PC Pitstop sends out a monthly newsletter to update visitors about PC trends and what’s going on at the site. Each issue contains helpful computer tips. To subscribe, complete this form and you will receive a confirmation email. In the email body please click on the link Confirm Your Subscription to complete the process. You can rest assure we will never share your email address with others, see our privacy policy.

To get the most out of the site we strongly suggest creating an account with us. Be sure to check the box to indicate you want to get the newsletter. Below you’ll find an archive of the newsletters we’ve sent out in the past.

    Cyber Criminals Target University of Maryland Medical Systems

    December 11, 2018 by Kayla Elliott in Newsletter

    Another Medical Facility Targeted By Cyber Criminals

    The University of Maryland Medical Systems (UMMS) suffered a malware attack over the weekend.  According to officials, the cyber criminals executed the attack during the early hours of December 9, 2018.  Within hours of the malware being installed on the network, employees identified the malicious activity and took systems offline.  Fortunately, the quick response meant less than 1% of UMMS devices were infected.  In addition to minimal device impact, operations were able to continue with minimal disturbance as well. The exact attack vector, or how the malware crept into the network, remains unclear.  It is also unknown what type of malicious software infected the systems.  UMMS officials have reported it was not ransomware, and there is no risk of a data breach due to this cyber attack. UMMS, law enforcement, and digital forensics teams are working together to gather as much information as possible.  Hopefully, this will lead to answers for those questions that remain unclear.

    Scammers Exploit 11 Year-Old Firefox Vulnerability

    December 10, 2018 by Kayla Elliott in Newsletter,tips

    Firefox Leaves Security Gap Open for Hackers...

    One of the top used browsers, Firefox, has left a security gap open which hackers and scammers continue to exploit.  These cyber criminals are embedding an iframe into various malicious website's source code, which can be exploited on each browser (Chrome, Edge, or Firefox).  However, it is how the browser reacts to it that is different.

    iframe image provided by ZDNet

    Due to Firefox's security gap, this iframe will create an infinite loop of "authentication alerts" like what can be seen above.  The only way for the user to escape these alerts is to kill the browser.  To do so, they would need to end the browsing session within the Task Manager. However, if the user is running Chrome, the pop-up box opens at the tab level of the browser instead of the browser level.  Meaning, users may close the tab without interrupting their entire browser session.  In Edge, the delay between the iframe and the browser is long enough, so the user may close the tab and/or browser without experiencing the constant loop of the iframe pop-up. Although it remains unclear if/when Firefox will address the vulnerability -- their resolution method will likely replicate one of their competitors.

    Ransomware Takes Over China, Infecting 100k PCs

    Update 12/10/2018 - Authorities have a suspect in custody.  The Chinese police were able to track the suspect down due to the personal information used to create the WeChat app to collect the ransom demands.

    New Ransomware Attack Targets Chinese Users

    A new ransomware variant has infected 100,000 Windows PCs in China by encryption the user's files, then demands 110 yuan ($16 USD) ransom.  In addition to the encryption of files, the ransomware also includes an information-stealing component that obtained user credentials for several Chinese online services. Thus far, the attack has not gone global, as the hackers have limited their demographic in a few different ways.  First, the hackers are distributing the malware through Chinese-themed apps.   Second, they are only receiving ransom payments through a Chinese payment app, WeChat.  Unless the ransomware creators used fake IDs to create their WeChat profiles, it is believed authorities will be able to track the cyber criminals down.

    Lack of Sophistication

    Local Chinese cyber security firms claim the ransomware can be decrypted without paying the ransom because the encryption key is hardcoded in the source code.  Some of these cyber security firms have started working on free decrypting tools.  It is their hope to release them to the public in the coming days.

    Paying Ransoms Quickly -- Why It’s Not Possible, or Suggested

    December 07, 2018 by Kayla Elliott in Newsletter,tips
    So your security provider failed you, and you were a victim of ransomware.  What do you do now? It is likely you have a ransom note on your screen stating what you need to pay, and how to do it.  What they don’t tell you is just how difficult that will be. Often times hackers will try and make it as easy as possible for you to send them money -- but they also want it to remain anonymous.  Therefore, users will have to convert their dollars into a digital, non-traceable currency, like bitcoins.

    But How?

    Do you know how to do this?  The process isn’t too difficult, but it can be time consuming.  Many legitimate websites like CoinBase, require an authentication process.  You’ll need to register, and provide your banking information for the transfer of funds.  Once the authentication process is complete, the transfer and conversion will take place. Again, this takes time. Another method would be to find your nearest bitcoin ATM.  This not only allows for instant conversion, but everything remains anonymous as well.  However, this comes with a significant price tag, with fees based on geographical areas.  You’ll also need to determine which services are provided at the ATM, some offer only the option to buy crypto-currencies, while others allow you to also sell. If you’re like me, and your local bitcoin ATM only allows you to buy bitcoins, for the “small” fee of 12%, you will still need to find a way to send them to the hacker.   Now I’m going to stop right there.  Why? Because this sounds like a ridiculous amount of work, and you’re not even halfway there!  If you pay the ransom demands, you have to wait for the encryption key -- assuming the cyber criminals even give it to you.  Then it becomes your job to decrypt all of the files they locked. How about instead of all this, you focus on preventing the ransomware attack and keeping timely data backups.  

    To actively thwart ransomware, users are encouraged to do the following:

    Preventing cyber attacks is not impossible, but does require a proactive approach.

    The Top 5 Risks of Crypto-Currencies

    December 06, 2018 by Kayla Elliott in Newsletter,tips

    Crytpo-Currencies -- Are they worth the risk?

    Everything we do comes with risks.  It is our job to determine if the rewards outweigh the risks. This is the same philosophy when it comes to digital currencies, like bitcoin or monero.   However, the concept of a digital currency is rather new, therefore, our society is still experiencing the learning curve.  Although there are benefits of the digital currency, which will be discussed in another blog post, first we want to discuss the risks.  Why? Because if we only give the benefits, without listing the top risks, it could prematurely sway individuals into investing into bitcoins, or any other form of digital currencies.  

    Safeguarding Risks 

    Digital currencies can be stored at various repositories, or through a digital wallet.  Either way, it will need to be safeguarded. Therefore, you’re either trusting a repository to keep your digital funds secure, or you must take measures to ensure the security of your digital wallet.   

    Inconsistent Pricing

    Similar to the stock market, the price of bitcoin is based on supply and demand.  Buyers want to buy low, while sellers want to sell high.

    Not Backed by FDIC  

    This is risky for a few different reasons. First, the price fluctuates, similar to the stock market -- so as the pricing valuation changes you could easily lose money.  Also, if someone breaches your wallet, or the repository and steals your bitcoin, it is gone. You cannot legally go after the repository or wallet creator for lost funds.

    One Typo Creates Major Problems

    Better triple check that address! Once it’s sent, there’s no turning back.  This is pretty self-explanatory. Simply put -- triple check the address you're sending the funds to!

    Poor PC Hygiene May Lead to Significant Loss

    If you store your own digital currencies, how often do you back up your hard drive?  Why does it matter? If your system crashes, your funds will be gone. Even some malware is designed to steal your wallet and your funds, therefore using a security solution that deploys an application whitelisting is highly recommended.

    Crypto-Mining Tools Used for More Than Mining Digital Currency

    December 04, 2018 by Kayla Elliott in Newsletter

    Hackers Exploit Crypto-Mining Tools

    Crypto-mining tools are often legitimate, meaning they will run on a device without having issues.  These software programs are what people use to mine digital currencies, which again, is completely legal if done on machines you own.  However, hackers have found alternative ways to use crypto-mining software, beyond its original purpose.  According to CNBC, the latest risk includes using the crypto-mining software to steal intellectual property, impersonate employees, and steal user credentials. Since these hackers are using a legitimate software program to execute the malicious activity, it is incredibly difficult to block these threats.  However, businesses should never ignore crypto-mining tools running on their network.  These software programs are robust and require a significant amount of resources to mine for digital coins.  Even if it is a legitimate program -- companies, unless in the digital currency business, should remove mining software immediately.

    Police Shut Down 16 Fake Virus Scam Call Centers

    December 03, 2018 by Kayla Elliott in Newsletter,tips

    Indian Call Centers Raided for Fake Virus Scam

    Last week, 16 fake virus scam call centers in Gurgaon and Noida, India were raided.  This led to the arrest of 39 people for allegedly impersonating technical support representatives for companies like Microsoft, Apple, Dell and HP.  In the raid, police officers found various pieces of evidence including call scripts, voice recordings, live chats and customer records. This is the second raid in the last two months.  The first took place in October, after Microsoft filed complaints about customers falling for fake virus scams.  The initial raid led to the arrest of 24 alleged scammers.  After the second raid, there were still thousands of victims filing complaints with Microsoft regarding the tech support scam.

    It's Progress, But...

    Not to sound dismal, as this is progress, but there is still a long way to go. Customers still need to be wary of these scams.  Just because sixteen call centers were raided, doesn't mean the scam has been extinguished.  If you're wondering whether or not a notification is legitimate, please remember Microsoft, or any other tech company will never include a phone number for them to be reached at.  Therefore, if a phone number is included, it is often a scam.   Also, if you're concerned about potentially being infected with a virus -- please contact your security solution provider.  It is their job to protect your device.  They will either confirm it's a scam or determine how the virus wormed past their protection.  You are paying them after all -- use their resources!

    Ransomware Damages Projected to Reach $20B by 2021

    Ransomware Damages Increase to $20B in Three Years

    If we look at cyber crime, as a business instead of the crime that it is, we may begin to understand it a bit better.  This "business" is booming, and there's no end in sight.  Why?  Because society worldwide is making it profitable.  Any business that is turning over a profit, will continue to run.  Not only is cyber crime profitable, but the damages for ransomware alone are expected to reach $20 billion over the next three years.

    What can society do to extinguish cyber crime?

    Stop making the "company" profitable.  Instead, understand these are criminals you're making deals with.  By paying the ransom you're not only putting yourself at risk for future attacks, but there is also no guarantee they will decrypt the files they've locked. As long as they're still making money, cyber criminals will stay in business. In addition to no longer paying the ransoms, users need to understand what their security solution covers and does not protect against.  They should also understand if their current solution is using a blacklist model for malware prevention, or an application whitelisting technology.  For businesses with cyber security insurance, it's imperative you also understand what the policy covers.  Lastly, timely backup processes are critical.

    The Recap

    To stop cyber crime, we have to stop making it profitable.  This means, no longer paying ransom demands, switching cyber security focus to emphasize prevention instead of reactive remediation, and ensuring timely system and file backups.

    208 total views, 1 views today

    (Visited 4 times, 1 visits today)

    About The Pit Crew

    PC Pitstop's Pit Crew is committed to providing you with the information you need to keep your PC safe and running like new.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.