You may damage your computer.
By pulling the plug or forcing a power-off by holding down the power button, you risk corrupting data on your hard drive and damaging hardware.
I’m not sure what kinds of problems you’re having with the power button, but even that needs to be used correctly, or you could end up with the very problems you’re seeing.
Antivirus firms are gradually adding support for Microsoft’s Windows patch for the Meltdown and Spectre attack methods that affect most modern CPUs.
As Microsoft warned this week, it’s not delivering its January 3 Windows security updates to customers if they’re running third-party antivirus, unless the AV is confirmed to be compatible with it.
Microsoft’s testing found some antivirus products were producing errors by making unsupported calls into Windows kernel memory, resulting in blue screen of death (BSOD) errors.
Third-party Windows antivirus products need to support Microsoft’s security update and set a Windows registry key for customers to receive the update via Windows Update.
To make matters more confusing, only some antivirus vendors are actually doing both, while others require admins to set the registry key themselves, using Microsoft’s instructions. Additionally, some antivirus companies haven’t completed compatibility testing.
Microsoft hasn’t said which antivirus products are compatible beyond its own Windows Defender and Microsoft Security Essentials. However, security researcher Kevin Beaumont has created a public spreadsheet that may help IT admins prepare for installing Microsoft’s mitigations for the attack techniques that affect CPUs from Intel, AMD and Arm, albeit to differing degrees.
Call 210-549-6477 with questions
https://www.nytimes.com/interactive/2017/05/12/world/europe/wannacry-ransomware-map.html
This is a public service security announcement for all users of computers running any version of Windows.
We have confirmed that a serious virulent ransomware threat known as WannaCrypt0r/WannaCry has affected Windows computers on shared networks in at least 74 countries worldwide, with 57,000 reported individual cases being affected. And according to the analysis team at Kaspersky Lab, that number is growing fast.
Once one computer on a network is affected, the malware infection easily spreads to other Windows computers on the same network, shutting down entire government agencies and national infrastructure companies. Hospitals across the UK were being forced to divert patients and ambulance routes as of Friday afternoon, and several utility companies across Europe reported infection across their computer networks according to BBC News.
Ransomware is a kind of malicious script or software that installs itself on your computer without your knowledge. Once it’s installed and running, it will lock down your system and won’t allow you to access any files or programs on that computer. Usually, as in this current WannaCry exploit, it will alert you to the lockdown with an impossible-to-ignore pop-up screen which informs you that your computer is being held for ransom. To unlock your system and regain access to the computer being held hostage, the lock screen informs you that you must purchase an unlock tool or decryption key from the hacker.
In this case, Microsoft has been aware of the vulnerability since March 2017, when it published a Security Bulletin covering the potential risk. According to the Spanish newspaper El Mundo, early indicators seem to point to the attack originating in China, but more information is needed.
The most obvious way to tell if your computer has been affected is if you are seeing a ransomware pop-up screen when you start up your computer. But because we don’t know how long the malware sits on your computer or network, not seeing this pop-up isn’t necessarily an indication that you haven’t been infected. The bottom line: if your Windows computer has connected to a shared network, such as those found in schools, public places, cafes and businesses, and you don’t have complete control over every computer on that network and haven’t been keeping Windows up-to-date, your computer may be infected.
According to Microsoft a fix for this vulnerability was released on March 14th for all affected versions of Windows. If you are running Windows and have automatic updates enabled you should be okay. If you don’t and haven’t updated recently you should update to the most recently released version immediately. It is important to note that unsupported versions of Windows, like XP, did not receive this security update. Those systems should either be isolated or shut down.
Please pass this along to your friends and family. Those that are less technical may not have updates auto-enabled, and may need a helping hand updating their operating system.
The recent test reports of Security firm AV-Test reveal that Microsoft’s Windows Defender has scored 100% for the 3rd consecutive month when tested for the zero-day malware protection. AV-test tested Windows Defender against current online threats, which involved accessing known malicious websites or e-mails so as to test if the security product is able to ward off attacks practically or not.
AV-TEST Product Review and Certification Report tests for Windows 7 (January and February 2017) and Windows 10 (December 2016) show Microsoft doing a great job and scoring 100% in zero-day malware checks. Here is the analysis.
Not long ago, Windows Defender was so mediocre that it was only considered as the baseline metric in third-party tests. However, analysis of the recent AV-test reports will tell you that Windows Defender has improved significantly in the past 12 months.
For instance, let’s compare the AV-test report for Windows 7, for zero-day malware protection in the past 12 months. In July and August 2016, the Windows Defender scored 95.2% and 86.1% respectively while for the same test conducted this year in January and February, it scored a perfect 100%.
Analyzing the results of the third-party suites, some of which charge you money to use them, the likes of AVG Antivirus Business 16, G Data Antivirus Business 14, Intel Security McAfee Endpoint Security 10.2, Seqrite Endpoint Security 17.0 were found to be trailing Microsoft.
On the other hand, Bitdefender Endpoint Security 6.2, F-Secure Client Security 12.30, Kaspersky Lab Endpoint Security 10.2, Kaspersky Lab Small Office Security 10.2, Sophos Endpoint Security and Control 10.6, Symantec Endpoint Protection 14, Symantec Endpoint Protection Cloud 22.8 and Trend Micro Office Scan 12.0 were found as effective as Windows Defender, all scoring 100%.
For Windows 10 users
Comparing the AV-test report for Windows 10, for zero-day malware protection in the past 12 months. Back in March and April 2015, the Windows defender scored a poor 88.9% and 88% respectively. Whereas, in November and December 2016, it scored 97.9% and 100% respectively showing a remarkable improvement.
Third-party suites like AVG Antivirus Business 2016, Bitdefender Endpoint Security 6.2, G Data AntiVirus Business 14 and Intel Security McAfee Endpoint Security 10.2 were found to be less effective dealing with zero-day malware protection when compared with the Windows Defender.
While, F-Secure Client Security 12.2, Kaspersky Lab Endpoint Security 10, Kaspersky Lab Small Office Security 5, Seqrite Endpoint Security 17, Sophos Endpoint Security and Control 10.6, Symantec Endpoint Protection 14 and Trend Micro Office Scan 11 were at par with the Windows Defender, all scoring 100%.
Can you consider Windows Defender against top third-party antivirus suites
The results from the AV-tests shows that Windows Defender has improved a great deal in moving from the lower bottom levels in the last 6-12 months. Although it has still more ground to cover before it can challenge the top security vendors who offer a better overall protection, you can surely rely on Defender to provide more than average class protection.
source
Windows Defender tops AV-Test zero-day malware charts for the 3rd straight month
This entry was posted in General Security on April 14, 2017 by Mark Maunder 62 Replies
This is a Wordfence public service security announcement for all users of Chrome and Firefox web browsers:
There is a phishing attack that is receiving much attention today in the security community.
As a reminder: A phishing attack is when an attacker sends you an email that contains a link to a malicious website. You click on the link because it appears to be trusted. Merely visiting the website may infect your computer or you may be tricked into signing into the malicious site with credentials from a site you trust. The attacker then has access to your username, password and any other sensitive information they can trick you into providing.
This variant of a phishing attack uses unicode to register domains that look identical to real domains. These fake domains can be used in phishing attacks to fool users into signing into a fake website, thereby handing over their login credentials to an attacker.
Read More
Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites
Creating disk images lets you restore Windows and all your imaged disks and partitions to a previous working state from compressed copies you have created and kept updated on external storage media, quickly and probably without technical help.
You can recover from:
– a failed disk drive (restore to a new one)
– ransomware (which encrypts your disk)
– user error
– unrecoverable problems from failed updates to problem programs
– unbootable PC (hardware faults aside)
Images also act as a full backup- you can extract files too.
You can even use images to help you move more easily and quickly to a new PC.
Imaging can even help you sleep at night knowing you have a second chance.
I recommend and install on every computer I service Macrium Reflect (free) as a good robust solution and more reliable than some others. It’s
– more feature rich
– more flexible
– more reliable
than Windows Backup and Restore system images.
There are other such programs, free/commercial, some with simpler interfaces, but Macrium is one of the most robust and reliable.
How long does it take?
SSD+ USB3 – maybe 15 mins
HDD + USB2 – maybe 40-50 mins
That’s with little personal data, few programs installed.
– of course, depends on how much you have on C:
(You can and should image all your partitions and disks)
You need a backup medium – I recommend a 1tb external drive. This will vary dependent on the number of images you keep, I recommend keeping 3 images of each computer you own. So is only a rough practical guide.
Some comment that system restore isn’t always reliable; if it works and solves the problem, great. But sometimes restores won’t work or fail. And of course, a restore point only covers a limited number of aspects of the system. That’s where disk imaging comes in.
I can assist with setting this up and showing you how to do it.
https://sapcupgrades.com/services/backup/
A large SPAM campaign is underway where victims receive an email that pretends to be a requested invoice and contains a password for a password protected encrypted Word document attachment. These password protected word documents contain embedded VBScript files that will download and install the Ursnif keylogger.
When Word documents are password protected, they also become encrypted. Malware distributors are hoping that by sending these encrypted Word documents they will be harder to detect by security software. You can see an example of one of the malicious SPAM emails that was provided to me by Zenexer.
Read More. https://www.bleepingcomputer.com/news/security/spam-campaign-underway-that-uses-encrypted-word-docs-to-install-ursnif/
Several users have complained that ads served through Microsoft’s Skype app are serving malicious downloads, which if opened, can trigger ransomware.
News of the issue came from a Reddit thread on Wednesday, in which the original poster said that Skype’s home screen — the first screen that shows up on consumer versions of the software — was pushing a fake, malicious ad, purporting to be a critical update for the Flash web plug-in.
According to the thread, the ad triggered a download of an HTML application, designed to look like a legitimate app. The app, when opened, would download a malicious payload, which locks the user’s computer and encrypts its files for ransom.
Many other users in the past few days have also complained of similar issues with Skype’s in-app ads, with at least two other people having the same “fake Flash” ad into Thursday.
Knowing it was malicious, the user didn’t run the app but instead deconstructed and posted the code…
Read more: Skype users hit by ransomware through in-app malicious ads | ZDNet
Do you live in one of the top ten most infected cities? The answer is YES
Webroot conducted a survey and found the most infected cities in the U.S. The survey found that the numbers do not reflect density. New York, which is the most densely populated city in the U.S. is not on the list.
The research included PC’s, laptops and smart phones. And it also found that these infected devices had an average of 6 to 24 pieces of malware installed.
“Our most infected cities list shows that cybercriminals have no geographical bias,” said David Dufour, senior director of engineering at Webroot. “Whether you live in a big city or small town, from east coast to west coast and everywhere in between, you are susceptible to being a victim of malware. It is in everyone’s best interest to run a security solution on their personal device, and to make sure that all security software subscriptions are current.”
So what are the most infected cities? Here is the top ten:
• Houston – 60,801
• Chicago – 49,147
• Phoenix – 42,983
• Denver – 39,711
• San Antonio – 39,646
• Dallas – 37,630
• Los Angeles – 34,050
• Las Vegas – 31,836
• Minneapolis, Minn. – 28,517
• Charlotte, N.C. – 27,092
We advise that all users practice safe surfing. Those safety measures include having up to date security software, use strong passwords, avoid public wi-fi, and store your personal information and important documents in the cloud
Best of all have image backups on an EXTERNAL drive done on a monthly basis.
Contact Us today for Virus/Malware prevention and clean up 210-549-6477
