March 31st, 2014
Email has become a tool that most of us check and use multiple times per day. Businesses run on email and it’s vital for many users to have constant access and an ability to quickly respond. Accessibility is one of the primary reasons that webmail has surged in popularity. Services like Gmail allow users to have access from virtually anywhere with very little downtime. As Alan Henry of LifeHacker explains, however, there are still some benefits to using desktop email clients like Microsoft Outlook.
While webmail is portable and mobile, it requires an internet connection even to read emails stored in your inbox. While there are fewer and fewer environments where you have to be without an internet connection, there are situations where you’re required to work without one. When that happens, desktop email has the advantage. With a platform like Outlook, you’ll be able to read old messages, organize your inbox and queue up responses to send once a connection is available. This helps you be productive in an otherwise unproductive environment or ensures that an email with valuable information is always available even when your internet connection is having issues.
Have you ever considered what would happen if your email account was suddenly deleted? If most users lose access to their account, they likely lose access to many contacts and vital information. That’s why it’s important to regularly back-up everything stored in your email and back-ups are much easier to create and manage yourself with desktop clients. You’re able to back-up messages stored in your inbox and sent folder, all of your contacts and even your folder structure. This way, if you need to change email provider’s or the unthinkable happens to your account, you’ll have everything you need to pick up where you left off.
To be clear, it’s certainly possible to encrypt webmail, but it usually requires handing at least some control over to a third party app or add-on. For the most secure encryption, you’ll want to store keys and generation tools yourself. To do that, you need a desktop email client. Email is constantly at risk to be hacked or messages intercepted. If you’re sending valuable information via email, you should at least be encrypting it. Effective encryption for desktop mail can be implemented quickly.
There are pros and cons to both webmail and desktop email so you’ll want to carefully diagnose how you regularly use email to help you decide which option is best for you.
Geek Rescue has all the email solutions you need. From hosting email, to setting up your office with Microsoft Exchange, to improving email security and fixing issues, we have the answers you need. Call us at 918-369-4335.
March 28th, 2014
A recent study found that many businesses are falling short on basic security measures. While many use antivirus programs and similar tools, they fail to implement them or monitor them correctly, or fail to keep them sufficiently updated. This leads to vulnerabilities that could allow for costly attacks. Brian Prince of Security Week reports on the common vulnerabilities contained in most companies’ security.
Managed security provides, Solutionary, recently released a report about common threats and vulnerabilities they’ve observed with their clients. In it, they find that while nearly all companies understand that using an antivirus program is a necessity, many of them fail to properly maintain it. Because malware and attacks are constantly evolving, it’s already incredibly difficult for security tools to detect threats. When those tools aren’t kept up to date with the latest definitions, it becomes almost impossible for them to provide any real security.
Solutionary found that less than half of the malware that they captured in honeypots was detected by their clients antivirus programs. Compounding that problem is that many of these malicious items downloaded more malware to infected networks, which also weren’t detected by the antivirus program in use.
Many of the vulnerabilities found in a company’s security resides in internal systems. Generally, this happens because external facing systems are a known attack point. Businesses usually spend the majority of their security budget on protecting them. Internal systems, like operating systems and applications like Microsoft Office are regarded as less important. Failing to properly update Windows, or applications leaves known vulnerabilities exposed. A vulnerability in Microsoft Word could lead to a network wide infection.
Missed updates for antivirus programs, operating systems and other applications happen because of a lack of asset management and because the IT security team doesn’t fully understand key pieces of the company’s infrastructure.
For help creating an effective security infrastructure for your business, call Geek Rescue at 918-369-4335.
March 27th, 2014
In a previous post, false positives were listed as a factor in ranking the best available security tools. Even for an individual user, false positives can hinder the effectiveness of your security infrastructure but they become significantly more costly when applied to an entire company’s network. Ken Westin of The State of Security explains how false positives and an over-emphasis of security contributes to an insecure environment.
When’s the last time you heard a car alarm and reacted like there was a car in the area being broken into? The car alarm is a perfect example of false positives causing a lack of security. They go off constantly, which has made people ignore them in every situation. They’re now just noise.
In the case of security tools, antivirus programs that flag every download as a potential virus or even those that constantly warn you about a new application running with access to the internet turn into noise. If nine out of ten of the alerts you get from your antivirus program are safe to ignore, the one legitimate warning will likely be ignored also.
In a corporate environment, when the different security tools running don’t communicate with each other, they all flag the same perceived threat. Again, this puts IT professionals in a situation where it’s habitual to ignore security alerts, rather than investigating them.
The gut reaction to a breach of security is to add to the number of tools protecting a network. While that may help protect previously uncovered endpoints, it also creates an overlap of the existing tools. Without an infrastructure that works together, you’re just creating more noise and no more protection. In the case of many more complex security resources, staff will spend an exorbitant amount of time debugging and integrating these tools, which significantly decreases the amount of time available to monitor and mitigate threats.
The tactics of attacks evolve quickly and there are more highly targeted attacks victimizing businesses than ever before. Since most security tools work by recognizing known characteristics and patterns of previous attacks, these tools are less effective at spotting and preventing threats to a network. That’s why it’s increasingly important to have a team in place to review data and activity so a breach can be detected early.
Effective network security requires and investment, but it needs to be made intelligently. For help creating a security infrastructure for your business, contact Geek Rescue at 918-369-4335.
March 27th, 2014
The older your computer gets, the slower it gets. That’s a widely accepted fact by many users. While there are some unavoidable decreases in performance over years of use, there are also ways to avoid slower performance and fix problems that cause it. At the BullGuard blog, Steve Bell explains some common reasons a computer may be running slower than usual.
One of the selling points of many new computers is how quickly they start up. Over time, most computers begin to take longer and longer to start, however. Much of this can be attributed to how many applications are set to run automatically every time the system boots up. Naturally, the more programs you’re asking your computer to run initially, the longer it will take your computer to start. Before complaining about a slow booting computer, uninstall programs you are no longer using. You’ll also want to look into what applications are starting automatically and change the settings on those that you don’t use constantly.
Your computer’s hard drive stores just about all the information you use on a daily basis. Over time, the performance of your hard drive will slow down. This is caused by fragmentation occurring in the data stored there because of adding and deleting files. It can also be caused by the hardware wearing out after hours and hours of use. On average, laptop hard drives last about 3-years. Desktop hard drives can be expected to last a little longer. Once they start to wear out and slow down, you’re at an increased risk of experiencing a total crash that wipes out everything stored on the drive. If your computer is running slow, run the defrag application on your machine and see if that helps. If not and your hard drive is more than 3 years old, it may need to be replaced.
You may notice that your system seems faster when you first start your computer but slows down the longer you use it. This is most likely caused by a lack of RAM, or Random Access Memory. RAM is a resource that gets used by each application currently running. The more RAM being used, the less is available to applications you try to open. Many computers have room to increase RAM, which can make your system significantly faster. The alternative is to limit the number of applications running at a given time.
If a decline in performance seems to happen overnight, the most likely culprit is that malware like viruses or trojans are stealing resources. Malware can infect your computer in a number of different ways and can be extremely difficult to find and remove completely. First, you’ll want to invest in an effective antivirus program and keep it updated. Installing a firewall and improving the security on your wireless router are also advisable.
If your computer seems sluggish, it usually means something is wrong. The good news is, it can be fixed and restored to normal.
If you’re having issues with any of your devices, come by Geek Rescue or give us a call at 918-369-4335.
March 26th, 2014
The danger of a zero-day exploit is that users are left vulnerable to a known vulnerability while a manufacturer scrambles to patch it. This can sometimes result in weeks of known vulnerabilities being available to attackers. The latest zero-day reported involves Microsoft Word and would allow for remote code execution if exploited. A post at the Symantec blog explains the details of this issue.
Microsoft has alerted the public through a security advisory that the Word exploit exists, but have not yet released a patch that fixes it. In the advisory, they report that attacks, although limited, have been observed using this exploit in the wild. Those attacks have only exploited Word 2010, but other versions are considered vulnerable. Those versions include Word 2003 and 2007, Office for Mac 2011, Office Web Apps 2010 and Office Web Apps Server 2013.
Unfortunately, there have been no specific details released about how attackers are exploiting the vulnerability. The issue comes from opening a malicious .RTF file with Word. But, even previewing an .RTF file attached to an email in Outlook could allow an attacker access to a user’s system. So, the attack could stem from malicious email attachments, or it could stem from websites that trick users into downloading and opening a file.
There has been a temporary solution released through Microsoft’s FixIt tool, which makes it impossible for Word to open any .RTF document until a more permanent solution is found. Similarly, Outlook can be configured so that previews of attachments open as plain text, rather than through Word, which would also serve as a temporary solution, but could also be a safer way to operate from now on.
All Word and Outlook users are urged to watch for a patch that fixes this vulnerability and update as soon as it’s made available.
At Geek Rescue, we help help make your computer and your network as secure as possible. We also help you recover from attacks. Call us at 918-369-4335.
March 25th, 2014
A primary concern for computer users is avoiding malware. Unfortunately, not all users make it a priority and often put themselves at risk by foregoing proper security tools. Surfing the web without antivirus or anti-malware applications in place is asking for trouble. But, with so many options available, how do you know which security tools are most effective? As Larry Seltzer of ZDNet reports, a recent test conducted by AV-Test Institute set out to find the anti-malware programs that are most trustworthy for Windows 7 users.
AV-Test Institute brought in a total of 34 anti-malware products to test with 9 being for business and 25 for consumers. The testing involved malware detection, zero-day exploits with no signatures detection, performance impact and false positives.
A good anti-malware program will be able to operate without slowing down your system. It’s also capable of detecting malware before it infects your system and capable of spotting zero-day exploits based on suspicious characteristics. The product that scored the best in these tests was Trend Micro’s Office Scanner 10.6. The top scoring consumer product was Bitdefender Endpoint Security.
Multiple products were able to detect all of the malware used in the test. On average, 94-percent of the zero-day malware was also detected.
Bitdefender’s consumer entry was able to detect all malware with no false positives and tied for the top score in the performance impact testing. Trend Micro’s Office Scanner was also able to detect all malware and scored the highest possible score on performance impact, but wasn’t able to make it through testing without any false positives.
For a full list of results and products tested, visit AV-Test.
With an effective anti-malware program in place, like many of those tested, users can feel secure and know that malware will be detected before it can do any real damage. Security programs need to be updated constantly, however, to give them any hope of detecting the latest malware threats.
If you’ve been infected by malware or would like to explore your options for better security, either at home or the office, call Geek Rescue at 918-369-4335.
March 25th, 2014
Last year, HTC introduced the One as its flagship smartphone. Even with critical acclaim, the device wasn’t as big a hit as the company hoped. This year, HTC will try again with the release of the One M8. Brian Bennett of CNet reports on the specs and features that could make the HTC One M8 your next smartphone.
The first thing you’ll notice about the M8 is the solid body completely constructed from aluminum. The sealed chassis isn’t waterproof and it prevents users from removing the battery, but it also makes the device feel solid and definitely not cheap. The screen is a full 5-inches across, which is a slight upgrade over even the original One’s screen. There are dual, front-facing speakers branded by HTC as BoomSound. They’re regarded as capable of producing some of the best sound available from a mobile device. You’ll also find a state of the art 2.3 GHz quad-core Snapdragon processor and 2 GB of RAM. Most notably lacking from the M8 is a fingerprint scanner. Certainly not mandatory, but a little surprising considering Apple and Samsung have begun including them in their top of the line phones.
The display on the huge screen is an IPS LCD with full HD resolution. The pixel density is actually a little lower than the original One because of the slight increase in screen size. The most recent Samsung devices offer more vibrant colors and truer blacks, but the M8’s display is regarded as more than adequate.
Perhaps the biggest difference between the One and the M8 is the improvement in the camera. The M8 features dual lenses and a dual-LED flash. Both lenses are located on the back of the phone and while the larger of the two tackles the heavy lifting of picture taking, the smaller is for depth perception. This allows for users to re-focus images after they’ve been captured. While this is a neat trick, unfortunately the images captured with the M8’s camera are a little underwhelming. There’s no sharp focus or vibrant color, which means images appear soft. Varied lighting conditions are also a problem.
With it’s brand new processor, the M8 was able to break records in benchmark testing. There’s no lag with this device in everyday functions, which includes photo editing. Call quality didn’t wow as much as the processing speeds, but didn’t disappoint either. With its large, 2600mAh battery, the M8 also enjoyed nearly ten hours of use during CNet’s battery testing.
The M8 runs the latest Android operating system, version 4.4.2. It’s scheduled to be released today at a launch party and made available at stores soon.
Whether you’ve bought the latest smartphone or still have an older model, Geek Rescue fixes whatever goes wrong. For malware infections, broken hardware and more, call us at 918-369-4335.
March 24th, 2014
Regardless of what mobile operating system you use, there’s bound to be some security flaws. The latest issue is a way for malicious apps on Android devices to receive elevated privileges without a user’s knowledge. Adrian Kingsley-Hughes of ZDNet reports on these so-called “Pileup flaws”.
Pileup is short for privilege escalation through updating, which adequately describes this type of attack.
Each time an update for a device’s current operating system is installed, which can be as often as every few months, a user is at risk. Updates require thousands of files to either be replaced or added to a device. This includes carefully adding new apps without damaging or changing any existing apps. This method creates a vulnerability.
If an existing app is malicious in nature, it’s developer can request additional permissions that are only available in an updated operating system. Those permissions won’t affect users before they update and an app may seem legitimate. Once the user updates, however, those permissions are automatically granted with no warning or verification required from the user.
This way, an app can lay dormant until the user updates, then take control of a device. With expanded privileges, malicious apps can control text messages, download malware and monitor activity.
In a similar attack, malicious apps with the same name as a trusted system app can be upgraded to a system app during an update. This gives malicious third party apps the power to access nearly everything on a device and control functions.
Researchers claim to have found six examples of Pileup vulnerabilities in Android devices, which puts about a billion total devices at risk. Google has been alerted about these vulnerabilities and has already begun patching them.
Discoveries like this reinforce how important it is to exercise caution when downloading apps. Only download from the official app store and, even then, be cautious about what you decide to add to your device.
If your device has been infected with malware or you’re having other issues, bring it to Geek Rescue or call us at 918-369-4335.
March 21st, 2014
There are many tools and applications available to keep your information and your network safe from attacks. When it comes to online accounts, however, security starts from the user’s end with effective passwords. A strong password doesn’t guarantee that your account will never be compromised, but it does protect you from a number of attacks a weaker password would succumb to. At About, Andy O’Donnell explains the characteristics of strong passwords so you can create one for all of your online accounts.
Most brute force attempts at cracking your password involve guessing off of a set list of common passwords. The more random your password is, the less likely it will be guessed by an attacker.
Random is good, but not if it’s still overly simple. Passwords that only use letters or only use numbers are much easier to crack than those that use both. Adding symbols into your password will further strengthen it.
Longer passwords take much longer to crack than shorter passwords. The reason is simple mathematics. When a password is 12-characters long, there are 12 different blanks to fill in and millions of different combinations. A password that’s only 5-characters long drastically cuts down on the number of combinations possible.
Everyone has so many accounts online, it’s almost impossible to remember a unique password for each one. That’s why many users opt to use the same password for multiple websites. That creates the possibility, however, that if one of your accounts is compromised, all of them will be. Some sites don’t use as robust security as others. So, using the same password for your bank as you do for an online message board is creating an easier path for criminals to infiltrate your bank account.
Everyone knows that ‘12345’ is a weak password, but some users believe that “qwerty” is strong. It isn’t an actual word, but attackers know this is a popular password. If typing your password forms a pattern on the keyboard, it’s likely going to be guessed in the case of an attack.
Many websites have started demanding users use longer passwords by implementing a minimum character length. To get around that, some users simply put in the same password twice. That breaks a number of these rules, however. It forms a pattern and isn’t random.
There are a number of ways a criminal can break into one of your online accounts. More intelligent attacks are even able to circumvent the number of failed log-in attempts some sites limit you to. To stay safe, you need a strong password that’s changed regularly.
If you are the victim of an attack and need help getting rid of malware or implementing better security, call Geek Rescue at 918-369-4335.
March 20th, 2014
There are a number of resources online to help you protect yourself from malware infections. From security tools to tips and best practices for avoiding malware, it’s fairly easy to learn how to create an effective security infrastructure for your home network. What happens if malware is still able to get through, however? At the BullGuard blog, Kirsten Dunlaevy published a list of helpful signs that your computer may have been infected. Here’s what you need to watch for.
We’ve all experienced the frustration of having your computer freeze while you’re in the middle of working on it. That could be a one-time problem, a compatibility issue with an application or it could hint at a malware infection. If you’re seeing a growing number of problems like freezes, sudden shut downs or restarts and applications not working properly, the most likely cause of your problems is malware.
The internet used to run on pop-ups, but most legitimate sites have stopped using them. Now, if you see pop-ups, it usually means you’re on a site that’s not trustworthy or that you’ve been infected with malware. Especially if you see pop-ups when you aren’t using a web browser, it’s likely that there malware hiding somewhere on your system.
- Suspicious email and social media messages
Even if your computer is absent of any other signs of malware, your email and social media profiles may tell a different story. Be sure to regularly check the “Sent” folder of your email to make sure that everything that appears there is actually messages you’ve sent. If you see messages with suspicious looking subjects, it’s likely that malware has been used to hack your email and spam your contacts. Similar problems can plague your social media profiles. Facebook and Twitter are particularly at risk.
If your computer has none of the above problems and seems to run normally, it doesn’t necessarily prove the absence of malware. As threats grow more intelligent, they’re increasingly able to hide evidence of their actions. Some malware tampers with antivirus applications to make it appear that your system is clean when it’s not. Or, malware can even trigger a false positive to make you feel secure after dealing with the supposed threat.
Keeping malware from infecting your computer starts with putting security tools in place and practicing smart, safe surfing online. Then, it’s important to stay vigilant and watch for signs of infections. Also, be aware of actions you take that could potentially lead to a malware infection.
If you’ve been infected with malware, or are just having issues with any of your devices for unknown reasons, call Geek Rescue at 918-369-4335.