Security News

OSX.Proton spreading through fake Symantec blog [..] The fake post promotes a program called “Symantec Malware Detector,” supposedly to detect and remove the malware. No such program actually exists.

https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2017/11/osx-proton-spreading-through-fake-symantec-blog/

Please don’t buy this: identity theft protection services
https://blog.malwarebytes.com/cybercrime/2017/11/please-dont-buy-this-identity-theft-protection-services/
 

Trust Your Security Vendor, 'They Have Access to Everything You Do,' Says F-Secure Research Chief

http://www.securityweek.com/trust-your-security-vendor-they-have-access-everything-you-do-says-f-secure-research-chief 

Google Chrome vows to carpet bomb meddling Windows antivirus tools.
Browser will block third-party software from mucking around with pages next year.
By mid-2018 Google Chrome will no longer allow outside applications – cough, cough, antivirus packages – to run code within the browser on Windows.

http://www.theregister.co.uk/2017/11/30/google_chrome_antivirus_shutout/ 

Rather than accept injected code, Chrome will require applications to use either Native Messaging API calls or Chrome extensions to add functionality to the browser. Google believes both methods can be used to retain features without having to risk browser crashes. [..]
Google is advising developers to get out ahead of the changes by shifting to extensions or Native Messaging and testing their software for compatibility with Chrome Beta browser builds.

we'll see?

Is Classic Shell dead? Developer quits
https://www.ghacks.net/2017/12/04/classic-shell-developer-stops-development/

Alarming Cybersecurity Statistics
https://www.appguard.us/blog/cybersecurity-statistics
 

SafeDNS Tackles Wi-Fi Router Security
https://www.esecurityplanet.com/network-security/safedns-tackles-wi-fi-router-security.html

Ransom email scam from ‘hitman’ demands: pay up or die
https://nakedsecurity.sophos.com/2017/12/12/ransom-email-scam-from-hitman-demands-pay-up-or-die/

Kaspersky Sues U.S. Government Over Product Ban
http://www.securityweek.com/kaspersky-sues-us-government-over-product-ban

Kaspersky’s business with the U.S. government wildly pales in comparison to competitors like FireEye and Symantec. According to USASpending.gov, FireEye earned approximately $51 million in prime contracts in FY2016 and FY2017. Symantec earned approximately $117 million in prime contracts over the same time frame.

https://www.cyberscoop.com/kaspersky-us-government-contracts-dhs-bod-lawsuit/

There’s no need to panic over the lavishly publicized Meltdown and Spectre security holes. Behind the bellicose roars of certain doom, a handful of important facts stand out.  Jan 4, 2018

https://www.computerworld.com/article/3245788/microsoft-windows/windows-meltdown-and-spectre-keep-calm-and-carry-on.html 

How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws.  Jan 4, 2018

https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/ 

Krusty13: “Customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities unless their antivirus software vendor sets the following registry key”

How to Check if Your PC Is Protected Against Meltdown and Spectre
https://www.howtogeek.com/338801/how-to-check-if-your-pc-is-protected-against-meltdown-and-spectre/

Everything You Need to Know About Meltdown and Spectre Vulnerabilities
https://www.askvg.com/guide-everything-you-need-to-know-about-meltdown-and-spectre-vulnerabilities/

50+ Internet Security Blogs Jan 9, 2018
https://heimdalsecurity.com/blog/best-internet-security-blogs/
 

Fake Spectre and Meltdown patch pushes Smoke Loader malware.
[..] Moreover, the same fraudulent domain has a link to a ZIP archive (Intel-AMD-SecurityPatch-11-01bsi.zip) containing the so-called patch (Intel-AMD-SecurityPatch-10-1-v1.exe), which really is a piece of malware.
Upon running it, users will infect themselves with Smoke Loader, a piece of malware that can retrieve additional payloads. Post-infection traffic shows the malicious file attempting to connect to various domains and sending encrypted information: [..]

https://blog.malwarebytes.com/cybercrime/2018/01/fake-spectre-and-meltdown-patch-pushes-smoke-loader/ 

BIOS Updates for the Meltdown and Spectre Patches - January 15, 2018
https://www.bleepingcomputer.com/news/software/list-of-links-bios-updates-for-the-meltdown-and-spectre-patches/

Gibson releases InSpectre vulnerability and performance checker - Jan 16, 2018
https://www.ghacks.net/2018/01/16/gibson-releases-inspectre-vulnerability-and-performance-checker/

This is the Initial Release of InSpectre We did not wish to delay this application's release while building additional confidence in its conclusions and output. It has been carefully tested under as many different scenarios as possible. But new is new, and it is new. We may well have missed something. So please use and enjoy InSpectre now. But you may wish to check back in a few days to see whether we may have found and fixed some last bits of debris. Jan 15, 2018

https://www.grc.com/inspectre.htm

Intel says you should NOT install its Meltdown firmware fixes.
The warning, which encompasses just about every Intel processor out there, from all PC manufacturers, takes effect immediately.

https://www.computerworld.com/article/3250250/malware-vulnerabilities/belay-that-order-intel-says-you-should-not-install-its-meltdown-firmware-fixes.html 

Back up. Back up first. Back up often. Sooner or later, you’ll be very, very glad you did.

https://askleo.com/backing-first-recommendation-everything/