Friday, November 30, 2018

Latest Security Hack, Microsoft passes Apple as most valuable Company

Latest Hack:  Marriott says its Starwood database was hacked on approximately 500 million guests

Marriott said the Starwood guest reservation database was breached, potentially exposing information on about 500 million guests.

Among the information stolen on many of the guests includes a  combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. 

Payment information may also have been accessed on some guests.

Apple and Microsoft are going head to head for world’s largest company

What you may say... Microsoft?  It was Amazon and Apple that had been vying for the richest capitalization but the online retailing giant's stock has dropped in value along with Apple's beginning in October.  Meanwhile Microsoft stock has surged in part due to 2 areas, cloud and gaming.

Microsoft's growing cloud business and strong PC sales made Microsoft one of the few tech companies to grow in value following its September quarter earnings results. Apple's valuation, meanwhile, has fallen more than 20 percent since its own earnings results.

Microsoft topped AWS (Amazon Web Services) beginning in the 1st quarter this year with IBM trailing in 3rd place.  Both IBM and Microsoft posted very good 2017 4th Qtr results with IBM topping both AWS and Microsoft.  However, the gap between Microsoft and AWS started widening in that quarter.

Gaming has become a huge industry fueled by Fortnite, Red Dead video games online forums.  Gaming machines are very lucrative for hardware companies.  Video cards capable of delivering 4K graphics and high speeds can cost more than the average business computer alone.


https://9to5mac.com/2018/11/26/apple-market-cap-microsoft/

https://9to5mac.com/2018/11/01/apple-stop-reporting-unit-sales/

https://9to5mac.com/2018/11/21/foxconn-cut-costs-iphone-sales/


AAPL chart by TradingView

AMZN chart by TradingView

MSFT chart by TradingView


DFORCE PCs - INTEL Generation 8 Computers, for Business & Gaming

- No comments:
Labels: , , , , , , , , , , , ,

Tuesday, November 27, 2018

Malware and Phishing attacks on the rise as Holidays approach

Phishing attacks and Malware attacks are ubiquitous.  Almost everyday I see some myself or receive emails from users wanting to know if this is real.  One I want to warn about is the "efax notification", eFax Notification Delivers Hancitor Malware.  If you received an email reference an efax, beware of attachments and/or links within these emails.

Fake Ransomware just overwrites MBR but demands payment

There is a fake ransomware trojan circulating that overwrites the MBR (Master Boot Record) and then restarts your machine.  The MBR is the code stored in the first sectors of a hard disk drive that contains information about the disk’s partitions and launches the operating system’s boot loader. If the MBR is corrupt or altered, the computer doesn’t know which partitions contain an OS and how to start it.

Upon reboot, the following ransom text is displayed and the machine is unable to boot as normal:



The message says;

Oooops!  Your OS is locked.  The harddisks of your computer have been encrypted with an military grade encryption algorithm.  There is way to restore your data without a special instrucrion for unlocking your computer.  You can buy the instruction.  To do this, you need to send $200 to Monero wallet: "a monero address" (This is a Monero address)

The claim that it has encrypted your files is fake.  According to SonicWall;

 The only modification to the filesystem is the overwritten MBR.  No files have actually been encrypted and there is no encryption functionality present in the malware.  Although files can easily be restored by mounting the filesystem using a live OS booted via a memory stick, most users will likely consider their files gone and perform a full reinstall.  There is no contact information provided to “restore” files and no way of verifying if paying the $200 in Monero will suffice.

https://securitynews.sonicwall.com/xmlpost/fake-ransomware-just-overwrites-mbr-but-demands-payment/

https://www.pcworld.com/article/3133181/security/free-tool-protects-pcs-from-master-boot-record-attacks.html
Tips to Prevent virus and malware from Infecting Your System:
  1. Enable your popup blocker: Pop-ups and ads on the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs.
    So, avoid clicking uncertain sites, software offers, pop-ups etc. and Install a powerful ad- blocker for ChromeMozilla, and IE
  2. Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update.By doing this you can keep your device free from virus.  According to the survey, outdated/older versions of Windows operating system are an easy target.
  3. Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
  4. Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection.Thus always backup important files regularly on a cloud drive or an external hard drive.
  5. Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like ITL Total Security or a good Malware Removal Tool like Malware Crusher.



- No comments:
Labels: , , , , , ,

Thursday, November 15, 2018

Email and Identity Theft - Has your information been Pawned?

There are always evolving threats to your online security.  Whether a phishing email, an email with a malware attachment/download or a compromised website, chances are you will experience at least one attempt each day.  Security software, firewalls, and antivirus software can provide a high degree of protection but it is no guarantee that your credentials will not be compromised.  You must be vigilant of phishing attempts and compromised websites.

A lot of attempts to steal your info is to spoof the email of someone you know to gain your confidence.  It may include an attachment that when clicked on takes you to a filesharing site, DropBox, Microsoft Sharepoint or OneDrive and ask you to log in.  It is easy to steal the source code of a website and mimic that site on a malicious web page.  Once you log in, BAM, they have your info which they will use to compromise your authentic email or access your online account.

Another ploy I have seen recently are emails that include a compromised password that is a real password that the user has or still uses.  The email states that they have private info about you that will be revealed publicly unless you pay a ransom to a Bitcoin wallet.  These wallets are very real and untraceable, so do not fall for this extortion attempt.

I have been contacted by users wanting to know if these are real because the email contains a current or past used password.  Again, they are only extortion attempts.  The next question is how did they get the password.  Below is a chart of information courtesy of "haveIbeenPawned.com".  Your identity and information are all over the web.  It is at your bank, LinkedIn, MySpace, Facebook etc.  This chart lists the largest data breaches thus far of user data at major corporations and websites.  And remember, these are just the largest, not nearly all.

Beneath the chart is links that you can use to check to see if your email has been pawned and your information was included in any of the compromised sites.

I have included the "haveIbeenPawned" website in a past blog post.  If you don't practice good password security yet and your email has been pawned please start today.  No one to blame but yourself.




https://haveibeenpwned.com/

https://www.lifelock.com/breach-detection?promocode=BreachEraser&nc=breachnortoneraser


Microsoft, Linux developers, and Apple are constantly releasing updates and patches to their operating systems to fix known and new exploits as they are found.  If you are using Windows XP then you have not received a security update since April 8, 2014.

Web browsers are evolving and getting better at warning the user that a website is not safe.  Google Chrome is good at warning you that a website is not safe and Mozilla Firefox will soon start alerting you to a breached site.  These browser updates don't necessarily happen automatically.  You should check if an update is available periodically and if so, install it.

If you are using Windows XP then you are using a way out of date, non-secure browser to navigate the internet.  I would not advise using an XP machine for financial transactions.

Support for Windows 7 extended support ends January 14, 2020.  Many software vendors will end support before that.

It isn't only the operating systems but recently flaws in Intel Processors have been exploited.

https://www.forbes.com/sites/davealtavilla/2018/01/03/intel-processor-bug-leaves-all-current-chips-vulnerable-and-its-fix-saps-performance/#74f5a918570a

One last thing, it's all software that you use whether Adobe Acrobat/Flash Player, Java, MS Office, or browsers.  Hackers use exploits in all of these to gain access to your computer and info.  It is imperative that you patch and update your systems to remain secure.



NEW INTEL GENERATION 8 & 9 based WORKSTATIONS


- No comments:
Labels: , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)

Say it's not so! Windows 12 is coming in 2024. Apple iPhone malware/exploits.

Windows 12 is coming soon in 2024 I've read too many emails and articles hinting at a new Windows in the months leading up to 2024 and n...