More than 2 million users of anti-malware tool CCleaner installed a version of the software that had been hacked to include malware. Piriform, the developer of CCleaner now owned by security firm Avast, says its download servers were compromised at some point between 15th August, when it released version v5.33.6162 of the software, and the 12th of September, when it updated the servers with a new version.
In that period, a Trojan was loaded into the download package which sent ‘non-sensitive data’ from infected users’ computers back to a server located in America. The data, according to Piriform, included ‘computer name’, IP address, list of installed software, list of active software, list of network adapters.
As well as the data leak, however, the infection also resulted in a ‘second stage payload’ being installed on to the infected computer – another piece of malware, which Piriform says was never executed.
The company says 2.27m users were infected, but added that ‘we believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm.’
Compromising downloads to trusted software is an increasingly common route by which malware authors infect devices. The method is known as a ‘supply chain’ attack. It works because the attackers are relying on the trust relationship between a manufacturer or supplier and a customer.
www.theguardian.com/uk/technology (19th September)
Microsoft has confirmed that some users of Outlook are unable to send emails or access their accounts.
Hundreds of users from around Europe have commented on the website Downdetector that they have been affected by the problem.
A common issue seems to be that emails remain in the draft folder and are not being delivered to recipients.
‘Intermittent connectivity is affecting customers in some European countries, which we are working to resolve as soon as possible,’ said a Microsoft representative. They are monitoring the environment while connectivity recovers.
www.bbc.technews (19th September)
A Russian-funded campaign to promote divisive social and political messages on its network has been discovered by Facebook. Approximately, £77,000 has been spent on over 3000 ads over a two year period.
The adverts did not back any political figures specifically, but instead posted on topics such as immigration, race and equal rights. Facebook has said it is co-operating with a US investigation into the matter. The advertisements were in breach of Facebook’s terms and conditions and spread false information to around 470 accounts
“The ads and accounts appeared to focus on amplifying divisive social and political messages across the ideological spectrum,” the company said in a blog post published on Wednesday.
The company said it believed, but could not independently confirm, that the accounts were created by the so-called Internet Research Agency, a St Petersburg-based group known for posting pro-Kremlin messages on social media.
The accounts in question have now been shut down.
www.bbc.co.uk/technews (7th September 17)
Emoticons were once thought to be the way forward in providing the world with a global language – one capable of crossing cultural borders. The reality, however, has proved to be rather to the contrary.
Even the most familiar emoji of a grinning face, can look very different on different devices or operating systems – and can be interpreted in different ways by a variety of cultures.
Intercultural expert and professional business coach, Alyssa Bantle, believes companies should be wary of their use in written communication. The advice of the experts is to use them sparingly – if at all. there is not a universal understanding of what many of the emoji mean ad it is very easy for them to be misinterpreted. A toothy grin on Windows was rated as emotionally positive while the same symbol on Apple looked more like a grimace to some.
Some emoji’s can quickly communicate the positive or joking tone of a statement – but different cultures read those faces differently – especially in regard to levels of formality and what is appropriate in workplace written communication.
In Zimbabwe there is a notable difference in larger versus smaller companies. In larger companies communication is traditional and formal. Protocol in meetings and emails is considered essential. Smaller companies are more informal and communication is frequent.
Some German companies, and in Indonesia, written communication style is formal where titles are used and last names. Using first names might seem friendly – but can be interpreted as a lack of respect – so emoji’s can only add to the complication.
In Latin American cultures, like Mexico, communication is also wordy, indirect and formal. This style shows politeness and respect.
It is so important that one considers deeper cultural issues when choosing how to get a message across. An emoji may not be appropriate even if it seems innocent and friendly. There is a fine line between the use of social media and the communication between colleagues at work. One needs to be clear about what is acceptable and appropriate for communication at work and at a business level.
NHS Lanarkshire was attacked by a new variant of Bitpaymer last week. The cyber attack led to some appointments and procedures being cancelled. Staff worked over the weekend to reinstate IT systems, and are trying to establish how the malware was able to infiltrate the network without being detected.
This infection shows how disruptive Ransomware can be. It encrypts the data it finds on a host computer so that it can no longer be accessed, and then demands payment, often in Bitcoin, for its release.
This type of cyber attack can happen at anytime – to anyone. The people who carry out these disruptive acts are opportunists. We should all aim is to make their job harder – by making sure we have strong passwords in place, and by backing up all files.
Most malware looks like it has come from a trusted source. A simply click on a link is enough to cause widespread disruption. Being prepared with as many security measures in place, as well as being vigilant and alerting colleagues to any unusual e-mails etc, is the way forward.
There are many examples of individuals and organisations that have chosen to part with their cash – but there is no guarantee that by paying the ransom you will get your files/data back.
You are most welcome to give one of our consultants a call – to check that all has been done to keep a cyber attack at bay. Be prepared and be safe.
ADECS-Maple – 024 7699 5930