November 14th, 2013
Virtualization is becoming a staple of businesses of every size. According to a Cisco survey, 77-percent of small to medium businesses have already virtualized part of their infrastructure. In the next two years, the virtualization budgets will increase for about 70-percent of all businesses. As Sam Narisi, of IT Manager Daily writes, virtualization allows companies to save money while increasing flexibility and scalability, but there are some security concerns. Here are the top three security issues associated with virtualized services and how to overcome them.
Many organizations host multiple virtual machines on a single physical machine. This is the nature of virtualization and why it is so popular. This opens the door for devastating attacks, however, if the virtual machines aren’t properly separated. It’s important to grant employees access to only the VMs they need. This way, if their access is compromised, your entire virtualized infrastructure isn’t.
Any software will contain bugs and vulnerabilities that can be exploited by intelligent hackers. Virtualization software is no different, but allowing a hacker to use these vulnerabilities could prove much more costly than other software exploits. Patches and updates are constantly being made available to fix these flaws. It’s important to stay current and update your software each time a new patch is released so you can close holes in security before an attack takes advantage of them.
More than ever before, it’s important to have a firm grasp on the IT assets in existence and who has access to each in your company. This was a simpler job when each machine was physical. With virtualization, VMs can be created and moved quickly, which sometimes leaves IT out of the loop. If a problem comes up, it’s much easier to solve it when you know where each machine is and who is able to access it.
Virtualization offers a number of benefits for businesses, but it also comes with increased responsibility and security concerns. Geek Rescue helps take the uncertainty and labor out of virtualization. Call us at 918-369-4335 to find out what services will give your business a competitive advantage.
November 11th, 2013
A zero-day exploit that affects Internet Explorer, Windows XP and Windows 7 users won’t be getting a patch from Microsoft any time soon. Microsoft’s Patch Tuesday for November is only a day away and, as Paul Ducklin of Naked Security reports, news is already spreading that a patch for this exploit won’t be included.
The “remote code execution vulnerability” is dubbed a zero-day because hackers were the first to discover it. Rather than security experts, or Microsoft themselves, discovering the vulnerability and patching it, cyber criminals have been able to launch attacks in the wild before any precautions could be taken.
The attacks seen so far that exploit the vulnerability use .TIFF image files that contain malware. When a user opens the seemingly innocent image file, malware infects the machine, but no warning or notice is given. This silent infection allows hackers to remain undetected while they claim access to files and control a computer remotely.
So far, most of the attacks stem from email attachments. The .TIFF is hidden in a Word document and automatically loaded when the document is opened. There are a number of other ways the exploit could be attacked, however. Inserting the infected image file directly into the body of an email could infect your system through only a preview of the message. Hackers could also set-up websites specifically to infect visitors, or insert malware into existing sites using .TIFF images.
While there’s no patch coming from Microsoft this week, there are ways to protect yourself. A Fix it tool released by Microsoft will tell your computer to stop processing .TIFF files. This is a broad stroke, but one that will ensure the vulnerability will be closed until a more permanent patch is made available.
In the meantime, some simple advice will also help improve your security. You should always be wary of unsolicited emails and their attachments. Often, all it takes is opening the email to try to verify its authenticity is all it takes to become a victim. Also, make sure you have an antivirus program in place and it’s updated. Because of the way this exploit gives a hacker access to all of the files you’re current user account is able to access, it’s useful to use a non-administrator account. That way, if you are attacked, only part of your system is at risk, and solving the problem from an administrator account is much easier.
If any of your devices are infected with malware, bring them to Geek Rescue or call us at 918-369-4335. We’ll find the problem, fix it and help you protect yourself from future attacks.
November 8th, 2013
About a month ago, software company Adobe announced that hackers had gained access to passwords and log-in information for millions of accounts. Initially, the number of accounts affected was estimated to be around 38-million. As Jim Finkle reports at NBC News, that number is actually significantly higher.
Password security firm, LastPass, discovered the stolen customer data on a website for cyber criminals. In actuality, 152-million user accounts were compromised.
Adobe, which makes popular software like PhotoShop and Acrobat, downplayed the significance of the data breach. They claim many of the accounts who saw their log-in information stolen were inactive. Either the email or password was out of date, or the account was registered under false information in order to take advantage of one-time free use offers. The out of date log-ins total an estimated 43 million accounts. It’s unknown how many accounts were set up with fictitious information.
Still, Adobe has notified 38-million users that their accounts may have been compromised.
Regardless of whether the log-ins were up to date or not, security experts warn that the data stolen is still valuable to criminals. The data stolen can be used in phishing scams with relevant details included to make them more believable. There’s also the concern of Adobe passwords being used for other accounts. As one expert pointed out, a user may have registered with Adobe years ago and since let the account become dormant. However, they may use the same password for other online accounts, which a hacker could now have access to.
Some have suggested that Adobe didn’t do enough to safeguard customer’s data from an attack. While this is an example of what can happen when the proper security isn’t put in place at the business level, there’s also a wake-up call here for users. Regardless of how strong your password is, it’s still vulnerable. Hackers have a variety of ways of breaking into your accounts, and they don’t all involved brute force efforts to guess passwords. Also, failing to use unique passwords for each account leaves you much more vulnerable to hacking.
If you have a business that needs to improve your security to keep your data and your customer’s data safe from attack, or if you’d like to improve the security on your personal devices, call Geek Rescue at 918-369-4335.
November 8th, 2013
One of the most common complaints about Google’s popular web browser, Chrome, is its inordinate number of security vulnerabilities. As Gregg Keizer reports for Computer World, Google is doing its part to close up one of the most noticeable flaws in its security by no longer allowing the installation of extensions that aren’t in the Chrome Web Store.
Currently, users can browse the Chrome Web Store for extensions, which other browsers call add-ons, much the same way you would browse for apps on your smartphone. These extensions grant the browser additional capabilities. Extensions have also been found outside of the Web Store. Some third party vendors offer Chrome extensions directly on their site’s, or included in downloads of their applications. Some companies have even engineered their own extensions specifically for their employees. Under Google’s new rules, these third party extensions would no longer be accepted by Chrome browsers.
The reason for this move is that it keeps users from accidentally downloading malicious extensions. By limiting users to only installing extensions from the official Web Store, Google is able to police all extensions available and remove those that contain malware or act maliciously.
Android hasn’t yet made the same move to limit users to only apps found in the Play store, but they do recommend that users stick to those apps. Otherwise, users risk infecting their devices with apps that haven’t been officially approved by Google.
This move for Chrome has been in the works for some time. When Chrome 21 launched in 2012, it no longer accepted extensions installed directly from a third party website. Earlier this year, Chrome again tightened extension security by adding a feature that blocked silent installations of extensions and disabled those already installed. This closed a vulnerability that allowed hackers to install extensions without a users knowledge. Usually, this was done in response to another user action to download from an untrusted source.
In order to completely close any remaining loopholes, Chrome has now gone to a strict policy of only allowing extensions directly from the Web Store. That doesn’t mean, however, that independent developers, and those developing extensions for company use, can’t continue to use their own extensions. The Web Store offers an option to hide extensions from the public and only make them available to those they’re intended for. Extensions will also still be available to download directly from third party sites, as long as the same extension has also been added and approved in the Web Store.
These changes aim to make Chrome a more secure browser. To upgrade your security at home or at the office, contact Geek Rescue at 918-369-4335.
November 7th, 2013
There are many reasons to protect against cyber attacks. You need to protect your data, and your customer’s information, from third party criminals. You also want to avoid downtime, which prevents your customers from accessing your services or your employees from working. There are many issues involved in the fallout of a cyber attack, but the most telling is the monetary cost to your business. Jesmond Darminin, of IT News, reports that the cost associated with cyber attacks has grown for the fourth consecutive year. In addition to the costs, the frequency of attacks and the time it takes to resolve them are also on the rise.
The Ponemon Institute conducted their initial Cost of Cyber Crime Study four years ago. Since then, the cost has increased by 78-percent to an annual cost of more than $11.5 million on average, per company. In the past year alone, the average cost increased 26-percent, or $2.6-million more per attack. The companies involved in the study reported a range of costs between $1.3-million to $58-million. The average cost to overcome a single attack has reached $1-million.
During the same four-year time span, the amount of time it takes to overcome a cyber attack has also increased significantly. It takes nearly 130-percent longer to resolve a cyber attack now than it did in 2009. Companies reported it took an average of 32 days to resolve an attack. During this time, companies suffered a loss of about $33-thousand per day.
These increases can be attributed to more intelligent, sophisticated cyber attacks. More attention to security is needed than ever before and when an attacker finds a vulnerability, they’re able to do more damage and remain undetected for longer.
Companies suffered an average of 122 successful attacks per week, which is skewed by larger enterprises, but still illustrates the severity of the situation. Even though smaller businesses will likely experience fewer cyber attack attempts, once they become successful, they’ll likely begin to experience more.
That’s why a robust and effective security infrastructure is vital for your business. For help keeping your company safe, or for help recovering from a successful attack, call Geek Rescue at 918-369-4335.
November 5th, 2013
We’ve mentioned before that you can’t ever be completely secure online. But, some actions you take make you more secure and significantly less likely to be hacked. Andy O’Donnell of About suggests a number of mistakes that are commonly made and how they can lead to hacking. Here’s a list of some of the most common, as well as how you can avoid making them.
- Not Using Unique Passwords
Why would you need more than one password for your online accounts? If you use a long, strong password that’s difficult to break, you should be safe, right? Actually, no. Not all accounts are compromised by a third party guessing or breaking your password. Sometimes, large lists of passwords are stolen from companies. If your password is the same on every site you have an account with, a criminal could now have access to all those sites, rather than just the one. If you’re worried about remembering all of those unique passwords, consider using a password manager.
- Using An Unsecured Wireless Network
Whether it’s at home or at the office, your wireless network needs to be secured to keep out intruders. First, make sure you’re using adequate encryption. Check your router’s settings and enable WPA2 based encryption, rather than the less secure WEP. Then, set a long, strong password using upper and lowercase letters, symbols and numbers. Try to avoid using things like pets’ or children’s names or birth dates because those are likely to be known, or able to be found out, by others.
If you receive an unsolicited email with an attachment, don’t download the attachment. It’s simple advice, but many users believe they can download the attachment to find out what it is. In actuality, they’re downloading malware, which immediately infects their system. The same goes with pop-ups. Even with a pop-up blocker active in your web browser, you may see pop-ups from time to time, especially if you’re on a questionable website. Clicking on these pop-ups will often start a malware download.
To be properly secured, you need an active antivirus program and a firewall in place. These have to be turned on to work. This seems obvious, but many users will disable them if their computer is running slow, or if they’re having trouble running another application. This is ill advised. Also, security software needs to be continuously updated. This is to enable to software to recognize the latest pieces of malware and viruses. If you fail to update your antivirus, it becomes less and less effective.
These common mistakes make you an attractive target for hackers. To improve your cyber security, or to fix the damage already done to a device by malware and viruses, call Geek Rescue at 918-369-4335.
November 4th, 2013
What do you know about CrytpoLockers? As a post on the Integral IT blog reports, this relatively new form of computer virus is capable of gaining access to and encrypting files on your machine, which then makes it impossible for you to use them. In order to stay safe and minimize the damage, there are some precautionary steps that need to be taken.
CryptoLockers primarily gain access to your computer or network through email. They appear as a seemingly legitimate attachment. Once downloaded, they begin to wreak havoc.
Any file you have access to, a CryptoLocker will encrypt and damage. You’ll no longer be able to access these files. When you try to open them, you’ll be met with a warning that the file is corrupted and can’t be opened.
This warning is the first sign that you’ve downloaded a virus. Otherwise, the CryptoLocker operates in the background and is undetectable for most users.
To remove the virus, you’ll have to identify the file containing the CryptoLocker and delete it. Then, you’ll be able to restore the corrupted files from back-up, which you’ve hopefully kept current.
To avoid a catastrophic loss of data due to a CryptoLocker infection, keep a trusted, frequently updated antivirus program running on your machine. Allowing it to update constantly makes it more capable of detecting new threats like CryptoLockers before they do any real damage.
Be aware of threats like this when checking your email. Using attachments is a popular method of hackers for infecting a large number of users. Knowing this makes you more suspicious of emails containing attachments, especially when they’re unsolicited.
This is also a warning to keep your back-ups current and frequent. You’ll never be able to be immune to threats like this, so regularly backing-up vital files ensures that, even when disaster strikes, you’ll be able to recover quickly.
Geek Rescue offers security solutions for all of these issues and concerns. We remove existing viruses and malware, improve your security infrastructure to better protect against threats and offer data storage and back-up. Call us at 918-369-4335 to stay safe from threats like CryptoLockers.
October 31st, 2013
Office Depot recently surveyed 1-thousand small business owners to find out what they thought of their company’s security. As Steve Ragan writes for CSO, the results suggest that most small businesses are confident in their security to a fault.
Of those surveyed, 77-percent claimed their business has never been attacked, while 66-percent were confident that their data was safe from any hacking attempts. Those numbers themselves don’t necessarily suggest a problem. However, half of the participants admitted that they don’t use any internet or email security. 80-percent don’t use any sort of data protection and 91-percent forego endpoint and mobile security. Even worse, 14-percent have failed to implement any security measures at all.
These stats reveal that many small businesses aren’t properly secured. They are, however, targets for cyber attacks. According to this year’s Verizon Business Data Breach Investigations Report, 40-percent of the attacks studied targeted companies with less than 1-thousand employees with the majority of those being in retail or the food industry.
Small businesses hold valuable data. Employee information like social security numbers and bank accounts, as well as customer payment information is all at risk. That’s not the only reason why hackers are targeting smaller businesses, however. Larger businesses also have this type of information and usually more of it. But, larger companies generally have stricter security policies, which make it difficult to hack into their network. Smaller companies are easier to steal data from so hackers target them more.
Attacks on small businesses rarely make the news. But, they are incredibly costly and often doom the business. In order to avoid becoming a victim, you need to put security in place. A one-size-fits-all approach isn’t the best method, however. To truly secure your business, you need a custom security infrastructure that addresses your specific needs and safeguards the areas most likely to be attacked.
For help improving your company’s security, contact Geek Rescue at 918-369-4335.
October 31st, 2013
There have been relatively few true threats to the security of iPhones compared to the amount of malware being produced for Android. A serious threat has recently emerged, however. Antone Gonsalves, of Network World, reports that a team of security experts uncovered a vulnerability in a large number of iOS apps. The flaw allows for a third party to intercept data and then send their own directly onto a user’s device.
The team is calling it “HTTP Request Hacking” because it allows hackers to intercept HTTP traffic between the app and server. The hacker can then tell the app to retrieve data from a different server, which usually involves putting malicious links on your iPhone and iPad. This method is particularly effective for news apps because the hackers can put fake links in the news stories, which cause malware to be downloaded when clicked.
Once a hacker gains control of the app, they can continue to send whatever data they want until the app is updated to close the security gap, or removed completely.
There is such a large number of affected apps that the security team couldn’t contact all of them directly. Instead, they opted to spread the word through the media. The vulnerability only affects apps using an HTTP connection. Most high quality apps use the more secure HTTPS connection.
There’s code available to fix the problem, but it’s much easier to just remove the app. If it’s using an HTTP connection, you probably shouldn’t be using it anyway.
This particular security flaw was specifically found for iOS and while it hasn’t been tested on Android, security experts note that it’s likely that would affect those users as well.
If you believe you have malware infecting any of your devices, come by or contact Geek Rescue at 918-369-4335. We will fix your phone, tablet or computer and help make sure you’re prepared for the next malware attack.
October 30th, 2013
The Windows XP operating system was initially released in 2001. More than twelve years later, it still accounts for about a fifth of the operating systems in use on machines. This wouldn’t necessarily pose a problem, except that, as Kelly Jackson Higgins reports for Dark Reading, XP users are at a much greater risk of malware infections and Microsoft is cutting off support on April 8th, 2014.
While Windows 8 users and XP users encountered about the same amount of malware in the first half of 2013, XP machines were about six times more likely to be infected by attacks. Because the OS is so old, hackers have had more than a decade to develop malware for it and find security vulnerabilities. This means that malware attacks are likely to be highly effective because they specifically target known flaws. It’s also likely that users still using XP have not kept it updated properly. Many are likely behind on security patches and may not be running the latest antivirus programs either.
Security experts chalk up the high number of users stuck on XP to its familiarity. While Windows 7 and 8 have focused on better functionality, they’re also quite a bit different from XP. Instead of learning the ins and outs of a new OS, many users choose instead to stick with what’s comfortable.
So, what are these XP users risking? There are 3 types of malware that target these users the most. All are fast spreading worms that infect computers then spread to others.
- Sality- Steals personal information, changes security settings on infected machine
- Ramnit- infects Windows executable files, Office files and HTML files
- Vobfus- downloads other malware and spread with a USB flash drive
On April 8th, Microsoft won’t completely end support for Windows XP. But users will have to pay for a premium service for critical updates.
Geek Rescue cleans malware infections and fixes all of your devices. Bring your device by one of our locations or call us at 918-369-4335. If it boots up or turns on, we fix it.
