Spying on users of Google’s Chrome shows new security weakness

A newly discovered spyware effort attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, researchers at Awake Security told Reuters, highlighting the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions.

Alphabet Inc’s Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers last month.

“When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesman Scott Westover told Reuters.

Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools.

Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date, according to Awake co-founder and chief scientist Gary Golomb.

Google declined to discuss how the latest spyware compared with prior campaigns, the breadth of the damage, or why it did not detect and remove the bad extensions on its own despite past promises to supervise offerings more closely.

It is unclear who was behind the effort to distribute the malware. Awake said the developers supplied fake contact information when they submitted the extensions to Google.

“Anything that gets you into somebody’s browser or email or other sensitive areas would be a target for national espionage as well as organized crime,” said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security.

The extensions were designed to avoid detection by antivirus companies or security software that evaluates the reputations of web domains, Golomb said.

If someone used the browser to surf the web on a home computer, it would connect to a series of websites and transmit information, the researchers found. Anyone using a corporate network, which would include security services, would not transmit the sensitive information or even reach the malicious versions of the websites.

“This shows how attackers can use extremely simple methods to hide, in this case, thousands of malicious domains,” Golomb said.

After this story’s publication, Awake released its research, including the list of domains and extensions.

All of the domains in question, more than 15,000 linked to each other in total, were purchased from a small registrar in Israel, Galcomm, known formally as CommuniGal Communication.

Awake said Galcomm should have known what was happening.

In an email exchange, Galcomm owner Moshe Fogel told Reuters that his company had done nothing wrong.

“Galcomm is not involved, and not in complicity with any malicious activity whatsoever,” Fogel wrote. “You can say exactly the opposite, we cooperate with law enforcement and security bodies to prevent as much as we can.”

Fogel said there was no record of the inquiries Golomb said he made in April and again in May to the company’s email address for reporting abusive behavior, and he asked for a list of suspect domains.

After publication, Fogel said the majority of those domain names were inactive and that he would continue to investigate the others.

The Internet Corp for Assigned Names and Numbers, which oversees registrars, said it had received few complaints about Galcomm over the years, and none about malware.

While deceptive extensions have been a problem for years, they are getting worse. They initially spewed unwanted advertisements, and now are more likely to install additional malicious programs or track where users are and what they are doing for government or commercial spies.

Malicious developers have been using Google’s Chrome Store as a conduit for a long time. After one in 10 submissions was deemed malicious, Google said in 2018 it would improve security, in part by increasing human review.

But in February, independent researcher Jamila Kaya and Cisco Systems’ Duo Security uncovered a similar Chrome campaign that stole data from about 1.7 million users. Google joined the investigation and found 500 fraudulent extensions.

“We do regular sweeps to find extensions using similar techniques, code and behaviors,” Google’s Westover said, in identical language to what Google gave out after Duo’s report.

Article courtesy: www.itnews.com.au

Cyber security is essential when preparing for COVID-19

What’s happened?

Organizations around the nation are seeking approaches to protect their staff and vulnerable individuals of the community from the COVID-19 pandemic.

Training their staff to work remotely may be one way of minimizing the spread of the virus. However, remote work arrangements can have security implications and cybercriminals may attempt to exploit this opportunity. The cyber risks of working from home could include malware infection, unauthorized access, data security, and insecure devices used by staff.

It’s substantial that organizations and their staff guarantee that remote access to business network is secure so they are not exposed and business information is not compromised.

How do I stay safe?

Ensuring good cyber security measures now is the best way to address the cyber threat. You can reach us at 1300 660 368 and one of our team members can guide you the way in order to work from home securely.

Still using Windows 7? It will be a risk!

All good things must come to an end, even Windows 7. After January 14, 2020, Microsoft will no longer provide security updates or support for PCs running Windows 7. But you can keep the good times rolling by moving to Windows 10.

Between now and then, the operating system (OS) is in an in-between phase known as “extended support.” During this phase, Microsoft is offering paid support, though not the complimentary support that comes with the license; and will continue to provide security updates, but not design and feature updates.

Every Product has a Life Cycle

Every Windows product has a life cycle.  Like many Microsoft products, Windows 7 came with a predetermined support timeline. It’s good to know a product’s support life cycle so that you know when to upgrade.
However, there’s absolutely nothing stopping you from using Windows 7 even after its End of Life. But you should know that using an outdated operating system makes your computer vulnerable to cyber-attacks.

Vulnerable to Viruses & Threats

“End of life” is the date after which an application is no longer supported by the company that makes it. Imagine using a product that a company doesn’t want to take responsibility for anymore. You’ll be using the product at your own risk. This means that Microsoft will not take responsibility for loss of data due to security breaches on Windows 7. New computer viruses and other malware are developed all the time and, without the security updates to fight them off, your data and your system are vulnerable.

Upgradation is the Solution

Windows 7 has been one of the most successful operating systems developed by Microsoft. Its resilience has been boosted by many conspiracies and controversies surrounding Windows 8. In fact, millions of organizations skipped the Windows 8 upgrade and stuck with Window 7. Many businesses are still not convinced that Windows 10 is any better than Windows 8. Even though there are numerous valid reasons to stay with Windows 7, it’s time to start preparing for the inevitable upgrade.

Now you know that the Windows 7 OS will not be a safe product to use over the internet in a couple of years. So you have to ask yourself if you’re ready to move into the future with the more modern Windows 10 operating system. Windows 10 gets regular patches and updates to keep it secure. It will install on most devices and machines with no problems or issues, but Microsoft does have a vast array of help and support documents on their website in case you run into trouble.

Contact our Microsoft specialists who can provide more information on upgrading your system to Windows 10 without any hassle. Email us at helpdesk@cspro.com.au or call us at 1300 660 368.

Update Windows platforms to protect yourself from a security threat

Microsoft has released a software update to fix a security flaw in some older versions of Windows. For instance: Windows 7, Windows XP, Windows Server 2008 and 2008 R2. The update addresses a vulnerability that attackers may use to gain unauthorised access or to perform other malicious activity.

Does it affect me?

If you are also using an older version of Windows. For instance: Windows 7, Windows XP, Windows Server 2008 or 2008 R2, you could be affected.

You have Windows 8 or 10. Microsoft advises you are not affected by this vulnerability.

To find out which Windows operating system you’re using, check the Microsoft website.

To find out which also Windows operating system you’re also using, check the Microsoft website.

How do I stay safe?

To protect yourself, you should install the software update to older versions of Windows as soon as possible. Microsoft has issued customer guidance on how to update older Microsoft operating systems.

Why is using current update software important?

Microsoft will also not provide official security updates or fixes to Windows 7 after 14 January 2020. You should consider upgrading to Windows 8 or 10 in the near future.

For more information, please visit: www.staysmartonline.gov.au

Update WhatsApp to protect yourself from a security threat

What’s happened?

WhatsApp users are urged to update their WhatsApp app with the latest software update.

WhatsApp, owned by Facebook, is a popular messaging app for smartphones. It offers a secure messaging service for one-on-one or small group conversations. As a result, it is a target for scammers trying to hack into users’ confidential conversations. It perform other malicious activities.

How to make sure your update WhatsApp app is up-to-date

On an iPhone or iOS device:

Go to the App Store and search for WhatsApp. Tap UPDATE next to WhatsApp Messenger.

On an Android device:

Go to Play Store and search for WhatsApp. Tap under WhatsApp Messenger.

Why are software updates so important?

Software and security updates fix vulnerabilities in your apps, devices and operating systems that cybercriminals may also use to gain unauthorized access or to perform other malicious activity.

Typically attackers exploit vulnerabilities in order to perform other malicious actions, such as stealing or corrupting information, installing malware or stopping the affected system from working correctly.

How do I stay safe?

Whenever possible, choosing to automatically apply security updates when they become available. Automatic updates minimize the risk of delaying or forgetting to apply an update and limit the chance that cybercriminals will also gain access to your devices and sensitive personal and financial data.

For moreover information, please visit: www.staysmartonline.gov.au