Category : Tips and Tricks

Remove a Virus from a USB using CMD

Viruses change the attributes of a file or folder, such as the read, write, or execute permission, making such files or folders extremely hard to access. In order to recover a file, we can change the attributes of a file and reset the file’s internal structure. Thats why it is a great tool to know how to remove one using CMD. Amar Shekhar, writer for FossBytes, gives us the low down.

A virus can present itself in your system as a file format that can be hidden from a user, present in a form ‘autorun’ or ‘autoexec’, an exec file or a file with different attribute properties. Examples of such would be, Autorun.inf, Ravmon.exe, New Folder.exe,  and svchost.exe. So how do you remove a virus using CMD from any USB ? Assuming you are already on Windows 10 that is.

Using the cmd command called ‘attrib’ command, will change the attributes of a file, folder, or directory responsible for display, setting and removing attributes such as read-only and archive.

Say there is a virus on your drive.

Run command prompt as administrator. 

Change the drive to the one with the virus, in the case of the researcher this is the D drive. Then press Enter. 

Type attrib and press enter. This command lists all of the files inside the current drive, which makes it easy to identify which is housing the autorun.info virus. 

autorun.inf-in-D-drive

To remove the Virus using CMD, type into your command prompt, attrib -r -a -s -h *.* and press Enter. This removes the read only, archive, system and hidden file attribute from all the files. 

  • -r is for removing the read-only files
  • -a is for removing the archive file
  • -s is for removing the system file
  • -h is for removing the hidden file
  • *.* for all the files with all different types of file extensions 

attrib-command-to-remove-virus-using-cmd

To delete the virus, type del autorun.inf and Enter 

virus

  • Once you have pressed enter, that file should get deleted from the current drive. In case, you want to delete that file from a USB stick, then you can change your current drive to USB drive current drive in step 2 and follow the commands.
  • You can again type ‘attrib’ command to see if the deleted file exists or not. As seen above, it does not exist anymore in the D drive.
  • To remove other viruses with extensions such as ‘.ink’, ‘.exe’, just type Del *.ink or Del *.exe respectively to delete those suspicious files.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : http://fossbytes.com

Mobile Management Policy – The Essentials

Mobile-Device-Management-43-0

May it be mobile device management (MDM) software or the integration of MDM as a part of enterprise mobility management (EMM) two goals remain : protecting company data and optimizing technology for your company’s needs. Here are 7 Essentials to you mobile device management deployment.

  1. Square One – When it comes to technology it is nearly impossible to create a 5 year plan that even stands a chance. Technology just moves too quickly. Rather you need to constantly evaluate your information technology strategy for the needs and goals of your business. Instead of pinpointing one item in particular and getting bogged down by the details, such as mobile integration, think about how mobile integration can help aid your business goals. And if you can’t get the answer to that question on your own, enlist the help of a trusted Information technology company to help you see the light at the end of your businesses tunnel.
  2. All Aboard – All relevant departments should be represented in strategy sessions, so that all departments can be supported with a unified strategy whether that be for mobile, desktop, applications, web interfaces. Each department will have their own specific concerns and needs which can be better mitigated with a unified discussion and plan. This does not mean you have to enforce a plan that fits all, but rather a plan that brings all together on a similar page, the plan itself can be tailored to fit the needs of each employee or department, depending on user roles and requirements. For example, accounting and sales. Each will deal with different daily tasks, but can share the need of a digital interface to make such daily tasks easier and more efficient. Each department will most certainly use different applications and software, but the mitigation and support for each should be a unified plan.
  3. Put it in Writing – A compliance policy document is the easiest was to eliminate uncertainty and educate the members of your organization. Make sure to spell out eligibility, supported devices, as well as user rules and responsibilities. These can include but as not limited to, reporting a broken, lost, or stolen device, performing regular system and application upgrades. It is extremely important to relay to employees that information technology responsibility is shared between the organization and the members of that organization. This is also a great place to educate your staff on secure practices to keep company data secure.
  4. Teach Your Team – This may seem obvious, but do not roll out a bunch of brand new software without teaching your people how to navigate responsibly. This means taking the time to establish security compliance in combination with procedures and training. Stress the importance of separating personal and company data as well as regular back ups. If a configured network-attached storage (NAS)  is in your company plan for cloud storage, teach your members how to use the cloud rather than Dropbox. If employees are working around secure procedures, it is important to find out why, what interface is causing trouble so much so that employees are avoiding company policy. Then proceed to fix this problem.
  5. Be Well Supported – Trying to support every users on every device brings chaos. Roll out with a limited program with a subset of employees and devices and if you do it right, you should be able to scale to a larger population. Another smart idea is to limit the applications on your mobiles, you can set up you own in house app store for your company’s mobile devices that allows you to pick and choose which third-party applications are available. This should help manage security on all devices, as malware is increasingly present in applications.
  6. Find the Right User Experience – The size of your business is a large factor in how much you will be able to provide and control. Perhaps your small business does not have the resources to set up an in house app store. this should not stop you from find security means to protect your company. You can create your own website with a responsively designed user experience for assorted small screens. You can also convert browser-based apps to native ones.
  7. Who, What, Where are still Important – Mobile device management platforms offer geofencing capability that adds a new dimension to mobile security, by automatically taking action or requiring a different level of sign-on security if a device is taken further than a set distance form the company headquarters. You can even restrict operations this way.

 

The key to viable mobile device management is to develop a unified plan that can be presented to members  in a way that explains their responsibility to the protection of company data. As always, a good IT company is your best friend for safe and secure management of multiple devices.

 

 

 

 

 


 

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com

New Windows 10 Keyboard Shortcuts!

 

The details come courtesy of Brandon LeBlanc of Microsoft’s Blogging Windows blog. For those on the Windows 10 operating system, check these out!

To enable such shortcuts, right-click the Command Prompt title bar and select Properties.

Open the Windows 10 Experimental tab and check the box next to Enable experimental console features.

Then check the boxes next to Enable new Ctrl key shortcuts and Extended edit keys and finally click OK. Voila!

 

  • Snapping window: Windows key + Left or Right — LeBlanc says: “(Can be used with UP or DOWN to get into quadrants.)” Quadrants is the new Snap view mode that pins apps to the four quarters of the screen.

 

  • Switch to recent window: Alt + TabLeBlanc says: “Hold shows new Task View window view, let go and switches to app.”

 

  • Task view: Windows + TabLeBlanc says: “New Task view opens up and stays open.”

 

  • Create new virtual desktop: Windows key + Ctrl + D  

 

  • Close current virtual desktop: Windows key + Ctrl + F4  

 

  • Switch virtual desktop : Windows key + Ctrl + Left or Right

With the new, here are some basic ones to know 😉

windows 10 shortcuts

 

 

 

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcworld.com

Keyboard Shortcuts – Windows 10 Refresher

 

In light of the recent Windows 10 buzz, it seems like the appropriate time to refresh our shortcut knowledge and add in a few new shortcuts specific to Windows 10. In computing, a keyboard shortcut is a combination of keys pressed by the user that triggers a software or operating system to perform an event. Keyboard shortcuts are not only efficient, but cool! I’m all about making that computer work for me.

Shortcut keys provide an easier and quicker method of navigating and executing commands in a software program and are commonly accessed by using the Alt key on IBM compatible computers or the Command key on Apple computers, in combination with the Ctrl or Shift key and another key to create a function for the machine to recognize. Find yourself clicking the same action frequently? Don’t be afraid to look to the right of the action and see if the operating system offers you a keyboard shortcut –  and try it out!

*These keyboard shortcuts are for IBM compatible devices, feel free to request an Apple specific shortcut blog post!

windows 10

Above are the top keyboard shortcuts for Windows users, and they are relatively basic. Just can’t remember them all? Save this image to your desktop for easy access. If you’ve had these basic shortcuts seared in your brain since the 90’s, here are some new Windows 10 key combos to jazz up your work day.

windows 10 2

 

 

Should I power down my PC each night?

 

Sure, leave it on…

For one, it is more convenient to keep your machine running. Rather than waiting for it to boot up, most of us would rather leave it on if we are going to be on and off it for work or play. A typical system takes around 30 seconds to a minute to boot into the operating system. If you have a large number of programs that are set to launch on boot this can add an additional minute or two to the startup process. Awakening a device from sleep mode only takes a few seconds and there is no additional wait for applications because they are still running.power down

Benefits of keeping the PC on will depend on your computers hardware. A PC with a solid state drive will take significantly less time to boot up than an equivalent machine with a traditional hard drive. Take this into consideration when determining whether sleep or off if a better resting state for your machine.

The maintenance of a good computer starts with regular updates, most of which are best left to work overnight. A few of these tasks could be installing operating system updates, creating backups, and running virus scans. Big moves of data, such as moving large quantities of photos to the cloud, can be scheduled automatically to occur at night. This ensures that the machine is kept up to date and that the user is not interrupted with update prompts and data moves during the work day.

I think most users keep their machines powered up because they need them to be. Have you ever gotten all the way home only to realize that important document you need to work on is on your work laptop? This can be a major setback if the work machine is powered off and sequentially pieces of software are unreachable. A device left on allows the user to simply log in and reach the work machine remotely from home.

Sure, turn it off…

Simple fact remains true whether you religiously power down your machine each night or not, every component of your machine has a life span. The back light in a monitor can last tens of thousands of hours, laptop battery capacity will shorten within the first 300 charge cycles, and a solid state drive is good for around 3000 program erase cycles. Powering down the device might extend the life of the parts, but most users hit the point of buying an upgraded machine long before they are replacing anything within their original device.

A massive distinction exists in power use between when a computer is active, idle, and sleeping. Turning the monitor off alone saves a significant chunk of power, while putting the machine to sleep saves even more. A computer that is turned off but still plugged in uses around 0.2W of power, for those trying to save money on their electric bill this summer. A computer that is powered down will avoid the risks associated with power surges and cuts associated with summer storms as well. Of course a surge protector will also help alleviate this risk.

power down Machines now don’t rely on constant reboots in order to survive, but reboots improve performance and that hasn’t changed. A reboot is still the most effective way of solving everyday errors that users encounter. If you find yourself with a application that is non responsive, a printer on the fritz, or some other glitchy activity, a simple reboot can make you feel like a technical genius. Turning off the machine at the end of the day allows the system to perform actions that may only occur when the device powers down. For instance, I learned that my MacBook at home performs clean up functions when powering down, such as clearing stored information from my daily web browsing activities. This is one less thing for me to remember to clear as well as gives me a little extra storage space for my machine. Just from a power down.

So…..basically……use common sense. If you use your computer all day at work, often need to remotely access it from home, and regularly update and backup your machine at night, leave the machine running, it has reason to do so. If you go out of town for a week and know that you won’t be needing the machine – power it down and give it a chance to cool down. If you use your machine for Pinterest recipes and Facebook, and don’t mind an occasional update during the day or often go days without accessing the computer at all, keep it powered down when not in use.

 


If you would like to learn more about the information presented in this blog post, please visit : www.makeuseof.com

 

VPN, you need one

tunnelA Virtual Private Network, or VPN, is used to connect a private network, such as a company’s internal network, using public wires. In other words you can use an other IP other than your own to appear you are something other than where you actually are. Pretty nifty.

The use of VPNs started as a way for work at home users to access their workplace network just like if they were working in the office. Benefits reach farther now than just work from home capabilities. It is difficult for advanced malware to self install through open ports because the computer will always appear to be another system someplace else. This other machine is often a server that is more heavily protected and harder to attack. Not a sure fire way to avoid attack, but most certainly a viable preventative option.

This presents an extra method of protection, basically playing a little hid and go seek with potential malware. Increased mobile internet usage will eventual open a new vulnerability for hackers to infiltrate, and VPNs could be the eventual answer to avoiding attacks on mobile devices as well. Need for mobile phone VPNs could be the next big thing for data protection.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: You Need a VPN, or You’re Screwed

Who’s in Charge of Your Cybersecurity?

 

The first step in successful cyber-security is getting every employee on board. It is pretty obvious that some hardware goes into creating a security shield around important data. As an Information Technology company ourselves, we already know the value Firewall, and anti virus software have on making your network more secure. However, in order to adopt a more proactive protection policy, the groundwork needs to be laid, starting with company culture and communication. It is increasingly important to enforce awareness and education in order to save a lot of headache later down the line.

The CEO of the company needs to take interest in cyber-security before any of the employees can get on board. Simple risk analysis is a great start. Buying products online is not sufficient. A knowledgeable IT professional should be on hand. You need someone who is going to leverage the right equipment as well as set security measures that fit your establishment.

“The cyber threat cannot be solved by buying products” says Tim Holman, president of the Information Systems Security Association in the UK. Holman has the right idea, if your company is not equipped with the right skills to manage these products they are basically junk. It is important to attack cyber-security the way a hacker does. Common sense leads us to find that reducing the amount of sensitive data stored will always be a great measure. Restricting access to information and getting cyber liability cover is another way to lessen the probability of attack.

As information continues to flow in and out of your business remember that with any exchange over the internet comes a great deal of risk. Ensure your company professionals understand how to practice good security efforts. Never open an attachment that is unfamiliar, back up data in two separate places, and utilize solid Firewall and anti-virus software. Keep all platforms up to date with the latest patches and security fixes. Top to bottom, cyber-security is the responsibility of all.bva_withninja_teal-centered

 


 

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: The CISO, the CIO, the CEO, or you: Who is really responsible for cybersecurity?

The Newest Security Trend – Rewarding Hackers

hacker-malware

There is always that one superhero willing to play nice with the villain. In the world of tech hackers, HackerOne is that superhero. HackerOne acknowledges that modern security is hacker-powered. They have created a platform for vulnerability coordination and bug bounty. In other words, HackerOne works with hackers to find security holes in your company, because to be honest, who better to trust than the villain himself!

HackerOne facilitates communication between hackers and companies. If a hacker does find a bug, HackerOne works as the middleman ensuring the company pays the hacker for the discovery, charging 20 percent commission of the hacker’s pay out. Companies such as Uber, Dropbox, Square, Snapchat, Airbnb, Vimeo, have all joined the HackerOne movement.

Bugcrowd works similar to HackerOne, bringing together good hackers with companies looking to verify their security systems. In comparison to HackerOne, which rewards hackers with a payout decided by the company in question, Bugcrowd works on a subscription basis. Charging a service fee or a project-based charge, Bugcrowd provides market rate suggestions for rewards and manages all payouts for their companies. Their companies consist of AT&T, Dropbox, Facebook, Etsy, Paypal, Twitter, just to name a few. As you might notice, some of the companies listed are clients of both HackerOne and Bugcrowd.

Google, of course, has a public bug bounty program of their own, that offers up to $100,000 for hackers who find vulnerabilities in its Chrome software. Although the reward amount depends on the size of the bug, the rewards are substantial enough to keep hacker interest, ranging from a few hundred dollars to several thousands.

Opening a bug bounty program to the public, puts forth the message that the company values the security of its systems and lessens the likelihood of malicious activity. Despite strong efforts to keep systems secure, no one bulletproof organization exists. In the fight against hackers, a little incentive goes a long way toward a more secure system.

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Meet the Middlemen Who Connect Hackers for Hire With Corporate America

Two-Factor Authentication Evaluation Guide

Two-factor Authentication is a type of multi-factor authentication that provides identification of users using a combination of two different components. These components are often something the user knows, possesses, or something that is inseparable from the user. This Guide has been adapted from Duo Security, and illustrates what to consider when deciding upon a vendor for Two-factor Authentication for your company.WP17

Security

 

In order to enforce this extra layer of protection it is important to consider the factors involved. Security and ease of implementation should be of first priority. The vendor in which provides your two-factor authentication should be secure by design. The cloud based service should use multiple, independent PCI DSS Level 1 and ISO 27001-certified, SAS 70 Type II-audited service providers and is split across multiple geographic regions, service providers and power grids for seamless failover. This ensures that you have a reliable vendor that has an infrastructure that is fully scalable and elastic enough to be able to accommodate any number of users. You should be able to add users as you need them without issue. The vendor should also be backed by a strong service level agreement and the service should offer 24/7 operational coverage.

Cloud-based authentication services are easy to use and tend not to require installation of hardware. Selecting a vendor with drop-in integrations for all major VPNs, Unix, and MS remote access points. Something to look for is deployment. The two-factor authentication process is best implemented when it leverages a platform users already have, such as cell phones. Make sure the service you employ works with landlines and tokens to save your IT administrator from having to manage tokens.

Usability

Usability and convenience are a major part of making two-factor authentication a productive solution. A vendor that keeps a lot of “clutter” such as extra steps gets in the way of the login path and makes for a large and unneeded distraction. Allowing users to easily enroll themselves and set their preferred devices to use for authentication makes the login process easier. This should be met by a vendor that supports a wide range of authentication methods including push to mobiles app, passcode and phone call back.

Administration

When choosing the ideal vendor, make sure the administrative needs are met. For instance, consider if the solution allows for visibility insight into user access of your network. Authentication logs should be provided for auditing and reporting. Systems that provide a centralized admin interface give a consolidated view of how the two-factor authentication is working, and allows for better maintenance. It would be best if the system managed the physical tokens rather than forcing you to manage such items. In addition if you are looking for a cost effective solution, cloud hosted vendors have the lowest costs and least amount of hassle because the infrastructure, upgrades and maintenance are all managed by the vendor.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://hosteddocs.emediausa.com/duo-security-twofactor-evaluation-guide.pdf

Ransomware

 

Ransomware Malware Ransomware is the devilish and extremely debilitating program designed to lock and encrypt files in order to extort money from consumers, business owners, and even government officials. It seems that no one is safe in the fight against ransomware. Most ransomware programs are targeted at the most popular operating system, Windows. Ransomware programs can and will target other systems such as Android applications, Mac OS X and possibly even smart TVs in the near future. Not only is this an unsettling forecast for consumers, but also a call to action for preventative measures to protect your most important data files.

What can be done? Most users have learned the hard way that it is better to back up sensitive data to an external hard drive. However, this type of malware is tuned in to this. When a ransomware program infiltrates a computer, it infects all accessible drives and shared networks, encrypting all files found. This makes for a very irritating discovery of locked data across the board.

Rather than rely on the external hard drive method for backups, it is suggested that consumers adopt a new best practice. Ensure at least three copies of sensitive data are made, and stored in two different formats. At least one of these copies should be stored off-site or offline. This way if ransomware locks files away consumers are not forced into a sticky situation of deciding whether to risk paying for the data retrieval or losing the data forever.

What to do when faced with ransomware? Not much can be done once ransomware has attacked. Most security researchers advise not paying for files to be unlocked, as there is no guarantee that the hackers will provide the deception key once paid. Security vendors also worry about the implications for fueling the fire. The more consumers give in and pay for the safe return of their data, the further encouraged ransomware criminals become to continue this practice of extortion.

If I haven’t said it enough already, I will say it again. Prevention is key. Know how ransomware reaches your computer. Be especially careful of email attachments, word documents with macro code, and malicious advertisements. Always keep the software on your computer up to date. It is especially important to ensure that OS, browsers such as Flash Player, Adobe Reader, and Java are always updated when available. Unless you have verified the senders, never enable the execution of macros in documents. Finally and most importantly, perform daily activities from a limited user account rather than an administrative one. And always, always, utilize a well running and up to date antivirus program.

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.pcworld.com/article/3041001/security/five-things-you-need-to-know-about-ransomware.html