Firefox 29 Brings Big Changes To Browser

April 30th, 2014

Firefox logo

Mozilla’s Firefox web browser is currently the third most used browser, behind Google Chrome and Microsoft Internet Explorer. This week, Mozilla released the Firefox 29, which is the first significant interface redesign in three years and makes more than 1300 changes to previous versions of the browser. Seth Rosenblatt of CNet has details about what’s new with the new Firefox.

  • A menu icon has replaced the recognizable, orange Firefox menu button and has moved from the top-left corner to the top-right.
  • A ‘Download Manager’ icon now resides by default in the add-on bar.
  • The ‘Forward’ button for browser navigation disappears until there’s a page to move forward to.
  • Tabs will no longer shrink as drastically as they have in years past when a number of tabs are open. Mozilla wanted to keep tabs legible at all times.
  • If there are more tabs open than fit in the bar, users can scroll with their mouse, or use navigation arrows provided to access additional tabs.
  • The entire new interface takes some direction from mobile-friendly websites and apps in order to become a more acceptable browser for touchscreen devices.
  • To aide syncing, Firefox introduced Accounts. Users may create a username and password and log-in through an icon provided in the browser menu.

Many of these changes, particularly the use of accounts and some changes to the interface, are designed specifically to help Firefox break into the mobile browser market. Currently, about 0.1-percent of Android users have Firefox on their smartphones.

This new version of Firefox couldn’t have been released at a better time considering Internet Explorer users are being urged to find an alternative browser until security issues are fixed.

When you’re having problems with your device, network, hardware or software, call Geek Rescue at 918-369-4335.

Attack On AOL Puts Everyone’s Email At Risk

April 30th, 2014

Spam folder

A popular method of attack for cyber criminals is to gain control of a legitimate email account and spam the user’s entire address book. This gives them a much better chance to infect more users as their spam emails appear to be from a trusted contact. This method is annoying when it’s highly targeted and affects only a few dozen email users. It becomes much more than an annoyance when potentially millions of users are affected. At CNN, Jose Pagliery reports on a hack on AOL that has potentially compromised millions of email accounts.

It’s not known yet exactly how many email users had their information stolen in this large scale attack on AOL. Currently, the company reports that only 2-percent of their email accounts have been observed spamming others. But, of their 120-million email account holders, anyone could be affected.

AOL also warns that it isn’t just the ability to spam your friends that’s at stake. The attack could also give hackers access to postal addresses, log-in credentials and answers to security questions.

This is such a large scale attack that everyone needs to be warned about it. With millions of contact lists at risk, nearly every email account in the US could be hit by AOL spam in the coming weeks.

There’s also the concern about abandoned AOL accounts being revived to send out spam. A significant number of AOL email accounts have been dormant for years. However, attackers are still able to gain access to these accounts and spam their contacts. Because this is a seldom used, and often forgotten about, account, it could take longer to mitigate the issue than an active account that a user checks every day.

AOL has successfully begun redirecting emails sent through these malicious methods into users’ Spam folders, but little else has been accomplished so far. All users with an AOL account, whether it’s being used currently or not, are advised to change their passwords as soon as possible. It’s also a good idea to change other important passwords that share commonalities with your AOL password.

If your computer or email has been the victim of an attack, or you’d like to learn about additional security and spam filter options, contact Geek Rescue at 918-369-4335.

Zero-Day Exploit Surfaces Affecting All IE Users

April 28th, 2014

Microsoft sign

Microsoft’s web browser, Internet Explorer, is among the most used browsers worldwide. It’s also trusted by a number of companies as their standard web browser. That’s why when exploits surface that allow attackers to victimize IE users, it’s big news. At PC Mag, Chloe Albanesius reports on the latest threat to IE, which is a zero-day exploit that allows for remote code execution.

The flaw in Internet Explorer allows attackers to remotely execute code when a user visits a malicious website specifically designed for this purpose. This typically happens when a user clicks on a link sent to them through a spam email or instant messenger. Potentially, an attacker could gain the same rights as the current user, which could lead to them being credentialed as an administrator on your own machine.

This potential exploit is said to exist in versions 6 though 11 of IE, which should account for at least 99-percent of active IE programs, if not all of them. So far, however, attackers are reportedly only targeting IE 9, 10 and 11, which would represent the bulk of IE users. Overall, this vulnerability affects about a quarter of all web browsers in use.

For IE 10 and 11 users, ‘Enhanced Protected Mode’, which runs by default unless changed by the user, helps to protect against this exploit. It should not be considered a fix, however. The only way to fully protect IE browsers would be to install a patch released by Microsoft. So far, no patch has been released.

In the meantime, users can use additional caution and avoid clicking any links or visiting any untrusted websites. Or, if possible, a different browser can be used until the IE security issues are fixed.

This is also a noteworthy exploit because it’s the first vulnerability that will not be patched for Windows XP users since Microsoft recently ended support for that operating system. Those users would be wise to use a different web browser for now and update to a different operating system as soon as possible.

If your computer falls victim to an attack, or you’d like to explore additional security options, call Geek Rescue at 918-369-4335.

Premium Text Sending Trojan Targets US Android Users

April 25th, 2014

Text message bubble on smartphone

There have been plenty of warnings about malware targeting Android devices. The Android operating system, due in large part to its open source nature, has been plagued by security threats at a much higher rate than Apple’s iOS. Still, there’s never been a documented trojan capable of sending premium SMS messages victimize users in the United States. As Adam Greenberg of SC Magazine reports, a trojan known as FakeInst has now done just that.

FakeInst isn’t only capable of sending text messages that cost users money. It’s also able delete messages, steal them and respond to contacts.

Users in the US also are far from the only victims of the SMS trojan. In all, 66 countries have been affected, including Canada, Mexico, France, Spain and Italy.

Unlike some other more malicious threats that infect devices through no real fault of their users, FakeInst has a specific infection method. A phishing website is set up that attracts users who are on their Android smartphone looking for pornographic content. The site asks visitors to download an application. After installing the application, the user is then asked to send a text message to a service to access content. These actions allow the trojan to infect the device and decrypt the necessary information needed to take over SMS capabilities.

This ends with the malware sending premium text messages that cost about $2 each.

Researchers have tracked the trojan to Russian origins, where the first reports of infection were found.

Thankfully, for most users this threat is easy to avoid. Don’t install apps from outside of the official Google Play store and certainly don’t download apps from less than reputable websites.

If your smartphone or other device has been infected by any type of malware, bring it to Geek Rescue or call us at 918-369-4335.

The Latest, Nasty Spam And Malware Threat

April 24th, 2014

Malware in email concept

How can you be sure that an email from your bank is what it claims to be? That’s a vital question in the wake of news that the latest spam and malware threat commonly springs from emails resembling messages from banks such as Wells Fargo and Lloyds Bank. Malcolm James of the All Spammed Up blog reports that the way malware is hidden in these spam messages and the way it then attacks your machine is troubling.

The emails come with an attachment. This attachment actually features another file within it, which contains malware. It’s a bit confusing even to write, which means it’s difficult for spam filters and antivirus tools to catch. Users will see a .ZIP file that claims to be a secure message from the bank and even features password protection. When opened, however, the user’s computer is attacked by the Upatre Trojan.

Upatre is the root of the problem, but it doesn’t do any real damage itself. It’s job is to communicate with the attacker and download more harmful malware to your system. The Zeus banking trojan is the first malware to download. It’s designed to steal your online banking log-in credentials. The Necurs malware is also downloaded, which is able to attack and disable security tools. This allows for a load of other malware to infect and attack your machine.

While many attacks of this nature are centralized overseas, the use of Upatre targets the United States almost exclusively. About 97-percent of recorded attacks using the trojan have targeted American users.

One of the issues with this style of attack is that users may not know they’ve been infected with anything for some time. Considering banking passwords are at stake, that’s an extremely dangerous risk.

To stay safe, users must resist the urge to open suspicious looking emails. An email from your bank may not seem suspicious, but remember that banks and other legitimate businesses likely won’t attach a file to an email unless they’ve told you ahead of time what they’re sending. If you have questions about an email, call your bank directly and ask them rather than risking malware infections.

If your computer or other device has been infected with malware, call Geek Rescue at 918-369-4335.

Three Ways To Improve Your Wireless Network For Free

April 24th, 2014

Wireless router

Wireless networks are everywhere and are responsible for keeping our most used devices, like PCs, smartphones and tablets, connected to the internet. They’re far from perfect, however. A WiFi network is generally slower and less stable than hardwired connections to your modem. But, as noted in a video recently posted by Techquickie to YouTube, there are a few ways to improve your wireless network. Some of these tips require the purchase of additional hardware, but here are the absolutely free ways to improve your network.

  • Find the right spot for your router

Surprisingly, making your network reach the entirety of your home or office could be as easy as moving your router. There are a number of factors that contribute to limitations to the size of your router’s range. First, understand that the coverage area is sphere-shaped. Placing your router close the center of your home will give you a better chance of covering all of it. Putting a router on the floor, or next to thick walls and thick objects, particularly those made of stone, metal or concrete, greatly reduces the coverage area so try to avoid those while finding an ideal spot.

  • Check for updates

Software and firmware updates are vital to patch security vulnerabilities, but can also be helpful in improving your router’s coverage area. To check for the latest updates, just go to the manufacturer’s website. For example, the Linksys website has a ‘Support’ section with updates for all of their products.

  • Choose a free channel

Regardless of your router’s manufacturer, you should be able to switch between channels. If you’re using a 2.4 GHz band router, you’ll want to use channel 1, 6 or 11 because these are the only usable, non-overlapping channels. Deciding between these three depends on the other routers in use in the area. For example, if you have neighbors on each side and one uses channel 1 and the other uses channel 11, you’ll want to use channel 6. Unfortunately, it doesn’t always work out so cleanly. In addition to other networks, things like baby monitors and cordless phones contribute to interference. You can either use trial and error to find the best network for your area, or look for available tools and mobile apps that show you the other networks in use.

If these tips don’t work, you’ll probably need to add or upgrade hardware in order to improve your network. A new 5 GHz router, if your devices are compatible, will greatly improve your connection speeds. Other options include adding a new antenna or repeater.

If you’re having trouble with your network and need to fix your router, modem or other hardware, call Geek Rescue at 918-369-4335.

How Long Does It Take To Recover From An SQL Injection Attack?

April 23rd, 2014

Days on calendar

SQL injections are a popular form of attack that exploits vulnerabilities in applications. This type of attack commonly targets web applications used by companies and, as Kelly Jackson Higgins of Dark Reading reports, it can take months to discover the attack and mitigate it.

Over the past year, SQL injections have been discovered at 65-percent of organizations polled. This is a common form of attack that can be used on networks of any size, from businesses large and small to even homes. On average, these attacks take 9-months from the time the attack occurs initially to the time a company fully recovers. Much of that time, about 140-days on average, is spent not knowing the SQL injection is even taking place. In fact, nearly half of companies that have been the victim of these attacks say it’s taken a minimum of 6-months to detect them.

The respondents in the study were made up of 595 IT professionals working for both commercial and government organizations in the US. The issue, it seems, is that most businesses don’t test third party applications for potential vulnerabilities. Considering the vital nature of third party applications for many businesses, this is a costly misstep. Many businesses also continue to rely on signature-based security. This leaves them vulnerable to attacks that have not yet been spotted and categorized. For cutting edge and more intelligent attacks, a shift to behavioral analysis based tools is needed.

Making matters worse is the growing trend of mobile devices using a company’s network. Many of the surveyed IT professionals agreed that these devices made it harder to find the source of the SQL injections.

SQL injections are a real threat and while more and more businesses are aware of them, more needs to be done to protect against them.

For help protecting against costly attacks on your network or recovering from one, call Geek Rescue at 918-369-4335.

Four Problems With The HTC One M8 Smartphone

April 22nd, 2014

Man on smartphone giving thumbs down

At the end of March, HTC released their latest flagship smartphone, the HTC One M8. Leading up to the release and in the weeks since, the device has earned rave reviews for a number of innovative features and high quality specs. But, it’s not perfect, as no smartphone could be. At CIO, Al Sacco explained his biggest beefs with HTC’s offering.

  • Duo Camera

The first feature that sticks out about the One M8 is that it uses dual lenses on its rear-facing camera. HTC calls it “UltraPixel” technology. The two lenses are expected to accurately calculate the distance of subjects in order to yield better images. In reality, bright light environments result in washed out colors. Combined with the lower than expected 4 MP, the One M8′s camera is a definite disappointment.

  • HTC Sense

The One M8 comes with a bundle of software that gives the device a number of features that sound great on paper. In practice, many users find them cumbersome, annoying or useless. HTC Sense features include gesture based commands and a home screen panel designed to deliver interesting information. In most cases, these features feel gimmicky and actually inhibit users from accomplishing their tasks.

  • Memory Card Slot

The fact that the One M8 features memory card support is noteworthy. With a capacity for microSD cards up to 128GB, users are able to add plenty of space for nearly any application. The execution of this memory card support is lacking, however. Specifically, the only way to open the slot to add or remove a memory card is with a small tool that comes with the phone. This is limiting for a mobile device that might not stay close to the tool at all times. It’s also extremely easy to lose or misplace the tool, which means you’ll be left prying open the memory card slot with a paper clip.

  • Dot View Case

This final complaint isn’t about the actual smartphone at all. Instead, it focuses on the highly publicized Dot View case, which has appeared in most of the advertising for the One M8. Some readers will immediately see the case’s display as similar to a Light Bright. There are small holes that display lights of different colors to allow users to check the time, get notifications and even answer phone calls without opening the case and turning on the screen. Again, on paper this sounds great. The problem is how cheap the case feels. At a retail price of $45, that’s unacceptable. It’s also awkward to use and keep open when you actually want to use your phone. Since it doesn’t do anything revolutionary, considering most smartphones display similar information on their lock screen, this case certainly isn’t a reason to purchase the device.

These flaws don’t necessarily mean that the HTC One M8 is not right for some users. No smartphone is perfect, but it’s best to understand the positives and negatives before hitching yourself to your next phone.

Regardless of the make and model of your smartphone, Geek Rescue is here to fix it when it breaks. When you have issues with any of your devices, come by or call us at 918-369-4335.

Five Usability Tips To Help You Adjust To Windows 8.1 Update

April 18th, 2014

Windows 8 on device

Microsoft released an extensive update to Windows 8 in the fall, which, while useful, also confused many users. At the beginning of the month, Microsoft released their second significant update for Windows 8. This time, it’s quite a bit less robust than Windows 8.1 so they simply called the new iteration Windows 8.1 Update. Again, this update is useful, particularly for desktop users, but it takes some time to get accustomed to. At Information Week, Michael Endler published usability tips to help users acclimate after updating.

  • Adjust Your Settings

There are a number of new features and options, but some will be hidden and unused the first time you boot up Windows 8.1 Update. Head to the ‘PC Settings’ menu, which can be accessed a number of different ways. Some key options to consider include the ‘Corners and Edges’, which includes the new feature to pin Windows apps to the desktop taskbar. Also, ‘Search and Apps’, which allows you to adjust which programs open which file types. You can also manage storage space from ‘PC and Devices’ under “Disk Space”. You’ll be able to uninstall apps, sort installed apps by size and empty your recycle bin.

  • Search

Windows 8.1 allows users to search for files and apps in a number of ways, but Windows 8.1 Update adds an obvious search field to the Start screen’s top-right corner. The search function itself is finicky, however. For example, you’ll need to know what specific app titles are when you search for them, or your search won’t reveal them. Searching for “Pictures” won’t allow you to find the “Photos” app.

  • Taskbar Abuse

As the updates for Windows 8 have rolled out, users have been able to pin more and more to their taskbar. This is a useful feature that users clamored for, but it opens the door for overuse, which actually hurts usability. Not only will your pinned apps appear on the taskbar at all times, but open apps appear there also. If the number of apps on the taskbar gets too large, you’ll have a hard time finding what you want, which defeats the purpose of pinning apps in the first place.

  • Customize Live Tiles

To make the use of tiles more appealing to desktop users, Windows 8.1 Update includes the ability to right click to change the settings of tiles. Resize, unpin, uninstall and more are available from a menu when users right click on a tile. Also, adjust the way apps are displayed by visiting the ‘Tiles’ section of the Settings menu.

  • Find Your New Apps

Installing new apps from the Windows Store doesn’t automatically add them to the Start screen or taskbar. You’ll be able to see them in the ‘All Apps’ view, but some users have struggled to find apps they’ve recently downloaded. Windows 8.1 Update includes visual notifications that help. When an app finishes downloading, users will see a notification in the top right corner and another “new app” notification will remain in the bottom left until the app is opened.

These tips will help you transition to Windows 8.1 Update by customizing it to your liking and avoiding potential problems.

Anytime you’re having computer issues, call on Geek Rescue for help at 918-369-4335.

Three Common Misconceptions About Cloud Computing

April 17th, 2014

Servers in front of clouds

Cloud computing has experienced monumental growth and adoption in the past year. If your business hasn’t incorporated some cloud services into your infrastructure, it likely will be doing so soon. But, not everything you hear about the cloud is gospel. Michael Brown of MSP Mentor explains three “half-truths” about cloud computing that you should understand.

  • Everything to the cloud

Reading some of the recent headlines touting the cloud’s power, you might think that your business should move entirely to the cloud. But, the truth is that not every application is appropriate to be integrated with cloud computing. Many businesses will likely be expanding their use of the cloud and making it an essential part of their IT infrastructure, but a hybrid model that uses both the cloud and more traditional methods will likely become the new normal.

  • The cloud is for cutting costs

Let’s be clear. The cloud is capable of significantly cutting costs for any size of business. Reductions in spending on hardware alone make the cloud one of the most effective cost cutting tools available. But, to sell the cloud as only a money saver is selling it short. The cloud is also able to expand your company’s capabilities and improve on current methods. With enhanced mobility, easier collaboration and always available scalability, the cloud far exceeds its price tag.

  • Every cloud is created equal

To most business owners, cloud providers are all offering the same product. In actuality, cloud service models vary from provider to provider. Despite the fact that each likely offers solutions for file sharing, remote computing and data storage, the subtle differences are important to take note of. The way a cloud service integrates with existing applications and other cloud services is important to understand before integrating a cloud into your business. For this reason, carefully consider and plan for how you want to use cloud computing so that you can match your needs to a provider who’ll be able to fit them.

Cloud computing is a powerful tool capable of transforming many aspects of your business.

If you’d like to explore cloud solutions for your company, call Geek Rescue at 918-369-4335.