Tag Archives: cybersecurity

Microsoft No Longer Supporting Windows 7

Beginning Tuesday, January 14th, Microsoft will no longer support Windows 7. After that, you will need to upgrade to Windows 10 to receive support from Microsoft.

What Does This Mean for Users

Microsoft ending support for Windows 7After Microsoft stops supporting Windows 7, users will no longer receive software updates. These include patches that can prevent hacking and other cybersecurity issues. Your computer will be at greater risk of getting a virus or malware. Along with the lack of software updates, Microsoft customer service will no longer provide technical support for Windows 7.

Options for Windows 7 Users

What are your options if you have Windows 7 on your computer? Microsoft has two suggestions.

New Computers

If your computer is three years old or newer, you can pay to upgrade to Windows 10. The cost of an upgrade starts at $139 per computer. There was a free upgrade, but unfortunately, that offer expired in 2016.

Older Computers

Microsoft suggests you buy a new computer with Windows 10 on it if your computer is older than three years. You can find laptops that run Windows 10 starting around $150. Of course, that will be a very basic laptop. Prices only go up from there.

 You’re Not Alone Running an Old OS

According to Net Marketshare, Windows 7 is the number 2 operating system in use behind Windows 10 and ahead of Mac OS X 10.14. Almost 33% of all operating systems are running Windows 7, so you’re not the only one out there with the old OS. However, that is a big tempting piece of fruit for hackers and other people with bad motivations.

It’s important to update your system or computer to take advantage of the latest security patches and fixes. You should always run an antivirus program like Avast, Norton, Kaspersky, or McAfee, but other software updates come directly from Microsoft.

Switching to Windows 10 is going to cost you some money, but not updating your operating system could cost you a lot more. This is especially true if you use your computer for financial transactions and store other private information. Protect yourself from malware and other cybersecurity threats.

New Malware Can Turn Your Computer Into a “Zombie Proxy”

Microsoft and Cisco Talos recently announced that they have discovered a malware campaign that can transform your personal computer into what Microsoft is calling a “zombie proxy”. The malware uses legitimate programs on your computer and it is suspected that it has infected thousands of PCs in the United States and Europe.

Divergent or Nodersok Threat

computer virusIn separate reports, researchers at Cisco’s Talos and Microsoft described the threat to cybersecurity. Cisco named the malware “Divergent” and Microsoft tagged it as “Nodersok“. The malware campaign works to get the unsuspecting user to download and use an HTML application that sets up a hacking process that doesn’t leave much to track. The HTML application is usually distributed through a malicious ad or other methods that are hard to detect.

The malware uses existing programs or automatically downloads valid and authentic tools to your computer to hide in your PC’s system. Some of the programs that Microsft and Cisco Talos have found corrupted by Nodersok/Divergent include:

  • NodeJS
  • WinDivert

Microsoft Explains Nodersok

According to a Microsoft blog post:

“All of the relevant functionalities reside in scripts and shellcodes that are almost always coming in encrypted, are then decrypted, and run while only in memory. No malicious executable is ever written to the disk.”

Microsoft calls this type of malware a “fileless threat”. They recommend using their Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) to protect your computer against these threats. According to Microsoft, the Microsoft Defender ATP was able to defeat the threat at “numerous points of dynamic detection through the attack chain.”

How Nodersok/Divergent Does Its Dirty Work

The malware will disable Windows Defender, allowing it to sneak past the antivirus software. It will then take control of your computer. At this point, Microsoft and Cisco Talos disagree on the final objective of the malware.

Microsoft researchers think that the hackers want to use the proxy to access other networks and “perform stealthy malicious activities.”

Cisco Talos states their belief that the malware is similar to other viruses created to implement click-fraud. According to Forbes, this malicious tactic cost advertisers around $19 billion just in 2018 alone.

Regardless of the ultimate objective, the outcome is the same: you and your computer are hijacked for nefarious reasons. As stated earlier, thousands of computers have been infected, with the virus ramping up its attacks over the last thirty days.

Cisco Talos and Microsoft have both stated that their antivirus software has been upgraded to detect this new threat.

Your Next Steps

Take the time to update your antivirus software and do another scan. If you discover this virus on your computer there are a couple of ways to have it removed. The first is to take it to your local computer expert and have them remove it. IF you are computer savvy, PC Malware Repair has a step-by-step guide to removing the Nodersok virus here.  Do not attempt this if you are not comfortable working in the backend of your computer system.

NSA Needs You to Update Your Windows Now

A few weeks ago it was discovered that there was a vulnerability with Windows called Bluekeep and Windows users were asked to update their computers. We all know that Windows updates seem to come at the worst time and are tedious and inconvenient, but now the National Security Agency (NSA) is urging you to update your system.

NSA Cybersecurity Advisory

 

On June 4th, they issued a Cybersecurity Advisory addressing the CVE-2019-0708, or Bluekeep, vulnerability. It can exploit the Remote Desktop Services (RDS) on legacy versions of the Windows OS. The following versions of Windows are the ones that need to be updated:

  • Windows XP
  • Windows Vista
  • Windows 7
  • Windows Server 2003
  • Windows Server 2008
  • Windows Server 2008 R2

Microsoft has issued a patch, but they estimate that there are millions of systems that are still vulnerable to attack. Bluekeep is “wormable”, which means that it can spread to other systems without the user doing anything. Some problems that could occur with Bluekeep include Denial of Service attacks, which can cause a large amount of damage in a short time. The NSA states that hackers with malicious intent can exploit the weakness, installing ransomware and attacking other unpatched systems.

How to Protect Your Computer

Make sure that your computer always has the latest updates. Taking some time now to install the patches can save you from major problems down the road. You are not only protecting your computer system, but other systems, including the National Security Systems.

Microsoft has issued the following patches:

  • Windows XP / Windows Server 2003: Security Patch KB4500331
  • Windows Vista / Windows Server 2008: Security Patch KB4499180 or Monthly Rollup KB4499149
  • Windows 7 / Windows Server 2008 R2: Security Patch KB4499175 OR Monthly Rollup KB4499164

Do your part to keep our networks safe from being exploited and keep your operating system updated whenever a patch is rolled out.