Hyphenet's IT Blog

This Day in Tech History: July 9

2014-07-09T12:01:00.000-07:00

Gil Amelio Ousted from Apple

Today in tech history on July 9, 1997, Apple Computer announced the resignation of Gil Amelio as CEO.
Amelio was ousted by the board of directors and his departure paved the way for Steve Jobs to re-take command of Apple.

It was the ousting of Amelio who brought Mr.Jobs back into Apple by purchasing Jobs’ company NeXT .
NeXT was used as a basis for the Mac operating system.

Donkey Kong and Mario’s Birthday

On July 9, 1981, the two most famous character video games were released for sale.

Donkey Kong, created by Nintendo, a Japanese playing card and toy company turned into an enthusiastic video game developer.

The game took off in the North American market.

The video game had challenges with acquiring a license to create a video game based on the Popeye character.

Nintendo decided to create a game depicting the characteristics and constant battle between Popeye and Bluto.

Donkey Kong is named after the game’s villain, which is a pet gorilla that has gone rogue.

The game’s original hero was called Jumpman, but then renamed Mario, once the game became popular and Nintendo decided to use the character in future games.

The similarity between Donkey Kong and King Kong landed Nintendo with a lawsuit.

Because Kong, is a common Japanese slang for gorilla, the lawsuit was ruled in favor of Nintendo.

Donkey Kong successfully helped Nintendo become one of the dominant companies in the video game market.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:
Brown, Marcel
This Day in Tech History
http://thisdayintechhistory.com/07/09/gil-amelio-ousted-from-apple/

Did you see Apple Co-Founder Steve Wozniak in Line for the iPhone 4S?

Fake iPads Being Sold in Southern States

Which Tech Gadgets Top the Holiday Wishlist for 2011? [INFOGRAPHIC]

New Mac Trojan Exploiting Same [Patched] Java

Microsoft Patch Inconsistencies

2014-07-07T09:55:00.002-07:00

It's been a busy week for Microsoft. The email patch on Tuesday was stopped by Microsoft, then they changed their mind. The Redmondians (Microsoft's headquarters ) sent out a decree last Friday stating that email notifications of security advisories are coming to a stop on July 1st. The decree mentions "changing governmental policies concerning the insurance of automated electronic messaging". This new Canadian anti-spam law takes effect on July 1st. The announcement is as followed:

Notice to IT professionals:

As of July 1, 2014, due to changing governmental policies concerning the issuance of automated electronic messaging, Microsoft is suspending the use of email notifications that announce the following:

* Security bulletin advance notifications

* Security bulletin summaries

* New security advisories and bulletins

* Major and minor revisions to security advisories and bulletins

The new law attempts to rid of annoying spam email, it is required to consent for a commercial business to communicate through email, text message and social media messages. Canada's moving from email opt-OUT to email opt-IN. Penalties stated in the notice say, if your business sends a notice of a special sale to someone who only signed up for an e-newsletter, and the party complains then:

Your business may be fined up to $10,000,000
Your CEO, and each officer, may be fined up to $1,000,000
Your Marketing Agency may be fined up to $10,000,000
You, as an individual, may be fined $10,000

Canada couldn't understand how Microsoft could be misreading the law like this. Neil Schwartzman, executive director of the Coalition Against Unsolicited Commercial Email (CAUCE), and CASL accommodates emails concerning warranty and product safety and security alerts. This means Microsoft's security advisories would be exempt.

He quotes Schwartzman:

I am at a complete and total loss to understand how the people in Redmond made such an apparently panicked decision ... This is the first company I know of that’s been that dumb.
CAUCE board member Jeff Williams, a former group program manager at Microsoft’s Malware Protection Center, told Krebs that Microsoft’s decision likely could be attributed to having come out of a tough choice rather than a lack of legal understanding or grey matter:

I can imagine the discussion and wondering among the lawyers and [Microsoft] whether they should try to get hundreds of millions of opt-ins before June 30 or if they should change the way they share info. I’m sure it wasn’t an easy decision, but I wouldn’t call it an overreaction.
But, fear not, Microsoft has now performed a restart on its security notifications. A spokesperson told Brian Krebs late yesterday that Microsoft will be re-starting its emails early in July.

On June 27, 2014, Microsoft notified customers that we were suspending Microsoft Security Notifications due to changing governmental policies concerning the issuance of automated electronic messaging. We have reviewed our processes and will resume these security notifications with our monthly Advanced Notification Service (ANS) on July 3, 2014. [via: NakedSecurity]

We stay up-to-date on patches and notifications, stay tunes with us for more updates! Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+. Referenced: Vaas, Lisa Microsoft stops Patch Tuesday emails, blames Canada, then does U-turn http://nakedsecurity.sophos.com/2014/07/01/microsoft-stops-patch-tuesday-emails-blames.../ Published: July 1, 2014

Microsoft drops Windows XP, protect yourself now!

Windows Updates Failing to Install? Try Using Windows Troubleshooter

Microsoft, Apple, Google and Facebook tighten grip on NSA spying

Windows XP is ending, are you

Publishers Clearing House Scam Alert

2014-07-07T09:52:00.000-07:00

Everyone wants to win the lottery! There’s a dream within all of us that wins a ginormous amount of money or a major sweepstakes.

Sometimes people get too caught up in the idea of becoming a millionaire and lose touch with reality.

There’s something about the chance of winning something great that gets us to fantasize the possibility of it really happening.

This is an avenue that con artists take advantage of.

Often, Publishers Clearing House, a legitimate business, is used as bait.

The multi-million dollar giveaway from Publishers Clearing House are among the highest paying sweepstakes that receives millions of entries weekly.

So how do you know if you are entering into a legitimate sweepstakes or a scam?

If you receive an email, telephone call, or bulk mail letter saying that you’ve won a big prize, it’s a scam. If you actually won anything from PCH, you would receive a certified or express letter or get an in person visit!
Receiving a check does not mean it’s a valid. It’s nothing more than a piece of paper.
Never trust anyone asking you to send them money. PCH will not ask you to send them money in order to receive money.

Here are a few emails received from the fake PCH:

“I just received a notice in the mail supposedly from Publishers Clearing House. They are saying that I have won a sweepstakes. Is this real?”
“I received a win letter along with a check from Publishers Clearing House to cover expenses. Did I really win?”
“Publishers Clearing House keeps calling and saying I’ve won $100,000,000. They say I have to pay 1% in taxes before they release the prize. What should I do?”

You can go directly to the site to get more tips from PCH.com here.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:
Lawrence, Shelby
Publishers Clearing House Scam Alert – ArkLaTex
http://www.arklatexhomepage.com/story/d/story/publishers-clearing-house-scam…

Hoax Alert: Facebook to Start Charging Membership Fees?

Even Nigerian Scammers Admit Advanced Fee Schemes Are All “Lies and Deceit”

PayPal Transaction

Top 10 Tips for Computer Security

2014-06-25T17:03:00.000-07:00

Being in the Internet Age, we use computers to pay bills online, go shopping, take college courses, and endlessly entertain ourselves.

Before you allow the computer to consume your whole life, take the necessary steps to ensure your finances stay personal.

Use passwords for protection
Get your guard up
Up the ‘anti’ with software
Run scans to stay current
Take wireless precautions
Pump up password protocol
Watch out for attachments and downloads
Avoid going public
Watch your phones and PDAs
Clean up your computer

These are all ‘best practices’ for technical security precautions.

Following these precautions will help you keep your data and personal information safe. Be sure to never run your computer as administrator unless you must do so for a specific task.

Maintain your software and be sure to run updates on your device.

By backing up your data frequently, you protect your files and hinders your operating system from crashing. This will also prevent hardware failure and virus attacks.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:
Allebrand, Cheryl
10 tips to computer security – Bankrate

http://www.bankrate.com/finance/financial-literacy/10-tips-to-computer-security…
Best practices for computer security – Indiana University
https://kb.iu.edu/d/akln

USPS Email Scam

2014-06-23T14:07:00.001-07:00

A USPS email scam leads users to malicious computer malware.

A woman has claimed that she cant get rid of the malware that was put on her computer from a bogus U.S. Postal Service email came through.

The woman received an email with a shipping label link in it. She clicked on the link for the shipping label and realized she may have done something wrong. With the uneasy feeling of potentially clicking on something that isn’t trusted, she ran a computer scan and found that her device was infected with a data-stealing virus from the bogus link.

The woman said she received an email from USPS.com claiming that a package could not be delivered to her residence.

“Your parcel has arrived at May 24, 2014. Courier was unable to deliver the parcel to you,” stated the email.
“Print your label and show it in the nearest post office to get a parcel.”

The email had the link, “Print Shipping Label” to get the proper package identification, displayed at the bottom.

The real USPS email states that they do not contact customers via email if a package could not be delivered.

USPS is aware of this scam along with others like it. They have posted a warning on their website cautioning customers about the situation.

Clicking the link activates a virus, which can steal personal information like user names, passwords, and other private data stored on your computer.

If you receive this email, delete the message and report the spam at abuse@usps.gov.

This marketing scam has already been uncovered by the Postal Inspection Service where fraudsters mask themselves as USPS employees and calling residents requesting D.O.B. along with SSN for package deliveries.

Always check suspicious emails for; poor grammar, spelling errors, funny formats, and security symbols in the url.

The email received by residents, states that a parcel has arrived “at” May 24th. Also, the sender information on the “From” line for the email address states “donotreply?id85@kestrelgymnastics.co.uk, not a USPS.com.

It is advised for anyone who received on of these scam email to forward it to spam2uspis.gov. Or recipients may call the postal inspection service at 1-877-876-2455.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:
Marquez, Homer
Fake USPS email leads to malware – MyPlainview
http://www.myplainview.com/news/article_4679a566-e6a4-11e3-b32a-001a4bcf887a.html

Start using hashtags when shopping online

2014-06-19T16:53:00.000-07:00

Amazon, the online e-commerce giant, wants you to begin using hashtags when shopping on their website.

The company’s new hashtag #AmazonCart and #AmazonBasket rolled out last month with mediocre popularity.

This is designed to make it easy to add items to your shopping cart without leaving your Twitter feed.

This new hashtag shopping tactic is a way to attract new, socially savvy, consumers to spend more time on the Twitter smartphone app.

“Twitter offers a great environment for our customers to discover product recommendations from artists, experts, brands and friends,” said an Amazon spokeswoman.

Making purchases through Twitter may come off as not going together, but it is just another way the Internet is changing our shopping habits.

This isn’t the first account of social media integrating with online shopping. In 2012, Facebook started to let users send each other actual gifts through the timeline.

This method didn’t last long, nor was it popular.

Chinese social network Weibo, which is the Chinese version of Twitter, launched a “buy” button last year.

This was done with the partnership of an e-commerce company Alibaba.

Chirpify is another similar shopping campaign on Twitter that allows brands and agencies to leverage social channels through hashtags. They have been in business for two years now.

Many businesses create campaigns with ‘Action hashtags’ to trigger accelerated internet marketing. #Win a free t-shirt!, #$25GiftCard, or #EnterToWin.

#AmazonCart will send an item to a cart, the @MyAmazon account sent from Twitter, will automatically respond to the action hashtag tweets delivering 3,357 tweets replying to the action hashtag #AmazonCart.

Amazon’s official Twitter accounts have promoted hashtags and brands through this means.

Amazon and Twitter have partnered to strengthen their mobile social network and sales conversions.

Consumers are increasingly spending time on their phones instead of PCs. It just makes sense for Amazon to campaign with Twitter. 78% of Twitter users access their site through a mobile device.

Amazon is campaigning for not only mobile users but also for the power of social media to advertise and make people want to buy more, according to CRT Capital Group Analyst Neil Doshi.

“Amazon has a very strong mobile presence, that is a tailwind for its e-commerce business,” he said. “Using Twitter just shows that Amazon is willing to use social mobile experiences to drive more sales. But, we wonder how many Twitter users would use this feature, as it might be a new way to shop.”

This is a chance for Amazon to change the perception of social shopping. Across the board, convenience, speed, and mobility will improve any business.

Would you purchase through #AmazonCart from Twitter? Do you think this will help or hurt shopping carts? Please leave your comments below!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Why Amazon wants you to use Twitter hashtags to shop – C|Net
http://www.cnet.com/news/why-amazon-wants-you-to-use-twitter-hashtags-to-shop/
Published: May 6, 2014

Phishing Page Offers Fake Security App to Facebook Users

Close the divide between your IT

WARNING: Chinese Smartphones Contain Built-In Android Malware

2014-06-18T11:44:00.000-07:00

There is a Chinese clone of the Samsung smartphone that steals personal data using a virus disguised as Google Play!

A Chinese Android smartphone that is selling on Amazon, eBay and other online stores have been found to contain a virus that pretends to be the Google Play Store.

This virus steals the user’s data when logged onto the bogus store.

The Star N9500, is resemblance to the Samsung’s Galaxy S4 Android smartphone. It is manufactured in China but the phone is sold through resellers located in Belfast and Hong Kong.

The Trojan is known as “Uupay.D“, its disguised as the Google Play Store. It is pre-installed on the Android smartphone with no way to be removed by the user, according to German security company G Data.

G Data has analyzed one of the smartphones purchased directly from the factory in China and verified its vulnerability.

The scary aspect of this, is that online criminals have full access to these smartphones.

All Access

The malware attached to these Androids, steal personal data from the phone and sends it to an anonymous server located in China. This Android malware is also capable of installing additional applications or viruses without the user’s knowledge.

The only thing users see is an app with the Google Play Store icon in the running process. The virus enables criminals to track the location of the smartphone, intercept and record phone calls, make purchases and send premium text messages without the user’s permission. All completely discrete and disguised.

The authentic phone usually costs £500 while the Chinese smartphones are going for £120. Users are noticing reviews on this product range from one to five stars. Although, they are complaining about the poor quality and noticing the phone starts to break down after a couple of months.

The device is offered with an extensive list of accessories which includes a second battery, car charging adapter and second cover.

The low price of a smartphone with such a wide range of features is a criminal tactic, according to Geschkat, a product manager at G Data.

Buyers Beware: Cheap offers online that seem tempting should make buyers suspicious. There is no such thing as free.

Android accounted for 97% of the malware targeted at mobile devices last year. This is an increase of 20% a year, according to data from a security firm F-Secure.

Even though this malware is already installed onto these devices from the Google Play store, it accounts for only 0.1% of malware.

Malware from these Android’s can’t be blamed for all accounts.

The majority of all malware is downloaded from third-party app stores including the Chinese stores Baidu and Anzhi, where access to Google Play is restricted.

Have you come across these phones? We’d love to hear from you, please leave your comments below!

References:

Gibbs, Samuel
Chinese smartphone on sale on Amazon and eBay contains built-in malware – TheGuardian
http://www.theguardian.com/technology/2014/jun/18/chinese-smartphone-samsung-amazon-ebay-malware-google-play
Published: June 18, 2014

Compromised Sites Serving Android Malware via Drive-by-Downloads

Researchers Find More Android Malware: Some Send Expensive SMS, Others Steal Data

Android Trojan Can Partake in DDoS Attacks, Send SMS Spam

Watch Out for Mobile Adware

‘Prayers for Likes’ Facebook Scam

2014-06-16T12:06:00.000-07:00

Pictures of sick babies circulate through social media sites, especially through Facebook.

These images are of sick children, less fortunate families, and persons with deformities.

Specifically, a sick baby with hospital equipment in the background which claims that liking the image equates to a prayer for the child while sharing equates to one hundred prayers.

The disgraceful scam is designed to accumulate likes for a Facebook Page and promote the Page for more shares.

The image of the baby was stolen from a personal Facebook profile and is being circulated without the baby’s parents permission.

This is how most Facebook scams work. Pictures are distributed and not authorized to be shared, then stolen from its rightful owners.

Tragically, the baby in the picture passed away only two weeks after she was born.

The message continued to circulate, causing great distress to the baby’s family.

If you see messages like this on Facebook, please do not like or share it.

Analysis

Like farming and sharing messages will not help the baby or the baby’s family in any way. The message is just a tic in the long branch of sick baby hoaxes that falsely claim that you can help a baby by liking or sharing the message.

Some messages claim that money will be donated in exchange for liking or sharing. Others declare that liking and sharing equates to prayers for the child.

The people who create these messages are driven by greed and selfishness.

This precious baby passed away April 2014, just weeks after she was born.

Whether or not you believe that prayers will help, the real intention of this scam is not pure.

Facebook has removed some of these messages and continues to take them down in a timely manner.

Although, there have been numerous reports, there are still some messages that continue to circulate with no action taken.

If you see scams like this, please report them to Facebook as soon as possible.

Report a scam:

https://www.facebook.com/help/344403945636114/

http://facecrooks.com/Internet-Safety-Privacy/How-to-report-a-Facebook-scam.html/

What Facebook scams have you come across lately? Please share your experience and help us take control over these cruel messages.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

‘Prayers for Likes’ Facebook Sick Baby Scam – Hoax-Slayer
http://www.hoax-slayer.com/prayers-for-likes-facebook-scam.shtml

This Day In Tech History: June 13, 2014

2014-06-13T10:56:00.003-07:00

In 1993, Microsoft teamed up with Tele-communications and Time Warner to begin the innovative “Interactive TV”.

Consumers were able to purchase products right through the set during a show.

iTV would give users a Digital Set Top Box so the users could use and browse, then go back and continue to watch the video.

The iTV connected to a telephone to let you know who is calling and also allowed you to receive a SMS.

This has greatly influenced pop-culture. The software allows consumers to bank, shop and surf the web.
Also, this day in history:

Pioneer space probe crossed Neptune in 1983
Series of Brazilian websites were hacked by Analysta in 2000
2.4.21 of LINUX kernel was released in 2003
Microsoft ceased development of IE or the Macintosh in 2003
IE for MAC shut down in 2003
Fedora Core 4 was released 2005
Music piracy had been contained from file sharing in 2006
Vincent Farrari tried to cancel his AOL account, but the agent refused to in 2006.
Jeffrey Goodin is the first to be sentenced 70 months in jail because of the CAN-SPAM act. He was posing as an AOL billing agent.

We are again making history today with the “Super Moon” or the “Honey Moon”. It is the only full moon at its closest to the earth on a Friday 13th until 2049. We haven’t seen a moon like this in over 100 yrs.

The moon will look larger in the sky, sitting low on the horizon with a honey hue to it.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Powers, Jeffrey
June 13, 2014: Honey Moon, 1993: Interactive Television from Microsoft
http://www.dayintechhistory.com/
Published: June 13, 2014

This entry was posted in news and tagged microsoft.
Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL. Edit

Half of U.S. Adults have been hacked: Are you one of them?

2014-06-10T16:17:00.000-07:00

AARP has estimated, nearly half of all adult Americans have been hacked in the past year. The Better Business Bureau said 1 in 5 of all victims are college students or in their twenties.

Identity theft is exponentially rising while users aren’t realizing the true risk that is posed.

Roughly, 432 million online accounts that belong to 110 million Americans, which are half of all adults were hacked in cyber-attacks in the past year.

Consumer Reports estimates that 11 million Americans were victimized from email scams in 2013.

This year alone, there have been 260 breaches that have occurred in health facilities, exposing the sensitive data of 8 million people.

Could this be from health care facilities still using Microsoft Windows XP? The software is no longer supported and vulnerable to zero-day exploits.

From coffee shops to corporate networks, grocery stores to airports, two-thirds of surfers have nothing to protect themselves.

AARP has launched Fraud Watch Network, where you can get access to information about how to protect yourself and stay alert on the latest tricks and scams.

The best ways to safeguard your personal data are:

Don’t share if you don’t have to
Monitor your finances
Protect your electronic devices and accounts
Leave a paper trail
Don’t trust everyone

Studies have shown that from the ages of 18 to 24, in the average of 132 days, they’ve been scammed.

That’s five times larger than the national average.

This goes to show why university computers are popular targets for cyber-criminals.

This year nearly 840,000 private records were exposed in breach attacks in at least 12 universities.

Universities affected are: University of Maryland, Indiana University, Johns Hopkins University, Iowa State, University of Minnesota, Auburn University College of Business, University of Wisconsin, Loyola Law School and North Dakota University.

Also, there were 5,000 records hacked in 10 data breaches of financial institutions, according to the Identity Theft Resource Center.

Reducing identity theft includes:

Monitoring financing accounts
Keeping checkbooks and statements
Securely storing computers and all devices
Avoiding Wi-Fi networks when shopping online
Reading reviews before installing apps
Decline free game downloads, music, and screen savers
Adjust privacy settings for your social network sites
Use credit cards instead of debit cards for liability protection
Shredding solicitations for pre-approved credit cards

You can opt out of certain solicitations at https://www.optoutprescreen.com

For information on other scams, sign up for the Fraud Watch Network.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Kirchheimer, Sid
Half of U.S. Adults Hacked: Are You Among Them? – AARP Blog
http://blog.aarp.org/2014/06/06/half-of-u-s-adults-hacked-are-you-among-them/
June 6, 2014

Kirchheimer, Sid
College Students: Ideal for ID Theft – AARP Blog
http://blog.aarp.org/2014/05/16/college-students-ideal-for-id-theft…

More Bugs Found in OpenSSL Security Tool

2014-06-09T11:11:00.000-07:00

There have been six more bugs found in the widely used OpenSSL security tool.

OpenSSL is a security tool that houses computer programs to enable security over the public Internet.

OpenSSL is used in shared consumer applications, like software in Google’s Android smartphones.

With the Heartbleed vulnerability in OpenSSL, the new publicity had system administrators rushing to update their systems to protect against it.

Computer administrators everywhere have frowned upon six new security issues that were recently found in the OpenSSL security library.

For example: if you see “https://” in your URL bar, it indicates that the connection is secure.

The server computer at the other end of the connection is using OpenSSL to provide security.
The two main forms of security are:

It scrambles information so it is unreadable to anyone other than the intended recipient
It authenticates the source of information, ensuring the sender is who they say they are

How to protect yourself

Most won’t have to take any kind of action in response to the OpenSSL attack.

Non-browser client applications such as music players and chat programs will need to be immediately updated.

Distributors of Linux, which uses OpenSSL more openly, have already received issued updates.

If you haven’t already reset all your passwords due to the Heartbleed bug, it is the perfect time to do so.

Major service providers will inform you if it is necessary to reset your password.

Websites that are affected, may be unavailable for a short period of time. This allows the fixed versions of OpenSSL to be installed by their system administrators.

There will most likely be more flaws discovered in OpenSSL. Password resets, and software updates are becoming more of a habit with increased internet usage.

Delay no more, secure yourself and reset all your passwords.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Merkel, Robert
Six more bugs found in popular OpenSSL security tool – Homeland Security News Wire
http://www.homelandsecuritynewswire.com/dr20140609-six-more-bugs-found…
Published: June 9, 2014

Within the Heartbleed Bug

2014-06-05T12:20:00.000-07:00

Only a few months ago, the Hearbleed OpenSSL bug was discovered.

We are still learning about the countless encrypted transactions that left your accounts vulnerable to theft.
When computers talk to each other, it is called a heartbeat. Because of a coding mistake, the Heartbleed bug was born.

Lets say there is a banking transaction: The client (you) sends its heartbeat to the server (your bank) and the server hands it back to you. So if something goes wrong with the transaction, the other party will know because the heartbeats get out of sync.

It’s like a cassette tape breaking because one of the spindles stopped working correctly.

How it happened

The actual breach happened all because of the following code:

memcpy(bp, pl, payload);

To explain, the memcpy is a command that copies data, and it requires three pieces of information to do so.
The first set of information is the destination of where the data needs to be copied. The second is the exact location of the data that needs to be copied. The third set is the amount of data the computer is going to find when it goes to make the copy.

The bp is a place on the server computer, pl is where the actual data the client sent as a heartbeat is, and payload is the number that says how big pl is.

The bp, which is where the data is going to be copied, is full of the data sitting in the part of the computer before. Although, the computer treats it as if it were empty because the data has been marked for deletion.

When memcpy takes the data from pl and puts it in bp, it covers up all the old data in bp.

Everything that used to be in bp is destroyed and filled up with the pl data.

If payload says that pl is 64 KB but it only has 0 KB, memcpy creates a 64 KB sized open space at bp that’s full of garbage data. None of the bp old data gets overwritten because there’s nothing to replace it since pl is actually empty.

Meaning whatever old data was sitting in bp prior to the heartbeat gets passed back to the client. Sometimes the data is irrelevant and sometimes its your banking password.

The Heartbleed bug has been fixed but the vulnerability has existed for a decade. Who knows how much data was exploited.

Do you have maximum protection on your PC? Is your antivirus out-of-date? Let us help you protect yourself from the many vulnerabilities that live on the net. [P] 619-325-0990

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Aguilar, Mario
Internet Vulnerability Left Encrypted Data Exposed For 10 Years – GIZMODO
http://gizmodo.com/internet-vulnerability-left-encrypted-data-exposed…
Published: June 5, 2014

Limer, Eric
How Heartbleed Works: The Code Behind the Internet’s Security Nightmare – GIZMODO
http://gizmodo.com/how-heartbleed-works-the-code-behind-the-internets-se…

Request for Google to remove links about you

2014-06-02T12:21:00.001-07:00

Have you ever searched for your name on Google and saw just how easy it is for people to find out personal information about you?

Do you have personal information on the web that you would like deleted or hidden from Joe Schmo trying to find out about you?

Google has created an online form in which you can ask for the links to your personal data or posts to be removed from search results.

This form is a response to a European Commission ruling that people have “the right to be forgotten” online.

The EC has administered for Google to stop linking to anything that’s “inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.”

The landmark privacy decision by the European Union Court of Justice emerged from a number of cases coming from the Spanish data protection authority in 2011.

This ruling applies across the EU, among those are web giants Google and Facebook.

Clearing Your Name

When you submit links that you would like to be removed, Google says it will,

“assess each individual request and attempt to balance the privacy rights of the individual with the public’s right to know and distribute information.”

A statement provided to CNET by Google, Floridi called the move “an exciting initiative, which will probably require some hard and rather philosophical thinking.”

Google has pledged to consider whether or not there is public interest in information about financial scams, professional malpractice, criminal convictions, and public conduct or government officials.

In order to ask for links to be removed, you have to supply the URL and request, provide your name, contact email address, and a copy of a photo ID.

You may put in a request on the behalf of another person, like a spouse, or an associate, to have their name removed from a link.

Once Google has reviewed your request and have removed the link, it will disappear from Google search results in all site across the EU.

There is a statement saying, Google’s lawyers are arguing that applying the EU ruling to US publications in Google’s US search results would be “absurd”.

So by deleting your name from the EU, are you really being deleted from the net?
For more information, view this EU podcast below:

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:
Published by Trenholm, Rich
You can now ask Google to remove links about you – C|Net
http://www.cnet.com/news/you-can-now-ask-google-to-remove-links-about-you/

eBay Breach: Password Reset Issues

2014-05-29T09:00:00.000-07:00

There are 145 million people affected by the security breach from the Internet giant eBay.

Dumping the Data

When a catastrophic event happens, cyber-criminals come out from the shadows and lurk on their pray…YOU!

It has been stated that eBay’s database and is on the market and priced for 1.45 bitcoin.

The claimed offer is for sale via anonymous text file site Pastebin.

It is likely that the data is not from the recent eBay data breach but possibly from another source.

The hacker provided a 3,000-row extract from a database with Asian-Pacific user names, addresses, phone numbers and their DOB. This equals to about 145 million users.

The users are shown in the sample would represent an odd subset of users for an international company like eBay.

Even if the sample is not from the eBay breach, it could potentially be data from another major company’s leak.

Or it could be fake, and just another cyber-criminal trading for bitcoin on the blackmarket.

Did you receive a notice?

Many reports from worried eBay users says eBay has not yet sent them an email about the issue. There is no notification when you go to eBay.com or any kind of warning about the breach.

There was a notification after the user tries to reset their password which urges users to create a new one.

It is common for websites to put a banner or notification on their site after a breach. Notifications urging their users to change passwords, even when the theft is only of encrypted (and properly salted and hashed) passwords.

The reason why eBay hasn’t done the same, is a mystery…

Beef up the password

If you haven’t already done so, create a strong, unique password for your account.
Make sure you can remember it but nobody else will be able to guess it.

eBay unlike many others, allows short 6 character passwords. The suggested amount of characters is at least 8.

eBay does require a mix of characters with upper, lower, number and a symbol. Try and use a combination of them all.

The following passwords are rated as “medium” allowing users to use these as passwords:

Password1
MyH0us3
Iloveyou!
!2345@

You see how these passwords still have a combination of characters and numbers, although they are still quite easy to guess.

This is why it is so important to create a strong, secure password at least 8 characters long.

De-link PayPal

Since eBay owns PayPal, they suggest users to link their PayPal account to their eBay account.

Since the breach, if you have followed their suggestion, you may want to rethink your choice.

If you un-link PayPal from eBay account, you can still pay with your PayPal account at any time.

Linked accounts provide cyber-criminals with an easy way to gather a variety of data.

Anytime a step is removed from the process of logging in as a user, you remove a step of security against criminals gaining access to your information.

It took eBay two months to discover the hack because there was no sign of “unusual activity” detected. eBay has not confirmed if the data stolen was private information or not.

Security experts have criticized the company for not encrypting all private customer information obtained.
eBay is aggressively investigating the intrusion with police enforcement but has no evidence that user accounts have been tampered with.

What do you think about this data breach? Please leave your comments below, we would love to hear from you!

Be sure to follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest computer security threats.

References:
Myers, Lysa
ESET
eBay breach news: Posted data dump not valid, password reset issues
http://www.welivesecurity.com/2014/05/22/ebay-breach-news-posted-data-dump…
Published: May 22, 2014

Gibbs, Samuel
TheGuardian
Ebay denies ‘stolen database’ on sale for 1.45 bitcoin is authentic
http://www.theguardian.com/technology/2014/may/22/ebay-denies-stolen-database-on-sale…
Published: May 22, 2014

Cyber Security Tips

2014-05-28T10:03:00.000-07:00

10 Tips on how to Protect Your Personal Data

Target, Google, Yahoo, and eBay have all sent out announcements to change your password and secure your personal data.

When visiting a website you enter personal information sometimes without even knowing it.

eBay said that its corporate network was hacked and hackers obtained names, encrypted passwords, e-mail addresses, home addresses, and phone numbers.

Cyber-security experts say that this information leak could lead to spam e-mails and bogus applications.

To avoid cyber-criminals from accessing your personal data, follow these tips on how to protect yourself.

1. Strong Passwords

Never, never, never use an easy-to-guess password for any of your accounts. ie. password, 123456, admin

You know you are not supposed to do it, but you do anyway, right?

That is until your identity gets stolen and your life has entered into a state of chaos.

2. Creative Passwords

Experts advise you to use complex passwords with multiple characters and numbers in them.

Thankfully most technologically advanced companies know the importance in this, so you are forced to create a complex password.

3. Use Different Passwords

This is a very bad habit and increases the risk of all your accounts being tampered with.

A hacker can begin to profile a victim that uses the same password or very similar variations of a password to hack into accounts.

If one of the accounts are linked with a payment method, then your money is that much closer to being stolen.

4. Do Not Use Family Names or Pet Names

Social media sites give-a-way more information than sometimes realized. Personal data like; birthdays, pet names, and even a persons obsessions are public to followers and depending on your preference settings, possibly everyone.

Many people use their pet’s name for their password. If a person is so into their pet that they would use it as a password, that pets name is probably posted on their social media site somewhere.

5. Avoid Sharing Information

Avoid sharing credit card information on retail, e-commerce, or social networking sites.

Just by stating you have a specific credit card, provides information that cyber-crooks can tug on.

When posting personal information online, be sure not to share personal details because it can remain online for an infinite amount of time.

6. Know Your Stuff

When receiving an email from an unknown sender, check the information to make sure all details make sense.

Gauge the name, email address, spelling, and format to see if their are visible red flags. Cyber-criminals are getting witty and starting to put more detail into these emails.

Logos are being swiped from the legitimate companies and put into emails to fool users.

Even if you receive an email that is from a friend, it is important to know that their account may have been tampered with.

7. Know Whats Bogus

If you reply to a bogus email, then a signal to hackers may be sent to other hackers for more spam emails to be sent out to you.

If anyone asks for log-in details, personal details, or for you to call a number within the email, refrain from further compliance.

8. Legitimacy

Place your cursor or mouse over the website url and see what appears. If there are a bunch of numbers or random characters, it may be a spam site.

Fake sites and web links sometimes have addresses that do not match the organization in the stated email.

Look for any grammar mistakes or spelling errors. If the site is secure, the Web address should start with a “https”.

A green padlock in the address bar will often show that the website is secure and safe to visit.

9. What to do if hacked

Change all your FTP, software, and email passwords. Write them down on paper, do not save your password to your computer.

Run an antivirus scan on your computer. Here are come recommended resources:
http://www.malwarebytes.org/
Excellent malware scanning software, with a free download option.
http://www.microsoft.com/security/default.aspx
Start with Microsoft’s website for free or low cost security options.
http://download.cnet.com/windows/internet-security-software-suites/
CNET writes fairly current reviews on the latest antivirus apps. I would start here.

10. Close Your Account

Sometimes closing your account is safer and will limit the risk of hackers taking over your personal data.

Information associated with compromised accounts can be stored in other places. Take into consideration to see weather information on a website is encrypted from one end to another, and stored securely.

Users are responsible for checking the website and making sure it is trustworthy.

Do you need professional advise to know if your computer has been compromised?

Follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest tech news and PC security alerts.

References:
Chee, Kenny
10 tips on how to protect your personal data online
http://news.asiaone.com/news/digital1/10-tips-how-protect-your-personal-data-online?page=0%2C0
Published: May 26, 2014

IT Security and Risk Management Review

2014-05-21T14:54:00.000-07:00

With the world turning digital, people are connected to multiple devices throughout the day. Listening to your iPod at home, connecting to Wi-Fi at the coffee shop, or accessing your smartphone at work can leave you open to all kinds of cybercrime.

The digital world consists of the widespread use of mobile devices that cybercriminals are able to access through platforms, social networks, and the public cloud.

Organizations in particular need to protect against multi-faceted ‘advanced persistent threats’ (APTs – also known as ‘advanced targeted attacks, or ATAs).

The key attributes are: the use of social engineering (such as spear phishing) to gain initial entry to a target organization’s network and execute a zero-day attack; the acquisition of privileges to further penetrate the target network; the establishment of communication links with external ‘command and control’ (C&C) servers; the theft or compromise of assets; and the covering of tracks after completing the mission.

Source: The Ponemon Institute/HP

Cost of a Cyberattack

The Ponemon Institute’s 2013 survey has found that the average annul cost of cybercrime is $7.2 million per organization.

This represents a 30% increase from the year before. The United States takes the greatest hit out of all countries surveyed.

Denial of Services (DoS) attacks account for the highest percentage of costs in both smaller(16%) and larger (22%) companies.

Attacks like viruses, worms and trojans, and phishing and social engineering (both 1.7x more prevalent in smaller organizations), malware (2.5x) and botnets (2.7x).

The larger companies are hit the hardest by Dos, and malicious insiders attacks.

Source: The Ponemon Institute/HP

The survey shows the average number of days that it takes to resolve the cyberattack ranges from 2.6 days for viruses, worms and trojans up to 53 days for malicious insider attacks:

Source: The Ponemon Institute/HP

To view more Internet Security full reports:

Symantec – Internet Security Threat Report 2013
Trustwave – 2013 Trustwave Gloval Security Report
PwC – 2013 Information Security Breaches Survey

Hyphenet can help you find the right type of cyberdefence for your company. Rackmount appliances, cloud-based services and threat defense are all precautions you can take to protect your business and keep the bad guys out.

Call us today! 619-325-0990

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

McLellan, Charles
IT Security and Risk Management: An overview
http://www.zdnet.com/it-security-and-risk-management-an-overview_p3-7000022659/

Do you know how to avoid Android ransomware malware?

2014-05-20T11:56:00.004-07:00

Ransomware is a type of malware that restricts the access to your computer system and infects it.
Then a ransom is demanded to be paid to the creator of the malware in order for the restriction to be removed.

Ransomware can be the encryption of files on the system’s hard drive and usually locks the system demanding payment for it to be lifted.

Another form of ransomware is CryptoLocker. This leaves your computer running while scrambling your data and demands a fee for the decryption key to get your data back.

The fee is usually around $300. Recently, the pay-to-unlock ransomware has made its way into the Android ecosystem, and charges $300 to un-lock.

“Koler”

One of the most ransomware through the Android is known as “Koler”. Koler is very similar to the Reveton malware, which leaves your data in tack but locks you out of your computer.

It’s thought that the Reveton gang is the one behind Koler. Both malware’s follow a criminal formula that has worked for them on Windows computers.

As soon as the malware pops up, it downloads a display warning screen stating you are accused of viewing something illegally, like pornography.

According to reports, the crooks use the time-honored trick of telling you to install a specific “video player” app, then offering you help with downloading it.

**Because Koler has not made it into the Google Play Store, you need to have “Allow installation of apps from unknown sources” enabled in your Android security settings to be at risk.

Just like with Windows-based police warning ransomware, the malware can adapt the content it displays depending on your country or language settings.

The malware warnings have been coming from “U.S.A. Cyber Crime Center” and “FBI Department of Defense” (which doesn’t make sense because the FBI is not part of the DoD).

The screen shot shows fake government seals and an assortment of ripped-off images coaxing the victims to do what they are told on the screen.

These scare tactics often work for many, how many times do you have The President pointing his finger at you in a scolding manner?

Another message that is often seen:

ATTENTION! Your phone has been blocked up for safety reasons listed below. All the actions performed on this phone are fixed. All your files are encrypted. CONDUCTED AUDIO AND VIDEO.

Note. Sophos products, including Sophos Free Anti-Virus and Security for Android, detect this malware as Andr/Koler-A.

Get rid of Koler

Koler doesn’t scramble your data or disengage your audio. It locks your phone with a pop-over browser window that automatically reappears if you try to get rid of it.

News that continually reappears through pop-up windows makes it nearly impossible to get into the Settings menu to remove the malware.

When trying to reboot, the malware kicks back in at the beginning of restarting your device.
If this happens, a factory reset will get rid of it. The reset will remove the malware along with any other apps and stored data installed on your device.

It is recommended to use the Android “Safe Mode”, also detailed explination can be found in Sophos’ companion article.

via: NakedSecurity – Sophos

Stay protected from police warning ransomware Here are five easy tips to help you deal with Android malware of all sorts, including “police lockers”:

Install a reputable anti-virus program to vet all new apps automatically before they run for the first time.
Be cautious of apps you are offered in ads and pop-ups.
Stick to Android’s default setting of allowing installs from the Google Play store only.
Keep off-device backups of your important data.
Read our article about using “Safe Mode”, just in case you ever need it in a hurry.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:
Zorabedian, John
NakedSecurity from SOPHOS
Android “police warning” ransomware – how to avoid it, and what to do if you get caught
Published: May 19, 2014
http://nakedsecurity.sophos.com/2014/05/19/android-police-warning-ransomware-how-to-avoid-it-and-what-to-do-if-you-get-caught/

This Day in Tech History: May 16, 2014

2014-05-16T14:33:00.000-07:00

Happy Birthday Ivan Sutherland!! The Inventor and Developer of Interactive Computer Graphics!

Ivan Sutherland was the mastermind inventor and developer of MIT's Sketchpad. The Computer Graphics pioneer, Sutherland was born in 1938, and in 1963, while an MIT student, created a highly interactive drawing-and-design program called Sketchpad.

Sketchpad's many innovations included a display file to refresh the screen, a hierarchical structure for modeling graphical objects, recursive methods for geometric transformations, and an object-oriented programming style. In 1968, Sutherland co-founded Evans & Sutherland Computer Corporation, he was vice president and chief scientist of the company.

He was also the chairman of the computer science department at Caltech from 1976 to 1980. In the 1980's, Sutherland left Caltech to establish the consulting firm Sutherland, Sproull and Associates. He also founded Advanced Technology Ventures, a venture capital firm. In 1964, MIT produced a TV show about Sketchpad, this featured researchers talking about the product and software. The demo section of the video starts at 3:30, if you would like to skip to that section.

Dr. Ivan Sutherland won the Kyoto Prize for Advanced Technology in 2012. Ivan Sutherland did not know exactly how he was jump-starting a revolution that would carry on for decades. He was asked if he knew how he was changing the tech world. This is what he said:

“The future is very hard to see. I had no idea of what would happen in the future, nor did I think of it much. I just wanted to make nice pictures.”

Other Accomplishments

In 1968, Sutherland and fellow University of Utah computer-science professor David Evans founded Evens & Sutherland, which was responsible for the flight simulators.

Sutherland was a very humble man, when asked which one of his accomplishments pleased him the most. He replied with "the thing I'm most proud of is my grandchildren." He later mentioned an achievement in his 1999 book Logical Effort, co-written with Sproull and David Harris, on designing fast circuits.

Sutherland's research focused on making a forward leap in circuit design by ditching one of the fundamental facts about almost all processors.

They performed tasks synchronously, at a rate governed by the processor's clock. The clockspeeds led to faster processors. Sutherland's concern with the paradigm is that it doesn't scale.

When Sutherland was asked what he thought about the industry's future, he responded, “You’d have to ask someone who’s 25 years old, not someone who’s 74. I haven’t done any computer graphics in the last 35 years. I’ve just been doing my thing and having fun.”

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

This Day in History
http://www.computerhistory.org/tdih/

McCracken,Harry
A Talk with Computer Graphics Pioneer Ivan Sutherland
Publsihed April 12, 2014
http://techland.time.com/2013/04/12/a-talk-with-computer-graphics-pioneer-ivan-sutherland/

WARNING: Microsoft tech-support scam responsible for $175,000 loss

2014-05-15T10:24:00.001-07:00

Police are warning computer owners about a scam involving a bogus company claiming to be Microsoft’s technical support.

The calls are not coming from Microsoft’s technical support department, Microsoft is not involved in any way.

An 84-year old man from Edmonton, has lost over $175,000 in the past two years to these cyber-criminals.
The scammers contacted the victim almost daily.

At the beginning, he took a phone call from someone claiming to be from Microsoft, who then informed the man he had a virus on his computer and they would fix it for $200.

The man gave them his credit card number, in which he was charged for $600.

The victim noticed the amount taken from his credit card and contacted the believed Microsoft company to get a refund.

The fraudsters told him in order to get his refund, he needed to wire them money to get a transaction started.

The man became so obsessed with receiving the refund document it affected his daily routine. He wouldn’t attend family functions or even take a shower the day he thought the delivery would arrive.

When the mans family tried to intervene, he started hiding his interactions with the scammers from them.

“He was lonely. His whole day revolved around these phone calls,” stated Detective Bill Allen. “Whenever he ran into a stumbling block in the whole scheme, they would give him instructions on how to get around those stumbling blocks.
“These people have this guy totally under their control. Even to this day, he feels I interfered with his document. He wasn’t understanding that he was being deceived and there was not going to be a refund, and it didn’t matter if he sent $100,000.”

It is believed that the fraudsters are operating out of India. The Detective said Western Union shut down wire transfer outlets in that country because they were being used excessively to receive hustled money.

Senior citizens are particularly vulnerable to these types of scams. This is partly because they do not realize how advanced computer technology is. Seniors also tend to be more trusting and do not understand how slick cyber-criminals are.

Allen said, many victims are afraid to admit to relatives they have been deceived, as it may convince relative they can no longer live independently.

Learn the ways to protect yourself from telephone tech support scams:

Do not purchase software or services from callers
If there is a fee or subscription, do not comply
Never hand over control to your computer unless you can verify the company’s legitimacy
Take down the callers information and report them
Never provide your credit card or financial information

One-third of attempted scams are successful. These cyber-criminals are professional pirates.

If you have been a victim to a cyber scam you can go to these sites to report them.

http://www.ic3.gov/default.aspx
http://www.stopfraud.gov/report.html
http://www.bbb.org/council/bbb-scam-stopper/
http://www.consumer.ftc.gov/articles/0076-phone-scams

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

By Keith Gerein, Edmonton Journal
Police warn about computer tech-support scam after Edmonton man loses $175,000
Published May 14, 2014
http://www.edmontonjournal.com/Police+warn+about+computer+tech+support+scam+after+Edmonton+loses/9835538/story.html

IT security budget increase by 41 percent in 2014

2014-05-12T11:17:00.000-07:00

It’s usually not until you get something stolen that you beef up your security and pay more attention to safety.

This past year has proven just how critical IT security is to companies.

New reports of data breaches and leaks, combined with internal threats have significantly increased concern for security woes.

The recent Tech Pro Research survey focused on IT security and discovered that 41 percent of survey respondents say they will increase their IT security budget for the next year.

This is a 16 percent increase compared to the number of budgets that rose from last year.

Only 11 percent say they plan to decrease their security budget next year.

Almost two-thirds of the survey takers said they are now more concerned with security, following media reports, breaches and leaks.

Smaller companies are usually the ones who lag when it comes to IT security. Large organizations with more than 1,000 employees say they are planning to improve their IT security.

That doesn’t come as a surprise because they generally have more at steak.

The number one security concern is “Bring Your Own Device”, (BYOD) to work.

Lack of employee awareness regarding social engineering, is a topic that Tech Pro Research has put their focus into.

They have created a ready-made BYOD policy that companies can download to use as their own policy.

Other reports that address IT security topics are:

Employee awareness challenges
Improved risk management leads
Managing internal threats
Moving to risk management
BYOD challenges

If you would like to Download the full Tech Pro Research report, IT Security: Concerns, budgets, trends and plans. The report is free to all Tech Pro Research subscribers.

Are you a small business thinking about increasing your budget? Let us know why in the comments below!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Hammond, Teena
Research: 41 percent increasing IT security budget in 2014
12/03/2013
http://www.zdnet.com/research-41-increasing-it-security-budget-in-2014-7000023597/

Internet Giants Come Together to Attack Ad Scams

2014-05-08T10:36:00.000-07:00

Internet giants; Google, Facebook, Twitter and AOL have come together with a campaign to protect users from malicious online advertisements.

More ads, more pop-ups, and more annoyances are overpopulating the internet.

Online ads have been reported as dangerous phishing scams and tech support rip-offs.

These Internet companies have launched TrustInAds.org this past Thursday.

The campaign is designed to raise consumer awareness of emerging online advertising scams.

This will allow companies to share information on the misleading ads and their trends.

Ads on Google and Facebook are usually legitimate and trusted, although there are ingenious scammers that will go great lengths to fool you.

Fake businesses, deceptive websites, and phony voice-mail messages are created to dupe users into believing their company is legitimate.

“However, there are some very sophisticated bad actors out there trying to game the system. This is something companies deal with on a very regular basis,” stated the group’s executive director, Rob Haralson.

The organization has plans to release reports on the stats of the new online ad scams as well as information for the consumers on how to protect themselves.

The group’s first report focused on fraudulent online tech support schemes. Google and Facebook employees found that scammers were placing display ads that lured consumers into calling 1-800 numbers for tech support. After they would contact the “tech support” for help, consumers were then lured into downloading software which is a keystroke logger and other malicious software on their PCs.

The companies have removed 4,000 suspicious accounts linking to 2,400 tech support websites.

The FTC has issued a consumer bulletin warning about online tech support scams in January.

This has been an ongoing problem because scammers are constantly working on outsmarting consumers and coming up with new scams.

What do you think about the tech giants coming together? I think this should have been done a long time
ago, maybe identity theft wouldn’t be so prominent today if this was done at the brink of cyberattacks.

Go to TrustInAds.org to find out more!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Internet Firms Launch Effort to Expose Deceptive Ads – Recode
http://recode.net/2014/05/07/internet-firms-launch-effort-to-expose-deceptive-ads/

Microsoft helps Windows XP One last Time

2014-05-07T11:30:00.001-07:00

Microsoft made the decision to patch Windows XP one last time. A serious Internet Explorer flaw has caught the attention of Microsoft as they worked on security issues for XP.

Industry observers were shocked when Microsoft issued the Internet Explorer zero-day browser vulnerability patch.

Microsoft made an exception last week after support for Windows XP ended on April 8, 2014.

Fighting a Good Fight

Even though Microsoft issued the patch after the end of their support, Microsoft seriously urges Windows XP users to upgrade to a newer operating system such as Windows 7 or Windows 8.1.

“Just because this update is out now doesn’t mean you should stop thinking about getting off Windows XP and moving to a newer version of Windows and the latest version of Internet Explorer,” Adrienne Hall wrote, the General Manager of Trustworthy Computing.

The latest version of Internet Explorer, “has increased support for modern web standards, better performance, and expanded the ability to deliver an immersive experience from within the web browser. In other words, cool stuff that you need even if you didn’t know you need it, ” Hall proclaimed.

Windows XP is a widely used OS that has proven to be resilient, possibly the reason why people are sticking by XP even after the discontinued support.

Windows 7 had nearly 50% of the desktop operating system market in April. Windows XP had more than 26% of users, that is more than all the players put together.

Senior security researcher for Malwarebytes, Jerome Segura told TechNewsWorld, “It somehow shoots itself in the foot by encouraging users to stick with [that OS] for at least a little longer.”

What’s the Risk

“The financial services and healthcare industries may have the most to lose if XP remains unsupported,” Darren Hayes, a professor at Pace University’s Seidenberg School of Computer Science and Information Systems, told TechNewsWorld.

Utility companies, ATM’s, and many medical devices are still running on Windows XP.

The move toward cloud computing will make things worse, warned Eric Chiu, president and co-founder of HyTrust.

With the cloud, virtualization will just about let the OS live forever. The technology runs on 70% of the data center by removing the hardware dependence of the operating system. The older operating systems like XP can run on the cloud easily for 20 years.

Possible Outcome

Malwarebytes and many antivirus vendors, that include Kaspersky, Avira, Symantec and Trend Micro, are the companies that will continue to support XP.

The antivirus software will not resolve the underlying vulnerabilities cyber-criminals are likely to discover.
If you have questions about your OS, we can help! Call Hyphenet @ 619-325-0990 today!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Microsoft Gives XP One last Hug – TechNewsWorld
http://www.technewsworld.com/story/Microsoft-Gives-XP-One-last-Hug-80390.html
Published: May 3, 2014

Symantec warns antivirus is ‘doomed’

2014-05-06T10:23:00.001-07:00

According to Symantec, antivirus products are “doomed to failure,” says Brian Dye, senior vice president for information security at Symantec.

From The Wall Street Journal on Sunday, end-point security technology isn’t a “moneymaker”, antivirus companies need to adjust and adapt.

Antivirus products have been proven to prevent hackers from obtaining your private information from your computer. Today, hackers are often able to bypass the antivirus’ and get into your computer’s source code.

Antivirus technology scans networks for malicious-looking computer code and spots hackers before there is any real damage.

It’s like an immune system on your computer.

Brian Dye, Symantec’s senior vice president for information security estimates the antivirus catches 45% of cyber-attacks.

Mr. Dye says Symantec’s Norton security suite has evolved beyond antivirus software and searches for suspicious activity that may have come from previous unseen viruses.

The software includes a password manager, spam blocker, and scans a user’s Facebook feed to guard against dangerous links.

Area of concern

China, Iran, and the former Soviet bloc., are the countries whom pose the most concerning threats.

Hackers that were linked to Iran last spring breached the digital perimeters of energy companies and one of the U.S.’s five biggest banks. They were caught before moving further into the systems.

Last year before the Target Corp. was breached, FireEye security equipment alerted the retailer of the suspicious activity found. When the company failed to follow up with the warning, they were hacked.

Former Target employees say the reason why the system failed is because they lacked the resources to pursue all posed threats.

The malware market is now declining and hackers are aiming their focus on cyber-attacks. A few avenues are; denial-of-service assaults, spear-phishing, and network intrusion.

Cyber-criminals previously used mass-emailing to catch millions of people off-guard in order to steal their information.

Now, Symantec has partnered with IBM, with a new cyber-security offering to protect networks and critical data from zero-day attacks, by identifying irregular patterns in network traffic.

Although cyber-criminals are finding ways around antiviruses, the antivirus market is doing their part in working around hackers.

Are you still unprotected from cyber-crimes? We can help give you the best protection for your home or small business. Call us today! 619-325-0990

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+

References:

Symantec calls antivirus ‘doomed’ as security giants fight for survival – ZDNet
http://www.zdnet.com/antivirus-is-dead-long-live-the-antivirus-7000029078/?s_cid=e539&ttag=e539&ftag=TRE17cfd61
Published May 5, 2014

Symantec Develops New Attack on Cyberhacking – The Wall Street Journal
http://online.wsj.com/news/article_email/SB10001424052702303417104579542140235850578-lMyQjAxMTA0MDAwNTEwNDUyWj
Published May 4, 2014

This Day in Tech History: April 30th

2014-04-30T11:27:00.000-07:00

The World Wide Web is Born!

April 30, 1993, www (The World Wide Web) enters the public domain.

CERN, the international particle physics lab developed The World Wide Web.

On this day, WWW technology source code was freely available for anyone to use and without a licensing fee.

They announced the “www” into the public domain.

The first Web browser could run only on one type of computer. By the end of 1993, Web users around the world set up more than 500 servers to help host it.
The first search engines started to appear in the mid 1990′s. It didn’t take long for Google to come on the scene and establish a permanent position in the market.
Also this day in Tech History:

Microsoft shipped 10 million copies of Windows 3.0.

2006 version 4.10 of the Linux Ubuntu “Warty Warthog” was released.

Discover the World Wide Web in the beginning.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Read more: Day in Tech History – Daily Tech History Podcast & Blog 365 Days a Year http://www.dayintechhistory.com/#ixzz30O9bwH71
Under Creative Commons License: Attribution Share Alike
Follow us: @geekazine on Twitter | geekazine on Facebook

And that’s the way it was: April 30, 1993 – Columbia Journalism Review
http://www.cjr.org/the_kicker/and_thats_the_way_it_was_april_18.php?page=all&print=true

Hyphenet's IT Blog

Top 10 Fixes for Common Computer Problems

Related posts:

This Day in Tech History: July 9

Gil Amelio Ousted from Apple

Donkey Kong and Mario’s Birthday

Related posts:

Microsoft Patch Inconsistencies

Related posts:

Publishers Clearing House Scam Alert

Related posts:

Top 10 Tips for Computer Security

USPS Email Scam

Related posts:

Start using hashtags when shopping online

Related posts:

WARNING: Chinese Smartphones Contain Built-In Android Malware

All Access

Related posts:

‘Prayers for Likes’ Facebook Scam

Analysis

This Day In Tech History: June 13, 2014

Related posts:

Half of U.S. Adults have been hacked: Are you one of them?

More Bugs Found in OpenSSL Security Tool

How to protect yourself

Within the Heartbleed Bug

How it happened

Request for Google to remove links about you

Clearing Your Name

eBay Breach: Password Reset Issues

Dumping the Data

Did you receive a notice?

Beef up the password

De-link PayPal

Cyber Security Tips

10 Tips on how to Protect Your Personal Data

1. Strong Passwords

2. Creative Passwords

3. Use Different Passwords

4. Do Not Use Family Names or Pet Names

5. Avoid Sharing Information

6. Know Your Stuff

7. Know Whats Bogus

8. Legitimacy

9. What to do if hacked

10. Close Your Account

IT Security and Risk Management Review

Cost of a Cyberattack

Do you know how to avoid Android ransomware malware?

“Koler”

Get rid of Koler

This Day in Tech History: May 16, 2014

Other Accomplishments

WARNING: Microsoft tech-support scam responsible for $175,000 loss

IT security budget increase by 41 percent in 2014

Internet Giants Come Together to Attack Ad Scams

Microsoft helps Windows XP One last Time

Fighting a Good Fight

What’s the Risk

Possible Outcome

Symantec warns antivirus is ‘doomed’

Area of concern

This Day in Tech History: April 30th

The World Wide Web is Born!