January 2nd, 2014
Windows users have a tool included on their systems that sends a report to Microsoft any time an error occurs. This is to help Microsoft create patches and updates that resolve issues, but as Gregg Keizer of Computer World reports, these error reports are also helping hackers find vulnerable targets.
The problem with error reports is that they’re unencrypted. This means that anyone able to intercept that data on its way to Microsoft will be able to discover a wealth of information about the user and their computer. Information included in errors reports include what software is installed, what version of the operating system is running, the latest patches and updates installed, devices and peripherals plugged into the computer and reports on recent application and operating system crashes. This information has been described as “a blueprint” for how to attack a user and where security vulnerabilities exist.
The most common way to hackers to intercept this information is a ‘man in the middle’ attack, which allows a hacker to ‘sniff’ or monitor all activity conducted over your internet connection and steal any data transmitted.
A German newspaper recently reported that the NSA has already been stealing crash reports to make their attacks more intelligent. While this threat is unlikely to target too many individual users, businesses are certainly at a significant risk.
Windows sends error reports by default, but they can be turned off. Security experts, however, advise against this measure. The reason error reports are valuable to hackers is the same reason they’re valuable to your IT department. They highlight vulnerable areas of your network and help you patch them.
Instead of losing this diagnostic tool, improve it. Rather than sending reports directly to Microsoft, you can direct them to an internal server and encrypt the information before sending it on. This way, even if the report is intercepted, it won’t be able to be deciphered.
If you need to improve the security at your business, or have been the victim of a cyber attack and need help fixing the damage, call Geek Rescue at 918-369-4335.
January 2nd, 2014
Staying safe online requires the right security tools. It also requires the right knowledge of common threats. Knowing how criminals typically attack your computer educates you on how to prevent those attacks. Roger A. Grimes at Computer World published his list of the most devious attacks currently being used and how to protect yourself from them.
There a plenty of public places where people typically use free, public WiFi. Unfortunately, networks in places like coffee shops, libraries and airports are also common targets for hackers. They’re able to set-up fake wireless access points, or WAPs, that fool users. Users connect using a network with a believable name, but are actually giving a criminal access to all the data they transmit. This is an easy way for hackers to steal passwords, banking information and more. To protect yourself, be extremely wary of public WiFi. Don’t enter any financial information or visit any sites that require a password.
Cookies have been used by websites for years to make your browsing experience faster and more convenient. These text files store information so you don’t have to log-in every time you visit the same site, or otherwise streamline your experience. That information is dangerous if stolen, however. Hackers use a number of methods for stealing cookies. When they’re successful, they’re able to immediately gain access to certain sites and sometimes even gain payment information. Make sure that if you have cookies enabled, you’re only using HTTPS websites that use the latest encryption methods.
This is not only a common attack method, but also a simple one. Hackers use some social engineering to gain more downloads of malicious files and tempt more users to open those files. No one would want to download ‘malware.exe’, but when the file name is something more salacious or relevant to the user, many can’t resist. Some even use false file extensions to confuse users. The full file name may be ‘image.jpeg.exe’. The file is an executable application, not an image, but ‘.jpeg’ fools many users. To protect yourself, don’t download files that sound too good to be true and only download from trusted sources. If you aren’t expecting a file to be emailed to you, don’t open any attachments. Also, be sure to scan anything you download with your antivirus program before you open it.
Windows users have a DNS-related file named ‘Hosts’ in their ‘Drivers’ folder. Typically, there’s no reason for a normal user to interact with ‘Hosts’. It contains domain names that a user has visited and links them to their IP addresses. This is a way around having to contact DNS servers and perform recursive name resolution every time a popular site is visited. But, this opens the door for hackers to enter their own malicious entries into ‘Hosts’. By changing the IP addresses linked to common domain names, a hacker can redirect users to a spoofed version of a legitimate site. These malicious sites usually look very similar to the original, but are used to steal your data. This is a difficult attack to spot. If a site looks different than usual, avoid it. Don’t enter any information on a site that looks different than you’d expect. If you suspect you’re being maliciously redirected, examine your ‘Hosts’ file.
These are only a small collection of ways criminals can steal your data and infect your computer. For help improving your security, or fixing the effects an attack has had on your system, call Geek Rescue at 918-369-4335.
December 31st, 2013
If you use a smartphone or digital camera, you’re probably familiar with SD cards. They’re the small cards that store data using flash memory. For most users, they only think about their SD card when they’re transferring contacts to a new phone or removing pictures from their camera. As Stephen Shankland reports for CNet, however, a new technique exposed by security researchers has demonstrated how vulnerable SD cards are to “man in the middle” attacks.
A man in the middle attacks is true to its name. When data is transferred from one location or device to another, a third party intercepts that data in order to monitor, modify or copy it. This allows a criminal to gain access to valuable data like credit card information, or encryption keys. They could also substitute malicious files for trusted files in order to infect users with malware.
The vulnerability in SD cards exists in the cards’ microcontrollers. These are like built-in computers that manage the data stored on the SD card. By reverse engineering an SD card, researchers were able to install and run new firmware on the microcontroller then installed an application that would intercept data being sent by the device.
The specific attack used in the researchers’ demonstration doesn’t work for any flash-memory device because of variations in the microcontrollers, but this example exposes vulnerabilities for all devices using flash memory. This means similar attacks could be used to steal data from solid-state drives or eMMC storage for smartphones.
This is yet another example of the vulnerability of mobile devices. With millions of users and a general lack of security in place, mobile devices are an inviting target for hackers and new threats are emerging all the time. While this particular attack will need a change to the make-up of SD cards to close the vulnerability, other threats need only smarter user behavior. Remember that your mobile device faces the same risks as your PC and protecting it requires vigilance.
If any of your devices have been infected with malware, bring it to Geek Rescue or give us a call at 918-369-4335.
December 30th, 2013
The malware being used by hackers and their tactics are changing all the time. Throughout 2013, we’ve seen new threats emerge. Robert Lemos of Dark Reading lists some of the advanced attacks we saw in 2013 and how businesses should be changing their security infrastructure to protect against similar attacks in the future.
This form of ransomware began infecting users over the summer. Since then, it claimed an estimated 200-thousand victims in its first 100 days in the wild. Cryptolocker encrypts files stored on a user’s computer and demands a ransom before giving the key to decrypt. For businesses, educating users on how to avoid malware is imperative. Unlike some other forms of ransomware, Cryptolocker is not a bluff and will encrypt and destroy files if no payment is given. The best way to prevent that damage is to avoid malicious files from ever reaching your network.
This year, we saw more instances of attacks filtering through service and technology providers in order to reach their intended targets. This was demonstrated by the Syrian Electronic Army’s headline making attacks against the New York Times and other media outlets. In the New York Times attack, hackers tricked the domain registrar to transfer ownership of ‘nytimes.com’ to them. For businesses, this underscores the importance of selecting the right suppliers. Not only do you need to be wary of who you are working with, but you also need to be able to monitor them in real-time to stay ahead of any emerging threats.
Distributed Denial of Service attacks have been around for years, but 2013 saw them grow in size and scope and also become harder to recognize. Hackers use these attacks to flood websites and applications with requests, which either cause them to shut-down, or at least cause them to slow down and make it difficult to respond to legitimate requests. To increase the capabilities of DDoS attacks, hackers have begun to use reflection attacks, where mis-configured servers amplify the size of an attack. This is a threat that not only isn’t going away, but it’s increasing in frequency. Being aware of the capabilities of DDoS attacks and having a plan in place in case your organization is targeted is important.
These are threats that all businesses need to be prepared for and plan for. There are a number of ways to secure your organization, and each threat demands a different action.
For help with your company’s security, contact Geek Rescue at 918-369-4335.
December 30th, 2013
When shopping for a new computer, there are a lot of factors most users consider. The speed of the processor, the size of the hard drive and the amount of RAM included are common considerations. But, what about the specs of the monitor? A powerful computer is great, but you have to have a monitor that’s right for your uses. Whitson Gordon at LifeHacker recently published a list of things to consider when buying a new computer monitor. The key here is that no monitor is perfect for everyone, but you can find one that’s perfect for you by considering how you’ll be using it most.
For many consumers, the size of their computer monitor is like the size of their television, bigger is better. But, in reality, there is a point when it becomes too big. Consider where your monitor will be and what type of work space you have. Don’t get a monitor too big for the space or you’ll find yourself using it uncomfortably. If you prefer to use more than one monitor at a time, that should weigh on the size of each also. Bigger monitors also demand a higher resolution or you’ll lose image clarity. For example, a 23-inch monitor with a 1080p display looks great, but the same resolution on a 27-inch monitor is noticeably less sharp.
The panel technology your monitor uses is also important to consider. Most LCD monitors will feature twisted nematic panels, or TN panels. They’re cheap and standard and offer some great specs. The refresh rate is high so you’ll enjoy a great experience when gaming or streaming video. The biggest complaint against TN panels is that they don’t offer the most accurate colors and are distorted at certain viewing angles. Vertical Alignment, or VA panels offer the truest blacks and more accurate colors than TN panels, but still suffer from distortion at some angles. In-plane switching panels are the top of the line option. For still images, they’re easily the best choice with accurate colors and wide viewing angles. But, they have a relatively low refresh rate so they’re not for everyone.
This seems like a minor concern until you sit down at your computer in the middle of the afternoon and can’t see what you’re doing. Anti-glare coating reduces glare from light coming from behind you, but it also decreases the quality of the image on your monitor. It becomes a little more dull and fuzzy due to the coating. If you’re planning to keep your monitor away from windows where glare isn’t a issue, you don’t need anti-glare coating. But, in other settings it’s a must and a slightly diminished display just comes with the territory.
The stand that comes with your monitor is another often overlooked feature. A poor quality stand, however, could keep you from adjusting your monitor to a comfortable position. Again, it’s important to think about how you’ll be using your computer. Some stands can only swivel vertically, while others also swivel from side to side. Some even allow you to flip your monitor into portrait mode. Don’t pay for features you won’t use, but be sure to get what you need.
There are plenty more features one could consider before buying a monitor, but by researching these four, you’ll have a good start on finding the best monitor for you.
If you have an existing monitor that just needs some work, bring it to Geek Rescue or call us at 918-369-4335. We fix all types of hardware problems.
December 24th, 2013
The amount of malware for smartphones grew exponentially throughout 2013. Because of its open source environment and number of users, Android phones were targeted most. Now, it seems some of the same tactics used for years by cyber criminals on PCs are transitioning to Android smartphones. Satnam Narang reports for Symantec that scareware has been observed attempting to trick users into downloading malware to their devices.
Scareware is a common practice used by hackers. By using social engineering, a criminal convinces a user that they’re facing an impending threat and need to buy or download a product to protect themselves. Usually, the scareware scam involves telling users that there is a virus or malware on their device and offering to remove it.
The latest scam observed targeting Android users involves mobile ads. They claim the user’s device has been infected by a trojan called MobileOS/Tapsnake. Tapsnake is a legitimate threat to Android users that’s been around since 2010, but it’s used here only to make the scam seem more credible. The ads include a button that claims to install a security app on your phone or scan and remove this threat. In actuality, you’re downloading malware.
Avoiding this type of scam should be simple. First, no online ad will scan your device and alert you of any malware it discovers. But, some unsuspecting users fall for it because they’re extremely worried about threats to their smartphone. This particular scareware displays on any smartphone, however. So, even iPhone users will be alerted that their Android device is at risk.
If you encounter on of these ads and are concerned about your phone, run your existing security app or download a trusted one from the Play store. To avoid accidentally downloading a malicious app, never download directly from a website.
If your smartphone has actually been infected by malware, bring it to Geek Rescue or call us at 918-369-4335.
December 23rd, 2013
There are millions of Android users worldwide, but there are also plenty of annoyances that come with using an Android phone. Eric Ravenscraft at LifeHacker listed some of the most frustrating Android features and how to fix them.
Your smartphone’s battery dying in the middle of the day isn’t a problem limited to Android users, but it may be the one most complained about. As your phone gets older, the battery life tends to get worse. The obvious solution would be to buy a new smartphone. There are a number of newer options with either larger batteries or more efficient software that extends battery life. Not everyone wants to replace their phone just to get a longer lasting battery, however. And you don’t have to. You could also buy another battery instead. Either a second battery that you keep charged, or a larger capacity battery to replace your existing one. If you’d rather not spend any money, look at removing apps that cause the most drain, or download apps that help you control app’s battery usage. You can also disable bluetooth, GPS and WiFi capabilities when you’re not using them.
The apps and features that manufacturer’s load onto phones before you buy them are rarely useful. They’re referred to as bloatware or crapware by most and usually do nothing but take up space and resources. Unfortunately, you can’t always delete these apps, but you can disable them. Go to the app’s settings and you’ll find a ‘Disable’ button that will keep that app from taking up battery or updating. It will still take up storage space, however.
So many apps are using notifications now that it’s hard to keep up with all of them. If you’re tired of wading through social media, game and email notifications, check for a ‘Notifications’ setting on each app. It may be in the app itself or in the Android app settings. Turning off notifications also reduces battery drain. If you can’t stop the notifications through a settings menu, there’s another way for Android 4.1 and newer users. In your ‘app manager’, uncheck the ‘show notifications’ option and you’re done.
Fixing these annoyances will improve your experience with your Android smartphone. If you have more serious issues, like broken hardware or a malware infection, bring your device to Geek Rescue or call us at 918-369-4335.
December 23rd, 2013
Microsoft Security Essentials, which goes by the name Windows Defender for Windows 8 users, is built into the Windows operating system. It’s designed to give users protection from malware and other security threats, just as any antivirus or anti-malware application would. As Barry Collins reports for PC Pro, however, Security Essentials doesn’t provide adequate protection when compared to other antivirus options.
Security company Dennis Technology Labs tested nine security programs meant for use on personal computers on a machine running Windows 7. Eight of those tested detected and protected against at least 87-percent the malware samples used. Five security programs detected 98 to 99 percent of malware. Security Essentials protected against only 61-percent of malware threats.
These tests tell users that the free, built in option of Security Essentials can’t be relied on to keep your system safe from threats. According to Microsoft, it was never meant to be used as the sole security in place. Instead, it is meant to act in conjunction with other tools. With only 61-percent of malware detected, however, it seems unlikely that Security Essentials would be much help at all in assisting a more robust antivirus program.
Microsoft’s reasoning for not making Security Essentials a better security tool is sound. If every Windows user were able to use a free antivirus program that comes with their operating system, then all of them would likely use it and nothing else. That would eliminate diversity in the market, which would make it much easier for hackers to develop malware to specifically infiltrate systems running Security Essentials. With Security Essentials being viewed as an inferior tool, or at best a good assistant, users must decide on their own what third part antivirus program to put in place. Each of these has its own strengths and weaknesses and makes it more difficult to create malware that is capable of staying undetected for all users.
Though the thinking may be sound, Microsoft needs to do a better job alerting users about the nature of Security Essentials. Too many computers are using it as their primary antivirus protection, which leaves them incredibly vulnerable to attack. If you have no other security tools in place on your PC, look into trusted names like Norton and Kaspersky immediately.
If your computer has been infected by malware, bring it to Geek Rescue or give us a call at 918-369-4335.
December 20th, 2013
Security researchers have reported previously that hackers and some forms of malware can claim control of your computer’s webcam. In some instances of ransomware, the webcam is used to capture an image of the user in an intimidation attempt. In other cases, the webcam can be used without the users knowledge to spy on unsuspecting victims. Lucian Constantin of Network World reports that users with older Macs are particularly susceptible to this form of cyber attack.
On iMac and MacBook computers manufactured before 2008, first generation iSight webcams were used. These webcams have their LED light, which indicates when the webcam is in use, linked directly to the image sensor. When the LED is on, it means the webcam is capturing images, but hackers have found a way to alter the webcam’s firmware so the light doesn’t come on while the camera is active.
Not only does this allow spying on users without their knowledge, but being able to modify the webcam’s firmware also allows for malware to infect a Mac from a virtual machine. To do so, hackers would need to reprogram the webcam to act as a keyboard.
To defend against this type of attack, an extension could be created that blocks certain USB device requests. With a defense such as this in place, a hacker would need root access to alter the webcam’s behavior.
The most impenetrable defense would need to come in the form of a hardware redesign of the camera itself, which would make it impossible to disable the LED indicator. Researchers have already sent suggestions to Apple, but have yet to hear back.
Users who have an older Mac computer can take one easy precaution to prevent spying. That’s put tape, or a bandage, over the webcam. This doesn’t prevent malware infections, however that type of attack is extremely rare, at least for the time being.
If your device has been attacked or you’d like to improve your security, call Geek Rescue at 918-369-4335.
December 20th, 2013
The update for Windows 8 has been available for about three months. Some of the new features are obvious, like the re-inclusion of the ‘Start’ button. But, as Ciprian Rusen of LifeHacker writes, there are a few interesting features that aren’t so evident. Not all of these are changes for the better, but all affect the way you’ll use Windows 8.1.
One of the biggest advances within Windows 8.1 is the ability to block the data apps from the Windows Store have access to. You can prevent apps from accessing your name and location. You can also turn off the advertising ID so you don’t get personalized ads using your information. Best of all, you can limit what apps have access to your microphone and webcam.
A virtual private network, or VPN, is a powerful tool for keeping your data safe when surfing the web. It’s particularly useful when you’d otherwise be on an unsecured connection like public WiFi. Windows 8.1 offers better support for VPNs than any previous version of the operating system. There are a number of new customization options when setting up your VPN and even included support for certain providers. Windows will even prompt you to sign into your VPN when an app attempts to access information best accessed over a secure connection.
Part of the updates included with the jump to Windows 8.1 was an update to Internet Explorer that introduces Reading Mode. Load any page with IE 11 and you’ll have a Reading Mode icon in the address bar. Using it will reload the page without distracting elements like ads to allow you to easily read the content you came for.
- No Right-Click From Networks List
In Windows 8, users could right click on a Network and access customization options for that network connection or even use the ‘Forget Network’ option to remove the connection for the list. In Windows 8.1, this capability has been removed. Customization options for network connections haven’t been removed, they’re just more difficult to access.
- SkyDrive Unavailable Offline
SkyDrive and Windows 8.1 have already had their problems, as reported by many users. A planned change with this update was to make SkyDrive documents only available with an internet connection. Files aren’t fully downloaded to your hard drive, so you’re only able to access them from the cloud with an active internet connection. A new column in the SkyDrive folder, called ‘Availability’, tells you if a file is ‘Available offline’ or ‘Online only’. This change is intended to help tablet users and those with very little available hard drive space. For those with more available space that want to avoid this irritation, changing the default to allow all files to be accessible while offline is easy to do through the ‘Settings’ menu.
Whether you’re running the latest version of Windows on a new PC or using an older computer, Geek Rescue has you covered for repairs. Whatever the problem you’re having is, call us at 918-369-4335 and we’ll fix it.
