Archive for the ‘Security’ Category

Office 365 deactivation notices – Fake

July 10th, 2017 by EKG Networking

Happy Monday.

And today another fake email to get in the way of productivity.

This is a quick one to ignore.

When you see an email saying it is coming from Microsoft Office 365 note the return email address.

It will obviously not be @microsoft.com.

The body will say something like:

  • A Request to deactivate your Mailbox (Mailbox name here) was made and this request will be processed shortly.
  • Sorry, we couldn’t validate your Office 365 subscription, so most features in your email have been disabled.
  • Please note that starting from July 10, 2017 we will be introducing new online authentication procedures in order to protect the private information of all Microsft-Account users.

All of these are fake emails designed to get you to click on the link and provide information to bad people.

Thanks to all who have let us know about them and NOT clicked.

Apple iOS hacks – What to worry about, ATT Software Unlock – only if you subscribed to this service

September 21st, 2015 by EKG Networking

Monday morning September 21, 2015 and there are new things to pay attention to.

First the Apple iOS hack:  You only need to worry if you installed any of the listed applications.  Basically what allegedly happened is some hackers created a version of Xcode (software developers used for Apple products) and uploaded it.  Other developers then created real apps using this hacked code which managed to make its way through the Apple Store onto devices.  Please review the list, if you have any of the listed apps, uninstall them and then change your apple id password after.

http://lifehacker.com/hundreds-of-legitimate-ios-app-store-apps-infected-by-m-1732035828

Second ATT software unlock:  This one only applies if you have unlocked your ATT phone using a software service.  Three employees of AT&T are alleged to have been paid to install software on AT&T’s network which allowed another company to unlock phones from people who subscribed to their service.

For more information see:

http://www.computerworld.com/article/2984863/smartphones/att-malware-secretly-unlocked-hundreds-of-thousands-of-phones.html?phint=newt%3Dcomputerworld_security&phint=idg_eid%3D4cac16ea93a1ce4f1d7271a77ca6e69b#tk.CTWNLE_nlt_security_2015-09-21

Review your apps and uninstall anything you no longer use.

Happy Monday!

Windows 10 – Microsoft will NOT send you an email with an attachment – Scams to watch out for

August 5th, 2015 by EKG Networking

With the current release of Windows 10, there are many people willing and ready to upgrade from their previous Operating system.  Many loyal Windows users were not too happy about the Windows 8 model and were looking for something better.  Microsoft decided it was time to cater to what the people wanted when they developed Windows 10, and it shows.

Desktop users can rest assured knowing their once familiar settings are back in an updated Operating System.  This new system caters to not only the desktop user, but also the tablet and the phone user.

With a new Operating System, comes new threats to compromise it.  Unfortunately, there are programmers out there that have already created a new threat that targets the new Operating system.

It comes in the form of email that seems legitimately from Microsoft, but is most definitely not.

Once you double-click on the attached file that is included within the email, you will become infected with the ransomware software.

If you have reserved the Windows 10 upgrade, you will be notified by the small Windows icon in the lower right hand toolbar by the clock.  Microsoft will NOT send you an email with an attachment in it.

Always being on your guard is a good way to think of it.

Here is a link to an article that explains everything in a more involved manor.
http://www.bleepingcomputer.com/forums/t/585105/ctb-locker-ransomware-being-pushed-by-fake-windows-10-update-emails/

– Daniel Grimm

CryptoWall 2.0 Things you can do to prevent

November 6th, 2014 by EKG Networking

Well another version of CryptoWall has reared it’s ugly head and we do mean ugly.  The only way around this is restoring a backup or paying the ransom.  Please do not pay the ransom, this only encourages this kind of activity.

NOTE:  No NON BUSINESS browsing, please communicate this to your staff.

Our new tech Daniel Grimm updated this post with the help of the awesome people over at Bleepingcomputer.com

As many of you know, there has been a virus known as “Crypto-Ransomware or CryptoWall” that has been spreading throughout people’s computers over the past several months.  It has come to our attention there is a newer version of the virus out.  We are trying to spread awareness in reference to this, and have a list of preventative strategies and methods you can use to protect yourselves and help mitigate the risk of these types of Malware.
1.    Backup your computer every night!  Also create an offsite backup.  We like Crashplan Pro by Code42, or Mozy Pro.
2.    Make sure you have an anti-virus program installed and updated
3.    Become educated on what you should and should not do on the Internet.
4.    Use Software Restriction Policies or CryptoPrevent to make it so the malware files cannot launch

NOTE:  As of this writing, only Maximum settings which is in Beta will possibly prevent the infection from spreading.  Please keep this in mind before installing.

Here is a link to the latest version of CryptoPrevent: http://download.foolishit.com/CryptoPreventSetup.exe
Follow the wizard.  Once completed, it will ask you to launch the program, which you want to do.  It will ask you 2 questions, both of which you should say “No” to.  This is what the program should look like once it is opened.  The proper setting should be set to “Default”, and once that is done then you will need to click the Apply button.  It will ask you a question about whitelists, which you need to click “Yes” to.  The computer will need to be restarted for it to fully take effect.  Upon the restart, it will show you a message saying it was successful!

Hopefully preventing CryptoWall

Hopefully preventing CryptoWall

To read more information about CryptoWall:

http://www.bleepingcomputer.com/forums/t/552103/updated-cryptowall-20-ransomware-released-that-makes-it-harder-to-recover-files/

 

 

 

Microsoft Patches Internet Explorer Vulnerability

May 2nd, 2014 by EKG Networking

Referencing our previous post, Microsoft has made available an update to fix the Internet Explorer vulnerability in all versions including Windows XP.

To apply this update or check if it was applied, please do the following:

Make sure to save and close all open work before beginning.

Windows XP

Start
All Programs
Windows Update
NOTE: It may ask you to install an ActiveX Addon underneath the upper portion of the screen, this is okay to do.
Select Custom

The below should appear:

Microsoft Internet Explorer Update fix

Microsoft Internet Explorer Update fix

If it is already installed, there will be no updates.

Install the update and restart the computer.

Windows 7

Start
All ProgramsWindows Update
Select the Important Update –
Security Update for Internet Explorer 11 for Windows 7 for “xxxxx” based systems

Install and restart the system

Internet Explorer Vulnerability – Best Practices

April 30th, 2014 by EKG Networking

The current Internet Explorer vulnerability allows the information on your computer to be exposed when it connects to a hijacked website.  It is not clear whether or not you actually have to agree to download software to allow this access.

Regardless, it is known that the connection to your computer takes place via the Adobe Flash add-on.  Regardless of whether your system is Windows XP or not, you can bypass this issue by:

1)    Not using Internet Explorer.  Options are:
Chrome
https://www.google.com/intl/en/chrome/browser/

Firefox
http://www.mozilla.org/en-US/firefox/new/

2)    Disabling the Adobe Flash within Internet Explorer
a.    Click the Tools menu or the sprocket on the right if you do not have a Tools menu
b.    Select “Manage Add-Ons”
c.    Change Show: from “Currently loaded add-ons” to “All add-ons”
d.    Locate and left-click “Shockwave Flash Object”
e.    Click “Disable” in the lower-right corner
f.    Click Close
g.    If you have a legitimate web site that requires Flash, you can turn it back on by repeating steps a though d and clicking “Enable”.  Just remember to disable again it when done.

 

Microsoft Internet Explorer Tools AddOns

Microsoft Internet Explorer Tools AddOns

The best advice we can give is not to worry about each individual security breach that is reported.  Every company needs to setup best practices with their employees.

Make sure everyone understands business use for the computers.  Using your systems for business use and being diligent all the time will definitely limit your companies exposure to bugs and hacks.

Heartbleed bug – basic facts – what to worry about

April 10th, 2014 by EKG Networking

As the news catches up again reporting things that have been out for a bit, we have clients contacting us.

Our clients are not using the OpenSSL so do not need to worry.

Personally there are things you need to watch and they bring us all back to the basics;

1. Change your passwords often.  A great example, when you come back from vacation change anything you logged into during that time.  (Better yet, unplug and then that will not be necessary).

2. Keep your social media and your other passwords separate and vastly different.

3. Wait five seconds and think before clicking on any pop ups, answering emails that you did not request or giving information to people over the phone.

In some cases this is a hurry up and wait until each website fixes their piece.

Mashable has a great website detailing what you need to worry about and watch with this particular bug:

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

As always, everything old is new again and digital.

Think before you click.