Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Malware (Page 1 of 5)

Auto Added by WPeMatico

Microsoft Defender bug could fill up disks with thousands of files

Much of today’s modern operating systems are arcane black boxes that no one but the most experienced computer users know. Not that most users know where to look or have access to some folders anyway. So when a system app silently fills up a hidden folder with trash files, most users might not know where to look. This recent incident … Continue reading

Source: https://www.slashgear.com/microsoft-defender-bug-could-fill-up-disks-with-thousands-of-files-06671753/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Ewdison Then

New Spectre attack once again sends Intel and AMD scrambling for a fix

Rows of beautifully colored computer components.

Enlarge (credit: Intel)

Since 2018, an almost endless series of attacks broadly known as Spectre has kept Intel and AMD scrambling to develop defenses to mitigate vulnerabilities that allow malware to pluck passwords and other sensitive information directly out of silicon. Now, researchers say they’ve devised a new attack that breaks most—if not all—of those on-chip defenses.

Spectre got its name for its abuse of speculative execution, a feature in virtually all modern CPUs that predicts the future instructions the CPUs might receive and then follows a path that the instructions are likely to follow. By using code that forces a CPU to execute instructions along the wrong path, Spectre can extract confidential data that would have been accessed had the CPU continued down that wrong path. These exploits are known as transient executions.

“Dangerous implications”

Since Spectre was first described in 2018, new variants have surfaced almost every month. In many cases, the new variants have required chipmakers to develop new or augmented defenses to mitigate the attacks.

Read 16 remaining paragraphs | Comments

index?i=mZVJ5SkuWxE:rhTfrtdp96I:V_sGLiPB index?i=mZVJ5SkuWxE:rhTfrtdp96I:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/gadgets/2021/05/new-spectre-attack-once-again-sends-intel-and-amd-scrambling-for-a-fix/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dan Goodin

Should You Disable “Antimalware Service Executable” Process in Windows?

should-you-disable-antimalware-service-e If your computer is sluggish, you may notice the antimalware service executable, or MsMpEng.exe, process in Task Manager hogging your resources. While you can disable it, it’s a good idea to understand the purpose of this process and how disabling it may affect the security of your PC. What Is Antimalware Service Executable? As the name implies, the antimalware service executable helps to defend your computer against malware and other virus threats. It appears in Task Manager as MsMpEng.exe and is the background process for the built-in Microsoft Defender antivirus tool. Microsoft Defender was formerly known as… Read more14459584.gif

Source: https://tracking.feedpress.com/link/12555/14459584/disable-antimalware-service-executable-process
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Crystal Crowder

What Is a “Command and Control Server” for Malware?

botnet.jpg?width=600&height=250&fit=crop
Whether it’s data breaches at Facebook or global ransomware attacks, cybercrime is a big problem. Malware and ransomware are increasingly being used by bad actors to exploit people’s machines without their knowledge for a variety of reasons.

Read This Article on How-To Geek ›

Source: https://www.howtogeek.com/726136/what-is-a-command-and-control-server-for-malware/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: John Bogna

How to Stop Windows 10’s Antivirus from Sending Files to Microsoft

windows_10_hero_3.jpg?width=600&height=2
By default, Windows 10’s built-in antivirus automatically sends samples of suspicious files from your computer to Microsoft. While this helps boost security, you can choose to disable this option, if you like. Here, we’ll show you how to turn this option off on your PC.

Read This Article on How-To Geek ›

Source: https://www.howtogeek.com/719825/how-to-stop-windows-10s-antivirus-from-sending-files-to-microsoft/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Mahesh Makvana

How to Use Microsoft Defender Antivirus from Command Prompt on Windows 10

windows_10_hero_3.jpg?width=600&height=2
Windows 10’s included Microsoft Defender antivirus—also known as Windows Defender—has a command-line interface. Rather than using the graphical Windows Security app, you can run Windows 10’s built-in antivirus from Command Prompt, PowerShell, or Windows Terminal.

Read This Article on How-To Geek ›

Source: https://www.howtogeek.com/717570/how-to-use-microsoft-defender-antivirus-from-command-prompt-on-windows-10/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Mahesh Makvana

Ransomware operators are piling on already hacked Exchange servers

A stylized ransom note asks for bitcoin in exchange for stolen data.

(credit: Aurich Lawson / Ars Technica)

Microsoft Exchange servers compromised in a first round of attacks are getting infected for a second time by a ransomware gang that is trying to profit from a rash of exploits that caught organizations around the world flat-footed.

The ransomware—known as Black Kingdom, DEMON, and DemonWare—is demanding $10,000 for the recovery of encrypted data, security researchers said. The malware is getting installed on Exchange servers that were previously infected by attackers exploiting a critical vulnerability in the Microsoft email program. Attacks started while the vulnerability was still a zero-day. Even after Microsoft issued an emergency patch, as many as 100,000 servers that didn’t install it in time were infected.

Opportunity knocks

The hackers behind those attacks installed a web shell that allowed anyone who knew the URL to completely control the compromised servers. Black Kingdom was spotted last week by Security firm SpearTip. Marcus Hutchins, a security researcher at security firm Kryptos Logic, reported on Sunday that the malware didn’t actually encrypt files.

Read 12 remaining paragraphs | Comments

index?i=LYVOmxMVBn8:QPGfrJsTxWw:V_sGLiPB index?i=LYVOmxMVBn8:QPGfrJsTxWw:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/gadgets/2021/03/ransomware-operators-are-piling-on-already-hacked-exchange-servers/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dan Goodin

8 “Dangerous” Android Apps Identified by Cybersecurity Firm

Dangerous-Android-Apps-Featured.jpg I say this often in these news sports, but there just doesn’t seem to be an end to the bad actors in the tech space. It takes constant work on the part of the tech giants, developers, and the app stores to stay a step ahead of the cybercriminals. There are constant warnings of apps, websites, and companies being attacked, and now eight more “dangerous” Android apps have been identified. Check Point Warning “Hackers always seem to be one step ahead of Play Store’s security measures,” explained Ekram Ahmed with cybersecurity firm Check Point Security. “We’re consistently finding… Read more14343540.gif

Source: https://tracking.feedpress.com/link/12555/14343540/dangerous-android-apps-identified-by-cybersecurity-firm
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Laura Tucker

« Older posts