New Virus Attacks All Windows-Based Computers

Uploaded on 2016-10-24 in BUSINESS-Services-IT & Telecoms, FREE TO VIEW, NEWS-Cybersecurity News

A new type of malware is beginning to circulate and attack nationwide, according to GuardiCore, a vendor of software that detects breaches in real time. And, right now, the malware can be detected by only two anti-virus engines.

“This is new malware capable of running on every Windows version from XP through Server 2012 R2,” the company reported in a blog. That means it runs on every single Windows version, “so 100 percent of your Windows endpoints are vulnerable,” says Daniel Goldberg, a security researcher at GuardiCore. The malware has been named Trojan.sysscan.

The malware uses brute force to find usernames and passwords that can be used as credentials to access information systems. Sometimes it doesn’t take much time because an organisation may have been breached previously, but passwords uncovered in previous breaches often are not changed and are still available for use. But if necessary, the malware will keep trying to get in for hours until it accesses a system, according to Goldberg.

While currently focused on financial credentials, the malware can steal credentials from any organisation’s systems, and it is only a matter of time before it hits other sectors. It’s not yet been detected on computers of healthcare organizations, but security professionals should assume it may have already infiltrated some systems.

“Healthcare is equally if not potentially more vulnerable, given the prevalence of Windows in the industry,” Goldberg notes.

Trojan.sysscan, while not yet widespread, is a simple malware that can remain undetected for a considerable period of time, and Goldberg advises assuming the malware will appear in systems if enhanced security measures are not taken. “People should not think of anti-virus as their only line of protection.”

Information-Management:       Overwhelming Cyber Attacks On Healthcare:

 

« Chatbot To Teach You A Foreign Language
Cybersecurity Is Just A Lot Of Trouble For The General Public »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Ripjar

Ripjar

Ripjar is a global company of talented technologists, data scientists and analysts designing products that will change the way criminal activities are detected and prevented.

PlaxidityX

PlaxidityX

PlaxidityX (formerly Argus Cyber Security) is a global leader in mobility cyber security, provides DevSecOps, vehicle protection and fleet protection technologies and services.

ESTsecurity

ESTsecurity

ESTsecurity is a leading company in cyber security providing intelligent security solutions to make world more secure.

Resilia

Resilia

RESILIA is a comprehensive portfolio of tools and training to help your organization achieve global best practice in cyber security.

Capula

Capula

Capula is a leading system integration specialist for control, automation and operational IT systems across all applications and industry sectors.

DQM GRC

DQM GRC

DQM GRC are one of the UK's leading providers of data governance, e-privacy and GDPR services, to commercial organisations across all industries in the UK.

Trustonic

Trustonic

Trustonic is a leader in the device security market. Our mission is to protect apps, secure devices & enable trust.

Cyber Security Courses

Cyber Security Courses

Cyber Security Courses was formed to help students in the UK find cyber security courses online.

ACA Group

ACA Group

ACA Group are a leading governance, risk, and compliance (GRC) advisor in financial services.

Open Systems

Open Systems

Open Systems is a Secure Access Service Edge (SASE) pioneer delivering a complete solution to network and security.

AirEye

AirEye

AirEye is a leader in Network Airspace Protection (NAP). Block attacks against your corporate network launched from wireless devices in your corporate network airspace.

OwnBackup

OwnBackup

OwnBackup proactively prevents you from losing mission-critical data and metadata with automated backups and rapid, stress-free recovery.

Alpha Mountain AI (alphaMountain)

Alpha Mountain AI (alphaMountain)

alphaMountain provides up-to-date domain and IP intelligence for cybersecurity investigational and protection platforms.

inSOC

inSOC

inSOC is an enterprise-grade AI-driven SOCaaS solution detecting breaches 24/7 with vulnerability management built-in. Designed for MSPs and MSSPs.

SecureClaw

SecureClaw

SecureClaw offers specialized cybersecurity consultation, various products, and a range of services to meet your company's business domain needs.

Helix Tech Consulting

Helix Tech Consulting

Helix Tech have expertise in a wide range of technology areas, including IT strategy, infrastructure design, cybersecurity, disaster recovery, cloud, data centers, IT cost optimization, and more.