Cyber Security

Mercedes

Active Member
I have windows 7 ultimate in my laptop, there is option to update it to windows 10 for free. What are the advantages of upgrading ? what about previous files, apps and app compatibility ? how those will be affected ?
How much ram is recommended ? What your personal experience has been with windows 10 ?
First thing that win 10 is a wrapper over win 8. So nothing to worry.
I had win7 professional so I upgraded to win10. It's smooth and fast compare to earlier versions. Most of the applications(check for drivers of ur laptop I don't get any issue here also) are compatible to win 10. Just go for it, all data will remain same also if u face any problem then with in 20-30 days you have an option to revert it back.:)
 
@Vertigo_1985

W10 is a high risk OS when it comes to security. Our goverment even trys to forbit it in our counrty because of this reason. So if you care about your personal security, do not use W10 instead stay with your W7 or change to Linux. I did not want to mention this in the last post of mine, but when I see what this guy is posting with out knowing what he talks about when it comes to this point, you also should know about this risk before following such guys recomendations.​
 

Vertigo_1985

Well-Known Member
@Vertigo_1985

W10 is a high risk OS when it comes to security. Our goverment even trys to forbit it in our counrty because of this reason. So if you care about your personal security, do not use W10 instead stay with your W7 or change to Linux. I did not want to mention this in the last post of mine, but when I see what this guy is posting with out knowing what he talks about when it comes to this point, you also should know about this risk before following such guys recomendations.​
Staying with W7, upgrading doesnt seem to have much advantages and risks are many..
 

Mercedes

Active Member
I agree some security part though I had not faced any one.
First thing is that security risk is everywhere if you don't take any precautions even if you use linux. A good quality antivirus (not duplicate) is must along with anti-malware to ensure security.
Don't click on links blindly over the web, clear cookies...etc once in a week, use cccleaner to clean your browsers.
 
With the computers becoming insecure, I wonder if it is the time to DeepFreeze my C drive and install the applications on D drive. It would be a big headache to maintain and update regularly, but probably worth it.

Here is the latest cyber attack. I guess it's only a matter of time before the cloud storage also become insecure.

Petya ransomware cyberattack: What it does, how to protect your PC and more

Petya ransomware cyberattack has hit computer servers all across Europe, locking up computer data and crippling enterprise services in the corporate sector. Ukraine and Russia are the worst affected, though the attack has also impacted some companies in the US and Western Europe.

Written by Shruti Dhapola | New Delhi | Updated: June 28, 2017 10:43 am

Petya ransomware is part of a new wave of cyberattacks that has hit computer servers all across Europe, locking up computer data and crippling enterprise services in the corporate sector. Ukraine and Russia are the worst affected, though the attack has also impacted some companies in the US and other Western European countries. So what exactly is the Petya ransomware attack, and how does it affect a PC? Also what exactly can one do to protect themselves against the ransomware? We explain everything you need to know.

What is Petya ransomware? What vulnerability is it exploiting it in the Windows system?

Petya is a ransomware, similar to the Wannacry attack. According to Security Research firm Kasperksy, Petya could be a variant of Petya.A, Petya.D, or PetrWrap. However, the firm doesn’t think this is a variation of the WannaCry cyberattack.

The post from Kaspersky also notes Petya is exploiting the same EternalBlue exploit that was used by Wannacry attack. The blogpost notes, “This appears to be a complex attack which involves several attack vectors. We can confirm that a modified EternalBlue exploit is used for propagation at least within corporate networks.”

For those who don’t remember, WannaCry attack affected over 300,000 computers globally, and this one also exploited this particular security vulnerability in Microsoft’s Windows systems. Microsoft had issued a security patch to fix the ‘EternalBlue’ exploit in Windows 10, Windows 8,7 and even Windows XP PCs. The problem like with many of the Windows updates: people might not have applied the security patch or downloaded the update.

How exactly does Petya spread? What does it do to an infected computer?
Petya is a ransomware, and it follows WannaCry’s pattern. The ransomware locks up a computer’s files and demands $300 Bitcoins as ransom to unlock the data. All data on a computer, network gets encrypted.

This message is flashed on a computer, “If you see this text, then your files are no longer accessible, because they are encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.”

According to Kaspersky security team, in order get the credentials to spread, the ransomware relies on a custom tool called “a la Mimikatz.” This extracts credentials from the lsass.exe process, which is one of the crucial files in the Windows system. This stands for Local Security Authority Subsystem Service.

The attack is believed to have started against an update used on a third-party Ukrainian software called MeDoc, which is used by many government organisations in the country. According to reports, this is also the reason why Ukraine was the worst affect in the lot. Kaspersky says over 60 per cent of attacks took place in Ukraine, and Russia is second on the list with 30 per cent. But these are just the initial findings from Kaspersky.

Once the malware infects the computer, it will wait for an hour or so minutes, and then reboots the system. After the rebooting, the files are encrypted and a user get a ransom note on their PC asking them to pay up. Users are also warned against switching off their PC during the rebooting process, because it could make them lose their files.

As the Kaspersky blog points out, attackers want the Bitcoins to be paid and victims are asked to send the ransom to a particular address, and then the Bitcoin wallet id and personal number via e-mail to an address “[email protected]”, confirming the transaction has been made.

So how can the ransomware attack be stopped?

The malware seems to infect the entire network, and known server names. According to Kasperky, “Each and every IP on the local network and each server found is checked for open TCP ports 445 and 139. Those machines that have these ports open are then attacked with one of the methods described above.” So yes, this is a fairly comprehensive cyberattack.

When it comes to decrypting files, currently there is no solution. According to the security researchers at Kaspersky, “the ransomware uses a standard, solid encryption scheme.” The firm notes that unless the hackers made a mistake, the data can’t be accessed.

So who is behind the Petya cyberattack? What all companies, countries have been impacted?

Researchers are still looking for who is responsible for this attack. But the impact of this is serious. In Ukraine, government offices, energy companies, banks, cash machines, gas stations, and supermarkets, have all been impacted, reports Associated Press. The Ukrainian Railways, Ukrtelecom, and the
Chernobyl power plant was also affected by the attack.

Multinational companies like law firm DLA Piper, shipping giant AP Moller-Maersk, drugmaker Merck as well as Mondelez International, which is the owner of food brands such as Oreo, Cadbury, was also impacted. In the US, some hospitals have also been impacted by this cyberattack. Poland, Italy and Germany are other countries affected by the cyberattack. In India, the Jawaharlal Nehru Port has been impacted given Moller-Maersk operates the Gateway Terminals India (GTI) at JNPT. This has capacity for over 1.8 million standard container units.

So what happens now?

For starters, it seems the email address, which was being used by the hackers, has been suspended by the service provider. In a blogpost Posteo wrote, “We became aware that ransomware blackmailers are currently using a Posteo address as a means of contact. Our anti-abuse team checked this immediately – and blocked the account straight away.” Posteo also confirmed that it was no longer possible for the attackers to access the email, send mails, or access the account.

For now, users who have lost their data can’t really recover it unless they have a backup. There’s no way of getting the decryption key from the hackers, since the email account has been shut down. However, according to a tweet from HackerFantastic, when the system goes in for a reboot, the user should power off the PC. His tweet reads, “If machine reboots and you see this message, power off immediately! This is the encryption process. If you do not power on, files are fine.”

The problem with Petya is that right now researchers have no solution for decrypting these files. There’s also no way of stopping the attack from the spreading, given it exploits vulnerabilities in the network.

For users, it is best to keep a back up of all their data. Preferably this data should not be online, and it should be encrypted. Users should also not click on email links from suspicious ids or click on links asking for access to personal information. Also keep your Windows PC updated with the latest software.
http://indianexpress.com/article/te...does-how-to-protect-your-pc-and-more-4725476/
 

Similar threads