Malware Infects Your Router Too

September 30th, 2013

Router

You’ve probably taken some precautions to make sure your computer is protected from malware, viruses and other potential security issues. But have you taken precautions to protect your router?

A recent post on NewsFactor notes that there are router-specific malware threats capable of reconfiguring it. A malware infected router is able to redirect users to malicious sites in order to steal data or infect them with more malware and viruses.

Imagine you are using your computer to check your bank balance. If your router is infected with malware, it could redirect you to a similar looking site that is actually designed to steal your log-in information. Minor differences will alert you that something is wrong, but you have to be looking for them. A slight difference in the way the site looks, or a missing option in the menu are tell-tale signs that this site isn’t legitimate.

Thankfully, most banking websites offer security specifically designed to alert you if you’re not on their official website. However, other websites don’t take the same precautions.

Your browser also has security tools available to help keep you safe in these situations. When the warning pops up that a website’s security certificate isn’t recognized, don’t ignore it. This is a warning that using this site puts your data at risk. If you see that warning, don’t use that website. If needed, contact the business directly by phone and ask them about their website.

To protect yourself, make sure your router is updated continuously. Newer models usually update automatically, but it’s worth checking to make sure. Also, use the password protection options. Not only should your router be password protected, but that password should be changed often and not easy to guess.

To find out how to improve the cyber security at your home or office, contact Geek Rescue at 918-369-4335.

Spend More Intelligently To Improve Cyber Security

September 30th, 2013

Piggy bank

Creating an adequate, effective security infrastructure for your business is difficult. It becomes impossible, however, if you don’t take the time to consider where your weaknesses are.

Patrick Budmar, of ARN, reports that security experts estimate that 80-percent of IT security spending at an average company is focused on only 30-percent of the problem.

Firewalls, intrusion protection systems and endpoint security are noted as receiving the bulk of most security budgets. However, diverting funds to increase prevention and detection of threats is a more efficient practice.

Regardless of the amount of security software in place, there will be breaches and gaps in your security. That’s why experts recommend focusing more attention on monitoring data and constantly checking for abnormalities within your network. Many times, a security breach goes unnoticed for weeks or months at a time. This allows for an exponentially higher amount of damage than if the breach was detected immediately.

An audit of your company’s cyber security exposes the potential flaws. It also shows where more attention or funding is needed, and where funds can be diverted from. This way, you’re able to upgrade security by spending more intelligently, not necessarily by spending more.

Geek Rescue provides security audits and the tools needed to improve security. Call us at 918-369-4335 before an attack to avoid costly damage and data loss.

New Form Of Malware Rapidly Spreading

September 27th, 2013

Malware

Antivirus vendors are reporting that a new piece of malware is being used in infection attempts hundreds of times per day over the past few weeks. It goes by the name Napolar or Solarbot and is used to steal information.

Lucian Constantin, of PC World, writes that this new malware started infecting computers in mid-August, but was put up for sale to cyber criminals weeks before the first infection. For $200, hackers are able to buy the Napolar binary code and launch their own malware attack.

While infections have mostly been reported in South America so far, security experts fear this malware will spread quickly, due to its affordable price tag. It appears Napolar is being spread through compromised Facebook accounts.

Napolar is similar in functionality to a Trojan, which has been around for years. Experts speculate it could actually become more popular, however, because of its ease of use and because it is upgradeable with plug-ins.

The tell-tale signs of the malware are pop-up images of women appearing on screen after downloading an infected photo-file.

With more hackers purchasing Napolar and more Facebook users being infected, it’s only a matter of time before the malware reaches North America.

Be sure to keep your antivirus software updated. If you discover that your computer has been infected by malware, bring it to Geek Rescue. We disinfect any device and help you improve your security to protect against future attacks. Come by or call us at 918-369-4335.

Cyber Attacks Are An Opportunity To Improve Security

September 27th, 2013

Security cameras

You’ve heard how important robust cyber security is for your business. You’ve read the articles, you’ve seen the statistics and heard the urging from IT professionals. Unfortunately, for many small business owners, the warnings don’t truly sink in until after they become a victim of an attack.

Ericka Chickowski, of Dark Reading, writes that a cyber attack doesn’t have to solely be a negative on your company. It is costly and it could hurt your credibility with your customers and prevent you from offering your services for a time. But, it’s also a chance to learn a lesson and become stronger.

During the recovery process, it’s important for companies that have been victimized to take time to study why they became a target in the first place. The exploit is like a real-world audit of your security infrastructure and, unfortunately, your security failed. Take this opportunity to improve the holes and the day-to-day processes of your company.

Be sure to take this opportunity to address your entire security infrastructure, not just the part that was exploited. Your security likely doesn’t have only one flaw. And even if you find that the software in place is adequate, you may discover that you employees actions put data at risk.

You should also critique your recovery plan. Think about the company-wide actions after the attack took place and consider how they could be improved. Your goal should be to cut downtime and restore data as quickly and fully as possible.

If your security is breached, you definitely can’t afford to ignore it. Let it be a message to you that a more serious investment in cyber security is needed.

For a security audit, or to find out what your options are for improving security, contact Geek Rescue at 918-369-4335.

Diagnose And Fix Potential Cyber Security Flaws

September 27th, 2013

Cyber security

Every business has adopted some form of cyber security, but is your security truly aimed to keep you safe from a full-scale cyber attack? Too often businesses believe they won’t be a target of hackers and make that an excuse for not dedicating more resources to true security. Those with minimal security, however, make themselves a target because of how easy it is to attack their network. 

Catalin Zorzini, of Inspired Magazine, suggests taking the necessary steps to take your security from minimal to robust. Here’s what to consider when trying to implement adequate security.

  • Audit your current security

Conducting a security audit will reveal where you are most vulnerable. This informs you what your security is lacking and specifically what data is at risk. Knowing that will allow you to put into real terms what is at stake. Contact Geek Rescue to perform a thorough audit of your security.

  • Consider disaster recovery 

Keeping security threats like malware out is only one aspect of good security. You also need to have a plan in place for a disaster that wipes out your data. This could stem from a cyber attack, or it could be a natural disaster that destroys your servers. Regardless of the cause, you need a plan that will minimize the amount of downtime you suffer and how much data is lost.

  • Don’t forget about mobile

Mobile technologies create complications for your security infrastructure. Employees sharing data with cloud systems or through email and connecting on unsecured WiFi cause headaches. There’s also the growing bring your own device, or BYOD, trend. That is also a potential problem as employees could bring infected devices to the office and infect the whole network. 

By thinking about potential security problems and patching holes, you’ll avoid large scale data loss and downtime in the future.

Geek Rescue helps you improve cyber security. Call us at 918-369-4335 to set up a security audit, make a disaster recovery plan or more.

 

Texting Scam Stems From Craigslist

September 26th, 2013

Texting

Craigslist has long been known not only as a legitimate online marketplace, but also a potentially dangerous hub of scams and hackers. A report posted on the Symantec blog alerts that a current scam is harvesting phone numbers from Craigslist ads and texting them spam links.

The actual scam has nothing to do with Craigslist, but that seems to be where the hackers are getting phone numbers. From there, they send a text containing a link. However, the link won’t work on a smartphone.

Instead, users are prompted to use their PC and arrive at a page prompting them to install “GIMP Viewer”, which is legitimate open source software. If the user agrees, they aren’t taken to the actual GIMP site. Instead, they are taken to a fake site where GIMP software is installed with a number of other programs.

Hackers make money each time these additional programs are downloaded. For now, it doesn’t appear that any malware is included in the scam, but it could easily become part of it if criminals decide the current scam isn’t lucrative enough.

To avoid any similar scams, be wary of text messages from unknown sources. You certainly shouldn’t be agreeing to download anything to your phone or PC unless it comes from a trusted source. A link in an unsolicited text message would not be a trusted source.

To protect your smartphone and PC from future malware infections, contact Geek Rescue at 918-369-4335.

Public Clouds Could Be Harmful To Your Business

September 26th, 2013

Cloud computing

Using a cloud system to store and share files has become a common business practice. The cloud makes data available from practically anywhere and makes it easy for employees to collaborate on projects. However, not enough attention is being paid to the security of these clouds and who could potentially have access to valuable information.

Yorghen Edholm writes on his ComputerWorld blog that these security issues are of a particular concern when employees use a public cloud. Services like Google Drive and Dropbox are easy to use and have free options. They present a security risk, however.

It’s not necessarily these public clouds themselves that pose the problem, although they aren’t nearly as secure as private cloud options. The real problem stems from employees using public clouds without supervision from superiors or the IT team. That means others are unaware of potential risks and unprepared to solve problems.

Many employees use a public cloud because it’s convenient. They may be planning to temporarily store a file, or quickly share it with other team members. Usually, they lose track of exactly what is being shared and believe that they’ve only added files to the public cloud that don’t contain any potentially damaging information.

There’s also a concern over who exactly will have access to a public cloud. Recent headlines have enlightened the public about the government being able to snoop on files stored this way. Storing your data more securely doesn’t necessarily restrict the government’s access, but at least you’ll be able to keep track of what they’ve seen.

It may not be possible to keep every piece of data stored privately. But, you should strive to gain oversight of all the data being shared, and how it’s being shared.

For help implementing a cloud computing system at your business, or to enhance security, contact Geek Rescue at 918-369-4335.

Malicious Extensions Are A Growing Threat

September 26th, 2013

Web Browser

Browser extensions enhance the capability of your web browser. There are a number of uses for browser extensions. Many are designed to improve security or boost productivity. Recently, more and more extensions have been made by hackers, however.

Lucian Constantin, of ComputerWorld, writes that malicious browser extensions are a growing concern among security experts. That’s because they are difficult to protect against.

Malicious extensions have been seen before. They’ve been used to hijack searches and show ads to users. Recently, an IT security consultant was able to create an extension with much more harmful capabilities.

This example malware was able to be controlled remotely. It’s able to bypass two-factor authentication, perform functions, such as downloading other malicious files or controlling the webcam and steal data.

Malicious extensions are a growing concern, but there are few options available to protect yourself from them. Many antivirus programs are unable to detect and remove this malware. Security extensions added to your browser are also powerless.

Your chosen web browser actually has a significant effect on how much at risk you are. Firefox users are considered to be the most vulnerable. This is because it allows for third party extensions to be added, which means hackers can convince users to install the malicious extensions themselves, or can use malware downloaded through other means to install them remotely.

Chrome users, on the other hand, are at a relatively low risk. Chrome only allows extensions to be added from their Web Store, which only contains extensions that have been approved by Google. This doesn’t mean that there can be no malicious extensions added to a Chrome browser. It just means it’s much more difficult than with Firefox.

Exercise caution when adding extension to your web browsers and make sure you understand what your security software does and does not protect against.

To improve the cyber security on your home computer or at the office, contact Geek Rescue at 918-369-4335.

Recycled Yahoo Accounts Pose Major Identity Theft Risk

September 25th, 2013

Dismayed computer user

Yahoo recently announced that they were recycling dormant email addresses. Yahoo IDs that hadn’t been used in awhile were made available again and taken over by other users who wanted them. Donna Tam, of CNet, reports that there’s a significant security problem with that.

Even though users hadn’t accessed their Yahoo emails in over a year, they still have accounts associated with them all over the internet. One user who took over a previously owned Yahoo ID says the email address is associated with a Pandora and Facebook account and is the contact for a doctor’s office.

Multiple users have seen emails intended for the address’s previous owner. Those emails contain the ability to hack into the previous owner’s online accounts and some contain personal information like the last 4 digits of a social security number and physical address. With that information, a motivated person could hack into any number of accounts. The potential for identity theft is incredibly high.

Yahoo says most of the recycled accounts were not receiving any emails before being claimed by a new user. They also claim that they’ve taken precautions so the new account holders don’t receive emails containing information about the accounts of another person. But, Yahoo has to rely on other websites to make changes in order to fully fix the problem.

If you let your Yahoo email address lapse, you’ll definitely want to go through all of your online accounts and make sure none of them are associated with an address that may now be used by someone else. Don’t forget to also check with doctors’ offices and friends to let them know that you no longer use that email.

To avoid any of these potential headaches, contact Geek Rescue about hosted email. We offer a variety of options to fit your needs. Call us at 918-369-4335.

 

Growing Number Of Cyber Attacks From Social Media

September 25th, 2013

Unlike

It’s easy to understand why so many hackers are targeting social media for cyber attacks. Where else would you find such a high collection of unsuspecting people? Many users have grown wise to email attacks and have learned to avoid suspicious emails. Social media, however, is still seen by most as a safe place. Throw in that many users access social media on mobile phones, which often lack necessary security, and you have an irresistible target for hackers.

John P. Mello, of CIO, reports that these attacks claim victims using the trust of users against them. Similar tactics as previously seen in creating fake versions of legitimate websites, or sending phishing emails that appear to be from legitimate sources, have been adapted for social media. The trend is to take over an account with a large number of followers and credibility and use it to spread malicious links.

These attacks are difficult to avoid because they appear to be coming from a trusted source. You wouldn’t expect a Twitter account that you’ve followed for years to suddenly be directing you to a phishing site, or infecting you with malware.

This isn’t only a concern for individuals either. Businesses need to be aware of these threats to security also. Another reason that social media is so attractive to hackers is that so many users access social media on their company’s network. This means that if any of your employees encounter a hacked profile, they are putting your company’s data at risk.

There are a number of options for how to deal with these threats. Blocking social media sites is one. Educating employees about the risk and making sure they understand how to avoid these attacks is another.

To improve your company’s security, contact Geek Rescue at 918-369-4335. We offer security software that is capable of blocking potentially dangerous sites and catching malware before it infects your system.