Feeling sick? It may be more than a poor immune system


Bitdefender LogoCyber security is often likened to maintaining good physical health. With vigilance, regular visits to the GP and the steady practice of good nutrition, you’re more likely to encounter fewer surprises and improve longevity than if you were to neglect professional advice and make regular unhealthy lifestyle choices. While this all sounds pretty straightforward, you’d be surprised at how many of us choose the latter scenario.

Why am I telling you this? Well, much like the memo from your doctor reminding you that your latest heath check is overdue, last week was Privacy Awareness Week and was a reminder that much has changed since your last visit. So what can you do to avoid your digital companion falling ill? Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender reveals the most common exploits in the past six months and offers his top tips for avoiding infection.

Did you know twenty-one critical bugs were found in all four major browsers, as well as Windows, Adobe Flash and Adobe Reader at the Pwn2Own hacking competition earlier this year? Not very encouraging is it?

What if I told you we were making it easier by failing to update our software?

Unfortunately, attackers are having a field day with flaws and weaknesses in our old, outdated applications, as well as in our operating systems and it’s this ‘fun’ that’s encouraged the emergence of a new kind of toy in recent years; exploit kits.

Usually hosted on compromised servers and served like regular web pages, these tools are quickly proving that no piece of software is really impenetrable.

To explain, once you land on one of these pages, your browser is inspected and a specific type of content is served to make it crash. After crashing, a payload (hidden data) is executed without your interaction and the computer silently becomes infected. From this point, the compromised PCs can be linked to a generic botnet where it is rented per hour to take part in financial fraud, Distributed Denial of Service (DDoS) attacks, malware hosting, spam sending and anonymised access. It can also be infected with a specific malware such as crypto-ransomware or bitcoin miners.

With so many exploits sitting in the ether awaiting their next victims, which are the worst offenders and what can be done to bypass infection? Bogdan Botezatu explains:

The most exploited vulnerabilities of the last six months:

  • Hidden payloads beneath PowerPoint documents

Spread via email spam this malware came to light in October 2014, and allows remote attackers to execute arbitrary code via a crafted OLE(Object Linking and Embedding) object – or in simple terms – when a victim opens a malicious PowerPoint document it embeds unauthorised data which an attacker can control and exploit the device and escalate privileges to become the local administrator.

  • Malicious payload, hidden plugin

This vulnerability allows remote attackers to execute arbitrary code via unspecified vectors causing buffer overflow in certain versions of Adobe Flash Player, Windows, Linux and OS X – or in simple terms, the attacker is able execute any command of his or her choice on a targeted machine causing an anomaly in the program by trying to store more data in a buffer or temporary data storage area that it’s intended to hold which can cause a security hole when combined with malicious input.

  1. Multi-stage attack causes “system state” corruption

This flaw allows remote attackers to execute arbitrary code via a crafted website, an Office document, or .rtf file that triggers “system state” corruption, as seen in April 2012, as “MSCOMCTL.OCX RCE Vulnerability.” In simple terms, this occurs when a victim unknowingly opens a malicious rich text file such as a Microsoft Word document that carries a spam attachment. Once the spam document is opened, malicious code decrypts the previously unintelligible unauthorised data and loads it in the memory. An attacker is then able to issue code to the memory location to exploit the device.

Top tips for avoiding vulnerabilities:

  1. Don’t install things you don’t really need, particular unnecessary browser add-ons and toolbars. This not only helps your devices run more smoothly, it immediately reduces your potential for vulnerabilities. To do this, you need to pay careful attention to what’s ticked by default when you install new apps and software.
  2. Be mindful of what the internet is throwing at you and what you’re throwing at the internet. Once it’s out there, it’s just a few simple searches for an attackers to find out a wealth of personal information on unknowing individuals.
  3. Run a security solution and make sure it’s kept up to date. Most software updates include a security aspect and installing them gives you the best protection against new attacks.
  4. Keep your operating system, third-party software and mobile apps up to date, especially those which you rely on. Don’t delay, install those recommended patches today.
  5. Don’t reuse passwords. Do you always ignore this one? You’re not alone! While it’s not simple to manage multiple passwords by using one password across everything means you’re playing directly into the hands of attackers. Develop your own way to implement different passwords like changing the first and last letter, or using a password management system.

Comments are closed.