CISOs should heed Donot Team’s attacks on India and its neighbours

Read Time:41 Second

Donot Team, a threat actor operating since at least 2016, has been waging a two-year campaign of cyber espionage attacks against South Asian countries bordering India, researchers at cybersecurity company ESET reported last week. International human rights group Amnesty International has alleged that there are links between the attack infrastructure used by Donot Team and Delhi-based information security company Innefu Labs, something the company has denied.

In its report on cyberattacks against a human rights campaigner in the African country of Togo, Amnesty accused Innefu Labs of playing a role in the development of spyware tools linked to Donot Team, although it said there was no technical evidence to suggest Donot Team was directly responsible for or aware of attacks against the campaigner in Togo.

To read this article in full, please click here

Read More

CISOs should heed Donot Team’s attacks on India and its neighbours

Read Time:41 Second

Donot Team, a threat actor operating since at least 2016, has been waging a two-year campaign of cyber espionage attacks against South Asian countries bordering India, researchers at cybersecurity company ESET reported last week. International human rights group Amnesty International has alleged that there are links between the attack infrastructure used by Donot Team and Delhi-based information security company Innefu Labs, something the company has denied.

In its report on cyberattacks against a human rights campaigner in the African country of Togo, Amnesty accused Innefu Labs of playing a role in the development of spyware tools linked to Donot Team, although it said there was no technical evidence to suggest Donot Team was directly responsible for or aware of attacks against the campaigner in Togo.

To read this article in full, please click here

Read More

Can Apple Macs get Viruses?

Read Time:6 Minute, 6 Second

It’s a long-standing question. Can Apple Macs get viruses?

While Apple does go to great lengths to keep all its devices safe, this doesn’t mean your Mac is immune to all computer viruses. So what does Apple provide in terms of antivirus protection? Let’s take a look along with some signs that your Mac may be hacked and how you can protect yourself from further threats beyond viruses, like identity theft.

Signs that your Mac may be hacked

Whether hackers physically sneak it onto your device or by tricking you into installing it via a phony app, a sketchy website, or a phishing attack, viruses and malware can create problems for you in a few ways:

Keylogging: In the hands of a hacker, keylogging works like a stalker by snooping information as you type.
Trojans: Trojans are type of malware that can be disguised in your computer to extract important data, such as credit card account details or personal information.
Cryptominers: Similar to trojans, this software hides on a device. From there, it harnesses the device’s computing power to “mine” cryptocurrencies. While cryptomining is not illegal, “cryptojacking” a device without the owner’s consent is most certainly illegal.

Some possible signs of hacking software on your Mac include:

Performance issues

Is your device operating more slowly, are web pages and apps harder to load, or does your battery never seem to keep a charge? These are all signs that you could have malware running in the background, zapping your device’s resources.

Your computer feels like it’s running hot

Like the performance issues above, malware or mining apps running in the background can burn extra computing power (and data). Aside from sapping performance, malware and mining apps can cause your computer to run hot or even overheat.

Mystery apps or data

If you find apps you haven’t downloaded, along with messages and emails that you didn’t send, that’s a red flag. A hacker may have hijacked your computer to send messages or to spread malware to your contacts. Similarly, if you see spikes in your data usage, that could be a sign of a hack as well.

Pop-ups or changes to your screen

Malware can also be behind spammy pop-ups, changes to your home screen, or bookmarks to suspicious websites. In fact, if you see any configuration changes you didn’t personally make, this is another big clue that your computer may have been hacked.

What kind of antivirus do Macs have?

Macs contain several built-in features that help protect them from viruses:

XProtect and Automatic Quarantine: XProtect is Apple’s proprietary antivirus software that’s been included on all Macs since 2009. Functionally, it works the same as any other antivirus, where it scans files and apps for malware by referencing a database of known threats that Apple maintains and updates regularly. From there, suspicious files are quarantined by limiting their access to the Mac’s operating system and other key functions. However, .
Malware Removal Tool: To further keep Apple users protected, the Malware Removal Tool (MRT) scans Macs to spot and catch any malware that may have slipped past XProtect. Similar to XProtect, it relies on a set of constantly updated definitions that help identify potential malware. According to Apple, MRT removes malware upon receiving updated information, and it continues to check for infections on restart and login.
Notarization, Gatekeeper, and the App Review Process: Another way Apple keeps its users safe across MacOS and iOS devices is its Notarization Apps built to run on Apple devices go through an initial review before they can be distributed and sold outside of Apple’s App Store. When this review turns up no instances of malware, Apple issues a Notarization ticket. That ticket is recognized in another part of the MacOS, Gatekeeper, which verifies the ticket and allows the app to launch. Additionally, if a previously approved app is later to found to be malicious, Apple can revoke its Notarization and prevent it from running.

Similarly, all apps that wish to be sold on the Apple App Store must go through Apple’s App Review. While not strictly a review for malware, security matters are considered in the process. Per Apple, “We review all apps and app updates submitted to the App Store in an effort to determine whether they are reliable, perform as expected, respect user privacy, and are free of objectionable content.”

Further features: In addition to the above, Apple includes technologies that prevent malware from doing more harm, such as preventing damage to critical system files.

Do I need to purchase antivirus for my Mac?

There are a couple reasons why Mac users may want to consider additional protection in addition to the antivirus protection that Mac provides out of the box:

Apple’s antivirus may not recognize the latest threats. A component of strong antivirus protection is a current and comprehensive database of virus definitions. As noted above, , leaving Mac owners who solely rely on XProtect and other features susceptible to attack.
Apple’s built-in security measures for Macs largely focus on viruses and malware alone. While protecting yourself from viruses and malware is of utmost importance (and always will be), the reality is that antivirus is not enough. Enjoying the life online today means knowing your privacy and identity are protected as well.

In all, Macs are like any other connected device. They’re susceptible to threats and vulnerabilities as well. Looking more broadly, there’s the wider world of threats on the internet, such as phishing attacks, malicious links and downloads, prying eyes on public Wi-Fi, data breaches, identity theft, and so on. It’s for this reason Mac users may think about bolstering their defenses further with online protection software.

 Further protecting your Mac from viruses and attacks

Staying safer online follows a simple recipe:

Being aware of the threats that are out there.
Understanding where your gaps in protection are.
Taking steps to protecting yourself from those threats and closing any gaps as they arise.

Reading between the lines, that recipe can take a bit of work. However, comprehensive online protection can take care of it for you. In particular, McAfee Total Protection includes an exclusive Protection Score, which checks to see how safe you are online, identifies gaps, and then offers personalized guidance, and helping you know exactly how safe you are.

An important part of this score is privacy and security, which is backed by a VPN that turns on automatically when you’re on an unsecure network and personal information monitoring to help protect you from identity theft—good examples that illustrate how staying safe online requires more than just antivirus.

Consider your security options for your Mac

So, Macs can get viruses and are subject to threats just like any other computer. While Macs have strong protections built into them, they may not offer the full breadth of protection you want, particularly in terms of online identity theft and the ability to protect you from the latest malware threats. Consider the threats you want to keep clear of and then take a look at your options that’ll help keep you safe.

The post Can Apple Macs get Viruses? appeared first on McAfee Blog.

Read More

Can Apple Macs get Viruses?

Read Time:6 Minute, 6 Second

It’s a long-standing question. Can Apple Macs get viruses?

While Apple does go to great lengths to keep all its devices safe, this doesn’t mean your Mac is immune to all computer viruses. So what does Apple provide in terms of antivirus protection? Let’s take a look along with some signs that your Mac may be hacked and how you can protect yourself from further threats beyond viruses, like identity theft.

Signs that your Mac may be hacked

Whether hackers physically sneak it onto your device or by tricking you into installing it via a phony app, a sketchy website, or a phishing attack, viruses and malware can create problems for you in a few ways:

Keylogging: In the hands of a hacker, keylogging works like a stalker by snooping information as you type.
Trojans: Trojans are type of malware that can be disguised in your computer to extract important data, such as credit card account details or personal information.
Cryptominers: Similar to trojans, this software hides on a device. From there, it harnesses the device’s computing power to “mine” cryptocurrencies. While cryptomining is not illegal, “cryptojacking” a device without the owner’s consent is most certainly illegal.

Some possible signs of hacking software on your Mac include:

Performance issues

Is your device operating more slowly, are web pages and apps harder to load, or does your battery never seem to keep a charge? These are all signs that you could have malware running in the background, zapping your device’s resources.

Your computer feels like it’s running hot

Like the performance issues above, malware or mining apps running in the background can burn extra computing power (and data). Aside from sapping performance, malware and mining apps can cause your computer to run hot or even overheat.

Mystery apps or data

If you find apps you haven’t downloaded, along with messages and emails that you didn’t send, that’s a red flag. A hacker may have hijacked your computer to send messages or to spread malware to your contacts. Similarly, if you see spikes in your data usage, that could be a sign of a hack as well.

Pop-ups or changes to your screen

Malware can also be behind spammy pop-ups, changes to your home screen, or bookmarks to suspicious websites. In fact, if you see any configuration changes you didn’t personally make, this is another big clue that your computer may have been hacked.

What kind of antivirus do Macs have?

Macs contain several built-in features that help protect them from viruses:

XProtect and Automatic Quarantine: XProtect is Apple’s proprietary antivirus software that’s been included on all Macs since 2009. Functionally, it works the same as any other antivirus, where it scans files and apps for malware by referencing a database of known threats that Apple maintains and updates regularly. From there, suspicious files are quarantined by limiting their access to the Mac’s operating system and other key functions. However, .
Malware Removal Tool: To further keep Apple users protected, the Malware Removal Tool (MRT) scans Macs to spot and catch any malware that may have slipped past XProtect. Similar to XProtect, it relies on a set of constantly updated definitions that help identify potential malware. According to Apple, MRT removes malware upon receiving updated information, and it continues to check for infections on restart and login.
Notarization, Gatekeeper, and the App Review Process: Another way Apple keeps its users safe across MacOS and iOS devices is its Notarization Apps built to run on Apple devices go through an initial review before they can be distributed and sold outside of Apple’s App Store. When this review turns up no instances of malware, Apple issues a Notarization ticket. That ticket is recognized in another part of the MacOS, Gatekeeper, which verifies the ticket and allows the app to launch. Additionally, if a previously approved app is later to found to be malicious, Apple can revoke its Notarization and prevent it from running.

Similarly, all apps that wish to be sold on the Apple App Store must go through Apple’s App Review. While not strictly a review for malware, security matters are considered in the process. Per Apple, “We review all apps and app updates submitted to the App Store in an effort to determine whether they are reliable, perform as expected, respect user privacy, and are free of objectionable content.”

Further features: In addition to the above, Apple includes technologies that prevent malware from doing more harm, such as preventing damage to critical system files.

Do I need to purchase antivirus for my Mac?

There are a couple reasons why Mac users may want to consider additional protection in addition to the antivirus protection that Mac provides out of the box:

Apple’s antivirus may not recognize the latest threats. A component of strong antivirus protection is a current and comprehensive database of virus definitions. As noted above, , leaving Mac owners who solely rely on XProtect and other features susceptible to attack.
Apple’s built-in security measures for Macs largely focus on viruses and malware alone. While protecting yourself from viruses and malware is of utmost importance (and always will be), the reality is that antivirus is not enough. Enjoying the life online today means knowing your privacy and identity are protected as well.

In all, Macs are like any other connected device. They’re susceptible to threats and vulnerabilities as well. Looking more broadly, there’s the wider world of threats on the internet, such as phishing attacks, malicious links and downloads, prying eyes on public Wi-Fi, data breaches, identity theft, and so on. It’s for this reason Mac users may think about bolstering their defenses further with online protection software.

 Further protecting your Mac from viruses and attacks

Staying safer online follows a simple recipe:

Being aware of the threats that are out there.
Understanding where your gaps in protection are.
Taking steps to protecting yourself from those threats and closing any gaps as they arise.

Reading between the lines, that recipe can take a bit of work. However, comprehensive online protection can take care of it for you. In particular, McAfee Total Protection includes an exclusive Protection Score, which checks to see how safe you are online, identifies gaps, and then offers personalized guidance, and helping you know exactly how safe you are.

An important part of this score is privacy and security, which is backed by a VPN that turns on automatically when you’re on an unsecure network and personal information monitoring to help protect you from identity theft—good examples that illustrate how staying safe online requires more than just antivirus.

Consider your security options for your Mac

So, Macs can get viruses and are subject to threats just like any other computer. While Macs have strong protections built into them, they may not offer the full breadth of protection you want, particularly in terms of online identity theft and the ability to protect you from the latest malware threats. Consider the threats you want to keep clear of and then take a look at your options that’ll help keep you safe.

The post Can Apple Macs get Viruses? appeared first on McAfee Blog.

Read More

Education sector hounded by cyberattacks in 2021

Read Time:39 Second

Education and research were the top targets for cyberattackers in 2021, with an average of 1605 attacks per organization per week, a 75% increase from 2020, according to research by Check Point Software Technologies.

Pandemic’s push for digital invites threats 

The COVID-19 pandemic has pushed staff in businesses and education to work from home. The resulting need for digital skills and online courses has boosted the digital education market, creating opportunities for study but also for cyberthreats.

A major shift to distance learning and the fact that online education organizations have a huge number of non-employees accessing their systems from remote locations widens the exposure, elevating risks, according to Omer Dembinsky, data research manager at Check Point.

To read this article in full, please click here

Read More

Education sector hounded by cyberattacks in 2021

Read Time:39 Second

Education and research were the top targets for cyberattackers in 2021, with an average of 1605 attacks per organization per week, a 75% increase from 2020, according to research by Check Point Software Technologies.

Pandemic’s push for digital invites threats 

The COVID-19 pandemic has pushed staff in businesses and education to work from home. The resulting need for digital skills and online courses has boosted the digital education market, creating opportunities for study but also for cyberthreats.

A major shift to distance learning and the fact that online education organizations have a huge number of non-employees accessing their systems from remote locations widens the exposure, elevating risks, according to Omer Dembinsky, data research manager at Check Point.

To read this article in full, please click here

Read More

Linux-Targeted Malware Increased by 35%

Read Time:48 Second

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021:

Malware targeting Linux systems increased by 35% in 2021 compared to 2020.

XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021.

Ten times more Mozi malware samples were observed in 2021 compared to 2020.

Lots of details in the report.

News article:

The Crowdstrike findings aren’t surprising as they confirm an ongoing trend that emerged in previous years.

For example, an Intezer report analyzing 2020 stats found that Linux malware families increased by 40% in 2020 compared to the previous year.

In the first six months of 2020, a steep rise of 500% in Golang malware was recorded, showing that malware authors were looking for ways to make their code run on multiple platforms.

This programming, and by extension, targeting trend, has already been confirmed in early 2022 cases and is likely to continue unabated.

Slashdot thread.

Read More

Linux-Targeted Malware Increased by 35%

Read Time:48 Second

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021:

Malware targeting Linux systems increased by 35% in 2021 compared to 2020.

XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021.

Ten times more Mozi malware samples were observed in 2021 compared to 2020.

Lots of details in the report.

News article:

The Crowdstrike findings aren’t surprising as they confirm an ongoing trend that emerged in previous years.

For example, an Intezer report analyzing 2020 stats found that Linux malware families increased by 40% in 2020 compared to the previous year.

In the first six months of 2020, a steep rise of 500% in Golang malware was recorded, showing that malware authors were looking for ways to make their code run on multiple platforms.

This programming, and by extension, targeting trend, has already been confirmed in early 2022 cases and is likely to continue unabated.

Slashdot thread.

Read More

High anxiety spreads among Russian criminal groups in wake of REvil raid

Read Time:27 Second

The crackdown on members of the REvil ransomware gang by agents of the Kremlin’s domestic security force January 14 is sending a wave of distress and dread through the Russian hacker underground, according to researchers at Trustwave’s SpiderLabs.

“What our researchers found was a great deal of anxiety and consternation from those who participate in these Dark Web forums regarding the FSB arrests and how those actions will impact them in the future,” Trustwave noted Friday in a company blog post.

To read this article in full, please click here

Read More

High anxiety spreads among Russian criminal groups in wake of REvil raid

Read Time:27 Second

The crackdown on members of the REvil ransomware gang by agents of the Kremlin’s domestic security force January 14 is sending a wave of distress and dread through the Russian hacker underground, according to researchers at Trustwave’s SpiderLabs.

“What our researchers found was a great deal of anxiety and consternation from those who participate in these Dark Web forums regarding the FSB arrests and how those actions will impact them in the future,” Trustwave noted Friday in a company blog post.

To read this article in full, please click here

Read More