January 31st, 2014
Even though 2014 is only a month old, it’s already become clear that this year will feature many large scale malware attacks on smartphones and mobile devices. Mobile security has been a focus for many this year because of the growing number of attacks being seen and the malware being produced specifically for the mobile audience. At SC Magazine, Adam Greenberg reports on the latest mobile malware threat that has already infected more than 350-thousand devices.
The malware targets Android devices and has been spotted in China, Spain, Brazil, Germany and the United States. Known as Android.Oldboot.1.origin, the malware operates as a bootkit and is difficult to remove.
The malware is designed to download and install new applications to your device, or even remove existing applications. This allows for additional malicious applications to be added and security apps to be removed.
The particularly noteworthy characteristic of this malware is how resilient it is. During the initial infection, the malware, which is categorized as a trojan, is extracted when the device is turned on. This makes it more difficult to detect than other malware that attempt extraction while the device is in operation. That also allows it to continue to infect a device even when most traces of the trojan have been removed. As long as part of the malware remains in the device’s memory, it is reinstalled and extracted every time the device is rebooted.
This particular threat seems to follow a more complicated infection method that involves reflashing a device with new firmware. Staying safe from most mobile malware, however, stems from being extremely cautious of what you download to your device and what links you follow.
If any of your devices are suffering from a malware infection, come by Geek Rescue or call us at 918-369-4335.
January 30th, 2014
Planning is a key step to effective data security for your business. If you know how you’re likely to be attacked, you’ll know how to best protect yourself. At PC World, Tony Bradley published a list of security threats he expects to be common throughout 2014.
The time when you could consider your smartphone immune from the dangers of malware has passed. With a large percentage of the population not only using mobile devices, but using them to access critical data, criminals have begun heavily targeting them with mobile-specific malware. And infection can stem from a number of places. Email, malicious links and text messaging are all popular modes of malware infection, but even connecting to an infected computer via USB has been the root of infection in some attacks.
You’ve likely seen this buzzword in the media and it refers to the growing number 0f items with internet capabilities. Your refrigerator, car, home security system, baby monitor and many other common items can now be online and controlled remotely. While this may present a convenience for you, it also poses a security risk as hackers may also be able to gain control of your things. We’ve already seen a refrigerator used as part of a botnet. Be aware that if an item in your home or business can connect to the internet, it can be hacked.
Patches and security updates for this operating system will be discontinued by Microsoft this April. While Microsoft Security Essentials will receive support until the summer of 2015, this still presents a significant security issue. A large portion of the world’s desktop computers, particularly in offices, are still running XP. Worse is that kiosks and other embedded devices also run off of XP. When Microsoft stops supporting their old operating system, developers will also likely stop releasing updates for their XP applications. This leaves users in a frozen state where known exploits won’t be fixed. Some security experts are forecasting that hackers will wait until support stops and then launch all out attacks on XP systems.
Due to the success of attacks, like those on Target and Nieman Marcus, expect large scale data breaches to continue. Cyber criminals understand how valuable data can be and are willing to launch intelligent attacks to steal it. Staying protected requires planning, putting proper security tools in place and being smart about what you download and who you allow on your network.
For help improving the security at your company or on your home PC, call Geek Rescue at 918-369-4335.
January 29th, 2014
About a third of Americans over the age of 18 own a tablet. That kind of wide spread adoption means there’s always a large portion of people in the market for a new device. The most popular options are generally regarded as the Apple tablets, but Amazon’s offering of the Kindle Fire has gained a fair share of the market. At Gizmag, Will Shanklin pitted the Kindle Fire HDX 8.9 against both the iPad Air and the Retina iPad Mini. Here are the results.
The first thing most consumers look at when buying a tablet is screen size. These three represent the full range of options. The iPad Mini at 7.9-inches is the smallest of the bunch. The Kindle Fire HDX offers an 8.9-inch screen, while the iPad Air is a full-size 9.7-inches. While each offers high resolution displays, the Kindle is actually the sharpest. It features 339 pixels per inch, compared to 326 on the iPad Mini and 264 on the iPad Air. The nod also goes to the Kindle for color accuracy.
In the actual construction of the tablets, the Apple products boast that familiar anodized aluminum, while the Kindle is matte plastic.
All three devices feature typical battery life of about nine to ten hours, which is outstanding. And all three feature powerful processors that are more than capable of handling your typical uses.
The most notable difference between these tablets is the app store. While the Apple tablets have the largest selection of apps, the Kindle suffers a bit from limited selection. Amazon’s Appstore features fewer options than Google Play, but for most users that won’t be a big issue. All the most popular apps, like Facebook, Twitter, Netflix, Candy Crush and Angry Birds are available. The advantage for Kindle adopters is the inclusion of the Mayday button, which allows you to instantly connect with a customer service representative. Don’t worry, while you can see them, they only see your screen.
Apple users will have Siri and those other familiar services all starting with ‘i’. There are also Google services apps available that aren’t for the Kindle.
The cost of each device will make the decision for many users. The Kindle Fire HDX is the cheapest retailing at $380 for the 16 GB model. The 16 GB Retina iPad Mini starts at $400 and the iPad Air at $500. You’re getting a top of the line tablet with any of these choices, but that’s understandably not always worth the money.
Regardless of what tablet you choose, Geek Rescue fixes it when you have problems. For malware, software or hardware issues, call us at 918-369-4335.
January 29th, 2014
If you’re a laptop or tablet user, you understand how important it is to get the most out of one battery charge. Adjusting settings can earn you some extra time, but optimizing the applications you use is another way to improve battery life. At 7Tutorials, Ciprian Adrian Rusen tested the five most popular web browsers on three different devices to find out which provided the biggest boost in battery life.
Tests on each device were run with ‘balanced’ power plans. Screens on each device were set to never turn off in order to simulate a constant browsing experience. Each device tested browsers Microsoft Internet Explorer 11, both the touch and desktop versions, Google Chrome 32, Mozilla Firefox 26, and Opera 18. All devices were running Windows 8.1 as their operating system.
This tablet featured an Intel Atom processor running at 1.33 GHz and 2 GB of RAM. It featured the longest battery life of any of the devices tested and also the largest discrepancy between a browser’s affect on battery life. Internet Explorer Touch performed the best lasting eight hours and 52 minutes on a single charge. IE’s Desktop version lasted about an hour less, while Chrome and Firefox each ran out of battery after about six and a half hours. Opera lasted six hours and 11 minutes.
- Microsoft Surface Pro 2 tablet
This tablet is much more powerful than the Toshiba Encore and the battery life reflected that. The Surface Pro 2 had a quad-core Intel Core processor running at 1.6 GHZ and 8 GB of RAM. The best browser was again Internet Explorer, but this time the Desktop version outperformed the Touch by about an hour. Firefox lasted four hours and 22 minutes, which was good for second. Opera allowed for three hours and 56 minutes of battery life, which made it ten minutes better than IE Touch. Chrome was the worst performing browser in this test, dying before the three and a half hour mark.
The lone laptop in the test is also the only used device. The battery life was described as poor and even the top performing browser couldn’t last 90-minutes. It also featured a quad-core Intel Core processor. It also had 6 GB of RAM and a much larger hard drive than the tablets. The original battery had been replaced with a generic that fit the same specs. Once again, IE’d Desktop browser was the top performer at an hour and 25 minutes. The difference between the top browser and the worst, IE’s Touch, however was a scant 12-minutes.
The findings from this test suggest that Internet Explorer will likely give your device a longer battery life. Depending on the age of your device and the efficiency of your battery, a different browser might not make much of a difference, however.
If your device is suffering from poor battery life, slow performance or broken hardware, fix it by calling Geek Rescue at 918-369-4335.
January 28th, 2014
The threat of Cryptolocker style malware has been around for months, but evolving threats continue to emerge. Copycats and other forms of ransomware are being churned out due to the ease of production and the immediate benefits. As Ken Westin reports for State of Security, the latest variant of Cryptolocker is being spread through Yahoo messenger.
The malware was first spotted in Asia where it victimized a number of financial institutions. The nature of this ransomware allows it to spread quickly, however. Much like a malicious email that infects one computer, then emails itself to every contact in a user’s address book, this malware infects a computer and then sends a malicious file to contacts through Yahoo messenger.
First, you receive a message from a contact on Messenger. It appears to be an image file called “YOURS.JPG” but the actual extension is .exe. With some clever social engineering, users are coaxed to download and open the file. Once opened, the malware goes to work adding files to your system and injecting code into memory. Eventually, the malware begins encrypting files and locking down your computer.
Users are presented an alert that their files are encrypted and given a ransom note that demands payment to unlock their computer. New encryption keys are used in each attack, making decryption particularly difficult, if not impossible. While you deal with the encryption of your files, the malware spreads itself to new victims by sending the malicious file to your contacts.
As with other forms of ransomware, the best protection is to avoid infection. Even trusted contacts can send you malicious files. Even if you’re expecting a file to be sent to you over email or instant messaging, be sure to check it thoroughly before opening.
If your computer is infected with any type of malware, contact Geek Rescue at 918-369-4335.
January 28th, 2014
Generally, pieces of malware only harmful to the devices they target. For example, malware designed for Windows won’t be harmful to mobile devices, or vice versa. However, researchers have seen examples of malware that infects Android devices with the ultimate goal of infecting a PC connected to them. Now, as the Symantec blog reports, there is evidence of malware that infects PCs with the ultimate goal of infecting an Android device that connects via USB.
So far, there’s been no official word about how the malware, known as Trojan.Droidpak, infects PCs. Once it’s downloaded, the trojan begins adding malicious files to your system. First, a DLL registers itself as a system service. Then, a configuration file is automatically downloaded. Then a malicious APK and ADB (Android Debug Bridge). If an Android device is connected to the infected PC, an installation of the APK and ADB files is attempted repeatedly to ensure infection of the mobile device.
To be successful, the malware requires USB debugging mode to be enabled. To check if your phone allows debugging mode, go to ‘Applications’ in the settings menu. Then, select ‘Development’ and you’ll see an option to allow debugging mode when your phone is connected to a PC via USB.
If the malware successfully infects your smartphone or tablet, it disguises itself as an application called ‘Google App Store’ that even steals the Play Store logo. This particular trojan specifically looks for banking applications. When found, a user is prompted to delete that version of the banking app and replace it. The replacement app is a malicious version used to steal financial data and log-ins. The malware is also able to intercept text messages and forward them to a third party.
The good news is that currently the trojan only targets Korean banking apps, but it’s easy to see how this malware could be adjusted to start targeting US Android users. Turning off USB debugging mode is a good start and you should also turn off the AutoRun feature on your PC when connecting another device.
If your PC, smartphone, tablet or any of your devices are infected with malware, bring them to Geek Rescue or call us at 918-369-4335.
January 27th, 2014
Since every company is so reliant on technology, it’s extremely important to have a reliable, efficient IT department behind you. Some business owners aren’t sure how to judge their IT team performance, however. At the Cup of Joe blog, Joe Stangarone published some common traits of effective IT departments so you’ll know what to expect from yours.
It sounds simplistic, but the role of IT and their goals have to be clearly defined if they’re to be successful. To define their role, you must communicate with them to educate them on what’s needed and discover what’s possible. Above everything else, you need to define what success is for them and understand how they’ll attain it.
Once they know what direction they’re moving in, IT should be measuring their success and trying to improve. There are a number of metrics available, but truly effective IT departments will forego so called “vanity metrics” and instead track metrics that help them improve their performance. These are a measure of statistics that have a direct cause and effect on the team’s effectiveness.
A common problem of IT departments is that they are overloaded with help tickets and putting out fires. Taking this reactive approach means your IT is limited to a help desk, rather than a problem solving department. Instead of constantly having to solve similar problems over and over, these problems need to be solved on a deeper level so that users stop encountering them. Then, IT can concentrate more time on improving their infrastructure and the overall efficiency of the business.
Similarly, the goal of effective IT departments involves creating self-sufficient users. To do this, IT must not be “gatekeepers”, but rather give users access to all of the tools and applications they need to perform their duties. This benefits them as they’ll spend less time helping users solve common problems and also will encourage fewer users to go around IT when implementing a new device or new software.
These traits make an IT department more focused, more effective and more efficient. To obtain a department that runs on this scale requires an investment, however. If your company needs the benefits of an IT department without the investment in salaries, contact Geek Rescue. We offer a variety of services that make us your on-call IT department.
January 27th, 2014
There are still some users who don’t enjoy interacting with Apple’s iOS on their iPhone or iPad. For many of these users, their frustrations stem from not knowing the full capabilities and functionality of the operating system. At LifeHacker, Whitson Gordon has a list of shortcuts that make interacting with iOS more efficient. While some more advanced users will know many of these, there’s something for everyone to learn.
For most users, this has become intuitive. But, some don’t realize that this gesture refreshes in nearly every situation. Pulling your email’s inbox down to check for new messages may be common knowledge, but you can also pull down a webpage to re-load it or pull down an app to refresh the content. Just make sure you pull down until you see an icon, then release to refresh.
- Swipe for timestamps or more options
One common complaint about messaging in iOS is that timestamps aren’t included. Actually, they are but they’re not visible. To see when a message was sent or received, swipe left on the message. Use the same swipe over an email in Mail inbox to see more options, like a quick way to delete.
This is another gesture that works in nearly any situation in iOS. To go back one screen, or even back to the previous webpage, swipe from left to right. If you swipe slowly, you’ll be able to preview the previous screen before you decide to go back. If you swipe the opposite direction in Mail or Safari, you can go forward a screen.
It feels a little cumbersome typing on an iPad’s digital keyboard. There’s a second option that not everyone knows about, however. Hold down the keyboard key, or just simply pull the keyboard apart to get a more comfortable split keyboard. Now, you can type with your thumbs like you do with a smartphone and you can move the keyboard to anywhere on the screen.
- Quick event changes in Calendar
If an event you’ve stored in Calendar needs to be changed, you could edit it and type in the new details. An easier way, however, is to hold down on the event in Day mode, then move the event to a new day or time, or even change the duration.
- Quickly view drafts in Mail
Any saved drafts of messages are available in Mail’s main menu with the rest of the folders, but to reach them quicker, just hold down on ‘Compose’. A list of your drafts will pop up as a menu you can choose from.
These tips allow you to access functions of your Apple device faster and use it more efficiently. If you have other problems with your device, like slow performance, malware infections or broken hardware, come by Geek Rescue or give us a call at 918-369-4335.
January 24th, 2014
Previously, we outlined three security vulnerabilities that exist on your iPhone. With malware and hackers targeting iPhones more than ever, you not only need to know where you are vulnerable, but also how to protect your device. Steve Bell of Bullguard has a list of tactics and apps that will improve the security of your iPhone.
This isn’t technically an app, although there is one available. Find My iPhone is well-known, but it’s an indispensable tool. To activate it, go to your iPhone’s settings, then select ‘iCloud’ and check the ‘Find My iPhone’ option. Then, if your phone is lost, you’ll be able to log-in to iTunes and see its current location, display a message on its screen, play a sound, lock it or wipe it clean. The Find My iPhone app lets allows you to find other iOS devices from your iPhone. Also, consider using GadgetTrak, which offers similar features to Find My iPhone but will also use your phone’s camera to take a picture of its surroundings or its thief.
There are a large number of iPhone users that don’t lock their phones with any type of passcode. While locking your phone doesn’t provide robust security, an unlocked phone is a much more attractive target for criminals. Set a passcode by going to the general settings menu and selecting ‘Passcode Lock’. It’s also important to make sure that no one can use Siri unless your iPhone is unlocked. This is a slight security vulnerability that can be fixed by turning your phone on to the passcode screen and sliding the Siri slider to off.
Using your computer to back-up data is a great idea in case your phone is lost or stolen or data is corrupted. But, storing it unencrypted makes it easy for hackers to steal it if they gain access to your computer. Make sure when you sync your iPhone or iPod to your computer with iTunes, you encrypt the data you back-up.
If you regularly connect to public WiFi and want to be able to log-in to online accounts or shop online with your phone, you need this app. A VPN encrypts the data you transmit while connected to a wireless network so it can’t be intercepted and stolen. Hotspot Shield also protects you from spam, phishing and malware. Using a unsecured network is a common way your identity is stolen or device infected. Using a VPN is a great way to protect yourself.
Sometimes, the best defense against cyber crime is to be smart about how you use your iPhone. Don’t download apps outside the official app store, don’t download email attachments and don’t enter personal information over an unsecured network. Avoiding the cause of issues helps you stay safe.
If any of your devices are having issues, like slow performance or malware infection, come by Geek Rescue or call us at 918-369-4335.
January 24th, 2014
Recently, we’ve concentrated on the various threats associated with Android devices and their users. But there are security threats for Apple device users to concern themselves with also. With more than 300-million active iPhones in use today, Apple products make an attractive target for cyber criminals. At the Bullguard blog, Steve Bell revealed three of the most troubling security vulnerabilities associated with iPhones. These vulnerabilities come from studies focusing on banking apps specifically, but also suggest other potential security flaws in other downloaded apps.
In order to secure connections between a web server and a browser, SSL certificates are used. These are small data files that contain a cryptographic key protecting the information being transmitted. This presents man in the middle attacks because if the data is intercepted without the proper key, it will remain encrypted. About 40-percent of the banking apps examined failed to validate the authenticity of SSL certificates used during transactions. That means any criminal who is able to intercept the data being transferred would be able to steal it and read it. Considering what type of valuable information you would commonly transmit using a banking app, that’s extremely troubling.
Many apps contain links that take users out of the app and onto the open web. These links can cause problems of their own if not properly implemented. In this study, nine out of ten of the banking apps contained non-SSL links to otherwise legitimate and trusted websites. Without the protection of encryption, however, these links are incredibly vulnerable to attacks. Data transmitted after following those links could be intercepted and criminals could even reroute users to a spoofed site in order to steal log-in credentials.
Apple’s iOS is considered a well-crafted, essentially secure environment, but vulnerabilities still exist with the introduction of apps. Though these apps may be found in the official App Store, they can still contain flaws that compromise your entire iPhone’s security.
If your having issues with your iPhone, or any of your devices, bring them to Geek Rescue or call us at 918-369-4335.