Back
Cyber Security Training & Software for Companies | MetaCompliance

Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters

Back
Industry

Industries

Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 


Financial Services

Creating A First Line Of Defence For Financial Service Organisations

Governments

A Go-To Security Awareness Solution For Governments

Enterprises

A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives

Back
Resources

Resources

From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

Back
MetaCompliance | Cyber Security Training & Software for Employees

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Trick or Treat: Why CCleaner may not be all it seems!

blog-header

about the author

Share this post

News broke last month that hackers have successfully managed to breach the popular computer cleaning software – CCleaner.


Having found a backdoor into the software, cyber-criminals injected the application with Malware and distributed it to millions of users. For those not in the know, Malware is malicious software – the most popular type being the now infamous Ransomware. It refers to Viruses, Worms, Trojans, Spyware and other malicious programs. Once Malware is installed onto a device it can be used to demand money by locking the user out of their device or encrypting files, or it can run silently in the background collecting data and personal information. It can also be used to control the device remotely – as is the case with DDOS attacks.


According to Avast, CCleaner has been downloaded more than 2 billion times making it a prime target for cyber-criminals. The software was created to wipe out cookies and offer some web privacy protections. However, “For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner,” say security researchers at Cisco Talos.

Trick or Treat: Why CCleaner may not be all it seems!

Up to 2.27 million users downloaded the malware stricken software but Avast Piriform says it has eliminated the threat of the malware harming customers’ devices and compromising their personal details. “Piriform believes that these users are safe now as its investigation indicates it was able to disarm the threat before it was able to do any harm,” said an Avast spokesperson.

The particular strain of malware used in CCleanner appears to have been designed to remotely access infected devices and utilise these as part of a botnet whilst also sending information back to the attackers. It has been stated by Avast upon investigation that this was a targeted attack aimed at high-tech and telecommunications companies. The purpose of the attack was not to target consumers and their personal data but more so corporate networks and large enterprises. You can find a full list of affected companies here.

An unusual attack which we could see more of in future?

Trick or Treat: Why CCleaner may not be all it seems!


With CCleaner being such a popular software for users trying to keep their computers safe and virus free, hackers have taken full advantage of the inherent trust between software users and vendors. Many users’ automatically trust software vendors to provide virus free installation files and trust the servers delivering such software to provide updates which are also virus free and for the benefit of the device and its user. Now we are left wondering if we are to see an increase in compromised software for download.


The common advice amongst many vendors and cyber security experts alike is to download Anti-Malware and Virus protection software and continuously keep software updated to avoid an attack. But this is not the first time that software/updates have been compromised and injected with malicious code – and it is sure not to be the last. If past events have taught us anything, it is that hackers are consistently on the ball when it comes to new ways of targeting and luring users into trusting their scams. Earlier this year, Ukrainian company MeDoc was hacked and its update servers used to distribute the Petya ransomware. Hackers appear to be actively utilising these types of distribution platforms to more easily spread Malware. This is opposed to the traditional method of targeting individual machines. This is a trend we can surely expect to see grow over the coming months and years and one which we can assume many security researchers will be keeping a close eye on.


What do you think of the current state of cyber security? Are companies prepared enough to tackle these types of issues head on before they become a problem with worldwide effects?

Other Articles on Cyber Security Awareness Training You Might Find Interesting

duckduckgo vs google EN

DuckDuckGo vs Google – 5 reasons why you should give up using Google!

You were not aware that DuckDuckGo is a search engine? Well, now you know. Since its founding in 2008, DuckDuckGo has made it its mission to develop a search engine that does not store or share personal data, quite unlike Google. Google’s business model is based less on data protection and more on personalised advertising. Without the storage of personal data, Google would virtually lose the air it breathes. However, Google is still the most used search engine, and there are reasons for that. Google does have one weakness, however, and that is data protection.
Read More »
dataprotection vs informationsecurity EN

Information Security vs Data Protection

Is this an issue for our ISO or our DPO, or is it much the same in either case? Who exactly is responsible for this incident, and is there a need to report it at all? In order to discuss the similarities and differences between information security and data protection, the first step is to define the two areas.
Read More »