August 1st, 2014
Waiting for a website to load is frustrating, which is why web browsers use a cache component. The cache stores bits of information from websites you’ve visited in the past so it can load them locally, rather than having to get them from the server again. However, using the cache isn’t always in your best interest. If a website has updated since you last visit, your cache may be loading an outdated version, or be unable to load the page completely. To prevent these cache errors, it’s recommended that you regularly clear it, as well as your cookies. A post at the Stott blog explains how to go about clearing your browser’s cache. Here are the details for the most popular browsers.
With IE open, click the gear icon in the top right corner. Then, find “Safety” in the menu and select “Delete browsing history”. This will bring up a window with a number of options. For this particular task, uncheck each option except “Temporary Internet files” and “website files” . Then click the “Delete” button and your cache will begin to be cleared. If it’s been awhile since this was done, it could take a few minutes before you can go back to using your browser as usual.
With Chrome open, click the menu button in the top right corner. From that menu, select “Tools” then “Clear browsing data”. This brings up a menu allowing you to select what types of files you’d like to delete and also how far back you want to delete them. Select “beginning of time” if you want to start over completely fresh. Hit the “Clear browsing data” button when you’ve made your selections and then sit back and wait.
In the Firefox browser, you’ll click the menu button and choose “Preferences”. This brings up a window where you’ll navigate to the “Advanced” tab, then click on “Network” and select “Clear Now” under the “Cached Web Content” section. Firefox also includes a feature that allows you to automatically clear the cache each time the browser is closed. To enable it, select the “Privacy” tab from the “Preferences” window. Then, in the “History” section, make sure it reads “Firefox will use custom settings for history.” Check the box next to “clear history when Firefox closes” then click the “Settings” button. This opens a window where you can select the type of files to be deleted. Check “Cache” and any other files you want to automatically delete and then click “OK”.
For Mac users with the Safari browser, there are a number of ways to clear your history. If you want to delete all files, go to “History”, select “Clear History” and click “Clear”. To set the history to delete automatically, go to the “Safari” menu, choose “Preferences” and click “General”. Choose the option you want under “Remove history items” and you’re done.
Clearing your web browser’s cache is routine but necessary maintenance.
For more serious issues, call Geek Rescue at 918-369-4335.
For business solutions, visit our parent company JD Young.
July 30th, 2014
Even with up to date security tools in place, every internet user runs a constant risk of being hacked or infected with malware. Early detection of these issues can save you from a devastating outcome. InfoWorld recently published an article detailing some of the most common and easily spotted signs of malware infections and the action you should take to combat them. Many times, the suggested action is to restore your system to the last known safe point so it’s important that you’re regularly backing up your devices and creating good restore points.
While there’s fewer instances of this tell-tale sign of an infection than in the past, it remains one of the most recognized. Fake antivirus messages can pop up from your desktop or in a browser window. They claim to warn you about malicious files, but in reality the damage has already been done. Malware has already been added to your system. The message exists to entice you into more trouble. Clicking on it often opens a browser window that asks users to purchase security tools. These sites look legitimate, but are actually just a means to steal credit card numbers. The first step for users is to be familiar with what their actual antivirus messages look like. If they see a fake one, power down and restart in safe mode. Try to find the new applications that have been added and remove them. You’ll also want to run a full virus scan.
To be clear, not every browser toolbar is malicious. Google, Yahoo and other legitimate vendors all offer toolbar additions for browsers, but there are scores of toolbars that signal an infection. If you don’t recognize the name associated with the toolbar and don’t remember adding it, your system has likely been compromised. Most browsers offer ways to quickly remove unwanted toolbars and extensions, but some are trickier. You may need to restore your browser to a previous point or restore your entire system.
This often comes in tandem with unwanted browser toolbars. Conducting searches sends you to an unrecognized search engine, which often contains links to sites designed to further infect your device. You may also notice your homepage change. If this is happening, you’ll want to follow similar steps as above. Remove toolbars and other recently added applications, which may require restarting in safe mode.
- Fake Emails Sent From Your Account
If this hasn’t happened to you, you’ve surely received these emails from a contact. It’s a common problem for an email to be hacked and spew spam to the entire address book. What many users don’t know is that this is usually done through a malware infection on your computer. As soon as you notice emails you didn’t personally send in your sent folder, or are alerted by friends that you’ve sent them spam, you’ll want to run a full scan. Then, look around for recently added programs or anything that looks out of the ordinary.
In short, if your device is acting strangely, which can include pop ups, mouse movements, programs being added and more, it’s likely because of malware.
For help removing malware from any of your devices or to improve security, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
June 27th, 2014
Google’s Chrome is the most used browser with just over half of internet users choosing it. Oddly, many of those individuals use Chrome every day without knowing all of the features and capabilities it offers. All browsers have hidden features that typical users don’t take advantage of regularly. As Evan Dashevsky of PC Mag explains, Chrome is ripe with additional features that make browsing easier and more convenient. Here are five useful features you probably don’t know about.
When you’re searching for information, the number of clicks and websites you have to visit can be exhausting. This trick helps you streamline that process. Any site that has a search bar included on it can be saved in your Chrome browser as a search engine. To do so, right click on the search bar and click ‘Add as search engine’. Now, if you’re searching for something you think might be on that site, you can simply type the name of the saved site in your address bar, press tab and enter your search term. Instead of searching Google, Chrome will search through the site you entered for your query. Since you can do this from any site or new tab, it saves you a few clicks.
Most users have learned, many by accident, that they can move a tab from one Chrome window to another, create a new window with it or rearrange the order of tabs in a single window. What few realize is that you can actually move multiple tabs at once. To do so, hold shift and click on the tabs you want to move together. For Mac users, hold the command key.
If you’ve got an image file saved and you’re not sure what it is, Chrome can help with that too. Just drag the file into Chrome and it will display the image. It’s much quicker than some other alternatives, but there are no additional editing features. This is for viewing the image only.
- Open Recently Closed Tabs
Most Chrome users take advantage of browsing in multiple tabs at once, which means most users have also accidentally closed a tab they immediately wanted back. Thankfully, Chrome includes a feature that acts like an Undo tool in a word processor. By pressing Control-Shift-T, you can regain your most recently closed tab. Keeping hit those keys and you can restore more tabs.
The address bar in Chrome is actually called the Omnibox, most likely because of all of the additional features built into it beyond just typing it URLs. For example, typing simple math equations into the Omnibox will produce the answer. It’s also capable of converting units, like telling you how many days a certain number of hours equates to. You can highlight text on a website and drag it directly into the Omnibox to search for that text. Also, the folded piece of paper or lock icon in the far left side of the Omnibox can be clicked to reveal information about the site you’re currently on like the cookies and permissions it uses.
At Geek Rescue, we know the tips and tricks needed to get the most out of your devices. For help with repairs, security and more, call us at 918-369-4335.
May 28th, 2014
Identity theft and malware infections are two of the biggest security related worries for internet users. Unfortunately, both often stem from a lack of security for social media sites. Facebook, Twitter and other popular social media platforms are continuously working to make users safer, but you can take some additional steps on your own too. At Gizmodo, David Nield offers a few tips for how to make your social media accounts nearly unhackable.
- Two-Factor Authentication
Most of your social media accounts require nothing more than a password to log-in. When you stop and think about how much valuable information is available to anyone with access to your account, however, you’ll likely decide that more protection is needed. With two-factor authentication, you’ll log-in with a unique PIN sent directly to you via text message or through a mobile app. No device will be able to access your account without first going through this process. For Twitter, head to the ‘Security and Privacy’ menu in ‘Settings’ to enable two-factor authentication. Similarly on Facebook, the option is found under the ‘Login Approvals’ section of the Security Settings page.
Instagram, Facebook, Twitter and many other social media sites allow users to add apps to their profiles for extra features. These may be related to games, photo sharing and editing or a number of other uses. These apps often create a security flaw that allows criminals to hack your account, however. While having no apps is the safest, that may not be realistic. If you’d rather not sacrifice apps entirely, regularly audit your apps and remove those that you no longer use or that the developer is no longer updating.
Phishing scams have infiltrated social media through instant messages, or in the case of Twitter, malicious tweets and profiles. Clicking on a bad link often leads users into trouble, but the most popular web browsers have some protections in place for these scenarios. Users must keep their browsers up to date, however, in order to be protected. Even with these security features, it’s a good idea to avoid any link you’re not absolutely sure about.
On the devices you use the most, your social media accounts are likely available without the need to sign in. No one wants to enter their password every time they check Facebook or Twitter on their smartphone, but what happens if your phone is lost or stolen. Now, whoever finds your device can look through your profiles, send out messages and steal whatever personal information is available. To limit this possibility, make sure to put a secure lock on your device. Require a PIN, password or pattern to be put in whenever the screen turns off.
In addition to these suggestions, it’s also a good idea to use a strong, unique password for each account and change it regularly, especially when there’s news of a large site being hacked.
If you’ve been the victim of an attack through social media, email or another source, bring your infected device to Geek Rescue or call us at 918-369-4335.
April 3rd, 2014
Not all malware finds its way onto your computer in the same way. Some relies on tricking users into downloading malicious files disguised as something else. This is often referred to as socially engineered malware. The key to for protecting yourself is avoiding downloading it in the first place. As Antone Gonsalves reports at Network World, Internet Explorer users are at a distinct advantage in that sense.
NSS Labs recently tested the four most popular web browsers against common forms of socially engineered malware stemming from links found in an email, instant messages and other vehicles. Email attachments were excluded from this test. In those tests, IE was found to block 99.9-percent of malware.
The success of Microsoft’s browser is being attributed to a combination of “application reputation technology and URL filtering”. The next best browser, Google Chrome, was able to block only about 70-percent of malware. Mozilla Firefox and Apple Safari each failed to block more than 95-percent of the malware used in the test.
Application reputation technology is able to scan downloads for recognizable characteristics commonly found in malware. Chrome relies heavily on it to protect users, but Firefox and Safari use it at all.
In a previous test, Chrome performed better and blocked more than 83-percent of tested malware. Where IE relies more on URL filtering than application reputation, Chrome does the opposite. One potential reason for the drop in performance is a change in how strict the application reputation system is. Another possible reason is that attackers have been able to devise tactics that avoid detection.
While IE offers more initial security for this type of malware, your browser shouldn’t be your sole security tool. It’s advisable to have antivirus software and firewalls in place, working in tandem with your browser and other tools.
If your computer is infected with malware, or you’d like to explore better options for security, call Geek Rescue at 918-369-4335.
March 17th, 2014
Each year, people gather in Vancouver for what’s called a hackfest. Experts attempt to break through the security of popular applications to reveal potential vulnerabilities. This year, web browsers were the focus with each of the most popular browsers being hacked successfully with at least one exploit. As Sebastian Anthony of Extreme Tech reports, Mozilla’s Firefox experienced the most security problems and four zero-day exploits were found.
A zero-day exploit refers to a way to successfully attack an application that’s discovered by someone outside of the manufacturer. These are dangerous exploits because they are revealed before the manufacturer has an opportunity to patch them. This leaves users vulnerable for days or weeks.
The vulnerabilities in Firefox are said to allow hackers to “do just about anything with your computer” when attacked correctly. These attacks all stem from convincing users to visit malicious websites specifically created for attacks.
Mozilla’s web browser has always been considered less secure than the other leading browsers. It was first included in the hackfest in 2009 and has been successfully exploited every year except 2011. In the past three years, however, all four major browsers, Chrome, Internet Explorer, Safari and Firefox, have all been successfully hacked at least once. Seeing four successful exploits in a single year is still a surprise.
Experts point to Firefox’s lack of a sandbox for its primary security shortcomings. A sandbox is a way of segregating one application from the rest of the system. This way, a successful exploit on the application doesn’t make the rest of your system vulnerable. Chrome, Safari and Internet Explorer, since version 9, all have implemented sandboxes. Firefox still does not use one, which allows attackers to exploit the browser to gain access to other applications and functions of a user’s computer.
All of the exploits discovered during the three day hackfest are reported to the browser manufacturer so they can be patched. Even so, it’s important to remember that no browser offers you perfect security. All have vulnerabilities that can be exploited if you aren’t careful or don’t have the correct security infrastructure in place.
If you’ve been the victim of an attack of would like to explore better security options, call Geek Rescue at 918-369-4335.
March 14th, 2014
Once each month, Microsoft releases a batch of patches to close security vulnerabilities and fix bug and compatibility issues in their products. Last month, just days after the monthly patch release, an exploit was discovered and publicized for Internet Explorer 10. That exploit stayed vulnerable until this week when March’s patch release included a fix. This situation, as Antone Gonsalves of Network World points out, reveals the flaws in the current patching schedule for Microsoft and many other software manufacturers.
Not only was a known exploit unpatched for weeks, but that exploit was also made public. That means those with the means and motivation to attack unprotected users knew exactly how and where to strike.
After a few days, Microsoft did release a temporary solution in their “Fix It” tool. Unfortunately, very few users know how to access that tool, which leads to low numbers of installations. So, while a temporary fix was available, it was neither widely publicized or used.
The other option for overcoming this particular vulnerability was to upgrade from IE 10 to IE 11. For most individual users, this was a viable solution. However, for enterprise level users, changing web browsers company-wide often takes more time and planning.
Meanwhile, attackers struck multiple websites in multiple countries on multiple continents.
Despite this specific shortcoming in the patch schedule, Microsoft is actually ahead of many other software companies in this regard. For example, while Microsoft routinely releases new patches and updates once per month, Oracle releases updates quarterly and Cisco releases updates only twice per year.
The best solution suggested so far is to remove Internet Explorer from this monthly patching schedule. While it’s more than enough to update most applications once per month, IE faces a high number of attempted attacks and exploits each day. It’s much more likely that a critical vulnerability will be found and immediately exploited in IE than other applications. Even with a faster patch release, however, some IT departments might struggle to stay up to date and fully patched.
For those companies affected by unpatched vulnerabilities, there are some ways to better protect yourselves while you wait for the application manufacturer. Segmenting network assets, limiting user permissions and using application whitelisting are all ways to significantly improve security and lower the chances of a devastating and costly attack.
For help implementing an improved security infrastructure, call Geek Rescue at 918-369-4335.
February 24th, 2014
Over the weekend, Apple released an update to its mobile operating system, iOS. Version 7.0.6 for iOS 7 devices and 6.1.6 for iOS 6 devices were seemingly rushed out to fix a bug that put users’ data at a significant risk. At Gizmodo, Brian Barrett explains why iOS users should update their devices as soon as possible.
The bug, or security vulnerability, that Apple is now attempting to fix involves a flaw in the operation of SSL, which stands for Secure Sockets Layer. Using SSL allows for private and secure communications between your web browser and the servers it need to communicate with to access different websites. When you see the small lock icon appear in your browser’s address bar, that means that SSL is functioning and securing your connection to the site you’re currently on.
Without SSL, everything you send to a server and receive back is up for grabs. SSL verifies that your browser is contacting the correct server for the website it’s displaying, but the Apple bug prevents that from happening. This opens the door for what’s called “man in the middle attacks”, which refers to a third party intercepting data intended for someone else. So, your log-in credentials for any online account you have, payment information for an online purchase, emails and a number of other potentially costly possibilities can all be stolen and monitored by criminals.
The vulnerability affects not only browser Safari, but also Calendar, Facetime, Keynote, Twitter, Mail, iBooks and more. Any time you’ve used one of these apps on an unsecured network, which could be anything from free WiFi in a coffee shop to the network at your job that doesn’t require a password, all the data you’ve accessed and submitted could have been intercepted.
This flaw has an update for devices dating back to the iPhone 3GS and fourth generation iPod Touch. Any devices older than that likely won’t have an update available to fix the problem. This is also an issue for Mac users with the OS X operating system. While there’s a known vulnerability for Macs, there isn’t currently a patch or update to fix it.
While exploits of this vulnerability only recently began being spotted, the SSL flaw has been in both iOS and OS X since September of 2012. For the past year and a half, data has been available through a fairly simple exploit on one of the most popular mobile devices. If you haven’t already updated, do so now. If there isn’t an update available for your device yet, avoid using the affected apps on any unsecured networks.
Security vulnerabilities are a serious concern for any device. If you’ve experienced an attack and have a device infected with malware, or want to explore additional security options, contact Geek Rescue at 918-369-4335.
February 18th, 2014
Google Chrome is the most used web browser around, but many users don’t know half of its capabilities. Howard Wen of CIO looked specifically at the tools available for Chrome’s tabs that most don’t know about. Here’s a list of some helpful tab tricks and extensions.
It may not happen everyday, but there are times when you find yourself constantly refreshing a page. For those times, Chrome can help with the addition of an extension. There are multiple options, but all allow you to set a timer then sit back and let Chrome refresh regularly on its own.
Many Windows users already have the option of splitting the screen between two windows, but with the Split Screen extension for Chrome, you can display two websites in the same tab. There are multiple reasons why you’d want to or need to use split screen, but there’s one drawback. You have to enter the URLs of the sites you want to display manually, so there’s no option to quickly load favorites.
In the same vein as split screen is this extension that allows for even more customization. Tab Resize allows you to rearrange and resize up to four different Chrome windows so they all display on your screen at the same time. You can use the options that come with the extension, or make your own template for where tabs should go and how they should be sized.
The problem many of us encounter when using tabs to browse is that you end up with so many tabs open that it begins to hurt your systems performance. More tabs require more memory, which can eventually make your computer sluggish. To solve this problem, The Great Suspender, and other similar extensions, allows you to automatically suspend a tab that you haven’t used in awhile. This way, the tab won’t be using memory, but can be easily re-opened when you need it.
If you’re forced to abandon a project before you’re finished, but need to save all of your open tabs so you can pick back up later, you need the Project Tab Manager extension. This allows you to save all the open tabs in one click as bookmarks under a single folder that you name. There are similar extensions that save groups of tabs together so you can return and open all of them at once, or one at a time.
Chrome extensions add exceptional capabilities to the browser, but many users aren’t aware of them and don’t use them. It’s worth your time to head the the Google Web Store and look around for potentially helpful apps and extensions.
If you’re having issues with your computer or internet that an extension doesn’t solve, call Geek Rescue at 918-369-4335.
February 14th, 2014
This week, in the monthly edition of Patch Tuesday, Microsoft released a number of patches to fix vulnerabilities in Internet Explorer. Just days later, Microsoft has confirmed that a zero-day exploit is being used in an active attack campaign that targets IE 9 and 10. Brandan Blevins of Search Security reports more details.
The label ‘zero-day’ categorizes attacks that exploit vulnerabilities before a patch can be created. By definition, this is a case where attackers learned of a vulnerability before the developers.
The attack is also categorized as a “watering hole attack”, which means that a specific website is being targeted in order to infect the group that typically visits that site. In this case, the U.S. Veterans of Foreign Wars’ website has its HTML code tampered with in order to load a malicious web page for visitors. When that page loads, malware is downloaded and executed on the user’s machine.
The attack exploits what’s being called the “use-after-free” bug, which allows for one byte of memory to be modified at “an arbitrary address”.
Microsoft has not announced whether a patch will be rushed out to fix the vulnerability or if users will have to wait for March’s Patch Tuesday. In the meantime, there are two options for IE 9 and 10 users.
One is a complicated fix using Microsoft’s Enhanced Mitigation Toolkit Experience.
A simpler fix is to stop using IE 9 and 10 until a patch is released. Either change browsers to Chrome, Firefox or another popular choice, or upgrade Internet Explorer to version 11.
If your computer has already been infected with malware, bring it to Geek Rescue, or call us at 918-369-4335.