- Bitdefender: Best overall
- Avira: Best value for your money
- AVG: Best for solopreneurs
- McAfee: Best for multi-device protection
- Malwarebytes: Best for real-time protection
- Avast: Best for remote workers
- F-Secure: Best for plan customization
- G DATA: Best for comprehensive features
- Trend Micro: Best for phishing protection
- ESET: Best for technical users
Driving Force Software
Solutions for the Small Business and Enterprise
Sunday, August 24, 2025
October 14th; The end for Windows 10 (or is it?).
October 14th; The end for Windows 10 (or is it?).
If you are still using Windows 10 and do not wish to upgrade to Windows 11, you can extend support for 1 year but you must act on it and sign up for the added year.
Officially Windows 10 support ends on October 14, 2025. After this date, Microsoft will no longer provide security updates, non-security updates, or assisted support for Windows 10. While Windows 10 PCs will still function after this date, Microsoft strongly recommends upgrading to Windows 11 or a newer, supported operating system for the best and most secure experience.
A reprieve is offered but you must sign up for it.
Microsoft Issues Free Update Offer To Millions Of Windows Users
More specifically:
The official end of support for Windows 10 is October 14, 2025.
The ESU program allows organizations and individuals to receive critical and important security updates after this date through a paid subscription.
Consumer ESU program cost
You can enroll in ESU by one of the following three ways:
- At no additional cost if you are syncing your PC Settings
- Redeem 1,000 Microsoft Rewards points
- One-time purchase of $30 USD or local currency equivalent plus applicable tax
It's important to note that the ESU program focuses on security updates and does not include new features, non-security updates, or technical support beyond the ESU itself.
The final feature update for Windows 10 was version 22H2, released on October 18, 2022. However, this update primarily focused on minor enhancements and bug fixes rather than major new features, such as significant UI overhauls and AI integration like on Windows 11.
Does my PC support Windows 11?
There are around 700 million users still on Windows 10, of which perhaps 250 million cannot upgrade. As one Forbes reader commented on the ESU offer, “the landfills can breathe a sigh of relief for one more year,” and there’s certainly something in that.
To run Windows 11, your PC needs to meet certain minimum hardware requirements:These include a 64-bit processor with at least 1 GHz and two or more cores, 4 GB of RAM, 64 GB of storage, UEFI firmware, Secure Boot capability, and TPM 2.0. Additionally, the graphics card needs to be compatible with DirectX 12 or later with WDDM 2.0, and a display with at least 720p resolution is required.
Download and install the PC Health Check app. The PC Health Check app can be downloaded from the following link:
Download the PC Health Check appRight-click on the Start menu and select Search .
In the Type here to search text box, enter:
pc health checkUnder Best match, select PC Health Check from the list of results.
In the PC Health Check windows that opens, select the Check now button.
Microsoft Extends Free Edge Support on Windows 10 Through 2028
After October 2028, the determining factors to continue use of Windows 10 will be software availability that still supports Windows 10. You may not be able to find security software and other utilities. Software developers will stop writing and supporting out of date operating systems. Hardware vendors such as printer manufacturers will stop writing driver programs that support Windows 10.
You can still use it but it will more difficult. Try surfing the web using Windows 98.
Wednesday, September 4, 2024
Kaspersky Ban, Latest Security News
The latest Security News and Anti-Virus options in wake of US Kaspersky ban.
With the impending 09/29/24 drop dead date for receiving updates looming over Kaspersky users, it is time to consider alternatives if you have a KAV subscription. It is unknown whether the company will observer the no-update ban.
If you’re a Kaspersky customer, you have a little over 3 weeks to find a suitable alternative. There has been no news yet about refunds for those with annual plans but if the ban does go into effect, it’s likely the company will announce something along these lines.
Kaspersky’s antivirus has long been considered some of the best antivirus software due to its excellent malware protection, light system impact and included extras. If this ban does go into effect, we’ll be updating all of our antivirus and security software guides accordingly.
In the interim, Kaspersky users should be looking for alternatives just in case. If you use Windows, Microsoft’s built-in Windows Defender antivirus is a great free option that is part of Windows. However, it is recommended that you enhance your security with a product whose focus is the protection of your system from malware, viruses and all the bad actors you are online with daily.
There are numerous offerings and opinions. I have been researching for over a month.
I've read articles, watched videos about what to buy, what not to buy and why. I wonder why everyone isn't with CrowdStrike which seems to be the preference of the big companies, yet it was an update from CrowdStrike that shut down so many systems last month, most notably airlines.
Bitdefender appears in most top 5 lists and I found a comparison of it to CrowdStrike. Below are links to more info that may assist you in making a decision.
Bitdefender vs CrowdStrike 2024 | Gartner Peer Insights
7 Best Kaspersky Alternatives to Replace After the US Ban (cybernews.com)
I found a very good article on Forbes Advisor that highlights 10 different anti-virus vendors along with each software's strength. Their name contains a link to each ones website.
The Best Antivirus Software of 2024
Which one to choose?
There are a myriad of opinions online about antivirus as well as VPNs. Below is a link about why you don't want Norton or McAfee. John McAfee and Peter Norton were brilliant early pioneers in the PC security game. McAfee was a maverick who ran for President in 2016, was imprisoned by the US for tax evasion and died while in custody. The companies that represent their names today are in no way connected to either person.
Below is a link to a YouTube video that warns you to never buy Norton or McAfee.
Don't buy Norton or McAfee. VPNs, dos and don'ts.
NEVER install these programs on your PC... EVER!!! (youtube.com)
In conclusion I'm sure you're thinking, Thanks for Nothing! I've reached the same conclusion after researching online through multiple searches for a month now.
I will be making recommendations this week and next week to my Business clients as I research costs thru Vendors for multi-seat license subscriptions.
In other Security News:
Enslaved in Asia and Forced to Scam Strangers Online
Millions of AMD CPUs vulnerable to hacks, and some won’t get patched
Story by PC World • 3w • 2 min read
Millions of AMD CPUs vulnerable to hacks, and some won’t get patched (msn.com)
Warning Google Chrome users;
Never install browser extensions, honey, shopping extensions.
Thousands of Google Chrome browsers are at risk from this damaging attack (msn.com)
DFORCE Workstations & Computers, custom builds, performance oriented Beasts
Thursday, August 1, 2024
CrowdStrike Outage, White House bans Kaspersky
Wednesday, January 3, 2024
Say it's not so! Windows 12 is coming in 2024. Apple iPhone malware/exploits.
Windows 12 is coming soon in 2024
I've read too many emails and articles hinting at a new Windows in the months leading up to 2024 and now it's not even a secret any more. Microsoft is readying it's latest iteration of it's Windows operating system, Windows 12.
It was July 15, 2015 when Windows 10 was released. It came after the "seemed like a good idea, Windows 8" which tried to merge the phone/tablet and desktop devices. Unfortunately it was so different users found the learning curve of Windows 8 delayed them from accomplishing their daily tasks.
Why can't Windows be more like Apple OS, new features, fixes but essentially feels the same. Voila, Windows 10 was supposed to be the answer. It was but then came Windows 11 with it's centered Apple like taskbar, which can be modified.
It may be that Windows 12 will support ARM processors as well as Intel/AMD processors. Sometimes it is easier to start from scratch rather that try to make an existing code do something not inherent to it's original intent.
ARM processors are found in small, battery-powered devices such as laptops, tablets and smartphones. However, ARM processors are also used for desktops and servers, including the world's fastest supercomputer (Fugaku) from 2020 to 2022(1).
It may be that Windows 12 can accomplish the meshing of the myriad of devices in a way that Windows 8 was unable to do.
BTW, Windows 10 End of Life is October 14, 2025. See footnote 3 below.
https://www.zdnet.com/article/windows-12-faq-yes-its-coming-in-2024-and-more-surprising-predictions/
Scammers, thieves and ne'er do wells.
More than likely, we've all received emails or maybe texts that reference products or services we didn't buy. The invoices sometimes mimic PayPal invoices and are very legit in appearance. Many do not contain links but only a phone number for you to call. Once on the phone the scammers are very cunning, they're your friend and willing to help. Beware of any such emails and feel free to forward them to me. You can comment and ask for my help.
Watch out for your neighbors.
Gwinnett couple lost life savings to scammers pretending to be Geek Squad
Apple iPhones Viruses and Malware
Apple has always claimed that their phones are not susceptible to viruses. I know that's not true because I've a client who has had services compromised in the past through a mobile app on their phone.
Last night I called Apple support about an issue with the Wallet on my iPhone. I was experiencing a non-transmit error when I tried to pay. It was related to a glitch in my time zone setting.
The tech was nice, Indian I'm guessing because of accent. I asked him about Apple's claim of being virus/malware proof. He said maybe it was because every time you update your phone, the new IOS scans for malware.
I next asked him about the iPhones in Pakistan that were delivered with the Blast Pass Exploit. This code is a zero-day, zero-click malware deployment exploit capable of infecting the latest Apple IOS versions (up to v16.6) without any assist from the user. It specifically downloads Pegasus spyware.
In response to this threat, Apple has issued a remedial advisory for iPhone users and is sending alerts to its users to notify them of the potential targeting by NSO Pegasus spyware or state-sponsored attackers. (2)
I want to advise clients of mine who have Kaspersky AV, that there is a KAV app for your smartphones, both IOS and Android included with your subscription.
BTW, I told the Apple tech what to search for to find the article. The Pakistan government has been dealing with iPhone issues since 2021, may be earlier.
Government Warns About IPhone User Hacking in Pakistan
https://newsguru.pk/government-warns-about-iphone-user-hacking-in-pakistan/
footnotes
(1) WikiPedia
(2) NewsGuru - Pakistan
(3) The final version of Windows 10 is version 22H2, which will reach end of servicing on October 14, 2025. Beginning with Windows 10, version 21H2, feature updates for Windows 10 release are released annually, in the second half of the calendar year, to the General Availability Channel. For information about servicing timelines, see the Windows lifecycle FAQ1.
DFORCE Elite Workstations (not consumer crap!)
Our workstations are designed using the best available components to include, Intel unlocked processors matched to Z chipset mainboards. The SSDs are M2, Western Digital/Samsung high end. Not all solid state drives are the same, read/write speeds vary greatly.
https://drive.google.com/file/d/1IQGrU_fIP-N1L6iJ1bhiLYCZph76uL6I/view?usp=drive_link
Wednesday, December 6, 2023
Poor Password Habits and Data Breaches. 23andMe Hack is a Wake-Up call.
Daily I am presented with spam check requests and questions from people who wonder why spam exists and why it is increasing. It's simple. Governments and companies are recording everything one does when on the web, sites visited, preferences, personal and financial info. The more data a company keeps, the more data is at risk.
Bad actors know this, and breaches occur daily at large firms. These breaches involve the theft of millions of records containing info about people, names, addresses, phone numbers and SSNs. The data is then offered for sale on black websites, sometimes given away for free.
23andMe reported they were hacked in October. The DNA tester reported that 14,000 accounts were compromised by a hacker. These 14,000 accounts exposed info belonging to 6.9 million people, (14000=6.9 million ???). The company stated that their computer network wasn't the source of the hack. THEIR NETWORK wasn't the source? Who are they sharing their info with?
The passwords used to break into these accounts had been stolen in other data breaches. This points out the weakness of using the same password for multiple accounts. This type of attack is called credential stuffing and victims of this kind of attack include Netflix, Nintendo, Zoom and PayPal. This attack is not unusual but the data stolen from 23andMe is highly sensitive.
“The issue here is that 23andMe is a social site that also has healthcare information,” he said. “And both of these increase the risk of exposure of the data, and the value of the data itself.”
I have published this link in the past but it is worth revisiting today. To check and see if your email address and info have been exposed in previous data breaches, please visit the Have I Been Pawned website.
Worldwide problem.
It's not just US citizens. The Wall Street Journal reports there have been dozens of leaks involving Chinese firms and agencies. The Chinese government collects massive amounts of data on it's citizenry to maintain social control. China has created a strict cybersecurity and data protection realm but still breaches happen.
In June of 2022, an anonymous user on a popular online cybercrime forum put up for sale data of an estimated 1 billion Chinese citizens that was stolen from the Shanghai police. The heist was one of the largest in history and included particularly sensitive data, such as government ID numbers, criminal records, and detailed case summaries such as allegations of rape and domestic abuse.
The Wall Street Journal has since found dozens more Chinese databases offered for sale, and occasionally free, in online cybercrime forums and Telegram communities with thousands of subscribers.
Tens of thousands more databases in China remain exposed on the internet with no security, totaling over 700 terabytes of data, the largest volume of any country, according to LeakIX, a service which tracks such databases.
The same thing is happening in the US. Our government is as intrusive as China's, and it had/has lots of allies willing to do it's bidding. Every day when you are on the web, your viewing sites, preferences and personal info are being recorded.
AI today is playing a larger role in this info drama. It takes little time for a person's image or name to be researched and in less than 24 hours their home address, phone number, children's schools are Doxed and published in the public domain for everyone to see.
There are private professional companies worldwide who are employed by governments, bad actors and others. Stealing data and infiltration is their forte. One such company based in India was highlighted recently by Reuters and the WSJ. Today I can't find the article or info on WSJ and the link I had for Reuters below explains why. (I posted the link content below, italics)
How an Indian startup hacked the world (reuters.com)
Editor’s note
Filed Dec. 5, 2023, 10 p.m. GMT
Reuters has temporarily removed the article “How an Indian startup hacked the world” to comply with a preliminary court order issued on Dec. 4, 2023, in a district court in New Delhi, India.
Reuters stands by its reporting and plans to appeal the decision.
The article, published Nov. 16, 2023, was based on interviews with hundreds of people, thousands of documents, and research from several cybersecurity firms.
The order was issued amid a pending lawsuit brought against Reuters in November 2022. As set forth in its court filings, Reuters disputes those claims.
Driving Force Intel based Powerhouse Workstations (not consumer crap!)
Monday, November 6, 2023
Pig Butchering. China cracks down on Internet scammers based in Myanmar
The term Pig Butchering refers to the victims of scammers. The scammers
nurture relationships with their targets before luring them in for the kill.
Armies of scammers operating from lawless corners of Southeast Asia—often
controlled by Chinese crime bosses—connect with people all over the world
through online messages. They foster elaborate, sometimes romantic,
relationships, and then coax their targets into making bogus investments. Over
time, they make it appear that the investments are growing to get victims to
send more money. Then, they disappear.
This is not a new technique, but it is a problem for societies all around
the world. It was used by Nigerian scammers during the war on terror who would
pose as US servicemen and target gullible victims with fake photos and love
letters often coaxing the victims to send money.
There are regions around the world whose strengths lie in language,
targeting/scamming societies more closely related to them. The border region
shared by China with Myanmar sounds like the problems the US southern border
experiences with the Mexican cartels. The differences are there is not the
endless stream of unvetted, unvaccinated migrants streaming into China, plus
China is doing something about it. I mean who wants to go to communist China
anyway?
The link below to a WSJ article in today's paper details the issue and how
China is trying to shut down the illicit scam centers.
India with its large English-speaking population is home to villages whose
sole industry is internet scamming. I watched a documentary about this. The
internet and smartphones have brought the tools for scamming to very smart and
desperate people. The gulf between haves and have nots is very great in India
even with-it growing prestige and power. Whether its right or wrong does not
mean a lot to a poor village.
India has long held a reputation as a home to online scammers targeting
victims in far richer nations such as the United States. Last year, federal
prosecutors in Georgia announced the indictment of multiple India-based call
centers and their directors, charging them with conspiring to forward tens of
millions of scam calls to American consumers.
In summation, be extra vigilant and check the email, test message sources. Check
that the email address used by the sender is the correct address associated
with that sender if possible. Check the spelling of the domain name in the
email address.
Your email address is on hundreds if not thousands of devices. Every client,
firm, or friend you deal with has your email address and phone number. All internet connected devices should have
anti-viral software installed but sometimes that is not enough. My larger
clients have SonicWALL, anti-virus as well as MS365 protections in place. Does
everyone you deal with have the same protections in place?
Be careful.
BTW, I run a Sandbox which is a Virtual Machine that I monitor email for my
larger clients 24/7. If an infection occurs within the VM, I can shut it down
without any consequences to my machine. If you need help verifying an email,
feel free to contact me.
Thursday, October 12, 2023
Cyberattacks cost Las Vegas casinos and Clorox $100s of million dollars.
Cyberattack cost MGM Resorts about $100 million, Las Vegas company says
In today's digitally connected
world, one must remain vigilant to safeguard devices, info and
finances.
A hacker group called "Scattered Spider" is
behind 2 attacks against large corporations. They hacked and seized the
data of 2 large Las Vegas casinos reportedly asking for a $30 million ransom
from one to release their data.
Clorox Security Breach Linked to
Group Behind Casino Hacks.
The targeted victims employ a lot of
security safeguards, systems and personnel to prevent such attacks.
Imagine what the impact would be to
your small business or personal finances if you were hacked.
The Clorox cyberattack crisis
warrants every board’s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on
the 2023 Forbes Most Cybersecure Companies list. Nonetheless, an August breach
halted its operations with devastating supply chain and business consequences.
With all their sophisticated
defenses the weakest link remains to be the human factor.
The security attacks that triggered
an FBI probe shatter a public perception that casino security requires an
“Oceans 11”-level effort to defeat it.
“Hackers are always fighting for
that 0.0001% weakness,” Kim said. “Usually, that weakness is human-related,
like phishing.”
The casino attacks caused a myriad
of problems from slot machine outages and hotel operation disruptions. It
is estimated to have cost the MGM Resorts $100 million.
MGM, whose prominent casinos along
the Las Vegas Strip include the Bellagio and Mandalay Bay, were hacked last
month. The company said it deliberately shut down a number of services “to
mitigate risk to customer information.”
The shutdown had severe impacts for
MGM. Some hotel customers couldn’t use key cards to enter their rooms.
Employees were locked out of corporate emails for days. The tech news website
404 Media found entire sections of slot machines at MGM casinos roped off.
MGM said that despite system
shutdowns some customer info was accessed by the hacker group.
Rival Casino operator Caesar's
reportedly paid the hackers a ransom to go away according to a SEC filing by
the company.
For more about the casino attacks
click on the following links;
https://apnews.com/article/vegas-casinos-mgm-caesars-cyberattack-59644d2cb0f2a765770d30f268b81a11
Clorox Crisis Shows Cyber Risk’s
Harsh Business Downside
The attack on Clorox presented quite
a different set of problems. Automated systems in their manufacturing and
distribution systems were shut down forcing the company to resort to manual
processes. The attack left the supply chain compromised and both
retailers and customers were without product.
I was watching CNBC last week when
Clorox reported the incident and it's impact on quarterly sales which cause the
stock price to tumble. The financial impact for FY2024 Q1 is as follows;
·
“Order processing delays and significant
product outages” dented quarterly sales by 23-28%. That’s likely well over $500
million in lost revenue.
·
Lower gross margins are anticipated, as “the
impact of the cybersecurity attack more than offset the benefits of pricing,
cost savings and supply chain optimization [and] lower cost absorption driven
by lower volume.”
·
Quarterly earnings per share will show a loss
rather than positive result.
·
Remediation efforts and expenditures will
extend well into FY 2024.
Always double check and be wary of
both cell phone text messages and emails.
The following is an example;
I received a text today on my phone,
supposedly from USPS that my package was delayed. I needed to copy a link
and paste it into the Safari app on my iPhone. I copied the link down,
opened MS Edge on my desktop and typed the link. It brought up the USPS
website. I then entered the Tracking number and this is appeared.
However when I followed the instruction in the message and opened the same link using Apple's Safari browser, a different result.
Be careful and check everything.
Tuesday, September 19, 2023
QUISHING!!! QR code Phishing... new Email Threat.
How to prevent quishing attacks
As with any type of phishing, the best defense against quishing attacks is an educated user base. Enterprises should provide security awareness training that includes the following best practices:
- Never scan a QR code from an unfamiliar source.
- If you receive a QR code from a trusted source via email, confirm via a separate medium -- e.g., text message, voice call, etc. -- that the message is legitimate.
- Stay alert for hallmarks of phishing campaigns, such as a sense of urgency and appeals to your emotions -- e.g., sympathy, fear, etc.
- Review the preview of the QR code's URL before opening it to see if it appears legitimate. Make sure the website uses HTTPS rather than HTTP, doesn't have obvious misspellings and has a trusted domain. Don't click on unfamiliar or shortened links.
- Be extremely wary if a QR code takes you to a site that asks for personal information, login credentials or payment.
- Observe good password hygiene by changing your email password frequently and never using the same password for more than one account.
Thursday, September 7, 2023
AI and your information; What does it know about you and your business. it's more intrusive that you think
I encourage my clients to forward questionable emails to me for analysis to check if they are valid or not. Recently a forwarded email came from a client that she received from someone claiming to be the owner of the firm she works for asking for her cell phone number. Problem was the alleged owner wasn't anyone we knew.
-----Original Message-----
From: xxxxx xxxxxxxxxx <xxxxxxxxx0029@gmail.com>
Sent: Friday, August 11, 2023 8:58 AM
To: xxxxx xxxxxxx <xxxxx@clientemail.com>
Subject:
Hi Xxxxx
I need you to work on a request for me. Send me your cell phone number. I love working with great people.
First LastName
Owner at CompanyName, LLC
Normally, I would have dispelled this as another phishing attempt. However, I knew that this firm had some private investors and decided to Google the name in the email along with the client's company. What I found was a page published on a website of ZoomInfo that listed not only the sender as the owner but also an almost complete list of present and past employees.
The site has the firm's correct address listed but to obtain phone numbers and emails you have accept and download ZoomInfo software which I suspect then looks at your contact list.
I provide an example of the listing they have for Driving Force. I got this listing by googling "driving force software zoominfo". However the example of the client above I found by googling the name of the alleged owner and firm name. ZoomInfo was a the top of the search results.
As you can see below, they've published my phone number and website. They have my NACIS and SIC codes correct. However they list our operations as;
Driving Force Software is a company that operates in the Museums and Institutions industry. It employs 11-20 people and has $1M-$5M of revenue. The company is headquartered in Atlanta, Georgia.
I have checked other clients and the results are astounding. A lot of info about them, some correct and much incorrect.
ZoomInfo employ AI, Artificial Intelligence to scour the web and the following sources;
Unstructured Public Information: ZoomInfo's technologies extract and parse unstructured information found on webpages, newsfeeds, blogs, and other public sources and then match that information with entities it has previously identified.Jan 19, 2023
If you research and find your business on their site, do not download and install their software. I'm not sure but I suspect they will browse your contacts and harvest more info. Instead do the following;
How do I remove my info from ZoomInfo?
Go to https://www.zoominfo.com/privacy-center/update/remove and “Verify” your email address. Check your mailbox and take a note of your 4-digits code. Enter the 4-digits code and click “Confirm” Tick the checkbox next to “I would like to delete my information”, solve the CAPTCHA, and click “REMOVE”Jan 31, 2023
https://www.zoominfo.com/privacy-center/update/remove
-
The latest Security News and Anti-Virus options in wake of US Kaspersky ban. With the impending 09/29/24 drop dead date for receiving update...
-
Each time I remove Malware aka rogueware from an infected computer, I am always asked "How did I get this...?" When I try and exp...
-
QR Code phishing while not new is on the rise. QR codes (Quick Response codes) became widely popular during and after the pandemic. Many l...