Category : Security

US Government Bitcoin Ransomware Attack

5224

More than 20 municipalities in the US have been hit by ransomware attacks this year alone, the software has grown rapidly by an internet worm that spreads copies of itself by hacking into other computers on a network. These attacks can be expensive, costing not only the company, but the public time.  Especially if those targeted say they won’t pay. In 2018 hackers demanded the City of Atlanta to pay about $50,000 in bitcoin in ransomware, the city refused and the attack actually ended up costing the city about $17 million to fix the damages. These ransomware attacks have not only recently been in Atlanta but other local governments across the US demonstrate that as these attacks spread more common targets will include schools and hospitals. Can you imagine not being able to graduate or not being able to have your MRI results because all your patient files are being held by these attackers? That’s exactly what happened in Baltimore, May 7th 2019 hackers targeted and digitally seized 10,000 government computers and are demanding around $100,000 in Bitcoins to free them back up. Not only are government employees locked out and are un able to have access to their computers, files and emails, the cities public residents are effected. Services that are utilized for paying water bills are not able to be accessed, paying parking tickets, or property tax payments. Last year Baltimore’s 911 Operating System was down for about a day from a separate ransomware attack.
“Ransomware” attack, where hackers deploy malicious software to block access to or take over a computer system. The basic idea behind ransomware is simple: A criminal hacks into your computer, scrambles your files with unbreakable encryption, and then demands that you pay for the encryption key needed to unscramble the files until it forces the owner of that system to pay a ransom to get their own files back. If you have files that are very important on your computer, you might be willing to pay a lot or succumb to the demands to avoid losing them. The most effective way you can protect your computer from these ransomware attacks is to do regular backups, the malware can only encrypt and delete files that are on your computer. If you are implementing a regular backup of your files, either to an external hard drive or using an online service  and your computer is targeted then you can wipe your infected computer clean. Once clean simply reinstall its software and then restore your files from the backup copy you have. The unfortunate difficulty is most people don’t keep adequate and routine backups so they are more likely to be impacted by these attacks so negatively.

Microsoft Issues – Be Mindful

Screen Shot 2019-04-11 at 11.59.30 AM

Microsoft has released security updates that are impacting some security AV vendors, causing some of their customers using Windows 7, Windows 8.1, Windows 2008 R2, and Windows 2012 to occasionally experience system fails or hangs during boot up after application of the update. Many AV vendors are working very closely with Microsoft to resolve the issue. Microsoft has introduced a temporary block to stop computers not already affected from applying the latest Windows security update.

Additionally, we have a work around for those impacted customers. To be impacted, customers must meet all the criteria below. If they do not meet all the criteria, then they are not impacted.

1. Running Windows 7, Windows 8.1, Windows 2008 R2, or Windows 2012

2. Have applied the latest Windows security update and have rebooted after the update is complete Important note: If customers have not yet rebooted, they should uninstall the latest Microsoft security update before rebooting

KBA 133945 will continue to be updated with the latest information. The latest information about this issue and remediation steps are documented in KBA 133945.

Security is Build in Different Layers

Screen Shot 2015-09-18 at 3.19.21 PM

Network and Computer Security is build in different layers of solutions to ensure you are truly protected. Too often I walk into meetings with CEO/CFO’s that claim they are secure due to being on a single security platform of products. Of course all of this is in a single interface and connection point. Layers…layers…

Dangerous USB Cable – Hacker Tool

Screen Shot 2019-02-24 at 11.50.44 AM

Some hackers are getting creative in getting into people’s system by leveraging USB cables that have a Wifi Card in them which hallway the hacker the ability to access remotely and be in your local system.  Once in the hacker can browse the network and servers at their leisure to capture any intellectual property without anyone knowing.  The only left over signature would be the local device the USB cable is plugged into.  It’s important to be mindful of the USB devices your are leveraging in your business community to ensure a better degree of security.  There are also system tools that can be installed on all systems to notify your local admin when a device of this nature is within the network.

 

Screen Shot 2019-02-24 at 11.35.50 AM

Sophos Mobile Management – Great Security Solution for Mobile Devices

Screen Shot 2019-02-21 at 2.07.55 PM

Just deployed this for over 200 mobile devices to ensure that a client has the ability to control all data.  This product was fairly easy to deploy and from a technical administrative perspective works very well.  Allows for a single interface to control everything….lots of features.

Sophos Mobile Security Free Edition

  • Protects your Android smartphones and tablets from malicious apps
  • Provides loss and theft protection with remote lock or locate (optional)
  • Uses our extensive SophosLabs threat intelligence to identify potential risks
  • Offers a Privacy Advisor which lets you see which apps can access personal data, create costs or access the Internet

Sophos Mobile Encryption

  • View and access encrypted files in cloud storage on your iPad, iPhone or iPod Touch
  • Full integration with Dropbox for transparent use
  • Password protection allows simple and secure collaboration
  • Fully integrated with our SafeGuard Enterprise Encryption for Cloud Storage module
  • Additional features available via in-app purchasing

50 Arizona Local Businesses Breached

Screen Shot 2019-02-19 at 5.55.43 PM

Restaurants groups really need to get their technology together and secure their environments.  A data breach may have compromised the personal information of customers who patronized any of 50 Arizona businesses last month.  This affected certain restaurants and hotels between Jan. 3 and Jan. 24.  This affected businesses such as Chompie’s, Someburros, and Zipps Sports Grill.

Mozilla Stops Facebook Tracking With a Firefox Add-On

 

[caption id="attachment_6950" align="alignnone" width="700"]Mozilla Stops Facebook Tracking With a Firefox Add-On Mozilla Stops Facebook Tracking With a Firefox Add-On[/caption]

 

“You can continue to use Facebook as normal, but Zuckerberg can no longer track you around the web.” – PC Mag’s Matthew Humphries stated on March 27th, 2018

With the recent issues with Facebook security and releasing user information, Matthew Humphries suggests adding a Foxfire Add-On through Mozilla to protect users from their personal information spreading around the web.

Regardless of what action (if any) ends up being taken on Facebook in light of the Cambridge Analytica debacle, people are waking up to just how much tracking happens on the social network. Choosing to delete your Facebook account is a little too drastic for most users, so Mozilla came up with an alternative. If you use the Firefox browser, it’s now easy to stop Facebook tracking you around the web.

Announced on The Mozilla Blog today, a new add-on for the Firefox browser has been launched called Facebook Container. When installed, it stops Facebook from tracking you around the web, but importantly, allows Facebook to function as normal when you’re actually using the social network.

Mozilla achieved this by isolating your Facebook identity and placing it in a separate container for the rest of your browsing experience. By doing so, it’s much harder for Facebook to track any visits to other websites through third-party cookies.

As Nick Nguyen, VP of Firefox Product explains, the aim here was to offer, “A solution that doesn’t tell users to simply stop using a service that they get value from. Instead, it gives users tools that help them protect themselves from the unexpected side effects of their usage.”

If you are worried about the data being collected about you but don’t want to stop using the social network, Facebook Container is a great solution for protecting yourself. It’s also a good reason to install and start using the Firefox browser if you haven’t already.

Once installed, you’ll know the add-on is working on the blue Facebook and lock symbol that appears in the address bar when visiting Facebook, just like in the image above.

 

 

________________________________________________________________

For the original content, please visit:

PCMag Facebook Tracking – Firefox Add-on

The Best VPN Services of 2018

“A virtual private network is the best way to stay anonymous online and to secure your web traffic. We’ve tested more than 50 VPNs, and these are our top performers” stated PC Mag’s, Max Eddy

Best VPN Services of 2018

 

What Is a VPN?

In the simplest terms, a VPN is used to create a secure, encrypted connection—which can be thought of as a tunnel—between your computer and a server operated by the VPN service. In a professional setting, this tunnel makes you part of the company’s network, as if you were physically sitting in the office—hence the name.

While you’re connected to a VPN, all your network traffic passes through this protected tunnel, and no one—not even your ISP—can see your traffic until it exits the tunnel from the VPN server and enters the public internet. If you make sure to only connect to websites secured with HTTPS, your data will continue to be encrypted even after it leaves the VPN.

Think about it this way: If your car pulls out of your driveway, someone can follow you and see where you are going, how long you are at your destination, and when you are coming back. They might even be able to peek inside your car and learn more about you. With a VPN service, you are essentially driving into a closed parking garage, switching to a different car, and driving out, so that no one who was originally following you knows where you went.

VPNs Keep You Safe Online

Have you become so comfortable with the idea of transmitting your data via Wi-Fi that you’ve stopped worrying about the safety of said data—and of who else might be looking at it? You’re not alone. In fact, you’re probably in the majority. That’s a huge privacy and security problem. Public Wi-Fi networks, which are commonplace and convenient, are unfortunately also highly convenient for attackers who are looking to compromise your personal information. When even your ISP is allowed to sell your browsing history it’s time to begin thinking about protecting your data. That’s where virtual private networks, or VPNs, come in.

 

Who Needs a VPN?

The protection provided by a VPN offers users many advantages. First and foremost, it prevents anyone on the same network access point (or anywhere else) from intercepting your web traffic in a man-in-the-middle attack. This is especially handy for travelers and for those using public Wi-Fi networks, such as web surfers at hotels, airports, and coffee shops. VPNs also cloak your computer’s actual IP address, making it harder for advertisers (or spies, or hackers) to track you online.

 

How to Choose a VPN Service

The VPN services market has exploded in the past few years, and a small competition has turned into an all-out melee. Many providers are capitalizing on the general population’s growing concerns about surveillance and cybercrime, which means it’s getting hard to tell when a company is actually providing a secure service and when it’s throwing out a lot of fancy words while selling snake oil. In fact, since VPN services have become so popular in the wake of Congress killing ISP privacy rules, there have even been fake VPNs popping up, so be careful. It’s important to keep a few things in mind when evaluating which VPN service is right for you: reputation, performance, type of encryption used, transparency, ease of use, support, and extra features. Don’t just focus on price, though that is an important factor.

____________________________________________________________________

For the original content, please visit:

PCMag.VPN2018

Keylogger discovered on HP Laptops

 

Keylogger‘s are used in IT organizations to troubleshoot technical problems with computers and business networks. They can also be used to monitor the network usage of people without their direct knowledge; they are sometimes used as part of home parental controls. Finally, malicious individuals may use keyloggers on public computers to steal passwords or credit card information.” Reported Bradley Mitchell.

Last week, keylogger was discovered on over 460 different models of HP laptops. The keylogger is disabled by default but is easily enabled under the Windows Registry.  Security researcher, Michael Myng, discovered keylogger in an attempt to figure out how to control HP’s laptop keyboard black light.  What he discovered has sent a shockwave throughout the industry. The keylogger was capable of recording every keystroke made by a single user. Thankfully, most are disabled by default, as previously mentioned. However, it would be a very simple change to enable it which could make your PC vulnerable to a potential hacker.

The BBC reports that HP has issued a software patch to remove the keylogger. “However, there are over 460 models of HP laptop affected, including those in the EliteBook, ProBook, Pavilion, and Envy ranges, and the keylogger has been present since 2012. The software patch support page lists all models carrying the disabled keylogger.”

HP initially allowed keylogger to be installed on so many laptops to act as a debugging tool on the drive. It was simply an oversight, then disabled but not removed. Leaving several laptops in danger of being hacked.

____________________________________________________________________

For the original content, please visit:  Keylogger Discovered on HP Laptops