You may have heard the news that the immensely popular CCleaner disk cleanup tool was hacked. Most IT guys (and many consumers) have used CCleaner to free up disk space (combined with the third-party CCEnhancer, it can clean up a lot of extra files that standard window Disk Cleanup won’t get). That being said, if you’re running CCleaner 5.3.3, you are potentially at risk and it is recommended you upgrade (older versions and newer versions are not affected – the 5.3.3 version was available on their site for a month).
Managed patching services that make sure security patches to help protect you from these types of infections are installed properly and quickly.
A solid backup and business continuity device and plan in-place that protects your local and offsite backed up data and that alerts when backups show sign of malware.
All that being said, this is yet another reminder to be extremely vigilant about what links you click on and what emails you open. Even if you get an email and attachment from someone that you know, if you were not expecting it, contact that person and make sure it was sent by them. Also avoid browsing to sites you don't recognize or follow links that are unfamiliar.
If you have any questions or are interested in hearing about how CompleteCare can help protect your business, don't hesitate to contact us.
Even if you get an email and attachment from someone that you know, if you were not expecting it, contact that person and make sure it was sent by them. Many of these attacks utilize software that will attempt to impersonate an email user and send an email to everyone in their contact list.
Backups are still the best way to protect yourself. If you do manage to get encrypted with early variants of WannaCry, don’t reboot your computer as the recently-released Wannakey tool might be able to get the encryption keys. The early versions of the malware were poorly written and had a kill switch that slowed things down from becoming a lot worse than it was (new variants have since fixed those flaws).
A vulnerability has been discovered in Microsoft Word that could allow malware to get into your system. Microsoft is working on a fix or this, but for at least the next couple of weeks be especially vigilant if you receive a Microsoft Word attachment from someone that you don't know.
If you get a document from someone that you do know that you were not expecting, it is a good idea to check with them and make sure that they sent it. It only takes a minute to check versus the hours to clean up and the possible loss of data if something gets through.
This is a good reminder that it's a cruel digital world out there so definitely don't click on links or attachments from anyone you don't know, and view with suspicion any links or attachments from someone you do know that you were not expecting (especially those that are asking for you to pay an invoice or transfer money). WestonBlock and our antivirus software should block most of these but nothing beats plain old vigilance.
More technical info on the Microsoft Word vulnerability for those of you interested can be found here.
Don't hesitate to contact us at if you have any further questions.