Archive for the ‘Computer Security’ Category

« Previous Page

Heartbleed Bug still a threat

Posted by South City Computer

The “Heartbleed Bug,” officially know as CVE-2014-0160, is one of the most far reaching  vulnerabilities ever discovered. It allows a hacker to break the encryption on webpages, and steal personal information such as credit card numbers, but more importantly passwords.

When you connect to a secure website, the website uses something know as SSL to encrypt your connection. By doing this, all the data that’s sent between you and the website is meaningless to anyone except those who have the decryption key, i.e., you and the website. One of the features of SSL is that it uses a “heartbeat signal” that is repetitively sent between you and the website to confirm that you are still connected to the real thing. Your computer sends the website a special packet of data, and the website responds with another special packet. Heartbleed exploits a vulnerability in the OpenSSL brand of SSL that allows a hacker to create an abnormal heartbeat packet, which, when sent to the server, will get it to respond with the decryption key. Once the hacker has this key, he can use it to decode all your communications with the website and get more information, like your password.

Not all websites were vulnerable to Heartbleed, but most were. These include Gmail, Twitter, Facebook, Instagram and many more. Even though all major websites, and most small ones, have patched the bug by now, any information that you sent before it was patched could have been stolen.

This is why it’s extremely important that you change your password for all of the online services that you use. A hacker could have stolen your password before the bug was fixed, and has just not used it yet. Keep in mind that this must be done after the site you’re using has fixed the bug. If they haven’t fixed it, then you make your new password vulnerable too. All major websites (Facebook, Twitter, Google, etc.) have fixed it, but when working with a smaller website, like a corporate intranet for example, you should check with the administrator to make sure first.

Support for Windows XP Ends in Less Than a Month

Posted by South City Computer

Microsoft released Windows XP in 2001, and it was arguably the most popular Windows operating system ever. In fact, it still is extremely popular. 11% of people who are visiting web applications still use Windows XP. Unfortunately, Windows XP is about to be put out of support by Microsoft.

“Out of support” can be kind of a vague description of what is actually happening. Microsoft ending support means that no more software compatible with XP will be released, and none of the software you have installed will recieve updates. These updates include critical security patches that protect your computer from viruses. When these updates stop being issued, more and more vulnerabilities will be discovered, but will never be corrected.

This is why it is important to upgrade your system. With support ending next month, it is critical that you do this as soon as possible!

You have two options when it comes to upgrading.

  • Purchase a new PC
    If your computer still runs Windows XP, it may be time just to replace it. South City Computer can offer you help in finding a new computer suitable for your needs. We can also transfer your personal files from your old computer to a new one so that you don’t lose anything in the process.
  • Upgrade your current computer’s software
    Some computers that currently run Windows XP are capable of running a newer version of Windows. These computers are generally ones that were extra powerful when initially purchased, or computers that were purchased towards the end of the Windows XP era. If you’re wondering whether or not your computer can be upgraded, just give us a call or drop by our store in the St. Louis City Lindenwood Park neighborhood.

Some other Windows End of Support dates to consider:
Microsoft ended mainstream support for Windows Vista on April 10, 2012. Microsoft will end mainstream support for Windows 7 on January 13, 2015. Also Microsoft Windows Vista end of extended support will end April 11, 2017. Learn more about the end of Windows lifecycle here.

There are bigger and better things than Windows XP today. So, this is the end. If you’ve stuck with XP until now, you need to get upgraded. Because, trust me, you don’t want to be there when support ends.

Hard Drives in Copiers: Why Your Personal Information may be at Risk

Posted by South City Computer
Photo taken by MMN-o

Copy Machine

Although Copy Machines seem harmless they alone can leek personal information and cause serious trouble. John Juntunen of Digital Copier Security said: “Nearly every copier built since 2002 contains one of these, a hard drive.” Exactly like the hard drive in a computer the hard drive in a copier, saves everything whether it was copied, emailed, or scanned. That means all medical documents, birth certificates or other important/personal documents are stored in your copy machine’s memory and if found in the wrong hands can cause you serious troubles.

How to Defend Your Information

Copiers along with MFDs (Multi-Function Device [such as a device that is a fax machine, photocopier and printer all in one]) store data. Most copiers and MFDs are often found in business settings along with public locations while also being available for the house.

If you have a personal copier there are two real dangers of having your information stolen: 1. Disposing of your copier or MFD without removing or wiping its hard drive. 2. Someone gaining access to your wifi network and to your copier/MFD. If your copier/MFD is old or broken and you are considering throwing it away or selling ALWAYS REMOVE/WIPE THE HARD DRIVE there could potentially be important and private information stored on it. If you need your copier’s/MFD’s hard drive wiped bring it in to South City Computer and we will do it for you!  The second one can only happen if your copier/MFD is connected to your network because it is wireless.  To ensure no one gaining access to your network, set up a secure password (if  not having one already).

If you are going to use a public photocopier, be very cautious about what you are going to copy. There is no telling whether the photocopier deletes all the information stored on it so always be cautious if the information you are photocopying could or could not be harmful information if it was accessible by others.

If you are using a copier at a business not only should the concern of disposing of your copier without wiping the hard drive and via the network but also have a concern of who has actual contact with the copier, for example: coworkers, customers, etc. Although seeming unlikely just by removing the hard drive and using a free software program to scan the hard drive, could download all the files off of it. If your copier is used often throughout your work there could be essential business information leaked if your copy machine’s hard drive is left unprotected.

Click here to view the video by CBS.

If you or your business ever need a copier or MFD hard drive erased, call us at: 314-400-7918

Data Loss Can Cause Major Issues

Posted by South City Computer

Did you know that data loss has become increasingly more common since 2008? The Open Security Foundation has recorded the increase of data loss incidents since 2008, claiming that it has become a major problem for some businesses.

What is Data Loss?

Data Loss is when data that someone has stored, whether it be a person or a business, when data gets destroyed or fails without the person or business having a backup storage of the data and without being able to restore the data. Data loss can primarily be catastrophic to businesses that store a lot of data especially if that information is critical to their business.

Data Loss Affects Businesses

One of the more publicly known data loss incidents was TJX’s (the retailer owning such stores like Marshalls and T.J Maxx) loss of 94 million people’s information including credit card and customer identity. TJX lost an estimated $256mil+ along with hackers successfully gaining access to 45 million customers’ information.

Another well know data loss was Sony, in late April of 2011 the PlayStation Network (PSN) was hacked. Hackers obtained personal information including Credit Cards. Post-Breach Sony closed down both PlayStation Network and Sony Online Entertainment. The Poneman institute (research center with focus on data protection and data privacy) estimated that Sony may have to pay up to and/or beyond $2 billion.

How to deal with Data Loss:

  • Data Recovery- In a data recovery shops can attempt to recover lost data but without a previously arranged data backup plan, often data recovery will involve reinstalling of applications, files, etc.
  • Data Backup Plan- Here at South City Computer we can set up a data backup plan, that will support your choice data.

If your data is ever lost or you would like to set up a data backup plan please call us or leave us a message on our website .

Sources:

  • http://www.csmonitor.com/Business/2011/0504/Data-theft-Top-5-most-expensive-data-breaches/1.-tie-Sony-to-be-determined
  • http://www.computerweekly.com/feature/Top-seven-data-loss-issues

How to Avoid Yahoo Malware and Other Types of Malware

Posted by South City Computer

Image for google warning about malware.In the beginning of 2014 Yahoo’s ads contained malicious software (malware) which infected an estimated 2 million users computers. It was estimated that almost 27,000 computers using Yahoo were infected an hour. The computers that were infected through Yahoo, were using up a massive chunk of the computers resources as bit coin slaves, where without the users knowledge the computers were mining bit coins thus harboring a lot of the computers capability. Although malware today is very common especially through email and the Internet; there are still ways to defend your computer.

What is malware?

Malware is a term that is short for “malicious software” which is meant to harm your computer. Malware includes: spyware, trojan horses, and computer viruses. malware can be downloaded or installed unintentionally or unknowingly by the user through the Internet or via email.

What does malware do?

Malware infects the computer and can lead to the attacker accessing content on the computer, leaving the user susceptible to Identity Theft and other financial and personal information being seen. With malware undetected the computer can have certain operations disrupted along with being used to store unidentified data. Certain malware like spyware can be used to spy on the user’s action for marketing.

How to defend from malware:

  • Keep your computer up to date.  Make sure your computer is automatically updating itself.  Make sure  check for updates is set to run when you have the computer turned on, not at 3am like the default setting.
  • Make sure you have antivirus/anti-malware installed.  Microsoft provides free of charge antivirus and malware built in if you download and activate it.  The issue with commercial subscriptions is that you forget to pay and they expire, putting you at risk.
  • Be careful of spam emails. Emails that seems sketchy or are otherwise unexpected may contain malware. View header of email, also clicking to check who the sender of the email is can help you decide whether to open it or not.
  • Heed computer warnings. Often if entering a dangerous website your computer may already be letting you know. Computers may also display a message saying that certain files may be harmful to your computer if opened.
  • Bring computer to local computer shop. Bringing your computer to South City Computer or another local computer repair shop to be scanned for malware. You could schedule a Tech Desk visit in order to have your computer scanned while you wait.  Call or Send us a message through our website.

Malware is becoming very common now which now there are many anti-virus and anti-malware softwares available for download. Also bringing your computer into South City Computer or another local computer repair shop to be scanned for malware can see if you already have malware and can be removed.

Call:  314-400-7918

Sources: http://www.businessinsider.com/yahoo-malware-turned-european-computers-into-bitcoin-slaves-2014-1

 

Companies with Free WiFi, Watching You

Posted by South City Computer

Over the past decade, WiFi has made a major appearance in public places. But as cellular data has become more and more prevalent in the past couple years, one starts to wonder why exactly retailers are so big about having WiFi. The truth is that retailers who provide free WiFi in public places aren’t just providing internet access because they want to be nice to you. They are using it to track you.

When you connect your Android or iPhone, or any device, to a WiFi network, it transmits a unique identifier known as the MAC Address. While this address doesn’t necessarily provide any information about your device or your person, it is completely unique. Retailers can track when and for how long a device is connected to their network, and therefore determine your habits.

The best way to explain how this information might be useful to a retailer is through an example.
Let’s say you’re paying a visit to the Lindenwood Park neighborhood and you connect your phone to a free WiFi network provided by a local computer store. That computer store could gather data about how often you visit, and how long. By combining information about how long you are there with the known radius of the WiFi network, the computer shop could gather data about what you are doing. This information is not used to creep on you, but rather to determine what the best way to market to you is. If it was determined that you regularly connect to the WiFi while visiting a nearby restaurant, the store might consider taking out an ad on a table tent.

This form of tracking has potential to be beneficial to both consumers and retailers alike. However, retailers have not established standards regarding informing consumers about what exactly they track and how they plan to use it. Until this happens, one may want to disable the WiFi on his or her device when away from home. AVG has also developed a “Do Not Track” app that will do this for you automatically.

2 Million or More Facebook, Google, and Other Accounts Compromized

Posted by South City Computer

In recent news security experts are saying that more than two million Facebook, Google, and other “cloud” accounts have been hacked, compromised, and circulated online!  This is just another hack attack announcement in a slew of online account compromises that’s been in the news lately.

So you might be wondering, how in the heck did they get into so many different types of accounts?  Well, the answer actually is very simple:  1.) A Dictionary and 2.) User complacency. Users can be terrible at picking good strong passwords and remembering them for each service they sign up for or online account they create.

The attackers that stole the Facebook passwords used a dictionary of common passwords and variations thereof ie: password123, PAssW0rd123, etc… to try to log into a users Facebook, Gmail, or other online service. These attacks are automated and can be carried out successfully in a very short time. So if your password matches an entry in the password dictionary then the attacker gains entrance to your account in relatively short order.  Then in a nutshell, the ill-doer simply takes the guessed password and tries it on all your other accounts, your Gmail, your Facebook, your bank. And then those compromised accounts get sold. Sometimes they are used for spamming and sometimes for worse things.

And you probably know what happens next if you’ve ever had your Facebook or Gmail or Yahoo account hacked– friends emailing you telling you that you’re sending spam, or worse like identify theft.

So how can you protect yourself?

  1. Change your passwords to random passwords at least 8 characters in length that contain a capital, a number and a symbol.
  2. Use a different password for each different account to keep the damage localized to that service and not spread to your other accounts.
  3. Use a password keeper tool like Keypass Keepass password safe to make managing different passwords easier by only having to remember one.

Free Good Password Tool

Here is an easy password generation tool.  If you click the link it will generate a random passwords.  Click refresh in your browser until you find one that suits you.  And don’t worry, this link is refreshed every time and no two passwords are ever the same and we don’t record what passwords are chosen.

Click Below

Click Here for a Secure Password

Source: http://www.foxnews.com/tech/2013/12/05/passwords-guidelines-for-protecting-internet/

« Previous Page
// //
//