January 23rd, 2014
Apple’s latest operating system, iOS 7, was initially made available to users in September. Since then, there have been a number of complaints, but overall it’s been accepted positively. That is, except for one incessant bug that has plagued a number of users and has no fix. As Adario Strange reports at Mashable, the so called “white screen of death” may be cured in the next couple months.
The bug, which has been reported by users since iOS 7 first hit their iPhones, causes devices to suddenly freeze and then reboot. It’s unclear exactly what causes the soft reboot. Some users claim it only happens when their battery dips below 30-percent, while others report they’ve experienced a sudden reboot at various levels of battery.
Up until now, complaints of users have been largely ignored by Apple, but an official statement about when users can expect a fix has finally come out. Apple says they have a fix for the bug, but there is no exact date for when that fix will be released. Most likely, users will have to wait for the release of iOS 7.1, which is currently in its fourth beta. In addition to the bug fix, the update will likely make some other minor changes to design and the user interface. However, it won’t be available until sometime in March.
This particular fix will have to come from Apple, but for other problems with your iPhone or any other device, call Geek Rescue at 918-369-4335.
January 23rd, 2014
The amount of malware being produced to infect Android devices is growing rapidly. Usually, it’s easy to avoid being infected by only downloading apps from Google’s Play Store and only visiting trusted sites. It’s also generally easy to spot signs of an infection. At State of Security, Anthony M. Freed reports on the latest malware threat for Android that defies these conventions.
It’s called Android.He.He and it’s able to intercept both phone calls and text messages of infected devices. While similar malware that either intercepts calls or messages or sends them will leave evidence in your call log or text message history. Android.He.He not only deletes any evidence that a call or message was ever sent to your phone, it even keeps any notification from popping up at the time of the call or message.
The malware infects users by posing as a security update to the operating system running on their device. Once downloaded, an app called Android Security is added, but the malware is even capable of hiding this apps existence from the user.
It seems these attacks are highly targeted because the malware uses a predetermined list of phone numbers. When one of these numbers attempts to contact an infected the device, the malware intercepts it. This would seem to work best for targeted attacks against specific users, but could also work for general attacks by using numbers of popular credit card companies, banks and other organizations that may give attackers an opportunity to steal valuable information.
This supposed security update is not found in the Google Play Store and, while it could be sent to users directly, it is usually first encountered in an ad advising you to update your operating system, or in a third party app store.
It’s important to put security apps in place to protect you from some threats, but unfortunately security for mobile devices is lagging behind attackers. For that reason, it’s also vital to avoid putting yourself in a potentially harmful situation, like downloading apps from an ad or untrusted source.
If any of your devices are infected with malware, bring it to Geek Rescue or call us at 918-369-4335.
January 22nd, 2014
There have been a seemingly endless list of complaints about Windows 8 since it was introduced. Microsoft tackled many of these with its Windows 8.1 update, but some users still find the adjustment from previous versions difficult. To help ease that transition, or to help increase the usability of the operating system, it’s helpful to know some keyboard shortcuts. Konrad Krawczyk of Digital Trends recently published a list of shortcuts that can increase productivity and reduce frustration for Windows 8.1 users.
- Windows key and ‘D’– Shows and hides the desktop.
- Windows key and ‘X’– Access the Quick Link menu.
- Windows key and ‘E’– Open File Explorer.
- Control, Shift and Escape– Opens Task Manager.
- Windows key, ‘X’ and down arrow– Opens Mobility Center.
- Hold Control and scroll mouse wheel– Zooms in and out.
- Windows key– Then, begin typing to search for files, folders, programs or menus.
- Windows key and down arrow– Closes a Modern UI app.
- Windows key and Tab– Switches between Modern UI apps.
- Alt and Tab– Switch between all open apps.
- Windows key, Shift and Tab- Scrolls through open Modern UI apps backwards.
- Windows key and ‘P’– Select a display presentation mode.
- Windows key and Spacebar- Choose a keyboard language and change the keyboard layout.
- Windows key and ‘I’– Displays the settings menu for the current app.
Each of these keyboard shortcuts allows you to access features quicker, or even use features you didn’t even know were there. These shortcuts will help you work better with Windows 8.1.
If your computer has other issues, like malware infections or broken hardware, bring it to Geek Rescue or call us at 918-369-4335.
January 22nd, 2014
Worldwide there are more Android devices than Apple devices and the gap is steadily increasing. That’s likely the main reason that more malware is being produced for Androids. As Rohan Swamy reports for NDTV, a recent report from Cisco illustrates just how at risk Android users are.
Nearly three-quarters of web delivered malware targets Android devices. That’s a troubling statistic, but even worse is that over the past few months, 99 out of every 100 mobile devices that are infected with malware are Androids. This suggests that Android users aren’t taking proper precautions despite there being more risks targeting them.
Before you abandon Android for the relative safe harbor of Apple’s products, consider this. Only about 1-percent of malware attacks have a specific target. Most devices become infected because they take unnecessary risks. Downloading content from untrusted sources and visiting untrusted websites are both common ways to encounter malware.
In fact, the most common piece of malware on Android devices comes from a legal app that can’t be found in the Google Play store. Instead, it must be downloaded from third-party app stores that don’t thoroughly check the legitimacy of their apps. If users stick to officially recognized apps and only download trusted items, they greatly reduce their risk of a malware infection, regardless of what device they use.
The open source nature of Android may have a large affect on the activity of Android users. Whereas Apple users seem to only download official apps, Android users are more likely to download from unofficial sources because there are more developers making innovative products for Android.
The way to keeping your smartphone free of malware is the same way you keep your computer clean. Put security tools in place and use safe surfing techniques. Stay off untrustworthy sites and only download from official sources.
If any of your devices are infected with malware, bring them to Geek Rescue or call us at 918-369-4335.
January 21st, 2014
The recent attack on Target that ended with millions of customer’s credit card information being stolen holds multiple lessons for IT departments everywhere. We already reported the facts about the malware used in the attack. At IT Manager Daily, David King has a list of what should be learned from the attack so it less likely to happen again, or at least handled more effectively.
If your body is infected with a virus, the longer you wait the worse it gets. It’s a similar rule of thumb of malware infections and attacks. Not only do you need to secure your network and get rid of the malicious files, but you’ll also need to warn your affected customers and be prepared to handle the influx of calls. This all needs to happen as soon as possible to prevent the situation from getting even worse.
- Secure All Points Of Access
The wrinkle in the attack on Target is that computers weren’t infected with the malware. Instead, the point of sale system was the target. Similarly, recent stories have reported that anything connected to the internet, including refrigerators, can be infected with malware and used by criminals. That makes it vital to secure every device that is connected to the internet and put security tools like firewalls in place to protect your entire network.
Part of the key for acting quickly is to make a plan for recovery before disaster strikes. This way, every part of your organization knows what their job is and everything will run smoothly. This plan will need to be updated when applications and personnel change and altered for new forms of attacks.
These three tips won’t keep you completely secure from a data-scraping malware attack. Unfortunately, nothing can guarantee the safety of your data. But, when you follow the correct protocol, you’re less likely to become a victim and are able to risk less.
For help improving the security of your company’s data, or for help recovering from an attack, call Geek Rescue at 918-369-4335.
January 21st, 2014
When you first unboxed your computer, you probably took extra precautions like being gentle with each piece, washing your hands and keeping food and drinks far away. How long did that last? Most of us abandon the careful behavior and start using our computers with reckless abandon within a few days. Doing so leaves crumbs and debris in keyboards and smudges across our screen. Dirty computers can even perform worse than clean ones. At LifeHacker, Alan Henry published some tips for how to quickly clean your computer every day.
- Turn keyboard upside down and shake over trash.
This isn’t as effective as using a can of compressed air, removing keys and deep cleaning your keyboard. But, these are tips for daily cleaning. By removing any loose particles and crumbs every day, your keyboard stays newer for longer and won’t need to be deep cleaned as often.
- Wipe screen with dual-sided microfiber cloth.
First, wipe down your screen with the terry cloth side. No additional cleaner or liquid is necessary. When you’re finished, turn the cloth over to the microfiber side and wipe again. This will remove smudges and dust that has collected on your screen. This doesn’t help performance, but does allow you to see the best display your monitor allows.
- Wipe keyboard and mouse or trackpad
There are specific cleaning wipes you can buy to remove some dust that doesn’t fall out after step one and remove grime from your trackpad or mouse. Another option is to mix your own cleaning liquid. A mixture of half water and half isopropyl alcohol works well, but don’t use it on your screen.
That’s all there is to it. This will take about one-minute per day and keeps your computer clean without you having to be extra careful. Periodically, you’ll want to perform a deeper clean, which should include cleaning the interior and exterior of your tower. This keeps it running quietly and cooling properly.
If your computer is in need of repairs, or just a deep cleaning, bring it to Geek Rescue or call us at 918-369-4335.
January 20th, 2014
There are so many threats to your smartphone. Malware is being created specifically for mobile devices at record numbers and, of course, you have to worry about your information, like text messages and phone calls, being intercepted and recorded. To prevent these security vulnerabilities, you could download security apps. As Rob Lever reports at Business Insider, your best option for a secure, mobile experience is to get a new phone. Specifically, the Blackphone, which is said to be the most secure smartphone ever made.
Silent Circle, described as a “secure communications firm”, began developing the Blackphone because they saw a need for truly secure mobile communication and no other companies stepping up to serve that need. The company has already released apps for both smartphone and PC users that encrypt messages and videos. The Blackphone will feature encryption for video and text, as well as securie VoIP calls.
The secure smartphone won’t be released for another month and specifications will likely be kept under wraps until then. In the meantime, we know it will be less expensive than big flagship smartphones like the iPhone 5S and Samsung Galaxy S4.
According to a Silent Circle executive, the Blackphone isn’t just useful for those who need top of the line security, such as government employees. It’s built for a typical user with features similar to other smartphones only it has the added benefit of being much more secure. All of that, however, comes with the warning that no mobile device is completely secure. Even the Blackphone with all of its attention to a more private and secure experience for users isn’t impenetrable. But, right out of the box, this smartphone has inherent advantages.
Chances are, your smartphone isn’t as secure as the Blackphone. If it’s been infected with malware or needs any other type of repair, bring it to Geek Rescue or call us at 918-369-4335.
January 20th, 2014
Google Chrome is the most used web browser in the world, but it recently made headlines for the wrong reasons. Chrome features extensions, which are additions that improve the capability and functionality of the browser. As Lucian Constantin reports at Computer World, two extensions were removed from the Chrome Web Store after users reported they were injecting adware into legitimate websites. This caused ads and paid links to appear for users with these extensions, which Google explicitly forbids in their extension agreement.
The nature of how these extensions began distributing adware is interesting. Both extensions, ‘Add to Feedly’ and ‘Tweet This Page’, were both sold recently by their developers. Both already had thousands of users who had added their extensions and both were developed as legitimate, useful extensions. Once they were sold, an update was released that featured no bug fixes or additional features. Instead, the update turned the extensions into adware.
When these new malicious extensions are added to Chrome, links on websites you visit are replaced with links to sites within an advertising network. Those responsible for altering the extensions are likely being paid each time a user clicks on these links. The sites a user is taken to aren’t necessarily harmful themselves, but they won’t be where anyone intended to go.
This method of altering existing extensions is effective because most users allow extensions to be updated automatically without having to take any action themselves. So, a third party is able to purchase an extension that is already installed on thousands of browsers and immediately have access to those users. It also seems that extensions with certain permissions are being targeted. Even trusted extensions often have permission to alter content on the websites a user visits. Some also have authorization to post to social media profiles or the ability to access passwords. With these permissions in place, altering an existing extension can give criminals the ability to post spam links, send users to malicious sites and steal log-in information.
Because of the way Google monitors extensions, security experts believe this method wouldn’t be effective for distributing malware. But, hackers can purchase extensions and make changes to accomplish a number of nasty jobs without having to infect users with typical malware.
Changes to Chrome’s Web Store may be coming soon to close this vulnerability. For now, make sure your extensions don’t update automatically and read the permissions of each carefully.
If your computer has been compromised and is need of a repair, call Geek Rescue at 918-369-4335.
January 17th, 2014
A shocking number of small businesses don’t invest in security to keep their data, and their customer’s data, safe from hackers and malware attacks. Many small business owners believe they won’t be a target because they don’t have as much valuable data as larger competitors. From a hacker’s point of view, however, grabbing a few credit card numbers, or infecting a small network without having to bypass robust security can be more attractive than trying to hack a complicated IT infrastructure. To help your business stay safe from cyber attacks, security expert David Campbell outlined some vital ways to improve security at Florida Today.
Updates to your operating system, antivirus program and vital applications are available nearly every day. The reason there are so many updates is because new vulnerabilities and pieces of malware are unveiled. To close flaws in security and eliminate bugs, you need to update constantly. Out of date applications tell hackers that known attacks will work against your network.
Do you know who can access your company’s data? You should be carefully tracking who is accessing your servers and from where. This way, you’ll be able to spot a potential attack before it does much damage. Also, be sure to limit employees who don’t need access to certain files or applications. By limiting access to only those individuals who need it, you minimize risk.
Proper testing can be the difference between a hassle-free integration of new technology and an extended period of downtime. From a security standpoint, make sure any new software you introduce is compatible with existing security features. Even when you have set up an effective security infrastructure, changes to your network could present vulnerabilities.
In addition to watching who is accessing data, keep an eye on how much traffic is running through servers. A spike in traffic can be a warning sign that a third party is using your resources maliciously. By closely monitoring the use of your resources, you’ll be able to spot problems before they cost you money.
If you run a business, you have information that criminals find valuable. Eventually, a lack of security will cost your company money and credibility.
Don’t wait, improve security at your business today by calling Geek Rescue at 918-369-4335.
January 17th, 2014
You’ve no doubt heard of the recent attack that stole data, including credit card numbers, from Target customers. After that attack, it was discovered that malware capable of stealing data out of the memory of point-of-sale devices, which are used by retailers and just about any organization that accepts payment digitally. Mathew J. Schwartz of Information Week published some facts about this memory-scraping malware that both users and businesses should know in order to stay safe.
The first time a memory scraping malware attack took place was in November of 2011 when several hotels had point-of-sale systems compromised. Since then, the malware has targeted hotels, auto dealerships, healthcare companies and many others. No previous attacks reached the scale of the Target breach, however. It is believed that those attackers successfully stole more records than any similar, previous attack.
You might think that important information like credit card information should be encrypted when stored to avoid this type of large scale attack. At almost all times, this information is encrypted, but not until later in the process. This malware steals data directly from memory, where it’s still in plain text. This could happen almost immediately after you swipe your card and even before payment has been authorized. Once that data is transferred to a hard drive or sent elsewhere, it’s encrypted, which makes it difficult, or in some cases impossible, for hackers to steal it.
- Vulnerabilities of point-0f-sale
Storing credit card data in plain text is an inescapable vulnerability in point-of-sale systems, which is likely the driving factor behind the way this attack was organized. When information is stored in memory, it needs to be processed, which means it has to be un-encrypted so the data can be used. Memory scraping malware is designed to wait for this moment when data is vulnerable and intercept it.
Point of sale systems operate on a network, which means there are a number of ways they can be infected. Any infected device connected to the same network could be the source. If that network isn’t secured properly and is compromised, that opens another option for malware to get in. In the Target attack, the personal information of customers was stolen in addition to credit card information. This suggests that malware had infected more than the point of sale devices. Servers or other databases connected to the internet were also attacked.
This type of attack is difficult to detect thanks to intelligent techniques used by hackers. Once malware has infected the network, it still needs to infect the point of sale device to steal valuable data. Doing so would usually set off alarms from security software protecting devices on the network, but in these attacks, encryption and antivirus evasion tools are used to confuse security and operate undetected.
There are other methods to protect devices with many of them stemming from keeping infected devices from directly connecting to point of sale devices. Unfortunately, for users, it’s seemingly impossible to tell if a retailer’s system is infected and will put your data at risk.
If your business would like to explore more robust security options to keep your information and your customer’s information safe from malware attacks, contact Geek Rescue at 918-369-4335.
