compromise No. 5:
Your friends receive fake emails from your email account
Sure sign of system compromise No. 6:
Your online passwords suddenly change
Sure sign of system compromise No. 7:
Unexpected software installs
Sure sign of system compromise No. 8:
Your mouse moves between programs and makes correct selections
Sure sign of system compromise No. 9:
Your antimalware software, Task Manager, or Registry Editor is disabled and can’t be restarted
Sure sign of system compromise No. 10:
Your bank account is missing money
Sure sign of system compromise No. 11:
You get calls from stores about nonpayment of shipped goods
(Click on CSO logo above for the ‘full’ article.)
Those who can create malware, will create malware — no matter how sneaky they have to be to do so. The latest craze is called pileup malware. The gist of this is a seemingly innocent and harmless piece of software is installed on your device (even with the stamp of approval from your malware scanner). The initial install requires little to no permissions, so it looks perfectly safe. The problem comes when it’s time to update that software. Without needing your approval, the software will upgrade its own permissions, giving it much more access than it originally had — there’s the pileup (and the rub). You now have an official piece of harmful malware on your machine.