You wouldn’t go into battle without armour – don’t use your tech without precautions either. The latest on computer viruses, online scams, and data security.
Rombertik goes beyond the typical indignation provoked by malware. It has been described as the suicide bomber of computer viruses and once a machine is infected, it’s basically game over.
Discovered and publicised by Cisco’s security researchers, experts have issued a major alert over the malware, which can cripple a computer if detected by any Anti-Virus software.
How does Rombertik work?
Rombertik can infect Firefox, Chrome and Internet Explorer – once in place it collects sensitive data (like passwords and bank details) before it’s encrypted – then it shares it with a third-party.
Rombertik doesn’t target sensitive websites in particular but instead tries to steal credentials for as many websites as possible.
Why does the Rombertik Virus go nuclear?
The main danger with Rombertik over similar malware is its kamikaze attitude. Before it starts any malicious behaviour, it’ll take one last check to make sure it’s not being scanned.
If something is scanning it, it will attempt to destroy the Master Boot Record (MBR) – and restart the computer – rendering it unusable as it will continuously try to boot.
If the deadly virus can’t destroy the MBR, it will instead encrypt all files on the host’s machine – similar to CryptoWall and other Ransomware.
Cisco have warned this would make the machine unusable. “Rombertik will trash the user’s computer if it detects it’s being analysed,” a researcher said.
How do you prevent Rombertik infections?
First thing’s first, it’s so important to keep your machine healthy. Rombertik usually finds its way onto a machine through phishing messages that have been opened.
You can see our guide to avoiding illegitimate messages here.
The following precautions are encouraged by Sophos:
- Only logon with Administrator privileges when you need to – Rombertik can’t write to the MBR without these.
- Take regular backups, and keep at least one backup off-site – if infected by Rombertik or any other ransomware, your files could be encrypted.
We offer download and email checks to our customers, as well as Email and Virus scanning. If you don’t want your business to suffer through the Rombertik virus, speak to us today or call us on 0208 232 1190.
Update 16/10/2015: You can now Pre-order through Carphone Warehouse. It will be released in the UK on November 9th. It’s not at the budget end of the spectrum, though, with a price tag of £559.99 without a contract.
Back in August, we reported that BlackBerry were developing an Android handset, The BlackBerry Venice. There’d been whispers for a while of a BlackBerry device running android, but the silence from BlackBerry left us all wondering whether it would ever happen.
But suddenly the rumour mill sparked into life again. In early September, it was announced that BlackBerry had purchased Good Technology for roughly £280m. Good are experts in cross-platform enterprise mobility management. Now if you put that into a bit of context – BlackBerry CEO John Chen said that “If I can find a way to secure the Android phone, I will also build that” – it was almost a confirmation that something was being worked on behind the scenes.
BlackBerry Priv Announced
As part of a report on their Q2 results, BlackBerry confirmed they will release a new device running the Android operating system. The handset will be named the ‘Priv’ – and BlackBerry’s CEO has stated the phone will support Android for Work on BES12. It’s expected the new device will arrive in late 2015, with an official announcement shortly.
BlackBerry Priv Features
With BlackBerry’s brand particularly popular amongst security conscious users, it’s likely a big effort will be made to ensure that this isn’t compromised by the shift to Android, so you can expect plenty of features beyond the realms of stock android functionality.
This is no stock Android handset… pic.twitter.com/3RgBQHsCng
— Evan Blass (@evleaks) August 21, 2015
As we reported, rumors indicate the most notable BlackBerry Priv features are that it’ll have a Galaxy-esque Edge-like screen with a slide out keyboard and an impressive 18 megapixel camera.
For BlackBerry, there’s now a question mark over whether they can attract Android users with their additional security features, or whether even more users fade away into the already saturated android market.
For existing BlackBerry users, it’s worth noting perhaps that they will continue to support and develop their own operating system, with version 10.3.3 scheduled to be available in March 2016.
Our customers will have first-hand availability of the BlackBerry Priv. For more information you can contact us or call on 0208 232 1190. Feel free to see further details on our website for more info on our Business Mobile Solutions and IT Services.
The Blackphone is a phone designed to include the functionality of modern smartphone but to incorporate protection against modern privacy concerns.
It runs off its own OS: PrivatOS. This is an Android-based operating system that was adapted by a company called Silent Circle. This OS contains no bloatware (such as system functions that use up disk space or RAM, like you often find on Android and iPhone devices).
Business or Personal Use?
This proprietary operating system comes with a function called ‘spaces’ which allows your device to contain several virtual devices – meaning that you don’t need to compromise sensitive data or allow everyday use to get in the way of your business. The OS comes with a pre-setup Space called ‘Silent Space’ which includes a set of apps developed by Silent circle, along with its own proprietary app store. There’s no limit on the amount of separate partitions that a user can add, though. For example, you may want to have a work space in which frequently used business apps that your IT department can control, allowing them the ability to select which apps and actions can and cannot interact with the business. This is particularly useful for security conscience organisations. You can then add personal or child-friendly spaces that work entirely independently to your work space and therefore will not get in the way.
Apps and 3rd Party Downloads
The App store, called the ‘Silent Store’ tries to put user privacy to the forefront by listing in plain English the different permissions each app will require in order to be installed, unlike Apple’s app store and the Google Play store.
- Blackphone Security Centre is a list of settings so you can control app permissions all in one place.
- Remote Wipe allows you to remove any data on your phone remotely, in case you lose the phone or it is stolen.
- Silent Phone makes private calls and video conferences more secure with an encrypted VoIP service that works internationally over 3G, 4G or WiFi.
- Conference Calling allows you to make conference calls with up to 6 people, all encrypted.
- Silent Text encrypts all text messages. You can also put on a Burn functionality, which destroys selected messages.
What next for the Blackphone?
A year after its release, Blackphone announced the release of the Blackphone 2 aswell as the Blackphone+ tablet. They didn’t give a specific date, however the Blackphone 2 is scheduled to arrive this September, with the Blackphone+ following and releasing before the year comes to a close.
The Spec of the Blackphone 2:
- 5.5 inch screen: same as the iPhone 6.
- Display: 1080p retina display protected by gorilla glass.
- Memory: 3GB Ram.
- Internal Storage: 32GB.
- Camera: 13MP and 5MP.
- 3060mAh battery – much larger than the iPhone 6.
Before the Blackphone was released, most security conscious organisations preferred to operate using BlackBerry handsets. However, the co-founder of Silent Circle, Mike Janke, said at the phones launch: “We’re replacing BlackBerry, we don’t care that BlackBerry’s CEO is throwing nasty things about us onto Twitter. We’re going to dominate them.”.
Last Update: 9th December 2015 – Kaspersky is Windows 10 Compatibile!
Office-based businesses using Kaspersky will be wanting to know when they can upgrade to Windows 10, and with limited information available online, we’d like to offer some clarity on the situation.
As per a statement from Kaspersky, they have been ‘cooperating closely with Microsoft’ to ensure customers are able to use their products, whatever operating system they are using.
All links to software downloads have been listed in their respective updates below.
Final Update – 09/12/2015: Kaspersky have announced the Commercial Release of Kaspersky Endpoint Security 10 SP1 MR2 for Windows (10.2.4.674)
The release notes include confirmation that support of Windows 10 has indeed been added.
All the new features and FAQs are listed in more detail on the Kaspersky website.
If you require protection and would like us to manage the process for you, please contact us.
Kaspesky Windows 10 Compatibility Details
Online Support has been informed that the solutions listed below will only support Windows 10 by the specified times:
• Kaspersky Security Center 10 will be compatible with Windows 10 in December 2015.
• Kaspersky Small Office Security 4 is compatible with Windows 10, but functionality is restricted. The product will be fully compatible by December 2015.
• Kaspersky Endpoint Security 10 for Windows is going to be fully compatible with Windows 10 in December 2015
UPDATE 02/12/2015: It’s live! Beta testing is now closed and the below download links are inactive.
Here’s how to get Kaspersky for Windows 10:
Firstly Back up Security Centre and ensure you’re updated to version 10.2.434 (see what version you’re using by going to Help > About Kaspersky Security Centre).
You then need to install Patch D for Security Center otherwise you will not be able to manage the Windows 10 Clients.
You will then need to have KES 10 for Windows SP1 MR2 – however it is not yet publicly released. We do have access to this, however.
If you are a business customer looking to use Kaspersky for Windows 10, please get in contact with us and we can manage this process for you.
UPDATE 09/11/2015: Kaspersky has now released a second beta for Kaspersky Endpoint Security. This is available here. As with the last beta, we are testing this internally for Windows 10 Compatibility, so contact us if you have any queries.
UPDATE 08/09/2015: Kaspersky has released a beta version for Kaspersky Endpoint Security compatible with Windows 10. There are details and links listed in the Kaspersky forum. We are currently testing this internally for Windows 10 Compatibility, so for any queries you can contact us.
If the beta goes as planned, it is expected that the commercial release will be available before December for both Kaspersky Endpoint Security and Security Center Windows 10 compatibility.
Kaspersky Windows 10 Compatibility
Meanwhile, we know that Kaspersky Security for Virtualization is expected to include Windows 10 on its list of supported platforms in its next release of Light Agent, which is scheduled for Q1 of 2016.
If your business wants to upgrade to Windows 10 but wants to remain secure, please contact us or call on 0208 232 1190. Likewise if your business is security conscious but does not currently have a robust IT infrastructure in place, you can contact us or call using the above number.
If you want to remain up to date with the latest in tech security, read our Cyber Security Blog.
Microsoft released Windows 10 last Wednesday, July 29th, and users on Windows 7 or 8 can upgrade to the new operating system. The new version of Windows is supposed to be sleeker and better than the previous version, with a more polished design and the glossier, quicker Edge browser to replace Internet Explorer (check out our blog on the best internet browsers here).
What is the Windows 10 Upgrade Virus?
The problem is that those waiting to install their upgrade can be easily caught out by an official-looking email with an attachment containing what they are told is the free upgrade. The email address is spoofed to show a domain name of microsoft.com, to trick people into reading on. As soon as you download the attachment (which comes in a Zip file), extract it and run the .exe file inside, your PC will be infected with ransomware known as CTB-Locker. Like CryptoWall and CryptoLocker, this is a malicious virus which will encrypt any files on your PC and any connected servers.
It will then instruct to you to pay money (often via BitCoin) for a decryption key in order to recover your files. We don’t recommend you pay the culprits – there is no guarantee that you will get your files back and if you are made to pay in BitCoins, not only will you not get your money back, but the payment is not traceable so those responsible will remain anonymous.
What can you do to prevent the Windows 10 Upgrade Virus?
Ransomware will likely to continue cropping up until scammers can find a new way to trick people out of their money. That is why we recommend you follow our guide of what to look out for in our article about CryptoWall and that you are regularly backing your data up, off site. If you require email scanning or backup services for your business you can contact us or call us on 0208 232 1190.
Ransomware affects businesses daily – to make sure you’re safe from this and other viruses damaging your IT infrastructure, read our Cyber Security blog.
Online Support specialise in protecting our users from any viruses or threats that may put your data at risk. To find out more about what we have to offer visit our Online Backup page or give us a call on 0208 232 1190.
A new virus threat that you need to warn your staff about – “Cryptowall”
Like other viruses, it’s spread by email and is mutating everyday so there is no guarantee that your anti-virus software will detect it. There’s actually no way of telling that it’s a virus from the email itself, so you shouldn’t open any attachments unless you can confirm with the sender that it is valid. So what is the Cryptowall virus?
In particular you should look out for:
- Any emails with attachments which looks like an invoice, complaint or purchase order or from an address you don’t recognise. Always verify with the sender that this is a genuine email before you decide to open the attachment.
- Any emails with .ZIP attachments. This is how the Cryptowall attachments are usually displayed. Check it with the sender to verify it.
- Any emails with .exe attachments. These will almost definitely be a virus – never open. Usually they will hide a .exe file within a zip file. You can check the file extension to make sure.
- Personal email accounts – If using web-based email accounts like gmail, hotmail, Yahoo!, etc. – any email needs to be checked meticulously as these will not have the same level of protection as company email accounts. If you need to check your personal emails, we would recommend using your mobile phone.
So what is the Cryptowall virus?
Similar to ‘Cryptolocker’, it’s an very malicious type of virus called Ransomware that will encrypt all of the data on your servers which means you won’t be able to access it. We know how to fix the issue, but there is no easy solution. For a more detailed look, read this.
These would be our guidlines but if you have any other queries or would be interested in taking a look at any of our services, you can contact us or call us on 0208 232 1190.
Our Office Address
Online Support Computing Limited
67A Boston Manor Rd
0208 232 1192
Online Support Computing Limited (London)
78 York Street
0208 232 1190