AARP presents a webinar to help you ID the “bad guys”

I highly recommend anyone sign up and watch these webinars. Be smart and protect yourself!

They look like the real thing, but they’re really just impostors after your identity and your money. It’s not too late to learn how to recognize and protect yourself from these clever con artists.
Don’t wait—sign up for AARP’s free, two‑part webinar today. Experts from AARP and the FTC will answer your questions live and teach you about romance scams and government impostor scams—two of the most common varieties. You’ll learn how they target people on dating sites and how they pretend to be government representatives.
Discover the local and national resources available to you. Protect yourself by registering now for this must‑see webinar from AARP.


The Impostors: Keeping Yourself Safe From Scammers
Part 1: Valentines, Candy & Online Romance Scams
Tuesday, February 5, 2019, 7 p.m. ET
Part 2: Fake Tax Bills: Protecting Yourself From the IRS Scam
Thursday, February 7, 2019, 7 p.m. ET

AARP Membership Newsletter

Register here

Even if you cannot attend the live webinar, register anyway and they will email you the recording and you can watch it anytime!

“I’m too little; I have nothing of value…”

An all too frequent refrain from customers when I approach them about securing their network with a firewall or a software based Security Suite. However, you ARE valuable to the bad guys and the “little guy” is the new “ripe” target as the “bad guys” have now aggressively automated their attacks with bots. They no longer care about making dollars off of your data (although you’d be surprised what some “insignificant” data is worth) — it’s all about the cents. Your data bundled together with enough others starts adding up to real money. Remember — it’s computers doing all the sorting; one “bad guy” can launch A LOT of attacks and make a nice bit of money on the side.

Don’t want to believe me? How about what Dale Drew of CSO magazine had to say in October 2017:

“But here’s a sobering thought: every second, potential cyber victims are hit with roughly 15,000 malware attempts, 15,000 phishing attempts and 8,000 scans for known vulnerabilities or exposures..”

“So, while we may not always see them, cyberattacks are nevertheless ongoing. In fact, we’re witnessing a sharp and sustained increase in attacks over the public internet just within 2017.”

Source: https://www.csoonline.com/article/3235028/security/no-target-too-small-no-industry-untouched.html

Mr. Drew continues: “A recent Incapsula report found more than 50 percent of all web traffic is botnet traffic, rather than traffic initiated by human beings. While roughly 23 percent of botnet traffic is attributed to “good” bots like search engines and feed fetchers, approximately 29 percent of bot traffic is classified as the handiwork of bad actors or automated systems scanning for exposures.”

“In the last month or so, alone, automated attacks hit some honeypots upwards of 750,000 times in a single day.”

“In other words, the bad guys don’t even have to keep their fingers on their keyboards to successfully infiltrate as many networks and machines as possible; their bots are doing it for them.”

I would encourage you to read his entire article and start considering security on your computer the same way you think about it for your home or other property. The Internet is a wondrous place full of information but it is also still the “wild west” — you need to be cautious.

daviestrek Consulting is here to help you “secure the ranch.” we can assist with helping you make your passwords more secure, install a Security Suite on your individual machine, or install a Firewall for your network that’s far more robust than a big box store router or the router provided by your ISP. All of these items are very affordable and can even be billed out monthly if that fits your budget better.

Microsoft goes to the Edge, backs off.

From Tom Warren at The Verge (posted 9/17/18):

“Microsoft started testing a warning for Windows 10 users last week that displayed a prompt when Chrome or Firefox was about to be installed. The software giant is now reversing this controversial test in its latest Windows 10 preview, released last Friday. The Verge understands Microsoft no longer plans to include this warning in the upcoming Windows 10 October 2018 Update that will ship next month, but that the company may continue to test these types of prompts in future updates.

The prompt tried to convince Windows 10 users to stick with Microsoft’s built-in Edge browser when the Chrome and Firefox installers were activated. Microsoft uses a similar prompt when you try to switch default browsers on Windows 10, and the company has also issued notifications to Chrome users in the past warning them that Google’s browser is “draining your battery fast.”

Microsoft also tried to force Windows 10 Mail users to use Edge for all email links, ignoring any default browser set in the operating system. This change was also tested with Windows 10 users and the feedback forced the company to rethink its plans. It’s not immediately clear whether Microsoft reacted to feedback on this latest test, or whether the company inadvertently added it to the final stages of the Windows 10 October 2018 Update. Microsoft doesn’t typically add major changes when it’s finalizing its updates, and the company didn’t even note the addition or removal in its blog posts. Either way, Windows 10 users will be hoping this is simply the end of this particular test.”

Mac Ransomware? Yup…

Ransomware knows no bounds

Nicole Reineke at Unitrends recently published an article about a new attack vector for Ransomware –Macs. (https://www.unitrends.com/blog/mac-ransomware) She says “…and although it is crude, it is certainly effective.”

“There is no truth to the idea that Apple’s computers are somehow harder to hack—either through viruses, exploits, or social engineering—than their Windows or Linux counterparts. The reason for their relative security is simple. Apple computers represent only 7.4% of the global market share, and 13% of the market share in the US. With fewer computers on the market, it’s simply not been worth it for hackers to write specialized malware.”

Quoting further from the article:

“Crude, slightly broken, and definitely dangerous

This new ransomware variant, the creatively-named MacRansom, is definitely not up to the standard of the finely-crafted malware, such as Cryptolocker, that’s been giving Windows users so many headaches. It only encrypts 128 files at a time, and it’s so poorly coded that it mangles the files it encrypts. Unfortunately there’s still a way that they can get a hold of your enterprise backups albeit slowly.

Therefore, even if victims pay up the $700 ransom, they’ll never be able to fully restore that data.

There are some technically-sophisticated aspects to this virus, but nothing stunning. It copies features that were used in previous versions of Apple ransomware, such as KeRanger, and incorporates techniques to hide itself from antivirus. These are all features that have been seen before on malware targeted at Windows machines.

The real danger posed by MacRansom isn’t in its technical wizardry, but rather in its availability. MacRansom is part of a growing category of ransomware known as Ransomware-as-a-Service (RaaS). MacRansom isn’t the sole intellectual property of a single group of criminals—it’s for sale.”

Security is no longer a concern of “only” Windows users. Security is an all-the-time thing online. Keep your passwords complex and random – -and change them often. Keep your machines patched and have a solid protection plan in place.

We are happy to assist with your security needs. We have a full range of security and backup solutions from on-premise to on-the-cloud. We can help. Contact us today!

Coldroot will have you seeing red

As reported by Zach Whittaker at ZD Net’s Zero Day (http://www.zdnet.com/article/coldroot-nasty-mac-trojan-went-undetected-for-years/) Macs have been targets of the “Bad Guys” for years. Only recently has a very old Trojan seen the light of day: Coldroot.

These types of Trojans can act as key loggers (logging everything you type) and even act as the user with full remote control.

Antivirus vendors should be scanning for this in the near future.

 

Read the full article here: http://www.zdnet.com/article/coldroot-nasty-mac-trojan-went-undetected-for-years/

Microsoft Releases More Win10 Updates

Paul Thurrott (http://www.thurrott.com) just reported that Microsoft has updated the shipping versions of Windows 10 again this month. It’s another Cumulative Update so you’ll need to reboot your machine after the update gets installed. With all the Bad Guy activity going on, it’s not really surprising to me. While it’s a pain in the rear to have to reboot so often, I take solace in the fact that Microsoft is ACTIVELY trying to keep the OS patched.

Paul has all the details of what’s included in the Update here:
https://www.thurrott.com/windows/windows-10/120470/microsoft-updates-shipping-versions-windows-10-6?_hsenc=p2ANqtz-97Df9Gwmt8493Tt9ml8c0JrEM9vQ1-ipr3S4eli95oFcNNiKLKN3C2HGdPdItgqLiGDHqGNY1NPrgc1RIIsPUcV6hY3w&_hsmi=53681954

Another Day, Another Ransomware Attack: “Nyetya”

The Bad Guys know no shame. It appears they’re going to try every one of the tricks that was leaked from the NSA tool kit. Oh, goody. I’m saying “nyet” to “Nyetya”.

If you have servers (or even one server) you need to make sure you have all the latest patches from your Server Software Vendor — besides Microsoft that also extends to Linux (and all the variants) and even Apple products. There is no “safe” operating system from these latest attacks. Your computer (workstation) is the perfect delivery mechanism for the server attack so it’s important you keep whatever Security Suite you have up to date and fully patched. (I’m assuming you’re already keeping up with all the Microsoft and other Operating System Vendor updates regularly, right?!?)

We can provide assistance with patching all of your equipment and we also sell the Trend Micro Security Suite. We can cover your servers and your workstations (even your mobile devices) with some of the very best protection available on the Internet. You can book us online at http://connect.daviestrek.net and we’d be happy to assist you in keeping the Bad Guys at bay.

Want to know more about this latest round? Here are a couple of really good informational sources.

From Trend Micro: https://blog.trendmicro.com/trendlabs-security-intelligence/large-scale-ransomware-attack-progress-hits-europe-hard/?mkt_tok=eyJpIjoiWkdJMk16WXhOVFkyTkdFMCIsInQiOiJyTUtqZlJldHVOMVZIQjZMZDd1VGhzYVwvWTFLdGQ2Ym5CQWpIT2xPVUlJRTc4blRBdGVwelVFR1pPUW1RM0hocDYyS2loUnBPMXN0TWQ3V2hRbjl2WFwvRE9mRTd6OXJrT1dMTWQ5bmdxNGdzaWphTFwvWW5rV2tJUDNUMzZFbE1YSiJ9

From Cisco’s Talos Intelligence Group’s Blog: http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html

The New Normal? The Bad Guys and You Part 2: The Smack Down

In Part 1 we talked about what the Bad Guys could potentially gain from targeting you and your “nothing worth stealing.” But I think you saw that maybe you do have something worth stealing after all.

“Great, guess I’ll throw out the computer and no more email!”
Probably not a good idea and certainly not practical. It’s better to understand what you can do to protect yourself. Please allow me to digress for a moment into an analogy. It used to be that one could leave their doors unlocked and not worry about getting robbed. You can still leave your doors unlocked, but if you do get robbed — what do you think is the first question the Police and Insurance Company will ask? How much help do you think they will really be?
So we all put locks on our doors. That involved us carrying keys. The hassle!! Some decided to leave them under the mat or in a fake rock (or fake dog poo) near the door. That’s pretty handy. The criminals think so too. That turned out to be almost as useless as just leaving the door open.
So we get fancier locks. Something with a punch code. That’s pretty great until the battery dies in the unit (you forgot to replace it) and you still need the key to get in. (Did I leave it under that suspicious looking dog poo?…)

“There’s no way to win so why bother?”
For the same reasons you still lock your door and hassle with the key, you should be taking the time to create yourself a password scheme that includes upper and lower case letters, special characters (!@#$%^&*), and numbers. Have a minimum of nine characters — 12 and above is much better. Having a passphrase is often quite helpful. Don’t include personally identifiable info in your password (e.g. names — yourself, significant other, kids, etc.) but make it meaningful to you. TheRock!3Mount@1ns is an example of an extremely simple passphrase. (Don’t use it — I just gave it to you and all the Bad Guys. I’m sure it’s in a list now used to crack passwords. If you were using it, I’m really sorry. I didn’t know!) The absolute BEST passwords are the randomly generated ones but that can get really hard to manage.

“I have too many passwords to remember as it is and now you want me to make them harder?! Are you CRAZY?!?!”
Well, I’m not quite right, but I wouldn’t call it crazy. 🙂
There are lots of ways to manage passwords. If you are like many of my home clients, you have a workstation or laptop that stays pretty much in one place and that’s where you go to access the Internet. I’m going to suggest something totally radical for you to use as a password manager: a small notebook kept in a drawer somewhere near (but not next to) the machine. Keep each site on a single page so you have room to change the password as you need to. I just made security nerds everywhere scream out in pain. Take heart security nerds, I’m suggesting the electronic solution next. This recommendation is playing the odds — I’m making the assumption that the chances of a physical break in and the criminal specifically looking for and taking that notebook is fairly low. (You had the door locked, right?!?) Way lower than the online Bad Guys.

“Fancy passwords are a real hassle”
There is an electronic management solution — lots of them actually. PC Magazine recently reviewed and proclaimed “The Best Password Managers of 2017“. Don’t want to invest in a management solution? There are free options like a product called Password Safe. Another even more secure option is presented by Felicia King at Quality Plus Consulting making use of Password Safe and a product called YubiKey. She outlines the strategy here.
If you use a product like Password Safe you will be able to randomly generate passwords and electronically store them in an organized fashion. It’s that notebook on your machine. Of course, you’ll want to keep a backup of your password file — but you’re backing up the important data on your machine regularly anyway, right?? Right??

“I’m still confused and need more help.”
You’re in luck — we can help. You can schedule an appointment online here.

The New Normal? The Bad Guys and You Part 1

“How did this happen to me?”
I’m often asked “how did this happen to me?” when cleaning up a machine infected with whatever Bad Guy stuff that was installed. It happens often. Way too much really. The Bad Guys are ramping up their efforts as they find more success. It’s easy and quick to do. Like most criminals, they actively target the easy grab. Too much work is left to more motivated criminals.

“I have nothing worth stealing”
Another popular refrain. Obviously you do, or the effort to trick you into installing the Bad Guy stuff or infiltrating your network wouldn’t exist.

E-Mail: The EUREKA! moment
You likely are using your machine for e-mail. It’s pretty much mandatory these days for all sorts of services and communication. A valid, functional e-mail address might be worth $0.01 (I’m strictly guessing). Get 10,000 or 100,000 or 1,000,000 of those valid e-mail addresses and you’re talking real money that they can get from spammers and the Black Market. If they’re slightly more motivated, they can lock you out and take over your email account.

You just became way more profitable.
Now that they have access and control of your email they also have control of all those other accounts. If you didn’t have them before you can bet you will now. They’ll spend time posting and creating as you so that they can sell off those accounts as well. A Facebook account might be worth $2. An iTunes account maybe worth $5. It’s starting to add up.

It gets worse
Now that they have your e-mail account, they can start REALLY stealing your identity. They can steal credit card info and make fraudulent purchases or simply sell off that information to the highest bidder on the Black Market. They can pose as you and spam any contacts in your email client and possibly trick those contacts into also becoming a victim.

“What am I going to do?”
Check back for “The New Normal? The Bad Guys and You Part 2: The Smack Down”