Ultimate IT Guys - Security

Meltdown & Spectre Vulnerabilities Explained

uitg — Tue, 09 Jan 2018 22:27:37 +0000

Last week two significant computer bugs were announced. They have been dubbed Meltdown and Spectre. These bugs take advantage of a flaw in many modern computers that exists at the processor or CPU level. This flaw has to do with the way that companies like Intel and AMD have used to make their processors run faster. Even very technical people can find it difficult to wrap their heads around how these bugs work, because the flaws have to do with the very lowest level processes in the computer. Rather than bore you with the specific details of the flaw, I want to give you some information about what to do about it.

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents." Meltdown and Spectre (or "SpecDown") are both flaws that permit an application to read privileged memory

Who is affected by these exploits?

Both bugs are found at the hardware-level within the processor. Intel's chips are the most widely vulnerable; however, devices carrying AMD and ARM chips are susceptible too, along with Apple's A-series of chips. While a list of every affected chip is not immediately available, reports are available indicating that Intel's design flaw dates back to 1995.

Every Operating System is affected.

Windows has had a series of patches earmarked as "2018-01" released.
Linux has been updated to mitigate the attacks;
macOS has been hardened as part of its 10.13.2.

This is only half of the solution, however; please read below.

How can I deal with this?

As Meltdown and Spectre are two different vulnerabilities affecting both Hardware and Software between them, there is no single mitigation step that can be taken to guarantee complete protection against these issues.

Update OS – Windows: Microsoft has published patches as part of their January cumulative update (legacy term: "rollup"). These patches are only being supplied for supported operating systems.

As such, please only expect Microsoft patches for:

Windows 7 SP1 (not SP0)
Windows 8.1 (not 8.0)
Windows 10

Please note that there are certain circumstances where Microsoft Windows will not show the 2018-01 update despite appearing to meet all the requirements; the SpecDown fix alters the manner in which Windows works, and this can potentially cause issues with Antivirus suites. So you may have to update your anti-virus before you can run the Microsoft update.

Update BIOS/uEFI:

You will probably need to update your BIOS or Firmware. However, there may not be an update available. This update will need to come from the manufacturer. This could be Dell or HP if you have a name brand computer. If not, you may have to get the update from the processor OEM, such as Intel or AMD. If you have an older computer, chances are that there will not be an update created for it at all.

Conclusion

The point is that this is a complicated fix. To make matters worse, there will be lots of bad or erroneous advice on many websites, so be careful about the source of information that you use and especially any files that you download. Only download files from websites that are trust worthy and always scan any downloaded files to make sure that they do not contain viruses. If you need help, give us a call.

Tags:

Security

Uber Has Been Hacked

uitg — Fri, 01 Dec 2017 15:41:49 +0000

Uber Technologies, Inc. disclosed that hackers stole the personal information of some 57 million customers and drivers from the ride-sharing company, according to a report by Bloomberg News. The news outlet also reported that, for more than a year, Uber concealed news of the data breach, which was discovered in late 2016. Bloomberg News reports that company executives originally paid the hackers $100,000 to delete the data and keep news of the data breach quiet. In its statement, Uber said that two individuals who led the original response to the incident are no longer with the company, effective Nov. 21, 2017, the date the company went public with news of the breach.

What Happened?

Uber said two people who didn’t work for the company accessed the data on a third-party cloud-based service that Uber uses.

In a statement on its website and attributed to CEO Dara Khosrowshahi, the company said the information included:

* The names and driver’s license numbers of around 600,000 drivers in the United States.
* Some personal information of 57 million Uber riders and drivers around the world. This information included names, email addresses and mobile phone numbers.

What does this mean for me?
If you are a customer of Uber, you should change your password.
It is possible for identity thieves to launch phishing attacks, that appear to come from Uber, hoping to trick you into providing personal information, such as account credentials or payment card information.
It’s always important to check the actual email address to ensure a message is from the company or person it appears to be from. Also, don’t click on an emailed link or attachment without verifying the email’s authenticity.

Ultimate IT Guys has some new tools to help you.

Identity Theft Monitoring - Dark web scanning for your email address or other business information to see if your information is being traded by hackers.
Business Email - Business quality email that has additional layers of security and spam filtering, without the advertisements that often contain malware.
Password Management Tool - Safe and Secure Password Tool to help you keep up with all your passwords without having to write them down or save them in a spreadsheet.
Join our Security Alerts and newsletter mailing list to get updates about data breaches and security alerts.

Tags:

You've Been Hacked - SW NAHRO Presentation

uitg — Sat, 10 Jun 2017 04:53:04 +0000

You've Been Hacked - You are at a bigger risk than you think.
According to research by the CyberEdge Group, 79% of businesses were hacked in 2016. Most internet users can only answer less than 50% of the questions correctly on a basic knowledge quiz about cybersecurity issues and concepts. Chances are that your agency falls into these 2 statistics unless you are using good business quality technology practices and training your users on how to stay safe online. Find out how to not become a statistic.

Download the presentation below.
http://www.ultimateitguys.com/sites/default/files/article_files/You%27ve...

Tags:

Security

File:

You've Been Hacked - Presentation File

You've Been Hacked

uitg — Wed, 12 Apr 2017 01:57:15 +0000

Chances are high that you or your housing authority have been hacked. You probably don’t realize it and you are potentially continuing to leak private information about you, your tenants, and your employees.

• According to US government statistics, in 2016, the number of ransomware attacks increased 300 percent from 2015, with over 4,000 attacks detected per day.
• Most internet users can answer fewer than half the questions correctly on a knowledge quiz about cybersecurity issues and concepts. – Pew Research Center
• 86 Percent Increase in Data Breaches in 2016 Led to 1.4 Billion Data Record Compromised…The leading type of breach is related to identity theft.

Download the full document below.

Tags:

Security

File:

You've Been Hacked Document

Free Email Could Cost You Everything

uitg — Tue, 11 Apr 2017 02:45:56 +0000

How many of you have a “free” email address provided by your internet provider? Usually this means that you have an email address that ends in yahoo.com, sbcglobal.net, cox.net, comcast.net, pldi.net, etc…

That "Free" email account you are using could cost you everything you have.

Download the full document below.

Tags:

Security

File:

Free Email Could Cost You Everything

Don't Let Facebook Hold You Hostage

uitg — Thu, 01 Dec 2016 15:58:09 +0000

There is a new threat that is literally holding Facebook and LinkedIn users hostage. This threat is a new type of Ransomware called ImageGate.

What is Ransomware?

Ransomware is a kind of malware that encrypts the files on your computer, and demands a ransom to unlock the data. Users are faced with the choice of losing their data, or paying the attackers. Ransomware has been the biggest computer threat of 2016. Many security experts believe it is set to increase exponentially during 2017, due to using new methods of distributing the Ransomware.

How does Ransomware work?

Have you ever zipped up a file to make it smaller so you could send it to someone? That is similar to what Ransomware does when it encrypts your files. Your files are put inside of a special type of password protected file and it makes the unreadable, unless you have the password. Here is the hard part.

What does this have to do with Facebook?

This ImageGate exploit allows the hacker to add a piece of code to the information contained in an image file. This image is then loaded to Social Networks like Facebook and LinkedIn. When you click on the image in Facebook it asks you to download the picture to view it. When you download the picture it runs the script contained in the image, which starts going through your files encrypting your Pictures, Word Documents, Excel Spreadsheets and other types of files that they are targeting. Now your picture of your kids first Christmas has been replaced with a file that you can't open, but there is a message attached that tells you to pay the ransom if you want your files back.

How do I protect myself?

Be very careful while using Facebook or LinkedIn if any thing seems to be behaving differently Don't download files from Facebook....Ever Always think before downloading a file from anywhere Always have good Anti-Virus Always have a backup Use Facebook from your phone or tablet - there is usually fewer files to lose on your phone or tablet

Can I Get Ransomware other ways?

Ransomware has historically been spread via email, but we are starting to see occurrences using Social Media, Infected Ads, and Infected Websites. This is what has the security experts concerned that it will soon turn into an epidemic.

I have Anti-Virus, so why do I need to worry about Ransomware?

Don't get caught in the trap having a false sense of security because you have anti-virus. Most anti-virus products don't detect or stop Ransomware. These 2 reasons are why Ransomware is so dangerous. Technically, Ransomware is not a virus. It does't install anything or change any settings. It just runs a script that encrypts your files. There are some anti-virus vendors such as BitDefender which have developed what they call Ransomware Vaccine. This vaccine disables some of the common methods of running the scripts.

In Summary

Ransomware is a real and very scary threat to your information. You should:

Be cautious
Don't download anything unless you are 100% sure that you need it
Use your phone or tablet for accessing Facebook or LinkedIn

I am sure that most of us will at some point be on Facebook in the coming days and weeks. Please be careful while you are online during this holiday season. You don't want to have all of your files held hostage just so you can see a video of the dancing elves.

Tags:

Security

8 Tips For Safer Internet Downloads

uitg — Thu, 02 Apr 2015 15:36:57 +0000

The best defense against spyware and other unwanted software is to not download it in the first place.

Here are a few tips that can help you avoid downloading software that you don't want:

1. Download programs only from websites you trust. If you're not sure whether to trust a program, enter the name of the program into your favorite search engine to see if anyone else has reported that it contains spyware. Files that end in the extensions .exe or .scr commonly hide malware. However, even files with familiar extensions such as .docx, .xlsx, and .pdf can be dangerous.
2. Pay Attention & Read all security warnings, license agreements, and privacy statements associated with any software you download. Before you install something, consider the risks and benefits of installing it. Even many reputable programs tell you that they are about to install additional software to “help” you, but it is usually software that you don’t really need and often are programs that either spy on your behavior or lead to virus programs later.
3. Never click "Agree" or "OK" to close a window. Instead, click the red "x" in the corner of the window or press Alt + F4 on your keyboard to close a window.
4. Be Afraid of "free" things. Such as “free” music and movie file-sharing programs, and be sure you understand all of the software that is packaged with those programs.
5. Use a standard user account instead of an administrator account. This will stop many unwanted programs from installing.
6. Don't click links on suspicious websites or in email messages. Instead, type the website address directly into your browser, or use bookmarks.
7. Don't automatically trust that instant messages, email messages, or messages on social networking websites are from the person they appear to be from. Even if they are from someone you know, contact the person before you click the link to ensure that they intended to send it.
8. Ask someone who knows. If you aren’t sure about a strange message or a program, then ask someone that you trust.

If you need help or have questions about internet security, contact us using the information below.

Tags:

Security

File:

8 Tips for safer internet downloads

10 Email Safety Tips

uitg — Thu, 02 Apr 2015 15:35:04 +0000

1. Don’t open emails from people that you don’t know.
2. Don’t open attachments unless you know you are expecting a file from the person who sent the email.
3. Use a spam filter.
4. Use an email scanner.
5. Use a good Anti-Virus program.
6. Don’t accept resumes or other files from people you don’t know via email.
7. Use a paid email account instead of an ad supported email account like most Internet Service Providers give you for free.
8. Use a good password for your email account.
9. Don’t click on links contained in emails. Go directly to the site using your browser.
10. Pay close attention to the email address of the sender.
If you need help or have questions about Email Safety, contact us using the information at the bottom of this page.

Tags:

Security

File:

10 Email Safety Tips