CompuTouch provide unparalleled value to companies through the management of IT services.CompuTouch has helped hundreds of companies save money while implementing the technology their business needs to grow.Some of our standout examples include.
CompuTouch Blog For IT Pros - CompuTouch Inc. Computouchinc - Solutions That Fit - CompuTouch Inc. Trends in Virtualization - CompuTouch Inc. Zeus on the loose. - CompuTouch Inc. Occasionally a Virus or Malware agent emerges in the environment that goes way beyond the run of the mill script kiddie bot generator.
Lately we have seen a variant on the infamous Zeus agent that is really quite impressive in its operation. I am enclosing a link that will promote understanding and help preventing this Malicious Agent. Three layers of defense are recommended to prevent this attack and potential loss of financial data. 1. Ensure you email or email provide is running an effective antivirus 2. 3. Please review the attached documents for more information New DYRE Variant Hijacks Microsoft Outlook, Expands Targeted Banks FBI Review. Zeus on the loose. - CompuTouch Inc.
Identity Farming Using Shodan. So, one of the amazing things I learned about Shodan recently, is that it is an amazing tool for farming identities and doing a good deed to help secure the public from identity theft.
A couple months back, I got a hold of a Netgear router that had a USB port on it. I was really interested to see if there were any people out there that actually used the port to connect storage devices to it. Pretty good result, but I started looking through the config of the router and found that by default, anonymous access is enabled for ftp. LET’S DO THIS! Now I have an even better list, with exactly what I want. All we have to do now is pop open our favorite FTP client and just insert the ip address from the list we want and BAM! Depending on what you connect to, you might find where people have actually uploaded scanned copies of things like Social Security cards, drivers licenses, full unredacted tax return forms, pictures of diplomas and certifications and the list goes on and on and on.
New Ransomware Hidden In Infected Word Files - CompuTouch Inc. It was only a matter of time, but some miscreant finally did it.
There is a new ransomware strain somewhat amateurishly called “Locky”, but this is professional grade malware. The major headache is that this flavor starts out with a Microsoft Word attachment which has malicious macros in it, making it hard to filter out. Over 400,000 workstations were infected in just a few hours, data from Palo Alto Networks shows. Antivirus engines are being updated to catch it, you can see the Virustotal results here, but it took several days to get there, so you cannot rely on endpoint security tools with new attacks like this. The bad guys use social engineering twice to trick the user first into opening the attachment, and then to enable the macros in the Word file.
When the Word document is opened, it looks like the content of the document is scrambled and the document will display a message stating that you should enable the macros if the text is unreadable. Windows 10: Nowhere Left to Hide - CompuTouch Inc. Microsoft’s Windows 10 nagware campaign has entered a new phase, with all options to evade or escape an upgrade finally blocked.
Recently, Microsoft’s policy had been to throw up a dialogue box asking you whether you wanted to install Windows 10. If you clicked the red “X” to close the box – the tried-and-tested way to make dialogue boxes vanish without agreeing to do anything – Microsoft began taking that as permission for the upgrade to go ahead. Now Microsoft is changing gears. It has eliminated the option to re-schedule a chosen upgrade time once you’ve confirmed it while also removing the red “X” close option from the screen. One Reg reader grabbed the below screenshot from a relative’s PC on Windows 7. The change means Windows 10’s nagware is now out of step with – and ahead of – Microsoft’s official Knowledge Base documentation on the topic, which says you can re-schedule your upgrade. Microsoft has stood behind its operating system’s nagging reminders. KevGir: A simulation of real world exploits - CompuTouch Inc. Kevgir is an intentionally vulnerable virtual appliance designed by the CanYouPwnMe team for network security exploitation training.
Kevgir has lots of vulnerable services and web applications for testing. In this tutorial/rundown, we are only going to be focusing on one of the web services offered so that we can capture the flag. Goals: 1. Footprint accessible services 2. Find web application vulnerabilities 3.
Make MITM Attacks Great Again!! - CompuTouch Inc. Man-in-the-middle attacks have been commonplace since the dawn of networking.
They still work, and will continue to as long as there are computers that can talk to one another. Let’s see what we can come up with that might still work. How about LLMNR and NBT-NSIn 1981, Leslie Lamport purported in the Communications of the ACM magazine that no matter how secure a user’s password was, if those credentials could be eavesdropped from the network, they could still be used and even reversed in a somewhat timely manner.
This is true to this day. We have GPU based cracking software, Pass-The-Hash scripts that allow you to pivot through domain/workgroup computers without even needing to reverse the password, and we even have WPAD proxy attacks that allow us to leverage default proxy settings in Internet Explorer. One attack that has always scared me and has worked in EVERY environment I have pentested is LLMNR/NBT-NS poisoning. Let’s look at an example in the diagram below. 1.