Tag: security

Tech support scam alarms Chrome users

With evolving technology comes evolving threats. Recently, a researcher revealed that a new type of scam freezes Google Chrome and tricks users into believing that their network security has been compromised. Little did they know that following instructions listed on the screen will lead to an actual security breach.

The End Game

The scam works by displaying an error message indicating a bogus security breach incident that renders a browser unusable. These scammers capitalize on the fact that a serious crash can’t be solved by simply closing the site, thereby sending the users into a panic. This encourages them to dial the number listed on the warning message.

On the other end of the line, the scammers would pose as Microsoft or Apple representatives to convince users into surrendering their credit card details to repair a non-existing security issue. The scams are generally carried out through legitimate sites or malicious ads that have been hacked.

The Ingenious Process

This new scam operates against Chrome by corrupting the window.navigator.msSaveOrOpenBlob programming interface, which basically uses it as a form of distraction. The hackers manipulate the browser and forces it to save a random document on a disk repeatedly at super fast intervals that are impossible to notice. After five to 10 seconds, Chrome will be completely unresponsive.

The Easy Fix

To recover, Windows users simply have to open Windows Task Manager (press ctrl + shift + esc keys) and stop the process there. On the other hand, macOS users just need to wait until a system message prompts them to close the unresponsive Chrome tab. Typically, the latter is a more appealing option since users would have the freedom to close only the corrupted page. Manually closing the whole browser means possibly losing unsaved files in any open Windows.

When faced with IT-related issues, you need to determine how you can approach them calmly. The threats in the digital world may be terrifying and intimidating, but causing a panic in your workplace isn’t the answer. Call us as soon as any problems arise, and we’ll help you as soon as we can. We can even hook you up with other security measures to beef up your network security.

Published with permission from TechAdvisory.org. Source.

Protect your Mac from security threats

Mac users follow certain steps to maintain privacy and protect company data. But if you’re too busy or short on resources, you might place security lower on your to-do list. Whatever your reason, the threat is real and you need to take steps to protect yourself.

Check your Privacy Settings

Begin by making sure that your Mac settings are set up properly to keep your information safe. Click System Preferences (the gear icon along the bottom of your screen), then open the Security & Privacy pane, which contains four tabs that allow you to manage different security features. You should do this with an administrator account so the changes affect everyone who uses this computer.

Take Advantage of the Firewall

One of the biggest steps you can take to protect your computer is to enable macOS’s built-in firewall to block unwelcome network connections. Just go to the Firewall tab in the Security & Privacy settings, click on the padlock at the bottom of the screen, and key in your username and password. Then enable firewall by clicking on Turn On Firewall.

To modify its settings, click on Firewall Options just below the Turn Off Firewall button. A dialog box will pop up and you can click on Enable Stealth Mode. Turning on Stealth Mode will make your Mac invisible on public networks (like an unsecured coffeeshop WiFi).

In the Firewall Options, you will also find a list of services and apps that are allowed to receive inbound connections. If you want to add an app or service to the list, just click the ‘+’ button below the list itself. However, we recommend keeping this list as short as possible because any app connected to the list can be exploited.

Set Up a Firmware Password

Nowadays, macOS/Mac OS X automatically turns on FileVault encryption. This means that it encrypts the hard drive by default, and the only way it can be accessed is by logging in. Keep in mind, though, that this feature won’t necessarily save your account in case someone reinstalls macOS/OS X, or when they use a USB memory stick to boot the Mac and possibly remove all data from your hard disk.

To increase protection, set up a firmware password. To do so, restart your computer, and then press and hold down Cmd+R before the Apple logo shows up on screen. You can let go of the keys once the progress bar pops up.

Choose your location and language when asked, then click on the Utilities>Firmware Password Utility menu. Simply follow the instructions here, and make sure to never forget or misplace your password. Forgetting your firmware password can be quite a hassle because only Apple technicians can recover it.

Ensure that your confidential data remains confidential simply by performing minor tweaks on the system settings. It takes only a few minutes of your time to ensure lasting online protection. If setting up a firewall or firmware password sounds a little too advanced for you, don’t hesitate to get in touch with our experts.

Published with permission from TechAdvisory.org. Source.

Disable Windows 10’s intrusive settings

Windows 10 is undoubtedly Microsoft’s most accepted operating system since Windows XP. But that doesn’t make it faultless, many users have been complaining about the intrusive privacy settings the operating system enables by default. To reclaim your privacy, follow these tips on turning off its intrusive settings

Turn personalized advertising off

For those unaware, Windows 10 assigns each user an ‘advertising ID’ which it uses to personalize your ad experience based on your recent browser history. If you’re someone who is okay with seeing generic ads targeted to you based on demographics rather than your ID, we recommend turning this feature off.

  1. To do so, head into your settings by clicking on the magnifying glass symbol next to the Windows logo, at the bottom left of your screen.
  2. Next, type in Privacy — click on it, and select General.
  3. Then, slide the option which states ‘let apps use my advertising ID for experience across apps’ to Off.
  4. Lastly, open your web browser and go to this link. Once there, select Off for ‘Personalized ads wherever I use my Microsoft account’ and ‘Personalized ads in this browser.’

This resets your ad ID, allowing you to experience the joys of web surfing without the creepy targeted advertisements.

Disable Cortana

Voice-controlled digital assistants have become big business. Microsoft aims to capitalize on this market with Cortana, an incredibly resourceful, built-in assistant that allows to you quickly set reminders, schedule events and send email, among many other intuitive features. It uses the information it collects similar to how Google’s Android-based assistant does it. However, it can become overbearing at times.

  1. To turn it off, click on the Cortana icon in the taskbar, followed by the notebook icon on the left hand side of the pop-up panel.
  2. Click on Settings, this should present you with the first option which says, ‘Cortana can give you suggestions, ideas, reminders, alerts and more’, you can slide that to Off.

Once disabled, the Cortana option disappears and you’re now presented with a search bar which you can use to search for things online or on your desktop.

Stop peer-to-peer file-sharing

With P2P file-sharing enabled, Windows 10 shares downloaded updates to your PC with other Windows 10 users by default. This helps other users update their systems faster, and speeds up your upgrade downloads, as well. However, if you are unhappy with your files being utilized by other users, you can turn it off.

  1. Head over to Settings once again.
  2. Click on ‘Update and Security’, followed by ‘Windows Update’, then ‘Advanced Options’ and finally select ‘Choose how updates are delivered.’
  3. By default, the ‘Updates from more than one place’ is on, followed by two options: distribute updates only to PCs on local network, and shut off P2P updates entirely.
  4. If you want to disable this feature entirely without worrying about specifics, then move the slider to Off.

If you want to share your files with PCs on your in-house network only, leave the the slider in the On position and select the button which says ‘PCs on my local network.’ For more detailed instructions on how to stop P2P updates, click here.

Blunt Microsoft’s Edge

Remember Internet Explorer? Think of Microsoft Edge as the same, just on steroids. The tech giant’s fancy new browser is chock full of features — such as Cortana Integration and typing prediction — which may make you uncomfortable, since all the features send data back to Microsoft. To turn off these intrusive functionalities, open Edge and click on the menu icon in the far right corner (three horizontal dots).

Once in, click on ‘View Advanced Settings’. There you have the option to disable Adobe Flash — which stops those Flash cookies from going anywhere. You’ll also encounter a bunch of settings you might want to disable under the ‘Privacy and Services’ section.

These simple security tips will stop Microsoft from tracking your online movements for good! In case you’re interested in protecting your privacy, don’t hesitate to contact us today for all matters security related.

Published with permission from TechAdvisory.org. Source.

New Windows update for PC vulnerabilities

Two newly discovered Windows vulnerabilities, known as Meltdown and Spectre, make it possible for hackers to steal all sorts of confidential information. To resolve this issue, Microsoft has released an update. Continue reading to stay protected.

Issues with Microsoft’s Spectre and Meltdown patches

After the January 3rd announcement of unprecedented security vulnerabilities, Microsoft has been rushing to release security updates for its Windows operating system. At their most basic, these complex vulnerabilities, named Spectre and Meltdown, make it possible for a program installed on your computer to access any information stored on your hard drive, even if it is protected.

These flaws mean that anything you’ve typed into your computer is at risk: credit card numbers, passwords — all of it. But don’t rush off to install fixes just yet. There are a few speed bumps you’ll have to navigate on your road to safety.

Incompatibility issues

According to reports, Microsoft’s patches have caused several problems to some users’ computers. For some, installing the new patches has resulted in computers with older processors to crash more often than usual. Users with newer processors have found their computers struggling to boot up, with some never getting past the Windows loading screen.

As a result, on more than one occasion, hardware and software vendors have recommended that its customers postpone installing the new patches.

Spectre and Meltdown can cause serious damage, but that doesn’t mean anyone should run off to haphazardly attempt computer repair above their ability. Until the process for installing patches has been ironed out, we recommend enlisting help.

Hire a professional

Given the issues on patches, IT novices shouldn’t update their computers on their own. Without adequate experience, you might install the wrong patch and cause even more problems to your computer. Or worse, install one of the pieces of malware masquerading as Spectre patches. Instead, why not call a professional to update your computer and protect your system from Meltdown and Spectre?

Data and network security is no easy task. We offer advanced, multi-layer protection to keep your data safe and sound. Give us a call and we’ll explain how we can help.

Published with permission from TechAdvisory.org. Source.

Meltdown and Spectre fixes cause problems

It’s been three weeks since one of the worst IT security vulnerabilities in history was announced, and consumers are still receiving mixed messages about how to protect themselves. We usually encourage users to install software updates as often as possible, but when it comes to Meltdown and Spectre, that advice comes with an asterisk.

Unsecured data storage

Spectre and Meltdown are the names given to two hardware flaws that allow hackers to see any piece of information stored on your computer. Although slightly different in execution, both take advantage of a hardware feature that computer chips use to access and store private information. For the last 20 years, security experts believed this information could not be stolen or spied on by malicious software, but that assumption was proven false on January 3, 2018.

Now that the Spectre and Meltdown vulnerabilities are public information, hackers can use them to create programs that steal passwords, social security numbers, credit card numbers, and anything else you type into your computer.

Because these problems are hardware-based, none of the updates will be able to secure the vulnerable storage; they’ll simply prevent your computer from storing anything in it. Currently, there are patches for:

  • Operating systems (Windows, macOS, and Linux)
  • Web browsers (Chrome, Firefox, Safari, Edge, and IE)
  • Chip firmware (low-level programs installed on the processor itself)

If you’re using an Apple computer, these updates are relatively easy to install. If you’re using a Windows or Linux-based computer, these patches may cause your machine to freeze, reboot unexpectedly, or significantly slow down.

Why should I wait to install the updates?

Intel, one of the chipmakers responsible for the Spectre and Meltdown flaws, has provided contradictory recommendations on more than one occasion. As recently as January 18, Intel recommended waiting for an updated patch, but in the same announcement also recommended “consumers to keep systems up-to-date.”

Experts believe detecting an attack that is based on one of these flaws will be relatively easy and represent an alternative to installing updates that could render your computer unusable.

What should I do?

IT support experts will be able to quickly and easily assess what is the best option for your computers. For example, our team can determine whether or not your hardware will conflict with the current patches, and either install them or set up a detection strategy that will help you mitigate the risks without ruining your computer.

If you need expert IT support for quick responses and ironclad security — give us a call today.

Published with permission from TechAdvisory.org. Source.