New Virus Attacks All Windows-Based Computers

Uploaded on 2016-10-24 in BUSINESS-Services-IT & Telecoms, FREE TO VIEW, NEWS-Cybersecurity News

A new type of malware is beginning to circulate and attack nationwide, according to GuardiCore, a vendor of software that detects breaches in real time. And, right now, the malware can be detected by only two anti-virus engines.

“This is new malware capable of running on every Windows version from XP through Server 2012 R2,” the company reported in a blog. That means it runs on every single Windows version, “so 100 percent of your Windows endpoints are vulnerable,” says Daniel Goldberg, a security researcher at GuardiCore. The malware has been named Trojan.sysscan.

The malware uses brute force to find usernames and passwords that can be used as credentials to access information systems. Sometimes it doesn’t take much time because an organisation may have been breached previously, but passwords uncovered in previous breaches often are not changed and are still available for use. But if necessary, the malware will keep trying to get in for hours until it accesses a system, according to Goldberg.

While currently focused on financial credentials, the malware can steal credentials from any organisation’s systems, and it is only a matter of time before it hits other sectors. It’s not yet been detected on computers of healthcare organizations, but security professionals should assume it may have already infiltrated some systems.

“Healthcare is equally if not potentially more vulnerable, given the prevalence of Windows in the industry,” Goldberg notes.

Trojan.sysscan, while not yet widespread, is a simple malware that can remain undetected for a considerable period of time, and Goldberg advises assuming the malware will appear in systems if enhanced security measures are not taken. “People should not think of anti-virus as their only line of protection.”

Information-Management:       Overwhelming Cyber Attacks On Healthcare:

 

« Chatbot To Teach You A Foreign Language
Cybersecurity Is Just A Lot Of Trouble For The General Public »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

Guardtime

Guardtime

Guardtime's Black Lantern platform provides real-time cybersecurity and data-centric asset protection.

KELA

KELA

KELA's powerful cybercrime intelligence platform uncovers and neutralizes the most relevant cybersecurity threats coming from the hardest-to-reach places on the internet.

Verlingue

Verlingue

Verlingue (formerly ICB Group) is a leading corporate insurance broker providing Insurance, Risk Management and related advice to businesses and private clients.

National Cyber Security Authority (NCA) - Saudi Arabia

National Cyber Security Authority (NCA) - Saudi Arabia

The NCA is the government entity in charge of cybersecurity in Saudi Arabia and serves as the national authority on its affairs.

Agility Networks

Agility Networks

Agility Networks is a technology company providing integrated services and solutions for Digital Transformation and Cyber Security.

Noerr

Noerr

Noerr is one of the top European law firms with 500 professionals in Germany, Europe and the USA. We provide solutions to complex and sophisticated legal matters including cyber risks.

Zerify

Zerify

Zerify offers the industry’s only video conferencing platform built with a zero-trust architecture to keep your meetings secure, private and business compliant.

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

BugProve

BugProve

BugProve offers a firmware analysis tool that speeds up security testing processes and supports compliance needs by automating repetitive tasks and detecting 0-day vulnerabilities.

Kusari

Kusari

Securing your software supply chain starts with understanding. Kusari is on a mission to bring transparency to your software supply chain and power secure development.

IS4IT Kritis

IS4IT Kritis

IS4IT is your partner for the successful planning, introduction and implementation of company-specific information security concepts.

Defendis

Defendis

Defendis develops AI-powered cybersecurity solutions for Government Agencies, Banks, and Businesses, designed to helps them contain data leaks, minimise damage, and proactively hunt for new threats.

IDCARE

IDCARE

IDCARE is Australia and New Zealand’s national identity & cyber support service. Our service is the only one of its type in the world.

Vantyr

Vantyr

Vantyr's core mission is to safeguard the business-led adoption of SaaS applications by automating the lifecycle management and security of non-human identities.

Karthik Consulting (KC)

Karthik Consulting (KC)

Karthik Consulting is a technology service provider specializing in IT services for the U.S. federal government.