New Virus Attacks All Windows-Based Computers

A new type of malware is beginning to circulate and attack nationwide, according to GuardiCore, a vendor of software that detects breaches in real time. And, right now, the malware can be detected by only two anti-virus engines.

“This is new malware capable of running on every Windows version from XP through Server 2012 R2,” the company reported in a blog. That means it runs on every single Windows version, “so 100 percent of your Windows endpoints are vulnerable,” says Daniel Goldberg, a security researcher at GuardiCore. The malware has been named Trojan.sysscan.

The malware uses brute force to find usernames and passwords that can be used as credentials to access information systems. Sometimes it doesn’t take much time because an organisation may have been breached previously, but passwords uncovered in previous breaches often are not changed and are still available for use. But if necessary, the malware will keep trying to get in for hours until it accesses a system, according to Goldberg.

While currently focused on financial credentials, the malware can steal credentials from any organisation’s systems, and it is only a matter of time before it hits other sectors. It’s not yet been detected on computers of healthcare organizations, but security professionals should assume it may have already infiltrated some systems.

“Healthcare is equally if not potentially more vulnerable, given the prevalence of Windows in the industry,” Goldberg notes.

Trojan.sysscan, while not yet widespread, is a simple malware that can remain undetected for a considerable period of time, and Goldberg advises assuming the malware will appear in systems if enhanced security measures are not taken. “People should not think of anti-virus as their only line of protection.”

Information-Management:       Overwhelming Cyber Attacks On Healthcare:

 

« Chatbot To Teach You A Foreign Language
Cybersecurity Is Just A Lot Of Trouble For The General Public »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

aizoOn Technology Consulting

aizoOn Technology Consulting

aizoOn is a technology consulting company offering a range of services including IoT & embedded security, mobile security, cybersecurity assessments, risk & compliance, network monitoring and more.

SSLGURU

SSLGURU

SSLGURU bring all of the major SSL certificate vendors to one market place in order to create the world's largest SSL store with the most competitive prices.

Hotlava Systems

Hotlava Systems

HotLava network adapters enable today's powerful servers and workstations to deliver more productivity by reducing congestion at the network interface.

Cyber Data-Risk Managers

Cyber Data-Risk Managers

Cyber Data-Risk Managers Pty Ltd is an insurance broker based in Melbourne, Australia specializing in Cyber insurance / Data breach insurance.

ATSEC Information Security

ATSEC Information Security

ATSEC is an independent, privately-owned company that focuses on providing laboratory and consulting services for information security.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

Paygilant

Paygilant

Paygilant’s disruptive technology is designed to protect mobile payment  financial transactions against fraudulent attacks, whether executed by NFC, QR code, P2P or in-app.

Synack

Synack

Synack provides a hacker-powered intelligence platform that uncovers security vulnerabilities that often remain undetected by traditional pen testers and scanners.

Applied Security (APSEC)

Applied Security (APSEC)

APSEC provides products and services in the areas of encryption, digital signature, authentication and data loss prevention.

FileWave

FileWave

FileWave offers a single solution for managing apps, devices, and more for Mac, Windows, and mobile devices.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

Argo Group

Argo Group

Argo is an international underwriter of specialty insurance. Argo Cyber offers a full spectrum of coverage solutions related to professional and technology services.

MONITORAPP

MONITORAPP

MONITORAPP is responsible for complete web security. Protect your business environment with Application Security Solutions from MONTORAPP.

Citadel Cyber Security

Citadel Cyber Security

Citadel is a leading 'One Stop Shop' provider of consulting services in cyber and information security. Our experts operate in hundreds of business organizations in Israel and around the world.

Databarracks

Databarracks

Databarracks deliver award winning IT resilience and continuity services. We help organisations get the most out of the cloud and protect their data, wherever it lives.

UBDS Digital

UBDS Digital

UBDS Digital is your Digital Lifecycle Partner for Secure Cloud Transformation.