Author: Brett Bogler

Windows 10 just gets better and better!

 

 

In light of the Windows 10 Anniversary update coming this summer, Microsoft is vamping up some of their already offered features. Cortana becomes a stronger force, Windows Hello is improved and gaming capabilities are increased.

The new update provides a more powerful Cortana. Cortana will appear more throughout the system, in the lock screen and with Skype as a bot conversation. She is gaining momentum as a suggestion advocate, providing cuisine ideas and even following commands. Although barely touched on at the Microsoft conference, one of the new features associated with Cortana is the ability to system control. Microsoft gives viewers a reason to believe Cortana will soon be able to recognize phrases such as “Cortana, turn off Wifi.” or “Shut down PC.” In o92a2806addition, Cortana will tap into third party apps more often. She already is able to access Yelp and TripAdvisor for information, but now she will have access to 1,000 apps that integrate with Cortana. The Microsoft app store section, “Better with Cortana” provides plenty of options to make Cortana more proactive for the average user.

Windows Hello will increase as a feature, with the ability to log into websites on the Microsoft Edge Web browser along with third party apps. As you may already be familiar with Windows Hello works with Windows 10 to allow users to log into their machine via face recognition, iris recognition, and fingerprints. The new update allows web developer the option to integrate this feature into their site using JavaScript APIs. Windows Hello verifies your identity and Microsoft Passport gets to work ensuring the public-key encryption can access resources.

Exciting for gamers, Microsoft is enhancing a few of the top features such as allowing support for multiple GPUs and the ability to turn off VSync and enable GSync and FreeSync instead. Game developers will be able to use the new Desktop App Converter to put out Universal Windows App versions of their work. The biggest announcement for gamers is Dev Mode for Xbox One. Developers can easily use Xbox One as a development kit and create more games.

 

 


 

If you would like to educate yourself in more detail about material presented in this blog post please visit: 4 Big Updates Coming to Windows 10 this Summer

 

The Newest Security Trend – Rewarding Hackers

hacker-malware

There is always that one superhero willing to play nice with the villain. In the world of tech hackers, HackerOne is that superhero. HackerOne acknowledges that modern security is hacker-powered. They have created a platform for vulnerability coordination and bug bounty. In other words, HackerOne works with hackers to find security holes in your company, because to be honest, who better to trust than the villain himself!

HackerOne facilitates communication between hackers and companies. If a hacker does find a bug, HackerOne works as the middleman ensuring the company pays the hacker for the discovery, charging 20 percent commission of the hacker’s pay out. Companies such as Uber, Dropbox, Square, Snapchat, Airbnb, Vimeo, have all joined the HackerOne movement.

Bugcrowd works similar to HackerOne, bringing together good hackers with companies looking to verify their security systems. In comparison to HackerOne, which rewards hackers with a payout decided by the company in question, Bugcrowd works on a subscription basis. Charging a service fee or a project-based charge, Bugcrowd provides market rate suggestions for rewards and manages all payouts for their companies. Their companies consist of AT&T, Dropbox, Facebook, Etsy, Paypal, Twitter, just to name a few. As you might notice, some of the companies listed are clients of both HackerOne and Bugcrowd.

Google, of course, has a public bug bounty program of their own, that offers up to $100,000 for hackers who find vulnerabilities in its Chrome software. Although the reward amount depends on the size of the bug, the rewards are substantial enough to keep hacker interest, ranging from a few hundred dollars to several thousands.

Opening a bug bounty program to the public, puts forth the message that the company values the security of its systems and lessens the likelihood of malicious activity. Despite strong efforts to keep systems secure, no one bulletproof organization exists. In the fight against hackers, a little incentive goes a long way toward a more secure system.

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Meet the Middlemen Who Connect Hackers for Hire With Corporate America

U.S. unlocks iPhone in San Bernardino Case, without Apple’s Help

applefbiAccording to the New York Times, law enforcement has figured out a way to sidestep the encryption on the iPhone in the San Bernardino case, and they did it without the help of Apple. The U.S. Department of Justice has since dropped legal action against Apple as they no longer need their assistance. The government pushed relentlessly for Apple to help unlock the phone. They even went as far as to say that an Apple created encryption key was the only method for gathering the stored data on the smartphone. We now know this to not be the case.

Apple’s main concern with complying to the government’s cry for help came from an understandable viewpoint. Apple CEO, Tim Cook, said creating a backdoor for this specific case would lead to a slippery slope for future cases with encryption components.

As it turns out Apple is off the hook for the time being, thanks to Cellebrite, an Israeli security firm. This firm provides mobile forensic services and assisted the FBI in unlocking the smartphone.

Withdrawing from prosecution leaves many questions open ended for future encryption cases. Something tells me this won’t be the last time Apple and other private companies will be faced with a difficult decision to make. Should such companies be forced to aid in encryption breaking for law enforcement purposes, or only special cases? What guidelines should be made?

If you would like to educate yourself further about the information presented in this blog post please visit:

http://www.pcmag.com/news/343264/u-s-unlocks-iphone-ends-legal-action-against-apple

Sophos, Did you say.. Free?

You heard right. Sophos is offering free commercial grade security software for users. Sophos free security

Sophos is a security software and hardware company that develops products for encryption, network security, mobile and email security as well as threat management. Although mostly geared toward large enterprise organizations, they haven’t forgot about the security needs of home users.

In addition to their free Sophos Cloud, which can be used in business, commercial, or government organizations, Sophos offers free home protection, a great tool for users. This free version of Sophos Home lets you manage and protect up to ten computers per account. A huge advantage for anyone looking to better protect sensitive data from their home base.

The free security software protects against malicious software and inappropriate websites and viruses. In a world where malware is at the forefront of security concerns, it is best to ensure added protection for all your Mac and PC devices. As an added cherry on top, you can manage security settings for the entire family from any browser.

If you want software that is trusted by IT professionals, we highly recommend trying the new free version of Sophos.

To find out more information about Sophos and sign up for Sophos Home please visit their website:

https://www.sophos.com/en-us/lp/sophos-home.aspx

 

Ransomware seeks victims via TeamViewer

Download-TeamViewerAnyone use Teamviewer? If so, sorry to say,  you may have been hacked.

A new ransomware has been discovered appending the .surprise extension to encrypt important files. Further research into the extension revealed the loader had EDA2 ransomware from memory, and was only attacking those who also had TeamViewer installed. The victim logs showed that TeamViewer had been utilized as a means to reach computers. Someone connected via TeamViewer and proceeded to download the encrypted surprise files onto the unsuspecting desktop.

The two TeamViewer IDs used by the attackers were  479441239 and 479440875.

This surprise ransomware is unique in that it has successfully bypassed AV signature definitions as well as behavior detection. Rather than containing the more typical encryption functions seen in ransomware, this surprise ransomware encompassed an encrypted BASE64 encoded string. This string is loaded into memory and functions from there.

The ransomware scans all fixed disks on the computer for files that contain a particular file extension. When it finds a matching file, it will encrypt it with the AES encryption key and append the .surprise extention to it. The targeted file extensions are a hefty list. It will skip any files containing the $ symbol or contain the c:/windows and c:/program strings in the filename.

Bleeping Computer discovered the 3 files the ransomware creates are as follows:

  • %Desktop%\DECRYPTION_HOWTO.Notepad ransom note.
  • %Desktop%\surprise.bat, which executes the vssadmin.exe Delete Shadows /All /Quiet to remove Shadow Volume Copies.
  • %Desktop%\Encrypted_Files.Notepad file that contains a list of encrypted files

Sadly for those encrypted there is no alternative method to gain access to the files at this time without paying the ransom.

If you would like to educate yourself in greater detail about the material presented in this blog post please visit:

http://www.bleepingcomputer.com/news/security/surprise-ransomware-installed-via-teamviewer-and-executes-from-memory/

Nextbit: No Robin Phone for Verizon, Sprint

nextbit robin phone Bad news for those who thought they were going to get the Nextbit Robin smartphone for Sprint and Verizon customers. Nextbit announced that they have decided to cancel plans to launch a CDMA version. Originally, Nextbit was not planning to release a CDMA version. Due to high customer demand, the company decided to try to launch a CDMA version when they started receiving a high influx of user requests.

Nextbit CEO, Tim Moss, said the idea was rushed, and the answers were not clear. The Kickstarter campaign was only 30 days long. The decision to start investigating a CDMA version did not begin until two days into the campaign.

Moss explains that because of the late decision the company was not prepared to meet the demand, “We had to go with the best information we could get before the campaign was over, and over time it turned out that this information was not accurate,”. He goes on further to reveal the cost was much higher than anticipated, from estimated thousands to estimated millions. With little knowledge of when the device would be complete and ready to ship, the company decided to cancel the request altogether.

No need to worry if you already pre-ordered your Nextbit CDMA version. The company has promised to credit each backer their entire pledge including any extras such as accessories and shipping costs. As an added bonus, Nextbit is offering each CDMA backer a 25 percent discount code on one order from the company’s online store.

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.pcmag.com/news/343017/nextbit-no-robin-phone-for-verizon-sprint?mailing_id=1646016&mailing=DailyNews&mailingID=4C40F34FE0DC8E21A3A653EEBB113330

 

Microsoft Pushes Back Windows 7/8.1 End Date

Windows 7 Windows 8 End of Support It appears Microsoft is trying to get users to upgrade to Windows 10 by finally pulling the plug on Windows 7 and 8.1. Well. Sorta.

The painstaking process of adapting older operating systems to Intel’s revolutionary architecture lead to the initial decision to withdraw support for 7 and 8.1 in 2017. Users have until July 17,2017 to upgrade. If the upgrade is not made, users will only receive security fixes deemed as most critical. After this date only users working with Windows 10 will  receive the most recent updates, patches, tweaks, and fixes. As you can imagine this irked consumers wishing to stay with older operating systems. This is the first time Microsoft has somewhat become demanding of its customers when it comes to making the switch to Windows 10.

Jeremy Korst, general manager of Windows marketing, reveals the shortened life span is “designed to help consumers purchase modern hardware with confidence, while continuing to manage migrations to Windows 10” . This makes sense considering upgrading to Windows 10 on Skylake devices ensures users are able to access the latest and greatest in terms of modern hardware and software.

Korst also explains in a blog post the obvious advantage of running Skylake on Windows 10, “Compared to Windows 7 PC’s, Skylake when combined with Windows 10, enables up to 30x better graphics and 3x the battery life.”

The end of life date for Windows 7 is January 14, 2020 and January 10, 2023 for Windows 8. The delayed deadline should hopefully make the transition smoother for customers. Another year will be allowed for Skylake to run on Windows 7 and Windows 8.1 while still receiving all major windows updates. Microsoft is also enhancing its overall policy to promise more security updates, in case the deadline alone doesn’t convince users to make the switch to Windows 10.

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.pcmag.com/news/343041/microsoft-extends-update-deadline-for-windows-7-8-1-skylake?mailing_id=1646016&mailing=DailyNews&mailingID=4C40F34FE0DC8E21A3A653EEBB113330

New on our radar…ads spreading crypto ransomware

Crypto Ransomware disguised within ads on big time sites

Ads featured on sites such as The New York Times, the BBC, MSN and AOL have exposed thousands of users to crypto ransomware. Angler, a toolkit that sells exploits for Adobe Flash, started the wave of encrypted ads last week pushing laced ads through a compromised network, according to researchers at Ars Technica.

 

The ads contained a JSON-based file with more than 12,000 lines of obscure codes. Angler attacks unsuspecting users with Bedep Trojan and the TeslaCrypt ransomware, a nasty combination. The three suspicious domains to be aware of are trackmytraffic[c],biz, talk915[.]pw and brentsmedia[.]com. The hacking has spread to answers.com, zerohedge.com, as well as infolinks.com. In addition, affected networks consist of those owned by big names such as Google, AppNexis, AOL, and Rubicon.

 

The best thing users can do at this point is enforce safe browsing. Decreasing the probability of attacks means decreasing the attack surface. Uninstall third-party extensions such as Adobe Flash and Microsoft Silverlight unless necessary. In addition to this, keep installations up to date by following updates as soon as they are made available. Using the 64-bit version of Chrome for browsing is one of the safer ways to browse. Microsoft users should work with Windows 10 and Microsoft’s Enhanced Mitigation Experience Toolkit.

Windows 7…on the way out

slug, windows 7 slow, sluggish Designed in 2005, over ten years ago, Windows 7 is still used among common user and business owners alike. Microsoft released the Windows 7 Service Pack 1, more than 5 years ago in 2011. A more recent Service Pack 2 has never been released despite the desire of devoted Windows 7 users. Lack of updates makes for a sticky situation for those users wishing to do a clean install. When you run Windows Update, you see a whopping 216 updates available. Mildly insane.

As discovered by Ed Bott, for The Ed Bott Report, there is a way to avoid the delay partially. The KB3083710 and KB3102810 updates need to be downloaded before starting the installation process and copied to a USB flash drive. From this point you can install Windows 7 with SP1, leaving the network cable disconnected while you proceed to install the two saved updates from the USB flash drive. This saves time and allows you to then connect to the network again and run the Windows Update.

To increase frustration further, getting to the place where 216 updates are made available takes nearly eight hours due to the bug detected by Microsoft in fall 2015, making installing and searching for updates with Windows 7 and Windows Server 2008 extremely slow and painful.

Windows 10 utilizes cumulative updates in comparison to Windows 7. Rather than waiting hours for hundreds of updates to be installed, after one clean install only one update is needed, a great improvement. It appears that Windows 7 is on its way out, with lack of security updates and service packs. Although the extended support for Windows 7 does not officially end until January 2020, the outlook for shorter update times and less updates found in general is less than optimistic.

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.zdnet.com/article/sticking-with-windows-7-the-forecast-calls-for-pain/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61

Two-Factor Authentication Evaluation Guide

Two-factor Authentication is a type of multi-factor authentication that provides identification of users using a combination of two different components. These components are often something the user knows, possesses, or something that is inseparable from the user. This Guide has been adapted from Duo Security, and illustrates what to consider when deciding upon a vendor for Two-factor Authentication for your company.WP17

Security

 

In order to enforce this extra layer of protection it is important to consider the factors involved. Security and ease of implementation should be of first priority. The vendor in which provides your two-factor authentication should be secure by design. The cloud based service should use multiple, independent PCI DSS Level 1 and ISO 27001-certified, SAS 70 Type II-audited service providers and is split across multiple geographic regions, service providers and power grids for seamless failover. This ensures that you have a reliable vendor that has an infrastructure that is fully scalable and elastic enough to be able to accommodate any number of users. You should be able to add users as you need them without issue. The vendor should also be backed by a strong service level agreement and the service should offer 24/7 operational coverage.

Cloud-based authentication services are easy to use and tend not to require installation of hardware. Selecting a vendor with drop-in integrations for all major VPNs, Unix, and MS remote access points. Something to look for is deployment. The two-factor authentication process is best implemented when it leverages a platform users already have, such as cell phones. Make sure the service you employ works with landlines and tokens to save your IT administrator from having to manage tokens.

Usability

Usability and convenience are a major part of making two-factor authentication a productive solution. A vendor that keeps a lot of “clutter” such as extra steps gets in the way of the login path and makes for a large and unneeded distraction. Allowing users to easily enroll themselves and set their preferred devices to use for authentication makes the login process easier. This should be met by a vendor that supports a wide range of authentication methods including push to mobiles app, passcode and phone call back.

Administration

When choosing the ideal vendor, make sure the administrative needs are met. For instance, consider if the solution allows for visibility insight into user access of your network. Authentication logs should be provided for auditing and reporting. Systems that provide a centralized admin interface give a consolidated view of how the two-factor authentication is working, and allows for better maintenance. It would be best if the system managed the physical tokens rather than forcing you to manage such items. In addition if you are looking for a cost effective solution, cloud hosted vendors have the lowest costs and least amount of hassle because the infrastructure, upgrades and maintenance are all managed by the vendor.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://hosteddocs.emediausa.com/duo-security-twofactor-evaluation-guide.pdf