New Virus Threatens To Encrypt And Damage Your Files

November 4th, 2013

Skull on computer screen

What do you know about CrytpoLockers? As a post on the Integral IT blog reports, this relatively new form of computer virus is capable of gaining access to and encrypting files on your machine, which then makes it impossible for you to use them.  In order to stay safe and minimize the damage, there are some precautionary steps that need to be taken.

CryptoLockers primarily gain access to your computer or network through email. They appear as a seemingly legitimate attachment. Once downloaded, they begin to wreak havoc.

Any file you have access to, a CryptoLocker will encrypt and damage. You’ll no longer be able to access these files. When you try to open them, you’ll be met with a warning that the file is corrupted and can’t be opened.

This warning is the first sign that you’ve downloaded a virus. Otherwise, the CryptoLocker operates in the background and is undetectable for most users.

To remove the virus, you’ll have to identify the file containing the CryptoLocker and delete it. Then, you’ll be able to restore the corrupted files from back-up, which you’ve hopefully kept current.

To avoid a catastrophic loss of data due to a CryptoLocker infection, keep a trusted, frequently updated antivirus program running on your machine. Allowing it to update constantly makes it more capable of detecting new threats like CryptoLockers before they do any real damage.

Be aware of threats like this when checking your email. Using attachments is a popular method of hackers for infecting a large number of users. Knowing this makes you more suspicious of emails containing attachments, especially when they’re unsolicited.

This is also a warning to keep your back-ups current and frequent. You’ll never be able to be immune to threats like this, so regularly backing-up vital files ensures that, even when disaster strikes, you’ll be able to recover quickly.

Geek Rescue offers security solutions for all of these issues and concerns. We remove existing viruses and malware, improve your security infrastructure to better protect against threats and offer data storage and back-up. Call us at 918-369-4335 to stay safe from threats like CryptoLockers.

Dispelling The Most Common Cloud Computing Myths

November 1st, 2013

Laptop in clouds

Cloud computing is rapidly growing in popularity. It’s easy to see why. The cloud allows businesses to have a scalable IT infrastructure with files and applications available from virtually anywhere. As Zuahair Siddiqui writes for Techopedia, however, there are a number of myths that have cast doubt over the cloud’s effectiveness. Here’s a list of some of those myths dispelled.

  • Insecurity

Security is naturally a concern for cloud users given that their sensitive data is accessible remotely. For public cloud services, like Dropbox or Google Drive, security has been an issue in the past. There have been multiple cases of data being stolen from public clouds, which is why many security experts advise against storing your most important data there. Private clouds managed by a third party provider are much more secure, however. While complete safety is unattainable, a private cloud will often offer more security than  even on-site data storage can.

  • Limited Customization

Cloud services are certainly not one size fits all. There are seemingly limitless options of ways to customize your cloud services to fit your needs. Choose from a public, private or hybrid cloud. Then choose operating modules like Platform as a Service, Software as a Service and Infrastructure as a Service. None of these are dependent on each other, so you choose only what you need in any combination.

  • Public versus Private Costs

Many public cloud services offer a pay as you use model, which can seem like a money saver. It can be for short-term needs, but for applications that are vital to your organization and consume a large amount of resources, a private cloud with a monthly fee is a better choice. When it comes to budgeting for cloud computing, be sure to choose the most efficient cloud model on a project to project basis.

  • Productivity

One of the selling points of cloud services is that they increase productivity. This is because they make collaboration easier between multiple employees and offer access from virtually anywhere. Processes that previously took a long amount of time are much faster when operating through the cloud.

Cloud computing affords IT options that were never available before. It also allows smaller businesses the opportunity to use similar resources as larger competitors.

To explore all of the ways cloud computing helps your business, contact Geek Rescue at 918-369-4335.

Google Developing Malware Blocking Tool For Chrome

November 1st, 2013

Web browser with lock and chain

Google Chrome is the most used internet browser in the US. Users have long complained that it lacks some basic security features that would make browsing much safer. Juan Carlos Perez, of InfoWorld, reports that Google is attempting to make the Chrome experience safer by adding a tool that would block malware from being downloaded.

Chrome already contains options to be alerted when visiting an insecure, or potentially malicious, website. This new malware blocking tool would offer a similar alert from the download tray when a malware file is blocked from being downloaded.

Users encounter a shocking amount of malware online. Some download it thinking it’s something else, while other times the malware is automatically downloaded after clicking a link or landing on a site. As of now, Chrome offers no way of stopping these malicious or accidental downloads.

So far, there’s little else known about Chrome’s malware blocking tool. It isn’t widely available yet. Google plans to an early version of their Chrome Canary browser, which is meant for developers and other tech-savvy users. It’s speculated that should the tool prove to be valuable, it will roll out to all Chrome browsers.

Even with a malware blocker in place in your web browser, you computer is still at risk. Other security measures are needed to protect you from other threats. Without seeing Chrome’s malware tool in action, it remains to be seen how it integrates with other security programs.

Geek Rescue offers a range of security options to keep your devices secure. We also eliminate malware and viruses. Come by or call us at 918-369-4335.

Are You Overconfident In Your Company’s Security?

October 31st, 2013

Overconfident businessman

Office Depot recently surveyed 1-thousand small business owners to find out what they thought of their company’s security. As Steve Ragan writes for CSO, the results suggest that most small businesses are confident in their security to a fault.

Of those surveyed, 77-percent claimed their business has never been attacked, while 66-percent were confident that their data was safe from any hacking attempts. Those numbers themselves don’t necessarily suggest a problem. However, half of the participants admitted that they don’t use any internet or email security. 80-percent don’t use any sort of data protection and 91-percent forego endpoint and mobile security. Even worse, 14-percent have failed to implement any security measures at all.

These stats reveal that many small businesses aren’t properly secured. They are, however, targets for cyber attacks. According to this year’s Verizon Business Data Breach Investigations Report, 40-percent of the attacks studied targeted companies with less than 1-thousand employees with the majority of those being in retail or the food industry.

Small businesses hold valuable data. Employee information like social security numbers and bank accounts, as well as customer payment information is all at risk. That’s not the only reason why hackers are targeting smaller businesses, however. Larger businesses also have this type of information and usually more of it. But, larger companies generally have stricter security policies, which make it difficult to hack into their network. Smaller companies are easier to steal data from so hackers target them more.

Attacks on small businesses rarely make the news. But, they are incredibly costly and often doom the business. In order to avoid becoming a victim, you need to put security in place. A one-size-fits-all approach isn’t the best method, however. To truly secure your business, you need a custom security infrastructure that addresses your specific needs and safeguards the areas most likely to be attacked.

For help improving your company’s security, contact Geek Rescue at 918-369-4335.

Security Flaw Discovered In iOS Apps

October 31st, 2013

Smartphone unlocked

There have been relatively few true threats to the security of iPhones compared to the amount of malware being produced for Android. A serious threat has recently emerged, however. Antone Gonsalves, of Network World, reports that a team of security experts uncovered a vulnerability in a large number of iOS apps. The flaw allows for a third party to intercept data and then send their own directly onto a user’s device.

The team is calling it “HTTP Request Hacking” because it allows hackers to intercept HTTP traffic between the app and server. The hacker can then tell the app to retrieve data from a different server, which usually involves putting malicious links on your iPhone and iPad. This method is particularly effective for news apps because the hackers can put fake links in the news stories, which cause malware to be downloaded when clicked.

Once a hacker gains control of the app, they can continue to send whatever data they want until the app is updated to close the security gap, or removed completely.

There is such a large number of affected apps that the security team couldn’t contact all of them directly. Instead, they opted to spread the word through the media. The vulnerability only affects apps using an HTTP connection. Most high quality apps use the more secure HTTPS connection.

There’s code available to fix the problem, but it’s much easier to just remove the app. If it’s using an HTTP connection, you probably shouldn’t be using it anyway.

This particular security flaw was specifically found for iOS and while it hasn’t been tested on Android, security experts note that it’s likely that would affect those users as well.

If you believe you have malware infecting any of your devices, come by or contact Geek Rescue at 918-369-4335. We will fix your phone, tablet or computer and help make sure you’re prepared for the next malware attack.

Windows XP Users At Increased Risk Of Malware Infection

October 30th, 2013

Windows

The Windows XP operating system was initially released in 2001. More than twelve years later, it still accounts for about a fifth of the operating systems in use on machines. This wouldn’t necessarily pose a problem, except that, as Kelly Jackson Higgins reports for Dark Reading, XP users are at a much greater risk of malware infections and Microsoft is cutting off support on April 8th, 2014.

While Windows 8 users and XP users encountered about the same amount of malware in the first half of 2013, XP machines were about six times more likely to be infected by attacks. Because the OS is so old, hackers have had more than a decade to develop malware for it and find security vulnerabilities. This means that malware attacks are likely to be highly effective because they specifically target known flaws. It’s also likely that users still using XP have not kept it updated properly. Many are likely behind on security patches and may not be running the latest antivirus programs either.

Security experts chalk up the high number of users stuck on XP to its familiarity. While Windows 7 and 8 have focused on better functionality, they’re also quite a bit different from XP. Instead of learning the ins and outs of a new OS, many users choose instead to stick with what’s comfortable.

So, what are these XP users risking? There are 3 types of malware that target these users the most. All are fast spreading worms that infect computers then spread to others.

  •  Sality- Steals personal information, changes security settings on infected machine
  • Ramnit- infects Windows executable files, Office files and HTML files
  • Vobfus- downloads other malware and spread with a USB flash drive

On April 8th, Microsoft won’t completely end support for Windows XP. But users will have to pay for a premium service for critical updates.

Geek Rescue cleans malware infections and fixes all of your devices. Bring your device by one of our locations or call us at 918-369-4335. If it boots up or turns on, we fix it.

Keys To Preventing Identity Theft Online

October 25th, 2013

Identity Theft stats infographicvia Experian

Identity theft is a real and costly threat. Even though it’s well publicized, many Americans fail to take the necessary precautions to prevent it and some even take actions that make it easier for criminals to steal valuable information.

As the included infographic notes, most Americans believe they’re doing enough to protect themselves online, but most also feel that they are at a significant risk of having their identity stolen. This may stem from a prevailing belief that there is no way to be completely secure. While that is true to an extent, there are certainly some steps every individual can, and should, take to protect their information.

  • Create stronger passwords using upper and lowercase letters, symbols and numbers. Then, use a different password for each online account.
  • Don’t post personal identifiable information like your birthdate, employer and education on social media. If you do, make sure you’re able to hide it from most users behind privacy settings.
  • Add security to mobile devices. Require passcodes to use smartphones and tablets and install security apps.
  • Before making any transaction online, check to see if the website is trusted and secure. Most trusted sites will use ‘https’ for secure communication.

The key to keeping your digital information safe is to protect it as much as you can. While it’s true you can’t be completely immune from cyber attacks or identity theft, by taking necessary precautions you significantly decrease the risk.

For additional help staying safe online, or to improve the security on your devices, call Geek Rescue at 918-369-4335.

Router’s Security Flaw Allows Hacking Remotely

October 25th, 2013

Router

Security vulnerabilities for wireless routers are extremely dangerous. For a typical user, it’s difficult to diagnose when your router has been hacked. Making matters worse is that many users don’t know how to update with new security patches, or don’t understand the risk of not having regularly updated firmware.

As Lucian Constantin, of ComputerWorld reports, these problems were clearly illustrated recently when a security researcher uncovered flaws in the security of some Netgear routers. The WNDR3700v4 model of Netgear’s N600 Dual-Band Gigabit Router let’s hackers bypass authentication when using the web based interface. When remote administration is turned on, the router’s settings and the user’s activity can be changed and monitored from anywhere.

There are numerous possibilities for criminals exploiting this security flaw. Traffic running through the router could be re-routed to malicious websites, internal network services could be exposed, and data transmitted through the router can be monitored and stolen.

Netgear faced a similar problem in July when the same vulnerability was discovered in the firmware of another model. They quickly released a patch, but have apparently failed to check other routers for the security flaw. Many users have also failed to take notice as one report notes about 73-percent of users with the vulnerable router have failed to update.

One security expert warns to never voluntarily turn on remote administration for any device. Not only does it expose you to the possibility of attacks, but it often contains bugs.

In order to protect your router, even if you aren’t using this particular Netgear model, is to use WPA2 protection and restrict access with a strong, unique password. Also, stay up to date with updates released by the manufacturer of your router.

For help improving the cyber security for any of your devices, at your home or business, call Geek Rescue at 918-369-4335.

Software’s Vulnerability Leads To Thousands Of Hacked Websites

October 24th, 2013

Weak link

Whether or not you’ve ever heard of vBulletin, you’ve likely visited a site that uses it. The software is designed for internet forums and distributed by Internet Brands Inc. As Brian Krebs reports on his security blog, a recent announcement from Internet Brands warned vBulletin users to the directories “/install” and “/core/install” from sites using the 4.x and 5.x versions of the software. This would close a security flaw. Unfortunately, 35-thousand sites failed to comply and were hacked via this vulnerability.

For sites that failed to remove the directories, hackers were able to easily find vulnerable forums and add malicious administrator accounts. Once they have administrator access to a site, a criminal has a number of harmful options.

A spokesman for vBulletin claims the 4.2.2 version of the software fixes the problem, as does the upcoming 5.1.0 version. However, he recommends always removing the install folder regardless of what version of the software is in use.

For those sites currently running versions 4.x or 5.x, it would be wise to check for two things. First, check to see if you removed the directories that cause the security vulnerability. Then, check on the administrator accounts on your site. Make sure there isn’t an additional account that’s been added maliciously.

Geek Rescue handles security for websites, networks and all kinds of devices. To get rid of existing malware, or to improve security to keep you safe from it, call Geek Rescue at 918-369-4335.

Securing Your Mobile Device For A BYOD World

October 23rd, 2013

Locked Tablet

The Bring Your Own Device trend is unavoidable. Because of the growing trend, cyber criminals are targeting mobile devices more. It’s more important than ever to properly secure smartphones and tablets since they’re now being used to access company data and valuable information.

Limiting the access each employee has is an important step to keeping your business from suffering a catastrophic data breach. As Laird Harrison, of Tech Page One, writes, there are also some device specifications that can be enabled to greatly impact security.

  • Use Passwords

It’s shocking how many tablets and smartphones have no security on their lock screen. Considering how many hacking stories start with a device being lost or stolen, it’s a must to require a password to unlock. The use of Apple’s new biometric recognition is another good step.

  • Allow Time-Out

When your device is dormant for an extended period of time, the screen should turn off and require a password to continue using it. This is called inactive time-out. Not only will it help to improve battery life, but it also makes the device harder to hack since it erases the possibility that a thief could find the device and use it without knowing the password.

  • Remote Access

By adding programs and enabling some options, you’ll be able to remotely view the data stored on a lost device. You’ll even be able to disable some applications and erase data that could be harmful in the wrong hands.

  • Encryption

It’s a good idea to encrypt all data stored on mobile devices, but at the very least, encrypt company related information. There are a number of programs available that will effectively encrypt the most vital data on your device.

These are just a few options mobile users can enable on their device to make them more secure. If you’re using a personal device to store or interact with company data, these are certainly necessary precautions. Even if you’re only using your device for personal use, these are still good ideas.

For help increasing the security on any of your devices, or to recover lost data or fix a device that isn’t working right, call Geek Rescue. If it boots up or turns on, we fix it. Call us at 918-369-4335.