Posts Tagged Cyber Security

Understanding Everything About GoBrut

GoBrut is a computer virus written in Go programming language. The compilation of GoLang programs generates binaries that have all required dependencies embedded in them. It avoids the need of installed runtimes within the machine and simplifies the multi-platform support of Go applications.

Mode Of Infection

GoBrut virus infects Windows and Linux machines using ‘Brute Force’ method.

What Is Brute Force Infection?

A brute force attack is also known as brute force cracking. It involves a computer machine that tries different combinations of usernames and passwords until it finds the correct combination to unlock the victim machine or network.

There are different types of brute force attacks that can be used by GoBrut virus. Some common types are:

  • Dictionary Attack: The attacker uses a dictionary of possible passwords to guess the right password.
  • Exhaustive Key Search: The computer tries every possible combination of characters to find the correct password. The new computers can brute force crack an 8 character alphanumeric password (including capitals, lowercase letters, numbers, and special characters) in about two hours.
  • Credential Recycling: In this type of attack, the attackers use the leaked usernames and passwords from other data breaches.

The virus is mainly used to target servers running Content Management Systems (CMS) and technologies such as SSH and MySQL. Here is a list of commonly targeted platforms:

Content Management Systems

  • Bitrix
  • Drupal
  • Joomla
  • Magento
  • WordPress
  • OpenCart

Databases

  • MySQL
  • Postgres

Administration Tools

  • SSH
  • FTP
  • cPanel
  • PhpMyAdmin
  • Webhostmanagement

After-Infection Process:

  • After successful infection, the infected system becomes a part of the GoBrut botnet. It now requests work from Command and Control server of the botnet.
  • Once the work is received, the infected host will now bruteforce other systems on the network (mentioned in the work request sent by botnet owner).
  • This allows lateral spread of GoBrut virus in the network.
  • After gaining access to a machine’s credentials, the attackers may steal confidential information, photos or other private data.

As the virus uses brute force techniques to steal password, the machines using low-security passwords are at higher risk of infection. Thus, simple ways to protect a system or network from GoBrut virus are:

  • Use of strong and reliable passwords.
  • Regular update of passwords after short intervals.
  • Avoid use of common passwords for different systems.
  • Apply access control for remote logins across all services.
  • Update all services and plugins regularly to combat vulnerabilities.

For more information on the GoBrut virus, contact Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments

What Is A Trojan And How To Protect Against It?

A Trojan Virus or Trojan Horse virus is a type of malware that impersonates legitimate files or programs for conceding its true contents. The payload hidden in the Trojan Virus remains unknown to the target user and can act as delivery vehicle for a variety of threats. Unlike normal viruses, a Trojan virus is capable of replicating itself.

Types Of Trojan Virus

Common types of Trojan Virus are:

  • Backdoor Trojans – This type of Trojan Virus allows hackers to remotely access and control a computer for uploading, downloading, or executing files.
  • Exploit Trojans –These Trojans inject a machine with code that is specifically designed to take advantage of vulnerability inherent to a specific piece of software.
  • Rootkit Trojans –These Trojans prevent the discovery of malware already infecting a system so that it can cause maximum damage.
  • Banker Trojans –This type of Trojan Virus specifically targets personal information used for banking and other online transactions.
  • Distributed Denial of Service (DDoS) Trojans – These Trojans are programmed to execute DDoS attacks, where a network or machine is disabled by a flood of requests originating from different sources.
  • Downloader Trojans –These are files written to download additional malware, often including more Trojans, onto an infected system.

Detecting A Trojan Virus:

Some common telltale signs of infection by a Trojan Virus are:

  • Poor Device Performance
  • Strange Device Behavior
  • Pop-Up & Spam Interruptions

If the system exhibits any of these behaviors, it is possible that system is infected with a Trojan Virus. Here are some ways to detect the Trojan:

  • Search the system for programs or applications you don’t remember installing.
  • If you find any unrecognized file names, search online for these file names to check if they are recognized Trojans
  • Scan the system with antivirus and antimalware software to see if it detects a malicious file.

Defending Against Trojan Virus

As preventive measures, stick to following practices to defend your system against Trojan Virus:

  • Install an effective internet security solution
  • Refrain from downloading or installing software from a source you don’t trust
  • Never open an attachment or run a program sent in an email from an unrecognized address
  • Keep all software on your computer up to date with the latest patches for avoiding vulnerabilities
  • Make sure a Trojan antivirus is installed and running on your system
  • Run regular system scans

For more information on Trojan Virus, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Tips To Spread Cyber Security Awareness

PDF Version: Tips-To-Spread-Cyber-Security-Awareness

, , ,

No Comments

Common Malware Entry Points

View Full Image

, , ,

No Comments

Tips To Reduce Cyber Crime In Inbound Call Centers

Business security is one of the prime priorities for every business and as the number of cyber attacks is on a rise, the cyber security practices have become a necessity. Cyber criminals tend to find weak entry spots for targeting a business. Due to the nature of operations, inbound call centers act as an easy target for cyber criminals. The inbound call centers receive customer calls and acquire customer information to answer their queries. If hackers breech the inbound call system, they can get hold of consumer’s personal information.

Thus, businesses need to be vigilant and take proper steps to secure consumer information. Here are some tips to reduce cyber crime in inbound call centers:

  • Regularly Audit The Environment: Audits are generally overlooked, but regularly auditing the network environment of the call center can help in detecting any intrusion at an early stage. Audits can also help businesses in detecting any vulnerability in the system. A simpler way is to automate the network audit using a remote monitoring and management system (RMM). Also, businesses should consider password audit for all the staff in the inbound call center. This helps in tracking the users with weak or outdated password.
  • Strengthen The Authentication Process: Passwords alone may not be sufficient for proper authentication of users. So, inbound call centers should strengthen the system by incorporating multi-factor authentication.  Also, it is important to backup the authentication data with either a knowledge based, possession based, or inherence based requirement such as having a physical key or smartphone for receiving one-time password.
  • Boost Weak Security Through Automation: A great approach to ensure security of the systems is to automate the security process. A common example is to automate password generation such that the users themselves don’t know their passwords until the time of login. This eliminates the risk of knowingly or unknowingly leak of passwords by the users. This can be achieved by using software such as Password Management System or privileged Identity Management.
  • Secure The Endpoints: Endpoints are highly vulnerable because cyber criminals attack these endpoints to create holes in the network security perimeter. Inbound call centers can use advanced endpoint detection solutions to improve system’s ability to defend itself.

For more information on tips to secure network in inbound call centers, contact Centex Technologies at (254) 213 – 4740.

, , ,

No Comments