December 9th, 2013
It’s important to install updates and patches when they’re made available for all applications you use. These updates typically fix compatibility issues and security flaws that an application contains, so installing them keeps your computer safe from attacks and prevents crashes and freezes. Web browsers and antivirus programs are vital to keep updated, but arguably the most important is your operating system. Larry Seltzer of ZDNet reports that Microsoft is releasing 18 total updated on December 10. Most of these are to fix bugs in a version of Windows. Here’s a look at some of the most interesting available updates.
- Windows 7- Using AutoPlay after inserting an audio CD causes Windows Media Player to freeze. This bug seems to come into play only after installing Internet Explorer 10.
- Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2- This dynamic update helps “obtain critical driver, component and setup improvements during initial setup.”
- Windows 8, 8.1, Windows RT, RT 8.1- This update is for the Microsoft Camera Codec Pack. Without this update, you’ll be unable to view images from some cameras and RAW camera files won’t be viewable in Windows applications.
- Windows MultiPoint Server 2012, Windows 8, 8.1, RT, RT 8.1, 7, XP, Windows Server 2012, 2012 R2, 2008, 2008 R2, 2003- A variety of updates are available that are described only as “resolve issues in Windows.” Installing these fixes bugs and compatibility issues.
Many users won’t notice much of a difference in their Windows experience after installing these updates, but they are necessary to ensure that your system isn’t vulnerable to attacks or crashes. The idea behind Microsoft’s update releases is that most users will have problems fixed before they realize there was a problem.
If your PC is has issues, first make sure your operating system and applications are up to date. If the problems persist, bring your device to Geek Rescue or give us a call at 918-369-4335.
December 6th, 2013
Looking back at the year in cyber threats, 2013 featured a number of new innovations that allowed hackers to compromise security, infect systems and steal data. Adam Kujawa of Malwarebytes recently published his list of the biggest threats to your security in 2013. The threats included in this list are important to know because they’re likely to continue to be used throughout 2014, as well.
Ransomware wasn’t new in 2013, but hackers have used it to inflict more damage this year than ever before. This particularly scary brand of malware is capable of locking down a user’s computer and encrypting their personal files. A payment is then demanded to restore the system, but most users find that even after paying their computer is still useless. This year, many forms of ransomware were disguised as government agencies investigating a crime. In some instances, an individual’s webcam was hijacked so an image of the user could be displayed along with a note claiming that their internet history included some illegal activity. Because of it’s jarring nature, law enforcement has cracked down on ransomware and production seems to be down.
Making its debut in September of this year, Cryptolocker did an astonishing amount of damage in a short time. It’s a form of ransomware that demands a payment to decrypt your files. The difference is, Cryptolocker does a better job encrypting files than most ransomware. It actually uses a double encryption, which is so strong it would take a normal desktop system an estimated 6.4-quadrillion years to break it without a key. Needless to say, no one has broken the encryption yet. Cryptolocker also puts a time limit on a user’s decision. They’re asked to pay for the key to decrypt their files, but if they don’t make a payment within a day or two, the key to the encryption is threatened to be erased from its remote storage. Currently, the best way to stop a Cryptolocker attack is to keep it from infecting your computer in the first place.
With more and more users with smartphones, it was expected that more malware would be produced specifically for the mobile audience. There was more mobile malware produced in 2013 than any previous year and most of that was for the Android operating system. Threats included malware that could make texts and phone calls without the owner of the phone knowing and malware that spoofed banking security precautions to steal log-in information. There were also instances of a smartphone’s camera being hijacked. The capabilities of malware for smartphones will only increase with time and, unfortunately, many users continue to use a smartphone with little to no security in place.
Potentially Unwanted Programs, or PUPs, are certainly not new, but 2013 saw them become much more harmful than ever before. Seasoned internet users will have dealt with PUPs before as an inclusion with other downloads or as something they never meant to download in the first place. Commonly, a toolbar or search agent will appear that a user doesn’t actually want, but, except for being a nuissence, it doesn’t do any real harm. In 2013, these PUPs began to include a Bitcoin miner, which could potentially cause significant damage to some types of systems.
New threats pop-up every day. That’s why it’s extremely important to keep antivirus programs and other security software up to date with the latest definitions. All applications need to be regularly updated to close off security holes that have been exploited in the past.
If your system is infected with malware, or you’d like to improve your device’s security before it’s attacked, contact Geek Rescue at 918-369-4335.
December 6th, 2013
Standard USB connectors that help us attach our mouse, printer, digital camera, smartphones and more have been around for nearly two decades. It’s fair to say then that it’s time for an update on the design. As Sam Byford reports for The Verge, USB newest connector will feature an entirely new design that will allow for thinner devices.
The new connector, called Type-C, will be rolled out with the USB 3.1 specifications and should start hitting the market some time after the middle of 2014. The new design means that all of your older USB cables will be obsolete for new devices unless used with an adapter. However, Type-C aims to make a more universal connector that’s reversible. This means that both ends of the cable can be used right side up or upside down on nearly every device. Apple products are, of course, an expected hold out.
Type-C hasn’t been seen by the public yet, but the connectors are expected to be about the same size as the current micro-USB connectors found on many phones, cameras and mp3 players. These smaller connectors allow devices to be thinner than ever before because they’re no longer bound to the bulky by comparison current USB plug ins. For example, the Samsung Galaxy Note 3 has been criticized for its seemingly over-sized USB port, which doesn’t seem to match with the rest of the device’s design.
At Geek Rescue, we know tech. If you’re experiencing problems with any of your devices, old or new, bring them in to one of our locations or call us at 918-369-4335.
December 5th, 2013
Spam and other online threats seem to multiply around the holidays. This can be attributed to the amount of time and money being spent online shopping for gifts. A post on the All Spammed Up blog lists some of the most common threats to watch out for this holiday season.
Everyone is looking for a deal this time of year. Unfortunately, hackers use this desire to steal your money or infect your computer with malware. Emails advertising popular products for incredibly low prices appear in your inbox, but they aren’t from a recognized store or website. These ads usually direct you to a website where you can order the product, but it will never arrive. Instead, your credit card information is usually stolen. These websites can also infect your computer with malware. If it seems to good to be true, it usually is.
Sending e-cards to friends and family is a popular practice. Criminals are now using e-cards, as well. Under the guise of a holiday greeting, hackers are able to infect your computer with malware. This scam continues because once one person falls victim, their email is hijacked and used to spread the malicious e-cards to other users. The message appears to be from someone you know, which increases the chance you’ll open it and also become a victim. To help separate legitimate cards from malicious ones, first check to see if they have used your full name. Legitimate e-card sites ask for the recipients first and last name, while most criminals won’t have either. You shouldn’t have to download any special application to view the card. Some legitimate sites will include a link in the email, but don’t follow those to be safe. You should be able to view the card by visiting the site directly.
With so much shopping being done and so many warnings about identity theft and credit card fraud, consumers are ripe for a banking scam. An email claiming that your bank account has been compromised appears in your inbox and provides a link to the bank’s website. You’re asked to log-in, or sometimes asked directly for your credit card or bank account number. This is not the way a legitimate bank does business, however. If you receive an email like this, it’s almost always a scam. If you want to check to make sure, go to the bank’s actual website and call their customer service number.
These scams are more common around the holidays, so be extra careful when shopping and surfing online.
For help improving the security on any of your devices, call Geek Rescue at 918-369-4335.
December 5th, 2013
Phishing emails are a dangerous threat to anyone with an email address. Usually, there are some obvious signs that suggest a scam, but as Paul Ducklin of Naked Security explains, the absence of these signs doesn’t necessarily mean an email is legitimate.
The goal of most phishing scams is to steal your password for an online account. The email could contain a link that takes you to a legitimate looking log-in page. When you try to log-in, however, your information is sent directly to the criminal behind the scam. There are also emails containing malicious attachments. If you download and open the attachment, your computer will be infected with malware that could have a number of uses.
Some users believe that if an email with no link in the message, and either no attachment, or an attachment that shows no signs of malware after scanning with a security applicati0n, that email must be safe. But, criminals have other methods for stealing information.
Because most hackers know that users have become more cautious when opening links and attachments in emails, they’ve altered their tactics. An email may claim to be from a legitimate company and contain no links. It could have a clean attachment. However, the attachment may be a .pdf or word document containing a message and a link to a website. Many users are fooled into thinking that the link in the attachment is safer than if it had appeared in the body of an email, but that’s not the case. Usually, the link found in the attachment will also direct you to a malicious site used to steal your log-in credentials.
These sites designed created specifically to steal passwords are dangerous. Many are designed so that the ‘close’ button on the log-in box acts the same as the ‘submit’ button. This means that even if you decide at the last second not to log-in and try to close the log-in box, any information you put in will be sent anyway.
Unlike legitimate websites, these scam sites also don’t use ‘HTTPS’. That makes them more vulnerable to ‘sniffing’, or other parties being able to intercept any information you send through the site. So, not only does the criminal running the scam have your password, but anyone monitoring the activity on the site could too.
The best option for preventing yourself from becoming a victim of a phishing scam is to avoid them all together. If an email arrives in your inbox, make sure it’s from a trusted source. Check the sender’s address. Often, scam emails won’t be from the domain of the company they’re impersonating. Also, don’t download any attachments unless you know exactly what it is. Don’t follow links provided in emails. If you want to visit a site, enter it directly into your browser to be sure you’re visiting the legitimate site, not a spoof.
Web and spam filters and antivirus programs are also useful in keeping you safe in case you do click something you shouldn’t have. For help improving the security on your home PC or at the office, call Geek Rescue at 918-369-4335.
December 4th, 2013
A recent discovery of two million passwords to online accounts is making headlines. Violet Blue of ZDNet reports that a botnet is responsible for stealing users’ passwords to Facebook, Google, Twitter, Yahoo, one of the world’s largest providers of payroll services and more.
Though some have reported that the victims in this password heist are all located in the Netherlands, they’re actually believed to be spread across the globe. The criminal responsible used tactics to disguise his actions and make it look like the victims are all located in the Netherlands, but because of this it’s difficult to tell exactly where the passwords come from.
A tool called a Pony Botnet Controller is recognized as the root of this attack. It’s capable of stealing hundreds of thousands of passwords within only a few days of infection. In this particular infection, more than 1.5-million passwords to website’s were stolen along with 320-thousand email credentials, 41-thousand FTP credentials, 3-thousand remote desktop credentials and 3-thousand Secure Shell credentials.
When passwords are stolen in this manner, it should trigger action from all users regardless of whether they are actual victims. The stolen passwords become common knowledge for hackers. These passwords are used in lists that are part of hacking attempts on all kinds of online accounts. So, while your account may not have been compromised, someone with a similar password may have been, which in turn puts you at risk.
Shockingly, some of the most popular passwords found in this batch of stolen log-ins were extremely rudimentary. Almost 16-thousand of the stolen passwords were “123456”. “Password” was used over 2200 times and ‘admin’ accounted for almost 2000 of the stolen passwords. Overall, some form of the numbers 1 through 9 in order accounted for eight of the top ten most used passwords that were stolen.
This suggests that too many users are still using easy to remember, and incredibly easy to hack passwords for important accounts online. Using these passwords puts sensitive data at a significant risk. So, take this opportunity to create a stronger, original password for all of your accounts before you become a victim in the next attack.
If your computer is infected with malware, or you’d like to improve security to prevent an infection, call Geek Rescue at 918-369-4335.
December 4th, 2013
Most people change smartphones every couple of years, if not sooner. For some, the decision on what new phone to get is an easy one. You might be dedicated to iPhones or have a particular Android model that you want to stick with. Others have a more difficult time deciding between the various options available to them. Eric Ravenscraft of Lifehacker wrote an extensive piece about how to choose a new Android smartphone. Here, we’ll look specifically at what features are most important and how to choose the smartphone with the best features for you.
No one carries their smartphone and a digital camera around everywhere they go. Most users want a phone with a quality camera and it’s one of the most varied features from phone to phone. Just because one smartphone’s camera boasts more megapixels doesn’t necessarily mean it’s the best. Each manufacturer uses different tactics and designs to create a better camera. So, do some research and look for comparison tests online that show the type of images a camera will capture and in what settings they’re best used.
Some users will opt for the biggest, brightest and best high-definition display they can find simply because it has the best specs. That isn’t necessarily wrong, but those super charged displays will cost you battery life and processing power and most users can’t tell much of a difference. The big deciding factor for display is between AMOLED or LCD. AMOLED are usually brighter, with more saturated color. They also use less battery because they only light pixels as they’re needed. LCD provide a more realistic color representation. Different displays are best for different users, but don’t rely on number of pixels to choose your next phone.
The amount of time your battery lasts would probably be first in this list for most people. Once again, you can’t judge battery life on one statistic alone. Some manufacturers include larger capacity batteries to power more powerful processors and brighter screens for longer. Others optimize hardware to use less battery. Both are good ways to improve battery life so research is key to picking the right phone. Battery comparisons and tests are available online.
- Manufacturer Specific Features
If you haven’t narrowed down your choices by using the first three features, this one could help you make a final decision. Manufacturer’s like Samsung, HTC and Motorola all put their own spin on what comes with their smartphones. HTC includes a live news feed of your social media profiles on your home screen and a feature to control your television. Motorola phones come with a voice control app. These features probably won’t win you over by themselves, but they could help you decide between your top two options.
When choosing a new smartphone, you don’t need to worry about which phone is the best. You need only worry about which is the best for you. Before you even start researching phones, take a moment to think about how you plan to use it and what you need it for.
If you have issues with a new smartphone, or would like to fix up your current phone to feel like new, bring it in to Geek Rescue or call us at 918-369-4335.
December 3rd, 2013
As an internet user, you’re able to do more, access more and store more online than you’ve ever been able to before. Unfortunately, that makes your data more valuable to criminals than it has ever been before. Because of this, malicious tools used to steal your log-ins or personal information are rapidly on the rise. Tim Wilson, of Dark Reading, reports that over the past month there have nearly 344-thousand new malicious websites discovered. These websites vary in their design and goal, but all of them are being used by hackers to steal your identity, data or money or to infect your computer.
On average, this means there are about 11,500 new malicious website springing up every day, which significantly increases the likelihood that a typical user will stumble across one of these sites. About 173-thousand of these websites have been identified as malware distributors. These sites often download malware to your computer without any action being taken on your part, beyond simply loading the website. Many times this download will take place in the background, which means it could be weeks or months before you learn that you’ve been infected.
About 114-thousand of the malicious websites were labeled as phishing sites. These sites attempt to steal users log-ins and passwords. Usually, they’ll use the name and logo of a familiar site to attempt to fool visitors into thinking they’re on a trusted page. Most often in these examples, PayPal was used to gain access to accounts and steal users’ money. There has also been a rise of site designed to steal users’ Google log-ins. This is attributed to the fact that one Google log-in can give an individual access to Gmail, Google Drive and Calendar, Google+ and more.
These increasing threats illustrate the need for effective security on any device you use to access the internet. For help putting the proper security precautions in place at home or at your place of business, contact Geek Rescue at 918-369-4335. If you have a device that’s been infected with malware, bring it in to one of your convenient locations.
December 3rd, 2013
Apple introduced Touch ID as a security feature that recognizes a user’s fingerprint to unlock the iPhone 5S. That feature has come under scrutiny after security experts and hackers uncovered flaws and ways to by-pass it. Some users have also complained that Touch ID doesn’t always recognize their finger, or it takes too long to scan. Soon, Apple users may not have to worry about scanning fingers at all.
Lance Whitney, of CNet, reports that Apple has been granted a patent on an idea that would allow facial scanning to replace the current Touch ID feature.
The facial scanning function, which was patented under “Personal computing device control using face detection and recognition”, is still in its infancy. It appears, however, that Apple plans to make it a security feature on future products.
In many ways, it works the same as Touch ID does for your fingers. A user would start by scanning their own face and the face of anyone else they want to have access to their smartphone or tablet. The scan would record the shape, texture, color and size of your features and store them. Then, to unlock the device, you would have to again scan your face. Only registered users would be able to unlock the device, while unauthorized users would be stuck at the lock screen.
Calls, emails, texts and other notifications would also be locked behind the facial scanner. So, if a call comes in, your smartphone would scan your face before allowing you to answer.
Many of the same security flaws and workarounds that existed with Touch ID after it was introduced are still possible with facial scanning. A password would likely still act as a back-up for situations where the facial scan didn’t work, which opens the door for hacking. But, this is another interesting step for improved security on mobile devices.
If you’d like to improve the security on any of your devices, or you’re having problems like broken hardware, slow performance, or malware, bring your device to Geek Rescue or call us at 918-369-4335.
December 2nd, 2013
Cyber Monday marks the beginning of a busy online shopping season. Unfortunately, that’s well known information, which means criminals will be targeting shoppers hoping to cash in on the holiday season. To keep yourself, and your bank account, safe, Jennifer LeClaire of Lumension suggests doing your online shopping and banking on a mobile device.
Many users assume that a mobile device, like a tablet or smartphone, is less secure than their PC. This is usually only true because they’ve failed to take the same security precautions on their mobile device that they have on their laptop or desktop. With security apps in place, mobile devices can be much more secure because there are far fewer threats specifically targeting them.
There are certainly pieces of malware made specifically for Android, and to a lesser extent Apple’s iOS, but it pales in comparison to the threats being produced for PCs. Both Apple and Android provide security in their app store. As long as users don’t venture outside of the store to download unverified apps, they should have an entirely safe environment. PC users typically download more and take more risks online, which leaves their PC teeming with vulnerabilities and possible infections.
If your mobile device has an antivirus app installed, and is absent of any existing malware, you’ll have a great foundation for a secure online shopping season. You’ll still want to use smart surfing tactics, however. For example, don’t use public WiFi for any activity where you’re asked to log-in to an account, or provide payment information. Public WiFi provides no security for your data, which allows criminals to easily intercept any information you send over that network. So, while a mobile device may be more secure for online shopping than your PC, it shouldn’t be used just anywhere. Shop from home on your own, secured network.
Regardless of how you plan to do your online shopping this year, you need to take the proper precautions. To secure any of your devices, remove viruses and malware, or to create a more secure network at home or the office, call Geek Rescue at 918-369-4335.
