ZCryptor is a malicious software that infects removable devices and network drives to encrypt files stored on a computer. It mainly spreads through spam emails, macro malware or fake installers. ZCryptor was first discovered by a security researcher named Jack, after which Microsoft also investigated the potential threats caused by the ransomware. The company issued an alert for the users stating:

“We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior. It leverages removable and network drives to replicate itself and infect more systems. We detect this ransomware as Ransom:Win32/ZCryptor.A.”

According to the researchers, the ransomware was initially designed to target systems with Windows XP 64 bit, but computers having the latest version of the operating system can also be infected.

How Does ZCryptor Work?

To infect a computer system, ZCryptor uses the common phishing techniques, such as camouflaging an executable file as a known software, usually Adobe Flash Player, or through macro files in Microsoft Office. Once executed on the system, the ransomware starts encrypting the files stored in it. It creates a registry key to ensure auto-execution on every start-up. Next, an ‘autorun.inf’ file is installed on the removable drives so that the malware spreads to all computer systems that these devices connect to. It replicates by creating copies in different network drives and using multiple file attributes in order to avoid detection by the users.

ZCryptor is known to encrypt a wide range of file formats including documents, audio, video, image, archive, database, APK, Java source code etc. and change their extension to ‘.zcrypt’. Upon encryption of all the files, a pop-up appears on the computer screen, asking the user to pay a ransom amount to get access to the unique decryption key.

How To Protect Against ZCryptor?

• Keep your operating system and other software updated to stay protected against the known vulnerabilities.
• Avoid visiting suspicious websites, opening unknown email attachments and downloading software from unidentified developers.
• Use a reliable anti-virus software to prevent and detect malware infections.
• Disable macro files in Microsoft Office.
• Keep a backup of your files on a removable media device to minimize the consequences of a ZCryptor attack.
• Format the infected removable drives before you connect them to other computer systems.

For more information about ZCryptor ransomware, you can contact Centex Technologies at (972) 375-9654.

With more than 300 million users, LinkedIn provides a networking opportunity for business professionals across the world. However, just like other social media platforms, LinkedIn also has its own set of security issues. It is important that you protect your account in order to safeguard your information and avoid spoiling your online reputation.

Given below are some tips to protect your LinkedIn profile:

• Update Your Privacy Settings: Make sure you review your privacy settings to keep a check on the information you want to share with your connections. For instance, you should turn off your activity broadcasts if you do not want to display updates about the changes you made to your profile. You can also change the visibility settings for your profile picture, connections and other professional details.
• Opt For Two Step Verification: LinkedIn allows its users to activate two step verification for their accounts. This offers a higher level of protection and prevents the incidence of identity theft and unauthorized account access by the cybercriminals. When you choose two step verification, you will be required to enter the password, along with a numeric code sent to your phone when logging in from an unrecognized device.
• Verify Your Connections: You should connect only with the people you know. Adding unknown connections or merely acquaintances puts your account information at risk. Cybercriminals use fake accounts to connect to entrepreneurs and gain access to their business information that can be further used for malicious purposes. Therefore, if you receive a connection request on LinkedIn, make sure you verify the profile to check if anything seems to be suspicious.
• Change Your Password Frequently: It is recommended to follow the best password practices to safeguard your LinkedIn account from unauthorized access. Create a strong password that includes random letters, numbers and symbols. You should use different passwords for all your online accounts and change them after every few months.
• Check Third Party Apps Connected To Your Account: Be watchful about the apps you have authorized to connect with your LinkedIn account. These can access all your confidential data and hence, you must review the apps that you have permitted. Deactivate all the apps that you do not recognize or use anymore.

For more information on LinkedIn and social media security tips, feel free to contact Centex Technologies at (972) 375 – 9654.

Adware, or ad supported software, refers to any form of software that displays or downloads unwanted advertizements while browsing the internet. It may also be programmed to redirect the users to advertizing websites or track browsing patterns so that customized ads can be displayed. In most cases, adware is a legitimate software that comes as a drive-by download with a freeware program. A visit to a malicious website can also lead to unapproved installation of adware on your computer. However, the advertizements can be annoying, distracting and intrude the user’s privacy in the online space.

Here are some signs that your computer has been infected with adware:

• Pop-up advertizements on the desktop or within applications
• Unidentified changes in browser home page, bookmarks and favorites
• New toolbars installed in the internet browser
• Slow computer start-up and shut down
• Pop-up ads related to websites being browsed or keywords typed in the search engine
• Desktop may be slow to load or refresh
• Unexpected system shut down or restart
• Sluggish internet connection
• Software crashes
• New programs installed on the computer

How Does Adware Work?

When adware is downloaded onto a computer system, it may begin to show pop-up ads according to your web browsing habits. The software may also install tracking cookies and keyloggers or conduct an unauthorized hard drive scan. Some of the common consequences of an adware infection are:

• Infinite Pop-Ups: The user may view an endless series of pop-up advertizements over the current program window. At times, closing one pop-up ad may lead to opening of another one.
• Man-In-The-Middle Attacks: Some adware programs are designed to redirect your network activity through a proxy server to display ads over the web pages being visited.
• Spying: This adware tracks your online browsing habits, websites you visit and even records your keystrokes to figure out the type of advertizements that would catch your interest.
• Data Consumption: The adware may download unrequired add-on program to your computer, thus consuming the bandwidth on your internet connection.
• Device Slowdown: Running too many ads may hamper your device’s performance, making it slow to respond to user commands.

It is important to detect and remove adware from your computer system at the earliest. If not, it may transmit sensitive information, such as credit card numbers, passwords, important files, photos and videos to the cyber criminals who may use it for malicious purposes.

For more information on adware and cyber security, you can contact Centex Technologies at  (972) 375 – 9654.

Network attack can be defined as an attempt to breach the security of a computer network in order to gain unauthorized access to the targeted device or exploit the vulnerabilities in the software applications. Without proper security measures, your network is vulnerable to different types of security threats, eventually causing it to crash. A network attack can either be passive (wherein the hacker may simply monitor and steal data stored on the computer) or passive (in which the information may be altered or destroyed).

Given below are some of the common types of network attacks:

IP Spoofing

A corporate or home network uses the IP address of a device to identify its entity and allow access. In a spoofing attack, the hacker may use a forged IP address to breach into a network in the guise of a legitimate user. He may alter, delete or destroy the data being shared in the network. He may also modify the source of the data packets so that they appear to be originating from another computer on the same network.

Sniffing

Network sniffing is the process of monitoring, capturing and intercepting the data packets traveling through an internet network. If the data is not properly encrypted and sent as cleartext, it can be easily read by the hacker. On the other hand, an encrypted data packet cannot be accessed unless the hacker has the key to open it.

Buffer Overflow

A buffer overflow attack occurs when the target computer receives more data/traffic than it is capable to hold, thus creating a lot of temporary files that overwrite the already existing valid data. The excess files usually contain a malicious code designed to carry out specific actions, such as deleting files, altering data or transmitting confidential information to the hacker.

Man In The Middle Attack

This is a form of session hijacking attack in which the hacker actively monitors, captures and controls the flow of information between the source as well as the destination computer on a network. The attack may be simply aimed at getting access to the information being shared or modifying it before being transmitted to the other end. In some forms of man in the middle attacks, the hacker may even disconnect the other user and completely take over the session to acquire sensitive information.

Centex Technologies is a leading IT company providing network security solutions to the business firms in Dallas, TX. For more information, feel free to call us at (972) 375 – 9654.

The ever increasing number of internet users has provided cyber criminals an opportunity to exploit the vulnerabilities in the computer systems. As people constantly rely on the digital world for work, gaming, social networking, recreation and other such purposes, there has been a massive upsurge in the malware threats. It is important to detect the infection in order to protect your computer and prevent such attacks in future.  

Given below are some warning signs that may indicate that your computer is malware infected: 

• Slow Computer: If your computer has been infected by a malware, it may slow down the speed of the system, internet and programs. However, make sure you rule out other potential causes of a slow computer, such as resource-heavy applications, fragmented system, lack of hard disk space or RAM etc. 
• Unwanted Pop-Ups: Unexpected pop-up advertizements that appear on your computer system are one of the most annoying signs of a malware infection. In some cases, these pop-ups may appear even if you are not connected to the internet. When the user clicks on a pop-up, it may redirect him to a fake website or download more malware on the system. Make sure you do not click on any of these ads or answer any survey questions. 
• Unexpected System Crashes: A malware infected computer may crash unexpectedly and quite frequently as well as switch to the BSOD (blue screen of death). However, the problem may also appear due to a technical problem in the computer, such as the lack of latest drivers or incompatible programs running on the system. If this is not the case, you should immediately scan your computer to identify any malicious program or file. 
• Random Network Activity: Another sign of a malware infection is the constant blinking of the router, indicating a high level of network activity even when you are not running a heavy program or uploading/downloading any files. It may be possible that your system has been hacked and controlled by a remote administrator.
• Lack Of Storage Space: Several types of malware are designed to manipulate files on the infected computer and fill up the space available on the hard drive. If any of your files stored in your computer system have been deleted, modified or you find any unknown programs that you didn’t install, it indicates a malware infection. 
• Disabled Security Software: In order to avoid detection, many malware programs disable the security software installed on your computer. Hence, your computer does not have the necessary tools to identify and eliminate the malware. In some cases, you may also receive security warnings or threat alerts from antivirus programs that you never installed on the system. 

We, at Centex Technologies, provide internet security solutions in Dallas, TX. For more information, you can call at (972) 375 – 9654.

Cybersecurity is a key issue faced by the finance sector. Whether it is to steal account information, illegally transfer money or inject malware, various tactics are used by hackers to gain access to an organization’s internal network. It is critical that IT professionals are updated with the latest security concerns and formulate a comprehensive strategy to stay protected against different forms of cyber-attacks.

Given blow are some of the top IT security challenges for the finance sector:

• Extortion: Hacking attacks involving extortion may be initiated in the form of a ransomware or denial of service (DoS) attack. In this, the target computer may be flooded with traffic from multiple servers, with an aim to temporarily slow down or completely disrupt the company’s network. The hackers may demand ransom amount to restore the services and remove the malware from the victim’s computer system.
• Spear Phishing: This is a common email scam in which hackers send out emails claiming to be from legitimate sources to acquire the victim’s bank account or credit card details and internet banking passwords. In an advanced form of spear phishing, known as whaling, the hacker may even send spoofed executives’ emails to the finance officials in order to get money transferred to fake bank accounts.
• Data Breach: Vulnerabilities in computer systems are also a major target for the cybercriminals to attain financial information of the users. Lack of security standards, poor data storage practices and unsecure network configuration may put the customers’ sensitive details at risk. It is important to store credit/debit card numbers, verification codes, user ids and passwords in an encrypted format.
• Point-Of-Sale Malware: It is aimed at stealing information from a business’ payment processing software. The attack can either target retail checkout system or during online purchases. Once the hackers are able to access the information, they may sell the information further or use it to make unauthorized financial transactions.
• Social Media Attacks: Cybercriminals may also use social media websites to gather information from the employees at a financial institution. With the increasing use of Facebook, Twitter, LinkedIn and other social platforms, employees can be easily duped to acquire confidential information about the company. They may create fake profiles to develop contact with the targeted employee and eventually compel him to reveal important information required to launch a bigger hacking attack. 

We, at Centex Technologies, provide complete cyber security solutions to all types of business firms in Dallas, TX. For more information, feel free to call us at (972) 375 – 9654.

The internet opens up a world of opportunities for the children to learn new things. It provides them access to a broad spectrum of information on diverse topics, a chance to interact with people from all across the world and a medium to express their opinions. At the same time, internet also poses many security risks for the children, making them an easy target for the cyber criminals and hackers.

Here are some internet safety tips to help children make the most out of the virtual space:

Use Internet Together

Browsing websites together with your kids will make them familiar with the security measures that they need to follow. Teach them about hackers, malicious software and common online threats, such as malware, spyware, identity theft etc. This will help you develop a comfort level with your children and make it easier for them to open up about their online experiences, either positive or negative.

Have Access To Your Child’s Computer

Make sure you have complete access to your child’s computer. Keep a check on what types of websites have been accessed and what files or programs are downloaded. If possible, monitor the IM applications, chat rooms and the email received by the child. You can also set parental controls to block inappropriate websites and limit the amount of time your kids can use the internet.

Encourage Your Child Not To Disclose Personal Information Online

Children must be encouraged not to share their personal information, including home address, school name, contact number, passwords etc., with anyone over the internet. Stop them from posting photos or videos online without your approval. Tell them the importance of signing out of all their online accounts each them they access them, particularly on public computers. Make them aware about creating strong and complex passwords as well as keeping them strictly confidential.

Keep Your Computer System Protected

Keep your computer’s operating system and web browser updated to protect against any hacking attacks. Download and frequently update anti-virus software, spam-blocker, firewall etc. to detect any malicious program or file. Also, make sure that they do not open or download attachments in emails from unknown sources. Software should also be downloaded from credible sources and updated from time to time.

For more tips on increasing online security for your kids, feel free to contact Centex Technologies at (972) 375 – 9654.

Phishing is one of the most prevalent forms of cybercrimes targeted at stealing personal information and financial data. It involves tricking the users into opening spam URLs or entering sensitive details in malicious websites that have been disguised as legitimate ones. Such attacks are usually launched through pop-ups and false emails.

Here’s how one can protect against phishing attacks:

• Be wary of emails: Make sure you do not respond to emails that ask for your bank account details, credit card number or other financial information. Legitimate organizations do not request such information through emails. Phishing emails aren’t usually addressed directly to the recipient and create a sense of urgency in order to elicit quick response.
• Never click on links embedded in emails: Hyperlinks or URLs attached in the emails may be spoofed to direct you to a malicious website. Hence, you should never click on links, open attachments or download files that you receive from an unknown sender. Instead, type in the URL directly into your web browser to ensure that the website you are visiting is authentic.
• Be cautious of pop-ups: When browsing a website, be careful if you see too many unrequired pop-ups. You should not click on the pop-up or copy any link to your browser’s address bar. Also, do not enter any personal details as credible organizations do not ask to submit such information in pop-up screens.
• Confirm security of the website: Before entering your personal or financial details, conduct a complete security check to protect yourself from phishing attacks. The website URL should start with “https://” instead of “http://” and there should be a padlock icon in the address bar. This signifies that the website uses encryption to ensure privacy of your confidential data.
• Enhance the security of your computer: Keep your computer protected with the most up-to-date firewall, spam filters, anti-virus and anti-spyware software. You should also update your operating system and web browser regularly. Make sure all the software on your computer is downloaded and installed from credible sources.
• Check bank details regularly: Keep a check on all your online transactions, bank accounts and credit card statements to identify if any unauthorized transactions have been made. If there are any irregularities, you should immediately report it your bank or credit card provider.

For more tips to prevent phishing attacks, feel free to contact Centex Technologies at (972) 375 – 9654.

Malware, or malicious software, is a broad term used to describe a set of programs intended to carry out unauthorized activities. When a malware is injected into a computer system, it can affect its functioning, steal important files, dodge access controls and track the user’s online activity. In order to prevent these malicious programs from infecting your system, it is important to understand the different types of malware found online. Some of these have been discussed below:

Virus

A computer virus mainly infects a computer system through a malicious code embedded in a software or program. It can be used to steal information, damage hard disk, relay spam email and advertizements, create botnets etc. When a user launches the infected program, the virus can spread on to other computers through email attachments, IMs, shared network, removable storage devices etc.

Trojan

A Trojan typically comes disguised as useful software in order to convince the user to download and install it. Once executed, it can give remote access of your computer system to the hacker. The program is designed to take complete control of the victim’s system with the purpose of causing damage or pilfering confidential information. A Trojan allows the hacker to delete or modify files, steal financial information, install more malware etc.

Spyware

This type of malware works by anonymously tracking a user’s online activity and transmitting it to a cybercriminal. Stealing financial information, such as bank account numbers, online banking and credit card details, is the main target of most spyware. It can also slow down the infected computer, particularly when there is more than one program running.

Rootkit

A rootkit is designed to function remotely so as to avoid being detected by the users or anti-virus software. Once installed on a computer system, a rootkit can steal or gain access to your information, execute program files, modify security software, install another malware and alter system configurations. It can even block installation of anti-virus software or lock the system to prevent detection.

Worms

Computer worms may spread in a disguised form by exploiting security vulnerabilities in the operating system. They can create a backdoor in your computer which allows a hacker to access the system remotely, making it vulnerable to a Denial-of-service (DoS) attack. Unlike viruses, worms can self-replicate, without the need of a host and can send out its copies to several other systems, by infiltrating contacts in your email or phone book.

It is important that you follow the requisite security measures to avoid malware attacks and protect your identity online.

As the popularity of social networking websites has increased through all these years, the risks of using them have also augmented. A lot of people do not follow proper security measures and fail to identify the potential consequences of sharing too much information on these websites. Hackers, virus writers, spammers as well as other cybercriminals constantly track the activity of users and manipulate the information for malicious purposes.

Here are some tips to stay safe while using social networks:

• Share Limited Information: Make sure you do not post sensitive personal information on your public profile, such as contact number, birthday, home town etc. It will safeguard your online safety and protect you against identity theft. Hackers may use this information to find answer to your security question and gain access to your account. Also, maintain caution while sharing photos and information that you do not want everyone to see.
• Customize Privacy Settings: Social networking websites offer various privacy options to give users complete control over their profiles. Customize your account’s settings to restrict access to a limited number of people. Filter the people or groups who can see your basic information, photos, friends and updates.
• Be Wary Of Third-Party Applications: Many social networking websites allow you to download and install third-party applications. You must be cautious while downloading which apps to install. These may be targeted at stealing your personal information or infecting your device with a malware. Make sure you read the privacy policy of the app to know what information it needs to access.
• Be Cautious While Clicking On Links: Do not visit a social networking website through a link that you received in an email or text message. It may redirect you to a fake website intended to steal your login details. Also, links shared by friends or acquaintances should not be clicked. Instead, you should manually enter the URL into your browser’s address bar to ensure that you are visiting a legitimate website.
• Accept Only People You Know: Social networking websites make it easy for people to fabricate or hide their identities. Cybercriminals may create fake profiles to contact you and access sensitive information. Hence, you must accept only those people whom you know in person. While interacting with strangers, be careful on the type of information you share.

For more social networking safety tips, contact Centex Technologies at (972) 375 – 9654.