April 25th, 2014
There have been plenty of warnings about malware targeting Android devices. The Android operating system, due in large part to its open source nature, has been plagued by security threats at a much higher rate than Apple’s iOS. Still, there’s never been a documented trojan capable of sending premium SMS messages victimize users in the United States. As Adam Greenberg of SC Magazine reports, a trojan known as FakeInst has now done just that.
FakeInst isn’t only capable of sending text messages that cost users money. It’s also able delete messages, steal them and respond to contacts.
Users in the US also are far from the only victims of the SMS trojan. In all, 66 countries have been affected, including Canada, Mexico, France, Spain and Italy.
Unlike some other more malicious threats that infect devices through no real fault of their users, FakeInst has a specific infection method. A phishing website is set up that attracts users who are on their Android smartphone looking for pornographic content. The site asks visitors to download an application. After installing the application, the user is then asked to send a text message to a service to access content. These actions allow the trojan to infect the device and decrypt the necessary information needed to take over SMS capabilities.
This ends with the malware sending premium text messages that cost about $2 each.
Researchers have tracked the trojan to Russian origins, where the first reports of infection were found.
Thankfully, for most users this threat is easy to avoid. Don’t install apps from outside of the official Google Play store and certainly don’t download apps from less than reputable websites.
If your smartphone or other device has been infected by any type of malware, bring it to Geek Rescue or call us at 918-369-4335.
April 24th, 2014
How can you be sure that an email from your bank is what it claims to be? That’s a vital question in the wake of news that the latest spam and malware threat commonly springs from emails resembling messages from banks such as Wells Fargo and Lloyds Bank. Malcolm James of the All Spammed Up blog reports that the way malware is hidden in these spam messages and the way it then attacks your machine is troubling.
The emails come with an attachment. This attachment actually features another file within it, which contains malware. It’s a bit confusing even to write, which means it’s difficult for spam filters and antivirus tools to catch. Users will see a .ZIP file that claims to be a secure message from the bank and even features password protection. When opened, however, the user’s computer is attacked by the Upatre Trojan.
Upatre is the root of the problem, but it doesn’t do any real damage itself. It’s job is to communicate with the attacker and download more harmful malware to your system. The Zeus banking trojan is the first malware to download. It’s designed to steal your online banking log-in credentials. The Necurs malware is also downloaded, which is able to attack and disable security tools. This allows for a load of other malware to infect and attack your machine.
While many attacks of this nature are centralized overseas, the use of Upatre targets the United States almost exclusively. About 97-percent of recorded attacks using the trojan have targeted American users.
One of the issues with this style of attack is that users may not know they’ve been infected with anything for some time. Considering banking passwords are at stake, that’s an extremely dangerous risk.
To stay safe, users must resist the urge to open suspicious looking emails. An email from your bank may not seem suspicious, but remember that banks and other legitimate businesses likely won’t attach a file to an email unless they’ve told you ahead of time what they’re sending. If you have questions about an email, call your bank directly and ask them rather than risking malware infections.
If your computer or other device has been infected with malware, call Geek Rescue at 918-369-4335.
April 24th, 2014
Wireless networks are everywhere and are responsible for keeping our most used devices, like PCs, smartphones and tablets, connected to the internet. They’re far from perfect, however. A WiFi network is generally slower and less stable than hardwired connections to your modem. But, as noted in a video recently posted by Techquickie to YouTube, there are a few ways to improve your wireless network. Some of these tips require the purchase of additional hardware, but here are the absolutely free ways to improve your network.
- Find the right spot for your router
Surprisingly, making your network reach the entirety of your home or office could be as easy as moving your router. There are a number of factors that contribute to limitations to the size of your router’s range. First, understand that the coverage area is sphere-shaped. Placing your router close the center of your home will give you a better chance of covering all of it. Putting a router on the floor, or next to thick walls and thick objects, particularly those made of stone, metal or concrete, greatly reduces the coverage area so try to avoid those while finding an ideal spot.
Software and firmware updates are vital to patch security vulnerabilities, but can also be helpful in improving your router’s coverage area. To check for the latest updates, just go to the manufacturer’s website. For example, the Linksys website has a ‘Support’ section with updates for all of their products.
Regardless of your router’s manufacturer, you should be able to switch between channels. If you’re using a 2.4 GHz band router, you’ll want to use channel 1, 6 or 11 because these are the only usable, non-overlapping channels. Deciding between these three depends on the other routers in use in the area. For example, if you have neighbors on each side and one uses channel 1 and the other uses channel 11, you’ll want to use channel 6. Unfortunately, it doesn’t always work out so cleanly. In addition to other networks, things like baby monitors and cordless phones contribute to interference. You can either use trial and error to find the best network for your area, or look for available tools and mobile apps that show you the other networks in use.
If these tips don’t work, you’ll probably need to add or upgrade hardware in order to improve your network. A new 5 GHz router, if your devices are compatible, will greatly improve your connection speeds. Other options include adding a new antenna or repeater.
If you’re having trouble with your network and need to fix your router, modem or other hardware, call Geek Rescue at 918-369-4335.
April 23rd, 2014
SQL injections are a popular form of attack that exploits vulnerabilities in applications. This type of attack commonly targets web applications used by companies and, as Kelly Jackson Higgins of Dark Reading reports, it can take months to discover the attack and mitigate it.
Over the past year, SQL injections have been discovered at 65-percent of organizations polled. This is a common form of attack that can be used on networks of any size, from businesses large and small to even homes. On average, these attacks take 9-months from the time the attack occurs initially to the time a company fully recovers. Much of that time, about 140-days on average, is spent not knowing the SQL injection is even taking place. In fact, nearly half of companies that have been the victim of these attacks say it’s taken a minimum of 6-months to detect them.
The respondents in the study were made up of 595 IT professionals working for both commercial and government organizations in the US. The issue, it seems, is that most businesses don’t test third party applications for potential vulnerabilities. Considering the vital nature of third party applications for many businesses, this is a costly misstep. Many businesses also continue to rely on signature-based security. This leaves them vulnerable to attacks that have not yet been spotted and categorized. For cutting edge and more intelligent attacks, a shift to behavioral analysis based tools is needed.
Making matters worse is the growing trend of mobile devices using a company’s network. Many of the surveyed IT professionals agreed that these devices made it harder to find the source of the SQL injections.
SQL injections are a real threat and while more and more businesses are aware of them, more needs to be done to protect against them.
For help protecting against costly attacks on your network or recovering from one, call Geek Rescue at 918-369-4335.
April 22nd, 2014
At the end of March, HTC released their latest flagship smartphone, the HTC One M8. Leading up to the release and in the weeks since, the device has earned rave reviews for a number of innovative features and high quality specs. But, it’s not perfect, as no smartphone could be. At CIO, Al Sacco explained his biggest beefs with HTC’s offering.
The first feature that sticks out about the One M8 is that it uses dual lenses on its rear-facing camera. HTC calls it “UltraPixel” technology. The two lenses are expected to accurately calculate the distance of subjects in order to yield better images. In reality, bright light environments result in washed out colors. Combined with the lower than expected 4 MP, the One M8’s camera is a definite disappointment.
The One M8 comes with a bundle of software that gives the device a number of features that sound great on paper. In practice, many users find them cumbersome, annoying or useless. HTC Sense features include gesture based commands and a home screen panel designed to deliver interesting information. In most cases, these features feel gimmicky and actually inhibit users from accomplishing their tasks.
The fact that the One M8 features memory card support is noteworthy. With a capacity for microSD cards up to 128GB, users are able to add plenty of space for nearly any application. The execution of this memory card support is lacking, however. Specifically, the only way to open the slot to add or remove a memory card is with a small tool that comes with the phone. This is limiting for a mobile device that might not stay close to the tool at all times. It’s also extremely easy to lose or misplace the tool, which means you’ll be left prying open the memory card slot with a paper clip.
This final complaint isn’t about the actual smartphone at all. Instead, it focuses on the highly publicized Dot View case, which has appeared in most of the advertising for the One M8. Some readers will immediately see the case’s display as similar to a Light Bright. There are small holes that display lights of different colors to allow users to check the time, get notifications and even answer phone calls without opening the case and turning on the screen. Again, on paper this sounds great. The problem is how cheap the case feels. At a retail price of $45, that’s unacceptable. It’s also awkward to use and keep open when you actually want to use your phone. Since it doesn’t do anything revolutionary, considering most smartphones display similar information on their lock screen, this case certainly isn’t a reason to purchase the device.
These flaws don’t necessarily mean that the HTC One M8 is not right for some users. No smartphone is perfect, but it’s best to understand the positives and negatives before hitching yourself to your next phone.
Regardless of the make and model of your smartphone, Geek Rescue is here to fix it when it breaks. When you have issues with any of your devices, come by or call us at 918-369-4335.
April 18th, 2014
Microsoft released an extensive update to Windows 8 in the fall, which, while useful, also confused many users. At the beginning of the month, Microsoft released their second significant update for Windows 8. This time, it’s quite a bit less robust than Windows 8.1 so they simply called the new iteration Windows 8.1 Update. Again, this update is useful, particularly for desktop users, but it takes some time to get accustomed to. At Information Week, Michael Endler published usability tips to help users acclimate after updating.
There are a number of new features and options, but some will be hidden and unused the first time you boot up Windows 8.1 Update. Head to the ‘PC Settings’ menu, which can be accessed a number of different ways. Some key options to consider include the ‘Corners and Edges’, which includes the new feature to pin Windows apps to the desktop taskbar. Also, ‘Search and Apps’, which allows you to adjust which programs open which file types. You can also manage storage space from ‘PC and Devices’ under “Disk Space”. You’ll be able to uninstall apps, sort installed apps by size and empty your recycle bin.
Windows 8.1 allows users to search for files and apps in a number of ways, but Windows 8.1 Update adds an obvious search field to the Start screen’s top-right corner. The search function itself is finicky, however. For example, you’ll need to know what specific app titles are when you search for them, or your search won’t reveal them. Searching for “Pictures” won’t allow you to find the “Photos” app.
As the updates for Windows 8 have rolled out, users have been able to pin more and more to their taskbar. This is a useful feature that users clamored for, but it opens the door for overuse, which actually hurts usability. Not only will your pinned apps appear on the taskbar at all times, but open apps appear there also. If the number of apps on the taskbar gets too large, you’ll have a hard time finding what you want, which defeats the purpose of pinning apps in the first place.
To make the use of tiles more appealing to desktop users, Windows 8.1 Update includes the ability to right click to change the settings of tiles. Resize, unpin, uninstall and more are available from a menu when users right click on a tile. Also, adjust the way apps are displayed by visiting the ‘Tiles’ section of the Settings menu.
Installing new apps from the Windows Store doesn’t automatically add them to the Start screen or taskbar. You’ll be able to see them in the ‘All Apps’ view, but some users have struggled to find apps they’ve recently downloaded. Windows 8.1 Update includes visual notifications that help. When an app finishes downloading, users will see a notification in the top right corner and another “new app” notification will remain in the bottom left until the app is opened.
These tips will help you transition to Windows 8.1 Update by customizing it to your liking and avoiding potential problems.
Anytime you’re having computer issues, call on Geek Rescue for help at 918-369-4335.
April 17th, 2014
Cloud computing has experienced monumental growth and adoption in the past year. If your business hasn’t incorporated some cloud services into your infrastructure, it likely will be doing so soon. But, not everything you hear about the cloud is gospel. Michael Brown of MSP Mentor explains three “half-truths” about cloud computing that you should understand.
Reading some of the recent headlines touting the cloud’s power, you might think that your business should move entirely to the cloud. But, the truth is that not every application is appropriate to be integrated with cloud computing. Many businesses will likely be expanding their use of the cloud and making it an essential part of their IT infrastructure, but a hybrid model that uses both the cloud and more traditional methods will likely become the new normal.
- The cloud is for cutting costs
Let’s be clear. The cloud is capable of significantly cutting costs for any size of business. Reductions in spending on hardware alone make the cloud one of the most effective cost cutting tools available. But, to sell the cloud as only a money saver is selling it short. The cloud is also able to expand your company’s capabilities and improve on current methods. With enhanced mobility, easier collaboration and always available scalability, the cloud far exceeds its price tag.
- Every cloud is created equal
To most business owners, cloud providers are all offering the same product. In actuality, cloud service models vary from provider to provider. Despite the fact that each likely offers solutions for file sharing, remote computing and data storage, the subtle differences are important to take note of. The way a cloud service integrates with existing applications and other cloud services is important to understand before integrating a cloud into your business. For this reason, carefully consider and plan for how you want to use cloud computing so that you can match your needs to a provider who’ll be able to fit them.
Cloud computing is a powerful tool capable of transforming many aspects of your business.
If you’d like to explore cloud solutions for your company, call Geek Rescue at 918-369-4335.
April 16th, 2014
Users of Android smartphones are already at a significantly higher risk of malware infection than their iPhone counterparts. Experts, however, are warning of even more threats coming throughout 2014. One of those threats has already been identified and has infected millions of devices. Chris Smith of BGR reports on the Android malware threat called ‘Oldboot’ that is also being referred to as “the biggest threat to the operating system to date”.
Oldboot is capable of installing malicious apps on a device and can even remain hidden from detection or “fight” antivirus apps by modifying or uninstalling them. But, what makes it so dangerous is Oldboot’s ability to re-infect devices even after seemingly being removed. This malware is stored in the memory of devices and alters booting files. Infected devices then re-install malware in the early stages of their restarting process.
Oldboot is referred to as advanced malware because it has so many capabilities. It’s able to send text messages from a user’s device, modify the browser’s homepage, launch phishing attacks and more.
Perhaps the biggest problem is very little is known to date about what specific Android devices are at risk or even how devices are infected. Most Android malware infects devices through malicious apps. Occasionally, these malicious apps find their way into the official Google Play app store, but more often they’re downloaded from an untrusted source.
Other dangers include malicious text messages and emails and malicious websites visited on your smartphone.
If you think your device has been infected by any form of malware, bring it to Geek Rescue or give us a call at 918-369-4335.
April 16th, 2014
It’s no secret that malware is an ever-present threat to internet users. It’s also no secret that while defenses against malware are steadily improving, the number of malware being produced and its capabilities are growing. A recent study released by security firm Panda Labs confirmed the growing threat of malware, as Tony Bradley reports for PC World.
In their 2013 security report, Panda Labs found that about a fifth of the malware that exists was created last year. That speaks to the rapid growth of malware production. In 2013 alone, 30-million new threats were created, which breaks down to about 82-thousand per day.
Of these newly minted threats, about 70-percent are trojans, which are particularly troubling forms of malware capable of mining data and even controlling an infected computer while staying hidden from users and security tools. Total, Panda Labs discovered more than 20-million trojans. The rest of the malware was made up of a combination of worms, viruses and adware or spyware. Trojans were also responsible for the most successful infections and accounted for almost 80-percent of infections in 2013.
In terms of application vulnerabilities, Java was to blame for the most attacks. Exploits on a security flaw in Java led to successful attacks on Twitter, Facebook, Apple and Microsoft.
With so many forms of malware around, it’s amazing users aren’t victimized more often. Most users aren’t infected by malware often, but even becoming the victim of malware once each month would mean you avoided all but .0001 of all new threats. Given these statistics, it’s clear why experts warn that there’s no such thing as perfect security.
Panda Labs also agreed with the consensus that in the mobile world, Android is the most popular target for malware producers. They also sent a warning to users that more targeted attacks aimed at stealing data would be coming this year.
Users who are unprotected by security tools like antivirus programs run a significantly higher risk of becoming the victim of an attack. This could lead to the harm of your computer and the theft of your data.
For help securing your computer or recovering from an attack, call Geek Rescue at 918-369-4335.
April 15th, 2014
Spyware has been a problem for internet users since the mid-90’s. Software that is able to gather information, or spy on a user, without their knowledge falls under the umbrella of spyware. In 2007, an estimated 850-thousand computers in the US were essentially rendered inoperable by spyware, according to Consumer Reports. Since then, spyware hasn’t become less of a problem, but there are better ways to protect yourself from it. Steve Bell of the BullGuard blog has some tips.
First, it’s important to understand the typical ways spyware gets onto your computer. The most common method is to piggyback on other programs you download. For the most part, free software is free for a reason. While the spyware included might not be malicious, it is still not something you’d volunteer to have on your machine. Some software installation methods will let you opt out of additional programs and spyware that’s included, but others install it automatically.
In order to stay safe, it’s important to be careful about anything you download. Spyware can also stem from spam emails, links and advertisements. There are a number of antivirus tools that also protect you from spyware. There are even some legitimate, dedicated anti-spyware tools, but be careful. There are plenty of programs claiming to be security programs that are actually malware or spyware themselves. Not only will these programs infect your computer, they won’t offer you any protection at all from other threats.
If you’ve already been infected, or if you’re not sure, Windows users can head to the Control Panel and check the list of installed programs. If you don’t recognize some of the programs listed, there’s a chance they’re spyware. Before uninstalling, you might want to do some additional research.
Unfortunately, not every piece of spyware installed on your computer will always show up this way. Some can even convince you that it has been uninstalled but actually remain in operation. For these particularly nasty cases, you’ll have to rely on a trusted security application. They’ll be able to recognize the common characteristics of spyware and either block it before it is installed, or help you remove it.
If your computer is infected with spyware, malware, viruses or you’re having other issues, call Geek Rescue at 918-369-4335.
