FMCN Webinar: How to identify and protect against Crypto Crapware and other threats. May 9th, 2016 @ 2pm EST

For those who missed it last time, we are bringing back our latest webinar in November.

With the rash of Crypto related ransomware attacks out there, we have decided to put on a few webinars to help educate users on how to identify, protect against, remove and recover from these critical infections especially the Crypto family of ransomware.

We recommend all those responsible for the following roles in your business attend:

  • Internet access
  • General Data Security
  • Client Information Management
  • Backup operations
  • Remote access
  • User Content and control policy enforcement

This presentation will be at a beginner level and will have some technical information but will be geared towards end user understanding. Feel free to send this invitation to other business owners or associates who may need a better understanding of the threats out there which includes both Mac and PC users.

Topics we will cover include:

  • Identify sources of infection
  • Identify fake notices and popups
  • Understand the difference between a firewall, router and UTM(unified threat management)
  • Understand what can be affected and what cannot
  • Backup/Archiving
  • Disaster Recovery Planning

These webinars are approximately 45-60m long, will have notes and a review for you to take away and will have a Q&A afterwards for a more detailed discussion.

The 1st webinar this year is scheduled for Monday the 9th of May at 2pm EST. This is a free event and open to the public but registration is required as there are limited connections available on a first come first serve basis. Should registration exceed the number of connections, additional dates will be added.


Posted in News Release | Tagged , , , , , , , , , , , , , | 1 Comment

Google Is Partially Dangerous—According to Google

People are always surprised when we tell them that even legitimate websites can be compromised and/or provide false links to malware, ransomware and crapware.


The current Google Transparency Report on the Safe Browsing status for doesn’t give the site a perfect grade.

Source: Google Is Partially Dangerous—According to Google

See our previous Post – Spear Phishing

See our post on – Malvertising – do your backups!


Posted in News Release, Opinion | Tagged , , , , , , , , , , | Leave a comment

Another level of malware – spear phishing

It is getting harder and harder to keep up with malware these days. By the time we attempt to write an article warning about a new campaign in the wild (like the new ransomware that encrypts entire hard drives), something else comes out that is an even worse threat. As an example, have you heard of spear phishing? If not, then read on, as it’s the latest threat that is going to make your online life that much more difficult.

Phishing is a term that has been around for ages now, but it is most commonly used to refer to spam campaigns that send out emails looking like they are coming from a legitimate company (be it Apple or a bank), prompting the reader to click a link and enter in some personal information. They are “phishing” for your details, with the only contact point they have for you being an email address. Even that contact point is most likely just a generated name that came from a program that sent the spam to millions of people, most of which don’t exist, in the hope of having just a few respond. It’s dangerous trick and we’ve had to help many users who have fallen into the trap. Sometimes it’s led to simple infections on a PC, but sometimes it’s required the cancellation of credit cards and tracking of financial records. It’s one of the most common means of spreading malware on the internet.

Spear phishing is a rather frightening evolution of this, which uses programs that seek out information on potential victims, using algorithms that search social networking links, web pages, blog posts, anything that might glean real data on people. It then sends out a tricky email, usually something that sounds urgent, threatening or an emergency, with that data in it, to trick the person into clicking the link and there begins to the issues. We’ve gone from phishing trying to get you to give them your information, to directed attacks where they are using your own information to trick you into something much worse.

Ars Technica has a great write-up on one form of this attack that generates a ransomware hit on someone who clicks through the link: Crypto-ransomware targets called by name in spear-phishing blast.

This is the kind of attack that your antivirus program will have a very hard time protecting against (if at all). While this is primarily targeting PC users, we have no seen Cryptoware attacks in the wild that will hit Mac’s and there are reports of others capable of hitting android devices. So far, we haven’t seen any that can hit Blackberry’s or iOS devices, but we believe it’s just a matter of time before a vulnerability is found there as well. So how do you defend yourself?

We repeat this to all our clients and drill it into them. Their best defence comes from their own habits. Question every email that comes in, even if it is from someone you know. What is the link? Are you expecting it? Is there anyway to confirm it is real before you click-through. Don’t download any software without being sure of what you are receiving. Beware of downloading anything (even media files) from illegal sites, such as bitTorrent (they are being hammered with fake files). On today’s Internet you are your own best protection. The technology on your computer should always be considered your second line of protection only and not relied on to catch everything.

Beyond that, we cannot stress enough how important backups are for all users, whether it’s just a home PC or a major work server. You must maintain and test your backups and try to keep at least two redundant backups running at all times (we usually recommend an onsite local image backup and some “in the cloud” off site backup). While the backups can’t protect you from every threat (ie. identity theft) they can help you quickly get back up and running from some of the most common attacks out there today.

As always, if you have any questions or want to have a double-check of your own processes, contact us at

Posted in Reboot Articles | Tagged , , | 1 Comment

New ransomware installs in boot record, encrypts hard disk | Ars Technica

If Crypto infections didn’t scare you before, now you can be absolutely paranoid! Now Crypto doesn’t just encrypt and lock out your files, it does the WHOLE hard drive.


Petya performs fake CHKDSK, and instead encrypts the master file table on disk.

Source: New ransomware installs in boot record, encrypts hard disk | Ars Technica

Posted in News Release | Tagged , , , , , , , , , , , , , , , , | Leave a comment

New wave of “Malvertising” hitting – do your backups!

Get ready for a bumpy ride, because here we go again. Reports are coming in of a massive wave of malware laced ads that are hitting mainstream website and infecting people with Cryptolocking viruses just from browsing a website.

You can find the details on Ars Technica here: Big-name sites hit by rash of malicious ads

The key to remember here is that most of these attacks cannot be prevented by your antivirus. They often use exploits found in Flash or Silverlight (two common and far too buggy ways of delivering ads) to bypass protections. The real problem is that you can be infected by a tiny ad on a page that begins playing without any interaction from you. This happens when the ad provider gets compromised and the sites generally have nothing to do with that interaction.

We’ve said this many times, but make sure your backups are current! Whether you are a business or home user, check them and make sure they are running. And yes, this applies to Mac users too, as a new crypto attack on Mac systems was recently uncovered.

As always, if you have questions, contact us and we’ll discuss options with you and how you can protect yourself, including whether it is a good idea to remove Flash and run adblocking software.

Posted in Uncategorized | 1 Comment

Windows 10 creeps even closer to landing on your PC – CNET

Microsoft makes a status change that has implications for all you Windows 7 and 8.1 users.

Source: Windows 10 creeps even closer to landing on your PC – CNET

Posted in News Release | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

AVG, McAfee, Kaspersky Antiviruses All Had a Common Bug – Slashdot

An anonymous reader writes: Basic ASLR was not implemented in 3 major antivirus makers, allowing attackers to use the antivirus itself towards attacking Windows PCs. The bug, in layman terms, is: the antivirus would select the same memory address space every time it would run. If attackers found out the memory space’s address, they could tell their malicious code to execute in the same space, at the same time, and have it execute with root privileges, which most antivirus have on Windows PCs. It’s a basic requirement these days for software programmers to use ASLR (Address Space Layout Randomization) to prevent their code from executing in predictable locations. Affected products: AVG, McAfee, Kaspersky. All “quietly” issued fixes



Source: AVG, McAfee, Kaspersky Antiviruses All Had a Common Bug – Slashdot

Posted in News Release | Tagged , , , , , , , , , , , , , | Leave a comment

Dell apologizes for HTTPS certificate fiasco, provides removal tool | Ars Technica

So Dell has been preloading extras into your new purchases without you knowing. This is typical of what we call CRAPWARE which regardless of intent, is additional software added to your purchase without your informed and obvious consent. It is covered under the EULA and purchase agreement which legally covers their butts but is a poor practice.

Click Source: Dell apologizes for HTTPS certificate fiasco, provides removal tool | Ars Technica

Posted in News Release | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Cybersecurity experts warn of new ModPOS malware targeting retail payment terminals – Business – CBC News

U.S. retailers are hunting for evidence of new breaches leading into the holiday shopping season after a cyber intelligence firm privately warned them about payment-card-stealing malware that it said evades almost all security software.

Source: Cybersecurity experts warn of new ModPOS malware targeting retail payment terminals – Business – CBC News

Posted in News Release | Tagged , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

CryptoWall returns for another round with CryptoWall 4.0

Backup is going to be more important then ever now because this new version encrypts the FILENAMES as well meaning it will be impossible to tell what the files are once they are attacked.

Read the article below from our Intronis Partner forum for the details.


CryptoWall 4.0 has arrived on the ransomware scene. Find out what’s different about this latest twist on the ransomware juggernaut.

Source: CryptoWall returns for another round with CryptoWall 4.0

Posted in News Release | Tagged , , , , , , , , , , , , , , , , , | 1 Comment