August 13th, 2014
In the past, most forms of malware would not run on virtual machines, which was a way to avoid detection and study. That now seems to be changing, however. Jeremy Kirk reports at Computer World how malware has changed its tactics and why malware producers are now interested in infecting VMs.
To understand the reasoning behind wanting to infect VMs, you only need to understand that most malware is created to infect as many users and environments as possible. If there’s a limitation that the malware won’t run on VMs, that greatly limits the potential for infection. This is particularly true with VMs becoming more typical in many businesses’ infrastructure.
Instead of ceasing operations on VMs, malware now is being produced with the goal of moving from a virtual machine to its host server, which could then give it access to many more environments.
Malware is typically easy to detect if it begins executing immediately after being downloaded, however. So, to avoid detection on VMs, malware comes with a delay. Before decrypting and launching their payload, malware waits a few minutes, or until a specified number of left mouse clicks are made by the user. This is usually enough time for security programs to label the file as harmless and move on.
Over the past two years, security firm Symantec studied 200-thousand samples of malware and found that only 18-percent stopped working on a virtual machine. While this does introduce the possibility of malware spreading from VMs to servers, it also creates an opportunity for researchers. Now, they’ll be able to study malware in a detached environment.
Unfortunately, since 18-percent of malware still disappears on a virtual machine, hardware is still needed to be sure that all infections are found.
For help removing malware from your devices, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 12th, 2014
Have you ever thought that Facebook would look better in a different color than the traditional blue? Many users have had that thought and have attempted to add a Facebook app to their profile that would allow them to change the color of their personal Facebook experience. As Dave Smith reports for Business Insider, the Facebook Color Changer app is malware that sends everyone who clicks on it to a phishing website.
More than 10-thousand users have reportedly been affected by the color changer app. Users who click through to the malicious phishing site have their Facebook logins stolen so the scammers can spam their friends with more fake offers.
Additionally, some users have reported that the website they’re directed to also asks them to download other files. Differing reports say users are directed to download a video or another app. These files are also malicious but so far it’s unclear what kind of damage they’re capable of.
If you’ve mistakenly added the color changer app to your Facebook profile, or any other app that you need to remove, you can do so by visiting the Settings menu. That’s the one with the small lock icon in the top right corner. From there, click on ‘Apps’ in the menu on the left and find the apps you want to remove in the list. Click the ‘X’ by the app name and it will be removed.
In the case of the color changer app, you’ll also want to run a full virus scan of your computer and change your Facebook password.
If you’re still interested in changing the color of Facebook, there are more legitimate ways of doing it. If you’re using Chrome there are add-ons available that can change Facebook’s color scheme. Always do some research before adding extensions or apps of this nature, however, as they’re ripe targets for scams.
If your computer, or other device, has been infected with malware, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 11th, 2014
Having your smartphone stolen is bad news for a number of reasons. Beyond the fact that you now have to replace your phone, you also run the risk of having valuable data stolen from it. Texts, pictures, passwords and other files are all vulnerable when your smartphone is stolen or even lost. But, there are ways to protect your data before this scenario plays out. At Gizmodo, David Nield explains a few methods for securing your smartphone’s data so a thief can’t access it.
Every smartphone includes the option to lock the screen, but an estimated half of users don’t use any type of lock function. This becomes especially problematic when your phone is stolen, or you just leave it behind or unattended for a few minutes. Many users are reluctant to put a lock in place because they don’t want to have to enter their PIN each time their screen goes to sleep. But, for Android users, there are apps available that only put locks in place when you leave your house or workplace. Or, you could use a lock pattern instead of a number combination. Anything is better than leaving your phone completely vulnerable.
Much like lock screen functions, remote features that both wipe your smartphone’s data and locate the device are available to all users. They just need to be set up or activated. Unfortunately, many users either don’t know about them, or fail to activate them before they need them. Apple, Android and even Windows phones all have the capability to be remotely wiped and located in the event they’re lost or stolen. Do some research and make sure you’re prepared with your device.
Keeping strangers from poking through your phone is half the battle, but the other half is getting that data back. If you regularly create back-ups of your most important files, you’ll never have to worry about losing them. This comes in particularly handy if you find yourself needing to remotely wipe your phone. You can do so even if you’re not positive it’s been stolen because you’ll have back-ups of everything readily available.
It’s also a good idea to change passwords on accounts you have an app for, like social media or banking apps, to keep strangers out. You can also look into two-factor authentication to make accounts safer, but that won’t help as much in the event that someone else has control of your device.
If you need help securing any of your devices, or your having other issues with them, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 8th, 2014
Earlier this year, malware called Lurk was discovered infecting users with vulnerable versions of Adobe Flash. That same malware continues to count victims, but has altered its tactics slightly. At Dark Reading, Kelly Jackson Higgins reports how Lurk is embedding malicious code inside an image to infect users.
Steganography is the term used to describe this type of attack and it’s one that’s well-known in the intelligence and security community. In this particular scheme, iFrames on websites are used to infect users with security flaws in their version of Adobe Flash. This would be users who haven’t updated recently. Popular and legitimate websites were used to spread this malware. Rather than downloading a malicious file, which can be easily spotted by antivirus programs, Lurk is downloaded as an image with malicious code embedded within it.
Experts say this method isn’t complex, but because it’s difficult for security applications to spot it, it can be extremely effective. Attackers using this scheme have reportedly infected 350-thousand users over just a few months and netted hundreds of thousands of dollars in profit.
The profit comes in the form of click-fraud. The image file that a user unknowingly downloads contains an encrypted URL, which is used to download more files. Those are used to earn clicks on ads and websites that in turn make the attackers money.
The Lurk attack remains active and experts believe steganography will be used in more attacks in the coming months. To protect yourself, make sure to update and patch all programs, especially Adobe Flash, each time an update becomes available.
If you’ve been the victim of an attack, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 7th, 2014
Last year around this time, the media was buzzing about the impending reveal of the latest iPhone, the 5S. This year, Apple seems to be following a similar schedule and is set to reveal details of the iPhone 6 in about a month. While no one knows for certain what details the iPhone 6 will feature, there are some educated guesses available. At Gizmodo, Adam Clark Estes lists what you can expect the newest iPhone to include and when you can get your hands on it.
It seems fairly obvious that the newest iPhone will be dubbed the iPhone 6, but this year’s release is a little different than in the past. Apple is reportedly planning to unveil two models of their latest smartphone at the same time. Each will have a different size, a 4.7-inch screen and a 5.5-inch screen, so it’s unclear how they’ll be named. One popular guess is that the smaller display version will get the name iPhone 6, while the larger display, which could also include beefier specs, will be called iPhone 6 Air.
Remember when smartphones began using Gorilla Glass for their screens and you were told that it could withstand anything and wouldn’t shatter? Turns out, as evidenced by everyone’s cracked iPhone screens, that wasn’t the case. Now, a new, sturdier alternative is available for smartphone screens. It’s called sapphire glass and Apple has already invested in it heavily so it seems clear that they plan to use it in their devices soon. It’s reportedly stronger than steel and harder than Gorilla Glass, which is supposed to make cracked screens a thing of the past.
The fact that the battery will be improved in the iPhone 6 seems like a foregone conclusion, but the question remains just how much of an upgrade Apple will make. The iPhone 5S lags far behind the batteries featured in other flagship smartphones like Samsung’s Galaxy S5. The likely conclusion is that even the iPhone 6’s battery will fail to meet that lofty standard. It’s likely that the smaller iPhone 6 will get a slight bump in battery capacity, while the larger model gets a more significant increase, but stays far from the top of the line battery seen from other manufacturers.
With the release of a new smartphone also comes the release of the latest operating system, iOS 8. There’s far more known about the newest iOS than there is about the iPhone 6 because its been made available to many in the media already. The look and feel is largely the same as iOS 7, but there are some interesting new features including HealthKit, which can sync with wearable devices and deliver in-depth information about the user’s health. There are also improvements with the Camera app, continuity between devices and compatibility with third-party keyboards.
The estimated cost of the iPhone 6 models can only be based on previous releases, but Apple has generally stuck to the same ballpark upon release. With 2 models available, especially with one featuring the large screen users have been asking for, it’s likely that the 5.5-inch model would start at about $300 with contract for the smallest hard drive. The 4.7-inch model would likely be about $200 for a similar hard drive. The release of the iPhone 6 will also bring down the cost of previous iPhones, however, so if you don’t need to be on the cutting edge, you could get a great bargain. The iPhone 5S will likely drop to $100.
The public will get their first official look at the iPhone 6 on September 9th, with the first opportunity to buy expected to be around September 19th.
At Geek Rescue, we fix smartphones of any make and model. If you’re having issues of any kind, call us at 918-369-4335.
And for your business solution needs, visit our parent company JD Young.
August 4th, 2014
An initiative in New York City would turn largely abandoned pay phones into WiFi stations to supply residents with free internet access. On the surface, this seems like a great deal, but there are inherent security risks connected to a free WiFi network. At Computer World, Evan Schuman discusses the potential dangers of a city-wide WiFi network and some dangers to be aware of for free WiFi in general.
The first aspect of such a network to be concerned about is who is providing it. Among the vendors that were invited to bid on New York’s proposed project were companies notorious for using and selling their users’ data, including Google. With no limitations in place, the vendor supplying these WiFi stations would be able to track users’ locations, what devices on the network are being used for and potentially even what is being transmitted over the network. All of this available data would likely be used or sold for advertising. But what happens if someone besides the vendor wants to steal this data?
In a city-wide WiFi network, users would never know who else was connected and positioned to steal anything transmitted over that network. For the same reasons that its dangerous to send important emails or make online payments in a coffee shop, it would be inadvisable to use a city-wide WiFi network for anything beyond casual web surfing. Even logging into social media sites could lead to attacks or hacks down the road.
Now think of these issues from a business viewpoint. Many employees are walking around with sensitive data on mobile devices. This company data becomes extremely vulnerable on an unprotected wireless network. This proposed network in New York, which other cities across the US are also considering, would be largely unprotected because it would be free to anyone, regardless of device or service provider.
There are options for security, even when connecting to a vulnerable network. Most notably, VPNs, or Virtual Private Networks can be used to keep other users from accessing your data. For Apple devices, the next operating system, iOS 8, is rumored to include security features to keep users safer on public WiFi. Still, there are plenty of concerns.
For help securing your own wireless network or device, or to recover from an attack, call Geek Rescue at 918-369-4335.
For business solution needs, visit our parent company JD Young.
August 1st, 2014
Waiting for a website to load is frustrating, which is why web browsers use a cache component. The cache stores bits of information from websites you’ve visited in the past so it can load them locally, rather than having to get them from the server again. However, using the cache isn’t always in your best interest. If a website has updated since you last visit, your cache may be loading an outdated version, or be unable to load the page completely. To prevent these cache errors, it’s recommended that you regularly clear it, as well as your cookies. A post at the Stott blog explains how to go about clearing your browser’s cache. Here are the details for the most popular browsers.
With IE open, click the gear icon in the top right corner. Then, find “Safety” in the menu and select “Delete browsing history”. This will bring up a window with a number of options. For this particular task, uncheck each option except “Temporary Internet files” and “website files” . Then click the “Delete” button and your cache will begin to be cleared. If it’s been awhile since this was done, it could take a few minutes before you can go back to using your browser as usual.
With Chrome open, click the menu button in the top right corner. From that menu, select “Tools” then “Clear browsing data”. This brings up a menu allowing you to select what types of files you’d like to delete and also how far back you want to delete them. Select “beginning of time” if you want to start over completely fresh. Hit the “Clear browsing data” button when you’ve made your selections and then sit back and wait.
In the Firefox browser, you’ll click the menu button and choose “Preferences”. This brings up a window where you’ll navigate to the “Advanced” tab, then click on “Network” and select “Clear Now” under the “Cached Web Content” section. Firefox also includes a feature that allows you to automatically clear the cache each time the browser is closed. To enable it, select the “Privacy” tab from the “Preferences” window. Then, in the “History” section, make sure it reads “Firefox will use custom settings for history.” Check the box next to “clear history when Firefox closes” then click the “Settings” button. This opens a window where you can select the type of files to be deleted. Check “Cache” and any other files you want to automatically delete and then click “OK”.
For Mac users with the Safari browser, there are a number of ways to clear your history. If you want to delete all files, go to “History”, select “Clear History” and click “Clear”. To set the history to delete automatically, go to the “Safari” menu, choose “Preferences” and click “General”. Choose the option you want under “Remove history items” and you’re done.
Clearing your web browser’s cache is routine but necessary maintenance.
For more serious issues, call Geek Rescue at 918-369-4335.
For business solutions, visit our parent company JD Young.
July 30th, 2014
Even with up to date security tools in place, every internet user runs a constant risk of being hacked or infected with malware. Early detection of these issues can save you from a devastating outcome. InfoWorld recently published an article detailing some of the most common and easily spotted signs of malware infections and the action you should take to combat them. Many times, the suggested action is to restore your system to the last known safe point so it’s important that you’re regularly backing up your devices and creating good restore points.
While there’s fewer instances of this tell-tale sign of an infection than in the past, it remains one of the most recognized. Fake antivirus messages can pop up from your desktop or in a browser window. They claim to warn you about malicious files, but in reality the damage has already been done. Malware has already been added to your system. The message exists to entice you into more trouble. Clicking on it often opens a browser window that asks users to purchase security tools. These sites look legitimate, but are actually just a means to steal credit card numbers. The first step for users is to be familiar with what their actual antivirus messages look like. If they see a fake one, power down and restart in safe mode. Try to find the new applications that have been added and remove them. You’ll also want to run a full virus scan.
To be clear, not every browser toolbar is malicious. Google, Yahoo and other legitimate vendors all offer toolbar additions for browsers, but there are scores of toolbars that signal an infection. If you don’t recognize the name associated with the toolbar and don’t remember adding it, your system has likely been compromised. Most browsers offer ways to quickly remove unwanted toolbars and extensions, but some are trickier. You may need to restore your browser to a previous point or restore your entire system.
This often comes in tandem with unwanted browser toolbars. Conducting searches sends you to an unrecognized search engine, which often contains links to sites designed to further infect your device. You may also notice your homepage change. If this is happening, you’ll want to follow similar steps as above. Remove toolbars and other recently added applications, which may require restarting in safe mode.
- Fake Emails Sent From Your Account
If this hasn’t happened to you, you’ve surely received these emails from a contact. It’s a common problem for an email to be hacked and spew spam to the entire address book. What many users don’t know is that this is usually done through a malware infection on your computer. As soon as you notice emails you didn’t personally send in your sent folder, or are alerted by friends that you’ve sent them spam, you’ll want to run a full scan. Then, look around for recently added programs or anything that looks out of the ordinary.
In short, if your device is acting strangely, which can include pop ups, mouse movements, programs being added and more, it’s likely because of malware.
For help removing malware from any of your devices or to improve security, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
July 24th, 2014
OS X Yosemite, the latest operating system for Macs, is now available as a public beta version. We’ve gone over some of the most exciting features of Yosemite, but if you’re planning to experience the beta version before an official version is released, you need to know how best to install it. At LifeHacker, Thorin Klosowski walks you through the process. This way, you won’t be stuck with an inevitably buggy operating system. Instead, you’ll still have OS X Mavericks to fall back on.
The first step is downloading the beta operating system. If you signed up to participate, you should have instructions emailed to you. Then, you’re going to create a partition on your hard drive, which allows you to install a second operating system and boot directly into it.
- Go to ‘Applications’ and select ‘Utilities’
- Select your Hard Drive
- Click the ‘Partition’ button
- Click the ‘+’ icon
- Choose how large the partition will be- It’s recommended you allocate between 10 and 30 GB for Yosemite.
- Name the partition and click ‘Apply’
- Launch the ‘Yosemite Installer’
- At the ‘Choose a Disk’ prompt, select ‘Show All Disks’ and choose the partition you created.
Now you’ve installed OS X Yosemite on your partition. There’s one more step to boot into it, however. When your system is starting, hold the ‘Option’ key and select the partition you want to boot to.
Once you’re finished with the beta version, you can go back and delete the partition you created, or you can keep it until the next version of Yosemite is released so you can test it before completely committing.
This is certainly not the only way to use OS X Yosemite without losing your existing operating system, but it is one method that works without additional services or much expertise needed.
If you need help with your Mac or other devices, let Geek Rescue be your tech support. Call us at 918-369-4335.
For your business solution needs, visit our parent company, JD Young.
July 23rd, 2014
The public beta version of Apple’s latest redesign of their OS X operating system is now available. OS X Yosemite includes a number of new features and a new look. Some of the best features aren’t available in this beta version, however. As Mario Aguilar reports for Gizmodo, many of the new operating system’s features will integrate with Apple’s new mobile operating system, iOS 8, which is not yet available. Here are some of those features to look forward to.
Have you ever been looking at something on your smartphone, then wanted to look at the same thing on your desktop? This new feature of OS X Yosemite lets you do that seamlessly. It also works the other way to grab something on your phone that you were viewing on your desktop. So, say you pulled up a document on your Mac, then left to run an errand. You could grab that same document, or other task, on your phone.
With this feature, you can share your iPhone’s internet connection with your Mac. This likely won’t be beneficial most of the time, but if your home internet goes down at a critical time, it’s nice to know your phone can be used temporarily to get your desktop back up and running.
Apple’s iMessage has already been available to Mac users, but now that capability has been expanded so you can take phone calls and text messages on your Mac. You’ll never have to wonder if you’ve missed a call while your phone is charging in another room.
The iCloud storage system has been the focus of much speculation, but Apple is finally turning it into what it should have been all along. Now, it will operate similar to Dropbox. Simply move files to iCloud and then you’re able to access them across all of your Apple devices.
The features listed are only the additional capabilities OS X Yosemite will feature once iOS 8 hits the market. The new Mac operating system also has a number of stand alone features that users should also find useful.
If you’re having problems with any of your Apple devices, come by Geek Rescue or call us at 918-369-4335.
For your business solution needs, visit our parent company, JD Young.
