eScan South Africa

27/03/2019

We are looking for a Techical support Engineer. Technical knowledge of computers is a must. Good skills with Windows OS and Windows servers required. Succesful candidate will be responsible for support to partners and clients. Telephonic, e-mail, remote support. Person will also be responsible for product training. Send your cv to [email protected]. Position to be filled immediately. Product training will be provided. Salary and further responsibilities will be discussed in interview. This is a position for a junior person. Only serious applications please and person needs to be reliable.

01/03/2019

Researchers recently discovered 2 new critical vulnerabilities in the SHAREit App lets attackers bypass the Android device authentication mechanism,

14/10/2018

eScan awarded a VB100.

The test report was conducted during May and June 2018 and shows the performance of eScan Internet Security Suite.

https://www.virusbulletin.com/virusbulletin/2018/06/vb100-certification-report

21/09/2018

What does your smart device know about you?

15/08/2018

Understanding Zero-Day attacks and Prevention

A zero-day attack is a flaw in software programming or hardware that is unknown to the person or team in charge of fixing any known issues. The term zero-day may allude to the weakness itself, or an attack that has zero days between the time that the vulnerability is found and the first attack. Once a zero-day attack has been made public, it is known as “n-day” or “one-day” vulnerability.

Since zero-day vulnerabilities aren’t known ahead of time, there is no real way to make preparations for such attacks that may happen. Usually, when a specialist identifies that a software program contains a potential security issue, he or she will tell the vendor, so they can rectify the code and distribute a fix or update for the software program. The expectation with a zero-day attack is that regardless of whether an aggressor finds out about the vulnerability, it will set aside the opportunity to make sense of how to misuse it without being recognized – and in the interim, the fix will have been made accessible.

eScan Advisory:

- Update security patches regularly: It is very critical to keep your mobile device fully updated. Now that the vulnerabilities have been discovered which can be exploited using Javascript, updating the browsers as and when the new versions are made available, would be the best defense for your mobile.

- Desktop/Servers: Ensure that the installed Antivirus has enabled the registry key on Windows Machines, as mandated by Microsoft, as this would ensure that Antivirus has tested and is compatible with the patches provided by Microsoft.

- Be cautious while downloading applications: Avoid installing applications from the internet. Use the Google Play store or App store as provided in the device.

- Backup: Always keep a backup of the data on the device/system..

- Upgrade your device: Many times mobile devices do not get updates after the software and hardware have become old. The companies keep upgrading the versions of the mobile device and systems with the latest security patches applied.

14/08/2018

How is Artificial Intelligence empowering daily lives?

Imagine this: you are traveling for work and get into the cab for your business meeting, your phone beeps and says “new message” and you swipe your finger on the fingerprint scanner to read the notification. You realize that you are not able to type the reply as you are in the middle of some work and then speak out “reply” to your phone. This is the system in your phone, capable of rationally solving complex problems. It is integrated in such a manner that it makes your work easy.

Siri, Google Now, Cortana etc are intelligent digital personal assistants on various platforms (iOS, Android, and Windows Mobile) to help one find useful information when you ask for it using your voice command. These are great instances of Artificial Intelligence (AI) today. As we move towards the world of digitization, latest technologies like artificial intelligence, IoT and cloud are influencing traditional businesses. The mobile system is optimized to achieve goals via perception, planning, reasoning, learning, communicating, decision-making, and acting.

This technology is the beginning of generating new interest and utilization of intelligent systems in an ever-widening circle of influence. AI is crucial to the future. As there are new advances in AI technology, new markets and new opportunities have opened up in areas such as health, education, energy, and the environment for progress.

There are application suggestions, a list of frequently used applications which makes it easier for users to look for the applications that are required. The existing versions of Maps help us navigate to the exact whereabouts you want to head and also show searches based on the past visits and searches. Specific features like push notifications, 10 + sensors like GPS etc. provide a seamless user experience for users on the go.

Your cell phone, your automobile, your bank, and your home all use artificial intelligence once a day; and then it’s obvious what it’s doing, similar to when you request that Siri get you directions to the closest corner store. Once in a while, it’s more subtle, similar to when you influence an irregular buy with your credit card and don’t get a fraud alarm from your bank. AI is all around, and it’s having an immense effect in our lives each day.

08/08/2018

Fancy advertisements can be malicious

A malvertisement (malicious advertisement) is an advertisement on the Internet that incorporates or installs malware. Malvertising is the present PC capturing strategy for organized crime. Affected PCs can be utilized to make intense botnets that can be utilized to complete data fraud, corporate surveillance or other illicit action.

Legitimate Advertisements:
A criminal may place a series of ads that contain no malware on a popular and trusted website for a period of time with the goal of building a good reputation. Later on, the criminal will incorporate malicious software into the promotion to infect as many PCs as possible in a short period before evacuating the malignant code or suspending the advertisement. This sort of assault is regularly kept running on sites that run outsider advertisements.

Pop up Advertisements:
A pop-up ad can deliver a malicious payload as soon as the ad appears on the viewer’s screen. Scareware, which is malicious code disguised as an anti-virus application, is often delivered through pop-up ads. In some cases, the malware will execute when the viewer clicks the “X” to close the pop-up window.

By invading widespread syndicated online advertisements, a huge number of destinations can be contaminated in an instant. Unfortunately, sites that run outsider advertisements can do little to secure their guests, because syndicated advertisements are not under their immediate control. Truth be told, the organization from whom these websites receive the promotions may place advertisements from several other distributors, meaning the origin of the advertisements can be fairly difficult to trace. Malvertisement infections are becoming so widespread that numerous security specialists advise that clients block pop-up advertisements and set an application whitelist that will only allow their PC to run programs that have been explicitly authorized.

What can a user do to mitigate this malware?

- Use reliable security software like eScan that can block such malware from being downloaded on the computer system.
- Keep your computer’s security settings on a higher level - configure your computer’s AV settings to perform automatic system updates.
- Regularly scan the system with security software so that threats inside the Windows Registry and other locations are identified and elliminated.
- Avoid clicking on any pop-ups, especially pop-ups that are displayed on an unknown website.
- Keep all of the software installed on your computer up-to-date. Especially software from Microsoft, Adobe, Oracle Java, etc.
- Configure your email server to block email that contains malicious file attachments.
- Think before opening an email attachment sent from an unknown sender, open it only if you are positive about the source.
- Disable AutoPlay to stop the automatic launching of files from the network and removable external drives.
- Keep a backup of the information stored on your PC.

The best way to know whether your PC has a malware infection is to run a free scan. Use the Free eScan toolkit from eScan’s MicroWorld Winsock Layer. No installation required. http://www.escan.co.za/download/es/mwav/mwav.exe

07/08/2018

Don’t get hooked with spear phishing attacks!

Spear phishing is an email-spoofing attack that targets a specific organization or individual, looking for unapproved access to confidential data. Spear Phishing actions are not commonly started by irregular hackers, but rather by culprits out for monetary benefit, trade secret data or military data.

Likewise, with email messages used as a part of standard phishing attacks, spear phishing messages seem to originate from a trusted source. Phishing messages typically seem to originate from a vast and well-known organization or site with an large participation base, for example, Google or PayPal. In the case of spear phishing, the obvious origin of the email is probably going to be a person inside the receiver’s own particular organization or from somebody the target knows personally.

Many company representatives have started to be suspicious of surprising requests for undisclosed data and won’t unveil personal information in messages or select to join in messages unless they are sure of the source. The success of spear phishing relies on three things:

- The apparent source must have all the signs of being a known and trusted source;
- The message contains information that seems legitimate, and
- The request appears to have a sensible premise

eScan suggests following preventive measures that will save you from falling prey to such attacks.

- Identify phishing emails, such emails that are filled with countless grammatical errors and are often written in awkward English.
- Never respond to emails or messages from an unknown sender that have “undisclosed recipients” in the address line.
- Do not click on the link mentioned in the mail, if required type it in another browser tab to see what it contains.
If at all you happen to click such a link and see a request for your banking credentials or other details for any kind of verification or updating purpose, do not enter your personal or financial information.
Never provide information related to your credit card, bank account numbers or passwords to any unknown site or a fake site.

27/07/2018

Mailer
FB Posts
Stock
ATP Issue

Do you believe everything you read online? Beware!

There have been a few fake messages that have erroneously claimed that Rowan Atkinson (Popularly known as Mr. Bean) has died. What’s more, similar fake death posts have focused on numerous different well-known individuals around the globe like Dwayne Johnson, Pamela Anderson, Pink Floyd and many others.

Be careful about any celebrity death messages that you come across on social media, SMS, or email. Before clicking or sharing, check the death incident by searching for a genuine news entry, for example, Google News. In the event that a renowned individual has passed on, his or her death will more likely get the boundless scope in the standard news media.

The false news of Rowan Atkinson was circulated to trick the receiver into downloading a virus. These fake headlines are claiming to come from Fox News and made their way across social media. A Facebook share box appears in a new browser tab, after which you are prompted to share the fake “Breaking News” post on your Timeline. At the same time, the original page will be automatically redirected to a scam or malware website. The exact destination of this redirect varies.

In some cases, the victim is redirected to a fake “Security Error” web page that falsely claims that their computer has been locked, because it is infected with viruses. They are then prompted to call a “support number” urgently to seek help with the alleged security issue. However, if they call as instructed, tech support scammers attempt to trick them into giving them their credit card details, ostensibly to pay for the repair of the computer. The scammers may also try to trick them into downloading software that will allow them to take control of the computer, steal files, and install malware.

In other cases, the victim may be redirected to a dodgy “survey” website that promises the chance to win prizes in exchange for supplying their name, home address, email address and phone numbers. This information is then shared with unscrupulous online marketing companies and “site sponsors”.

The victim may also be redirected to websites that harbor malware, rogue apps, or malicious browser plugins. eScan suggests the following:

- Use reliable Anti-Virus software that provides you a secured computing experience and directs you to a legitimate website every time.
- Enable firewall in your computer system to ensure you are secure on local networks and the Internet.
- Do a quick check about the news before forwarding it to anyone
- Never get carried away by a genuine-looking website that contains identical looking logos, pictures and banners.
- Check the reputation of the website before reading the news.
- If Google is unsure about that website’s reputation, leave that site immediately.

A good Anti-Virus can save you from these kinds of Internet threats, Identity theft, Phishing emails, and all kinds of Virus attack. Inform yourself about all the features prior to purchasing any security software for your computer. Before installing any Anti-Virus software look for features such as Web Safe, Identity protection, Domain and IP Reputation Checker, Virus Control and Anti-spam that will ensure comprehensive security for your computer. One such Anti-Virus software that provides all these features is eScan Total Security Suite with Cloud Security.

26/07/2018

Understanding Vulnerabilities in the network

Cyber-security, until the advent of the newer technologies like Cloud, Social Networking etc. was limited within the network and its immediate peripheral devices/locations. According to a study, the vulnerabilities reported in the first quarter of 2018 are increasing at a fast pace. Today there are vulnerabilities that persist in the operating system and applications that are very dangerous for enterprises. As efficient as the protection and solutions may be it is critical to detect and fix vulnerabilities first.

Last year, we saw the entire world being brought down to its knees by WannaCry Ransomware. WannaCry Ransomware used the Eternal Blue exploit, which was a part of the hacking toolset created by NSA and subsequently released by Shadow Brokers along with many other hacking tools created by the NSA. Microsoft had issued an emergency patch for WindowsXP/Windows 2003 and for other Operating Systems too, however as we have seen in the past, enterprises have exhibited lackadaisical attitudes towards security and vulnerabilities. Many enterprises and users are yet to patch up their systems, despite this infection receiving maximum media coverage in the past few years.

Such Ransomware attacks are more wide-spread and pose a considerable threat. Hence updating your operating systems or installing a patch issued by the manufacturer is critical. Protecting networks against the inevitable vulnerabilities requires more than just patch management. It is critical to minimize the attack surface, i.e. the irrelevant parts of your network that an attacker has the opportunity to interact with and then attack.

Defense-in-depth will help to overcome the fear of vulnerabilities. New vulnerabilities are disclosed and exploited on a daily basis. Some are more serious than others, but the goal should be to make sure that none of them become the weak link that takes out the enterprise.

It is very important for CIOs and CSOs to engage and discuss how to examine networks and minimize vulnerabilities. Regularly scheduled network vulnerability scanning can help an enterprise identify weaknesses in their network security before the cyber criminals can mount an attack.

18/07/2018

for Kids

13/07/2018

Protect your money from

FRAUDSTERS are using increasingly sophisticated techniques to get at our money, beyond the standard phishing emails. So what are the scams, how can you protect your money and what are the banks doing to crack down on them? The government’s Annual Fraud Indicator estimates that the cost of fraud to...