New Virus Attacks All Windows-Based Computers

A new type of malware is beginning to circulate and attack nationwide, according to GuardiCore, a vendor of software that detects breaches in real time. And, right now, the malware can be detected by only two anti-virus engines.

“This is new malware capable of running on every Windows version from XP through Server 2012 R2,” the company reported in a blog. That means it runs on every single Windows version, “so 100 percent of your Windows endpoints are vulnerable,” says Daniel Goldberg, a security researcher at GuardiCore. The malware has been named Trojan.sysscan.

The malware uses brute force to find usernames and passwords that can be used as credentials to access information systems. Sometimes it doesn’t take much time because an organisation may have been breached previously, but passwords uncovered in previous breaches often are not changed and are still available for use. But if necessary, the malware will keep trying to get in for hours until it accesses a system, according to Goldberg.

While currently focused on financial credentials, the malware can steal credentials from any organisation’s systems, and it is only a matter of time before it hits other sectors. It’s not yet been detected on computers of healthcare organizations, but security professionals should assume it may have already infiltrated some systems.

“Healthcare is equally if not potentially more vulnerable, given the prevalence of Windows in the industry,” Goldberg notes.

Trojan.sysscan, while not yet widespread, is a simple malware that can remain undetected for a considerable period of time, and Goldberg advises assuming the malware will appear in systems if enhanced security measures are not taken. “People should not think of anti-virus as their only line of protection.”

Information-Management:       Overwhelming Cyber Attacks On Healthcare:

 

« Chatbot To Teach You A Foreign Language
Cybersecurity Is Just A Lot Of Trouble For The General Public »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Fortify Experts

Fortify Experts

Fortify Experts is a search and recruitment firm specializing in Cyber Security.

Boxcryptor

Boxcryptor

Boxcryptor encrypts your sensitive files before uploading them to cloud storage services.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

TechGuard Security

TechGuard Security

TechGuard Security was founded to address national cyber defense initiatives and US critical infrastructure security.

XLAB

XLAB

XLAB is an R&D company with a strong research background in the fields of distributed systems, cloud computing, security and dependability of systems.

Perseus Cyber Security

Perseus Cyber Security

Perseus provides all-around digital protection for small and medium-sized businesses through state-of-the-art software solutions, flexible online training and emergency response.

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

ALTR

ALTR

ALTR provide software-embedded solutions for data security and privacy.

e-Careers

e-Careers

e-Careers is an edtech institution that provides industry recognised courses and up-skilling solutions to individuals and organisations.

Antares NetlogiX

Antares NetlogiX

Antares Netlogix are a leading Austrian service provider for IT security, critical infrastructures and managed security services.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Brennan IT

Brennan IT

For over 25 years, Brennan’s expert team has helped businesses achieve real success through innovative and secure technology solutions.

Quatrro Business Support Services (QBSS)

Quatrro Business Support Services (QBSS)

QBSS is a tech-enabled outsourcing firm that’s changing the way companies think about finance, accounting, human resources and technology services.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

Tidelift

Tidelift

Tidelift provides the tools, data, and strategies that help organizations assess risk and improve the health, security, and resilience of the open source used in their applications.

Espria

Espria

Espria is a leading independent managed service provider with expertise in Cloud, IT, Communications and Document Solutions.