Get in touch





I agree to the
terms & conditions


What Is Malware? – Frequently Asked Questions

What Is Malware? – Frequently Asked Questions

Short for ‘malicious software’, malware constitutes any program or file that is harmful to a computer user. Malware is a blanket term for disruptive and damaging software, and covers many different types of threats to your computer safety; such as viruses, spyware, ransomware, adware, worms, Trojans and rootkits.

Every day, the independent IT security institute, AV-TEST registers over 350,000 new malicious programs (malware) and potentially unwanted applications (PUA) highlighting how easily your computer could be infected with disruptive software.

How does malware work?

Depending on the intent of the author, malware can work in a number of different ways, performing a variety of functions such as hijacking the computer, encrypting, deleting data or simply monitoring computer activity without permission.

The goals of most malware authors is to make money from their program, either by extracting payment from their target in exchange for the return of access to their computer (ransomware), or by selling their software to the highest bidder on the dark web.

One of the most high profile examples of a malware attack in recent years was the WannaCry ransomware attack, which affected users worldwide by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.

More than 200,000 computers were infected via phishing email, which exploited a vulnerability within Microsoft – with the NHS the most prominent victim of the attack with hospitals across the UK affected.

How can malware get on your computer?

There are numerous ways that malware can find its way on to your computer, with the common causes including;

  • Online Downloads – a frequent cause of malware entering your computer, malware authors hide damaging programs within download files, commonly in the form of Trojan horses that are activated after installation.
  • Drive-by Downloads – unlike the above, drive-by downloads do not require consent to enter your computer, with triggers such as visiting a webpage enough for authors to commence a download.
  • Removable Drives – infected removable drives, such as USBs and external hard drives, can be used to spread malware from one device to another without any online interaction taking place.
  • Phishing – emails that are designed to have come from official sources, containing sensitive information such as delivery details, tax refunds, or invoices to encourage users to open and interact with them.

How does malware affect your computer?

The installation of malware can have a significant impact on your computer’s performance, as well as the privacy of your sensitive data, which can be potentially accessed by hackers.

With attacks where your computer is effectively ‘held hostage’ by hackers, it can be impossible to use your computer before an adequate ransom has been paid. According to research by Sophos, the average cost of a ransomware attack on businesses was $133,000, with another organisation calculating that ransomware costs businesses more than $75 billion per year.

The average cost in time of a malware attack is 50 days – highlighting the seriousness that an infiltration can have on your business, significantly limiting productivity, performance and time and potential damage to brand reputation.

How can malware be prevented?

Fortunately, there are steps that you can take to protect yourself, and your business from the detrimental effects of a malware attack.

Installing anti-virus software will provide reactive protection for your computer, but will fail to protect your network in the event of an attack – this is especially prevalent if your anti-virus software is not regularly updated to protect against the latest security threats.

Regular patching and updating your anti-virus software is important as well as updating your operating system, browsers, and plugins. As Windows users found out in 2017’s WannaCry ransomware attack, even small vulnerabilities can be exploited with devastating effect. Ensuring you have the latest security upgrades and patches will help provide some added protection for your devices.

It is also important to stay vigilant. If a website looks suspicious, don’t visit it. If an email looks too good to be true, it probably is. Especially with phishing emails, hackers will use similarly sounding email addresses to trick users, so always read who the email is coming from before clicking on it.

As cyber threats become more sophisticated we advocate a layered security approach to provide better protection of your organisations IT assets and network. This approach will enable you to monitor, detect and remediate the different attack vectors and entry points ensuring that you have all bases covered.

With our proactive managed IT security service, we install, configure, monitor and manage upgrades to your organisation’s IT security, ensuring it’s providing the maximum defense for you and your business.

To learn more about how to protect your computer from malware, and how we can help keep your business’ IT secure and operational, speak to one of our expert consultants on 0118 918 6822, emails us using hello@nouveau.co.uk or get in touch via our contact form.

About the ‘Death of Windows 7’ and how it might affect your business

About the ‘Death of Windows 7’ and how it might affect your business

You may be aware that Microsoft has announced that extended support for Windows 7, Server 2008 and 2008 R2 will cease on 14th January 2020. In addition, Windows Exchange Server 2010 and Office 2010 will reach end of support on October 13th 2020. 2020 is just around the corner, so now is the time to start thinking about upgrading.

This could cause concern for businesses who haven’t yet thought about upgrading their systems. Considering that moving away from Windows XP took up to three whole years for large organisations, businesses are urged to think about upgrading as soon as possible. According to web metrics vendor Net Applications, Windows 7 still has a market share of 33.52%, meaning many organsiations will be at risk of cyber attacks when support ends.

What does end of support mean?

If you continue to use Windows 7 after support your PC will still work, but it may become more vulnerable to security risks and viruses as Microsoft will cease providing software and security updates.

Nouveau Recommendations:

Start planning to move to Windows 10 / Server 2016/2019 before January 2020 and Office 365 / Exchange 2019 by October 2020, to avoid a situation where you need service or support that is no longer available. The team here will be happy to provide you with advice and support to ensure your transition is as seamless as possible.

For a full list of products reaching end of support click here.

How Nouveau can help

As a Microsoft Gold Partner, we here at Nouveau can offer full scale migration services and can help your business upgrade outdated systems and infrastructure as the need arises.

If you would like to speak to one of our experts, please send an email to hello@nouveau.co.uk or call 01189 699290 for more information.

Growing demands for proactive cyber security

Growing demands for proactive cyber security

As the threat of cyber incidents continues to rise for organisations all across the world, it is becoming more common to hear of reputable companies suffering from a wide variety of cyber attacks. IT depatments are now expected to run systems 24/7 x 365 days a year in order to support regular business operations, and the effects of downtime are felt heavily across the organisation, impacting revenue, profit and reputation.

We here at Nouveau firmly believe that firewalls and antivirus software is no longer enough to protect your systems on their own. Regardless of company size, the increase in cybercrime has put cyber security back on the management agenda and businesses are now realising that they need to up their game when it comes to their cyber security.

At Nouveau, we recognise that more organisations of all sizes are turning to external security managed services businesses like ours that can offer 24x7 proactive outsourcing services matches to suit an organisations’ needs.

To learn more about how Nouveau keep pace with change and constantly monitor, maintain, test and deploy the latest security tools, read our article with The Business Magazine by clicking here.

Fortinet Vulnerabilities and Security Flaws Update

Fortinet Vulnerabilities and Security Flaws Update

In August 2019, it was revealed by security researchers at the Black Hat 2019 conference is Las Vegas that there had been a discovery of security vulnerabilities that had impacted a wide range of security vendors, including Fortinet. Fortinet patched these vulnerabilities back in April and May 2019, however many customers are still running the affected firmware versions.

SSL VPN Vulnerabilities

Two vulnerabilities directly affected Fortinet’s implementation of SSL VPN.

  • CVE-2018-13379 (FG-IR-18-384) – This is a path traversal vulnerability in the FortiOS SSL VPN web portal that could potentially allow an unauthenticated attacker to download files through specially crafted HTTP resource requests.
  • CVE-2018-13383 (FG-IR-18-388) – This heap buffer overflow vulnerability in the FortiOS SSL VPN web portal could cause the SSL VPN web service to terminate for logged in users. It could also potentially allow remote code execution on FortiOS due to a failure to handle JavaScript href content properly. This would require an authenticated user to visit a specifically-crafted and proxied webpage.

If customers are running the following versions of FortiOS and have SSL enabled, it is definitley worth looking into updating your FortiOS in order to patch the above vulnerabilities:

  • FortiOS 5.6.3 to 5.6.7
  • FortiOS 6.0.0 to 6.0.4

Actions that you need to take, and how we can help

We here at Nouveau are doing our best to get in touch with our customers in order to notify them of these vulnerabilities. All of our FortiAssist customers are entitled to have the patches carried out for them right away as part of the service offering. Any customers who do not have a FortiAssist contract plan can also have the work completed for them, but there will be charges.

If you have any questions, or would like to speak to a member of our team, please do not hesistate to get in touch using the details below.

Telephone: 01189 699290

Email: hello@nouveau.co.uk

Proactive Managed Cyber Security Monitoring Service

Proactive Managed Cyber Security Monitoring Service

Proactive Managed Cyber Security Monitoring Service

A step forward for our proactive monitoring service offering

As compliance regulations and security standards steadily evolve, we here at Nouveau understand that all businesses, no matter their size, are beginning to require a proactive monitoring service that utilises an “eyes on” approach to detecting threats, mitigating the risks of a security breach. 

Due to the increase in demand for proactive monitoring services across the industry, Nouveau have decided to take a step forward from their already high-quality solution. From what was once integrated as part of our technical team, we have established a dedicated Advanced Monitoring Team that will control and oversee all aspects of proactive monitoring and SOC services. 

As part of our business’ growth and development, this is a huge upgrade in terms of ensuring that our services are delivered to the very highest standard. Dedicating a team to this task not only means more resources can be spent on managing this service and certifying that it is run to an unparalleled calibre, but also allows the technical team to focus on other aspects of their role to a better quality, with more efficiency and less disruption. This will, as a result, have an immediately positive impact on the way Nouveau functions as a business, and therefore will benefit all our valued customers. Our customer’s satisfaction is our top priority, and we are excited to be able to share this news with you. 

Business leaders, in a world of extremely high cyber security compliance standards, must show an attempt to mitigate risk to avoid security breaches. By providing an exclusive team for proactive monitoring services, businesses of all sizes will be able to make use of our service. As a result of making our SIEM service more scalable to customers of all sizes at an affordable price point, we hope our new team can help as many organisations as possible meet the increasing demands of compliance and protect their business. 

For more information, or if you have any general enquiries, please do not hesitate to contact the team using the provided details below. We are more than happy to help! 

Got any questions? Get in touch!

Amazon Prime Day – Staying Safe Online

Amazon Prime Day – Staying Safe Online

It’s that time of year again.

 

Amazon Prime Day.

 

Amazon’s yearly event plays host to a wide variety of excellent deals for televisions, clothes, smart home devices, cool gadgets and tech, toys and so much more. Millions of people flock to the website in order to catch themselves a bargain – but consumers aren’t the only people that love it.

 

Cybercriminals adore events like Prime Day, as they can guarantee that a huge number of people will be visiting certain sites at certain times, which means they have a larger selection of people to try and scam. As a spike in internet traffic to any site is a certain guarantee on special sales days, hackers know when and where consumers could be sharing their personal information.

 

Not to fear! Nouveau know all about how cybercriminals try to exploit events such as Prime Day and Black Friday, and the scams are relatively easy to avoid (if you know how to!).

 

It's the Amazon, but not the one we're talking about! Image

It’s the Amazon, but not the one we’re talking about!

A primary method that cybercriminals use in order to access payment information and account login details, is by using phishing emails. Cybercriminals can make an email look like it has come from Amazon themselves, using official branding, font types, specific deals and more in order to trick consumers into clicking the email and typing in their important information. This isn’t Amazon’s fault, however, and it happens to a wide range of different companies. It’s common place to find a phishing email in your inbox every now and then – they will always manage to find their way through even the most advanced mail filters – but if you know what to look for, they are easy to manage.

 

For this reason, we here at Nouveau recommend reading our 6 Tips and Tricks to Avoid Phishing Scams blog post, where you can find out the best ways to prevent yourself becoming a victim of cybercrime. We also suggest that you access Amazon’s site directly to shop for deals and treat all emails with caution in order to keep yourself safe. If you receive an email from ‘Amazon’ offering an awesome deal, head over to the site manually and search for the item yourself. That way you will know if the deal is real or not, and it’s always best to play it safe. Another tip is to change your password regularly, and if you have just bought something online, now is a better time than any to change it just for that peace of mind.

 

With practice, you can easily become a pro at spotting phishing emails. Just remember to read our blog to get yourself started!

 

For more information and tips and tricks about Cyber Security, visit out content hub or email us at hello@nouveau.co.uk.

More Posts

“Minimise your risk in the cybersecurity threat landscape” webinar

Cyber Security doesn't have to be all about the latest vendor buzzwords - it's not about scaremongering. It's about understanding the risks to your business and having the tools available in order to manage those risks. It is something everyone...

What Is Malware? – Frequently Asked Questions

Short for ‘malicious software’, malware constitutes any program or file that is harmful to a computer user. Malware is a blanket term for disruptive and damaging software, and covers many different types of threats to your computer safety; such as viruses,...

About the ‘Death of Windows 7’ and how it might affect your business

You may be aware that Microsoft has announced that extended support for Windows 7, Server 2008 and 2008 R2 will cease on 14th January 2020. In addition, Windows Exchange Server 2010 and Office 2010 will reach end of support on October 13th 2020. 2020 is...

Growing demands for proactive cyber security

As the threat of cyber incidents continues to rise for organisations all across the world, it is becoming more common to hear of reputable companies suffering from a wide variety of cyber attacks. IT depatments are now expected to run systems 24/7 x 365...


” I would like to take this opportunity to thank you for all the prompt assistance you provided us with during this project.

Could you kindly express our gratitude to your engineers for the excellent work they carried out for us. “

Farhad | London Borough of Hounslow

×


” Being responsible for IT in an organisation which is very tech dependant is a real challenge, especially having no formal IT experience myself.  Having the Nouveau team at the end of the phone is a real-life saver and I have needed a life line many times.  I most appreciate the accessibility, knowledge and friendliness of the team. “

Judith Ball | CFO | Aspen Worldwide

×

Euronics Logo
” The company I work for has been using Nouveau Solutions for the past 15+ years and I have had the pleasure myself to build up a good, close relationship with them for about 12 of those years.

Nouveau Solutions have dedicated teams for each different area that are made up of very knowledgeable technicians and engineers that specialise in their specific area of expertise. It is due to this that I always feel confident that Nouveau Solutions will be able to deliver us any IT services that we may request from them (there has been a lot over the years).

They have always gone above and beyond to deliver high quality professional IT services to meet any requirements that we throw at them within any timeframes that we may set.

On top of the ad-hoc IT services we request from Nouveau Solutions, they also monitor, manage, maintain and support some of our network infrastructure and have always been on hand to resolve any issues that may be noticed via their monitoring or raised by us within a timely manner.

We also purchase the majority of our IT equipment including hardware, software and licensing through Nouveau Solutions which is always at a reasonable price and always received within a timely manner.

Since day one of our relationship with Nouveau Solutions we have been appointed to the same one account manager which has allowed him to get to know our business very well. The service that has been provided by him to us has been nothing but exceptional. He always comes across as knowledgeable in any business discussions that we may have and has always been happy to take the time to communicate with us, make us aware of anything that we need to be aware of, or provide us with updates on anything.  I have always had the impression that his main priority is to ensure that we are happy with everything that Nouveau Solutions provides to us and he will do anything to ensure that is the case.

All in all, I have nothing but praise to offer for Nouveau Solutions and would highly recommend them to any company that was looking for an IT services company.  There are definitely no plans here to switch to a different IT services company for the foreseeable future.

Here’s to many more years with using Nouveau Solutions! “

Lee Burgess | IT Systems Administrator | Combined Independents (Holdings) Ltd

×


” Nouveau have been brilliant from start to finish – very professional and competitive with their service and pricing. We needed a large number of Firewalls to deploy across our global company over a very short time period and thanks to Jack’s excellent availability, Nouveau’s turn-around time was extremely swift, even with nearly no notice. Nouveau not only provided us with the hardware  – one of their competent technicians supplied us with some design work in the past to help with our data centre firewalls replacement project! Nouveau have been great to work with. “

Hassan Ashraf | IT Service and Infrastructure Manager | Everlight Radiology

×


” In the summer of 2017, I approached Nouveau in the hope of finding a competent partner that could help us through an upcoming hardware refresh. A priority of ours was to discover a local business (within 20 miles) that excelled and specialised in HPE, Dell, Fortinet and Microsoft/Office 365 as we planned to refresh our whole core infrastructure,. This included storage, infrastructure hosting and networking (core, access and perimeter) for our headquarters and our other branches. After an extensive phase of speccing, detail planning and quoting, Andy Swain and his team were able to offer a “spot on” solution for our demands with a very high cost/value ratio. This project led to a very open and trusting partnership with Nouveau and made them our No.1 partner within IT. “

Stefan Nader | Ensilica

×