Securolytics Web Security Detects VoluumTrk Mobile Adware

Securolytics Web Security detects attempted communication by VoluumTrk Mobile Adware. We thought it would be useful to provide a description of how this programs works to illustrate how Securolytics Web Security protects our customers from having potentially problematic programs introduced into their systems. Read more “Securolytics Web Security Detects VoluumTrk Mobile Adware”

Securolytics Eliminates PCKeeper Adware

Securolytics Web Security detects attempted communication by PCKeeper software and related toolbars.  We thought it would be useful to provide a description of how PCKeeper works to illustrate how Securolytics Web Security protects our customers from having “Potentially Unwanted Programs” like PCKeeper introduced into their systems. Read more “Securolytics Eliminates PCKeeper Adware”

Securolytics Eliminates MacKeeper Adware

Securolytics Web Security detects attempted communication by MacKeeper software and related toolbars.  We thought it would be useful to provide a description of how MacKeeper works to illustrate how Securolytics Web Security protects our customers from having “Potentially Unwanted Programs” like MacKeeper introduced into their systems. Read more “Securolytics Eliminates MacKeeper Adware”

Securolytics Eliminates Mindspark Adware

Securolytics Web Security detects attempted communication by the Mindspark family of adware and toolbars.  We thought it would be useful to provide a description of how these programs work to illustrate how Securolytics Web Security protects our customers from having potentially problematic programs introduced into their systems. Read more “Securolytics Eliminates Mindspark Adware”

IoT’s Rough Patch

According to a survey by PricewaterhouseCoopers, almost 70% of connected IoT devices lack fundamental security. According to analyst firm IDC, “the number of IoT devices will grow from approximately 6 billion in this decade to 28 billion in 2020 — a staggering number. The market for wearable smart devices alone is expected to increase at an average rate of 60% per year to $20 billion in 2017.”

In this third installment of Securolytics’ series on IoT device security, we look at a major issue with IoT devices, the software patching process. Or often, the lack thereof. Read more “IoT’s Rough Patch”

NXDOMAIN

NXDOMAIN is the return code when a DNS lookup fails to resolve the requested domain to an IP address. This can happen for many reasons. Usually, it is just a user mistyping an address– google.xom. However, if you search your logs for NXDOMAIN, and look at the domains for which DNS lookups failed, you may be surprised at what you find.

One interesting thing that may come up are requests to various random-looking “.onion” domains. Dot onion is not a valid, routable top-level domain, but it is used by Tor clients to route requests onto the Tor network. Seeing these requests in your DNS data indicates that a device either has a Tor client installed, or that there is some malicious software on a device that is trying to find a Tor entry point.

Either case calls for action, and locating the IP address associated with the “.onion” requests can help you track down the device in question. Search on the IP address, and in the first few records returned, you are likely to find a successful login event from Active Directory logs. This will give you the user of the implicated machine. Once you’ve located the device, it would be wise to do a full malware scan on it.

Securolytics will automatically scan DNS records for suspicious domain requests. Keep malware off your network, and keep your data safe with Securoltyics.

 

Data Loss Prevention

Data Loss Prevention (DLP) technologies identify, monitor and protect data in use or in motion on the network, as well as data at rest in storage or on desktops, laptops, and mobile devices. While organisations are more successful at filtering incoming malicious content and deflecting unauthorised entry attempts, they are lagging behind with implementing technical solutions that effectively address data breaches.
Securolytics Data Loss Prevention is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data disclosed to unauthorised personnel either by malicious intent or by inadvertent mistake. Read more “Data Loss Prevention”

Inside Securolytics Web Filtering

Business owners are becoming more and more aware that their companies are losing productivity when employees shop and social network on company time. To counter this- Web Filtering is becoming a necessity no longer a luxury. It allows for increased productivity with advanced, real-time content filtering and the ability to block access to the websites that drain time and money from businesses large and small. Read more “Inside Securolytics Web Filtering”

*torrent*

Many organizations use content filtering software to block inappropriate web sites. However, the threats on today’s Internet have changed. The Internet remains the primary vector used to deliver viruses and malware and it remains the primary vector used for downloading pirated content. According to the American Bar Association, employers may be liable “for allowing or failing to prevent employees from using their technology to engage in illegal activity.”

Are your employees putting your brand at risk?

Securolytics can tell you exactly who and what is putting your brand at risk. Search for any of the following terms (*torrent*, *tracker*, *popcorn-time*) and you will immediately see if anyone on our network is using a peer-to-peer client to share files.

 

torrent

Removing ReimagePlus Adware

The Advanced Threat Defense engine in Securolytics Web Security recently detected and blocked downloads of an executable file that we found very interesting.  The blocked file was the installer for a program called ReimagePlus.  We thought it would be useful to provide some analysis of this program to illustrate how Securolytics Web Filtering is able to protect our customers from having potentially problematic programs introduced into their systems. Read more “Removing ReimagePlus Adware”