Blog | SecurePC LLC - Computer Repair, Maintenance and Security

Hackers Zone In On Microsoft Products To Attack

Congratulations to Adobe Flash Player for not being the software most targeted by hackers. Security vendor “Recorded Future” has just published their annual list of the software hackers most commonly focus on when targeting computers and handheld devices for attack.

For the last several years, Adobe’s Flash Player has topped the list, but this year they have been dethroned. Microsoft now has the embarrassing honor. There are multiple Microsoft programs on this year’s list, with some of them having exploits that date back more than a decade.

It’s a shameful honor to say the least, and even worse, in this year’s report, Microsoft captured seven of the top ten places.

The most often abused security flaw this year was CVE 2017-0199. Found in a variety of Microsoft Office products, the flaw allows a hacker to embed and execute VBS (Visual Basic Scripts) that contain Powershell commands into an Office document. Recorded Future has found exploit kits for sale on the Dark Web that automate the process going for between $400 and $800.

Hot on the heels of the #1 entry is CVE 2016-0189, which is one of a whole raft of Internet Explorer vulnerabilities that allow hackers to take unfettered control of a victim’s PC, laptop, or smartphone. It is one of the reasons Microsoft has moved away from IE in preference for Microsoft Edge.

Despite this dismaying news, Recorded Future notes that attacks via exploit kit are down significantly, with a staggering 62 percent drop in new variants.

The report’s author, Scott Donnelly, had this to say:

“The observed drop in exploit kit activity overlaps with the rapid decline of Flash Player usage. Users have shifted to more secure browsers and attackers have shifted as well. Spikes in cryptocurrency mining malware and more targeted victim attacks have filled the void.”

Despite the shifting landscape, the central lesson is clear. Hackers tend to take advantage of known exploits. Companies that keep their software properly patched dramatically reduce their chances of being targeted.

More Bad News From The Equifax Breach

<img class=”alignnone size-full wp-image-7903 alignleft” src=”https://www.securepc-wi.com/wp-content/uploads/2018/07/data-breach-equifax-resized.jpg” alt=”” width=”300″ height=”225″ />The news just keeps getting worse for Equifax. The company has already had to revise their estimates of how many people were impacted by last year’s breach more than once, and now, they’re having to revise their estimate yet again. This latest revision comes after company officials had to testify before Congress, which has been formally investigating the matter.

<strong>Prior to the release of Equifax’s latest “statement of record,” here’s a snapshot of how bad the data breach was:</strong>
<ul>
<li>5 million consumers had their Social Security numbers compromised</li>
<li>99 million consumers had address information exposed</li>
<li>3 million consumers had gender information exposed</li>
<li>3 million consumers had their phone numbers exposed</li>
<li>209,000 consumers had their credit card numbers exposed</li>
<li>97,500 consumers had their Tax Identification numbers exposed</li>
</ul>
<strong>Now, in addition to all of that, the company is adding the following:</strong>
<ul>
<li>6 million consumers had their driver’s license numbers exposed</li>
<li>12,000 had their Social Security and Taxpayer ID cards exposed</li>
<li>3200 consumers had their passports exposed</li>
<li>An additional 3000 had other documents, such as military and state ID’s compromised</li>
</ul>
As bad as it looks that the company has to keep revising their estimates upward, there’s a logical reason for it. The data that was stolen didn’t come from a single database. On top of that, the databases themselves all had highly variable structures, which has made it exceedingly difficult for forensic analysts to accurately assess the extent of the damage. All that to say, since the process is still ongoing, we may see yet another upward revision of the scope and scale of the breach.

Of course, the company is doing what most companies do in cases like these: They’re offering a year’s worth of free credit monitoring to impacted customers. The ironic part of their offer though, is the fact that Equifax is offering their own credit monitoring service free for a year, which converts to a paid monitoring service after the year is up. As Congressional officials rightly pointed out, this means that the company is essentially profiting off of its own breach, which is disturbing to say the least.

Most “Wannacry” Hacks Were On Windows 7 Machines

Last year’s Wannacry attack was bad, but in many ways, it was a self-inflicted wound. According Webroot’s recently published “Annual Threat Report,” almost all of the machines that succumbed to the Wannacry attack were running Windows 7. That attack is estimated to have caused in excess of $4 billion in total losses.

The central problem is that businesses have been much slower than individuals to make the shift from Windows 7 to the much more secure Windows 10. For example, in January 2017, only one Enterprise computer in five was running Windows 10, a figure which climbed to 32 percent by year’s end.

Contrast that with the number of Enterprise computers running Windows 7. In January 2017, a staggering 62 percent of Enterprise computers were still running Windows 7. That figure declined as the year went on, but only marginally, dropping to 54 percent by the end of the year.

Meanwhile, Windows 8 was running on 5 percent of Enterprise computers in January 2017, and had dropped to 4 percent by the end of the year. Windows Vista and XP both represented a tiny fraction (less than 1 percent) of Enterprise OS’s.

Contrast that to the Windows 10 migration figures for individuals. In January 2017, 65 percent of home users had made to switch to Windows 10. By the end of the year, that figure had grown to an impressive 72 percent.

A Webroot spokesperson had this to say about the report:

“While Windows 10 won’t solve all security woes, it’s a step in the right direction. Combined with advanced endpoint protection that uses behavioral analysis and machine learning, adopting Windows 10 can greatly reduce enterprises’ vulnerability to cyber-attacks.”

All that to say, if you haven’t moved away from outdated operating systems at your company, this is yet another compelling reason to do so immediately. No matter what legacy systems you may be running that rely on old OS’s, it’s just not worth the risk.

New Freemium Offer Mines Cryptocurrency

Freemium software is certainly nothing new. They are free apps that offer premium features if you don’t mind ads displaying while you’re using it or paying a small fee to have the ads removed. At least one company is trying a new business model on for size, albeit with limited success.

The company is Qbix, and their freemium app is called “Calendar 2.” It’s a solid calendar app with more features than Apple’s default app, and the Qbix offers its users premium features if they’re willing to allow the company to make use of CPU cycles to mine cryptocurrency.

Hackers around the world have been enslaving the computers of unsuspecting users and using their processing power to mine cryptocurrency, all while making millions in the process. However, this is the first instance we’ve seen of a company attempting to bring the business model mainstream.

Unfortunately, there were two issues with the release of the latest version. First, there was a bug in the way the mining app was implemented that kept it running, even if users opted out of the default setting (which is, of course, to accept the arrangement).

Second, and even more disturbing, the mining software consumed twice as much processing power as the calendar app claimed that it would. Both flaws were discovered by Calendar 2 users, who did not have nice things to say about the app and expressed their concern that Apple had allowed the app on the App Store in the first place.

For Apple’s part, the company seems to have no problem with the revenue scheme, provided that the offering company gets the consent of the user. Although given Calendar 2’s less-than-spectacular-success with the idea, the company may well change their Terms of Service to forbid it going forward.

Microsoft Is Issuing Surface Book 4 Replacements

Do you own a Surface Book 4? If you do, you may have been unfortunate enough to get one that suffers from a peculiar screen flickering issue. It’s not known exactly how many Surface Book 4’s have been affected by the issue, but thousands of angry users have been comparing horror stories about it on various discussion forums around the web.

For their part, Microsoft has been very slow to even acknowledge the existence of the issue, even though there are some user videos showing the screen flicker in real time. In addition, there are videos of various crude hacks and workarounds owners have been using to get the screen to behave normally. These have included popping their computers in the freezer or running a hair dryer over them. Even when these “fixes” worked, they only worked for short periods of time.

Finally, the company has officially acknowledged the problem, and have now begun offering to replace the units for anyone dealing with “Flickergate.” Sadly, it’s too little, too late for some frustrated users, who have shelled out an average of $450 to replace the problematic screens on their own.

If you have a Surface Book 4, are dealing with the aggravating screen flicker issue and haven’t replaced it on your own yet, stop by Microsoft’s website and follow the prompts to see if you qualify for a replacement.

Over the past couple of years, Microsoft has done a good job at demonstrating nimbleness and responsiveness to customer complaints, which makes their handling of Flickergate more than a little disappointing. Our hope is that in the months ahead, whatever shape or form the next issue the company faces might be, they’ll return to recent form and be much more responsive than they were this time around.

Apple May Soon Say Goodbye To Intel Chips

Rumors have been circulating for years that Apple has plans in the works to cut Intel and their chips out of the equation, in preference for using their own custom chips in its laptops and desktop computers. Their iPhones and other devices already use custom chips, and according to the latest buzz, the move is designed to foster seamless interaction and cross-compatibility across the entire Apple ecosystem.

Back when such rumors initially began circulating, it was believed that the driving force behind Apple’s desire to cut Intel out of the equation was simply that they were looking to increase their profits. Under the conditions of the current arrangement, Apple pays 5 percent of its profits to Intel in exchange for use of that company’s chips. That, combined with the fact that using Intel chips makes it relatively easier for competitors to copy Apple’s innovations combines to create a compelling reason.

Nothing has come of those rumors for more than a decade, but the most recent iteration of the rumor may have some teeth to it. This is considering Intel’s ongoing troubles with the Spectre and Meltdown vulnerabilities that impact all Intel chips made during the last decade. Put that together with the above, and suddenly it seems like Apple has a lot of incentive to want to make a change.

The company’s stock took a hit on the heels of the rumor, but most in the Apple community feel it would be a net benefit to the company. Not only would it give their products a competitive edge, but it would also allow Apple more control over their product development roadmap and ecosystem.

A recent Bloomberg report notes that Mac Pro laptops are slated to begin shipping with an Apple proprietary chip in the place of Intel’s hardware beginning next year. In addition, according to the latest buzz, Apple plans to complete the transition across their entire product line by the year 2020.

More information on this topic as it becomes available.

Now Is A Good Time To Upgrade To SSD Drives

If you’ve been considering swapping out some of your old HDDs to SSDs, now is a great time to do so, thanks to the convergence of two factors.

First is the fact that the manufacturers of SSDs have been making strides in terms of increasing the capacity of the drives they’re offering. They are doing this while simultaneously offering other enhancements that reduce data duplication, making their products faster and more efficient than their HDD counterparts.

Second is the fact that there is currently a dramatic oversupply of memory chips, which has been allowing SSD manufacturers to lower the prices of the products they’re selling.

According to a recently released report from DRAMeXchange:

“The oversupply will continue in NAND Flash market, where suppliers face the pressure to consume production capacity.”

The company is anticipating that the average price of enterprise PCIe SSDs and SATA SSDs could fall by ten percent or more over the course of the next quarter. Further, the firm notes that the enterprise SSD market has been growing at a blistering pace. This year, they expect that the sales of SSDs will top 30 million units, up from less than 20 million just last year, and the company expects a similar rate of growth for at least the next three years.

It seems that businesses of all shapes and sizes are enthusiastically lining up behind SSD technology, and with good reason. Not only are the prices increasingly attractive, but manufacturers are really going the extra mile by offering a raft of new capabilities, in addition to more overall storage capacity.

Obviously, this convergence of factors won’t be long-lived, so if you’ve been planning to upgrade your equipment, now is the time to do so before the winds change direction and prices start to increase again.

You Can Now Search Google From iMessage With App Download

There’s a fun, new update for Apple’s iMessage app that will probably make lots of power users happy. As long as you also have Google’s iOS app installed, you’ll be able to perform Google searches from within iMessage itself.

In order to make it work, you’ll have to go into the app drawer (App Store icon) and enable the iMessage extension. Once enabled, all you have to do to use Google search is to tap on the Google shortcut icon to get the search box. Even better, the update includes shortcuts for watching trending YouTube videos, scoping out nearby restaurants, checking out local weather conditions, and even a handy GIF search. There’s also a quick news search option.

If you search for restaurant recommendations, the new app makes the results easy to share in the conversation you’re having. Although curiously, this feature doesn’t carry over to YouTube videos or news. Even so, it can be situationally useful.

In a similar vein, Google’s keyboard app, “GBoard” also now has search built into it. In fact, you don’t even have to have GBoard installed. As long as you’ve got the core Google App, the search extension will appear in iMessage’s app drawer.

These are small changes, but if you spend a lot of time texting, you’ll find them invaluable. Think back to prior text conversations you’ve had. There have probably been a number of occasions when you found yourself wishing you could do a quick search on whatever topic you were talking about.

It’s great to see these kinds of changes as the cellphone market continues to grow. When the iPhone first burst onto the scene, apps were few and far between. Now, not only are there untold thousands of apps on the market, but they are becoming increasingly integrated. That’s very good to see.

Credit Card Breach Hits Two Large Companies

Delta Airlines and Sears Corporation have both been notified of a data breach that has exposed the credit card information of some 100,000 Sears customers and “hundreds of thousands” of Delta customers.

Neither Delta nor Sears were breached directly. A live chat service called [24]7 (used by both companies), was breached, allowing access to Sears and Delta customer data including credit card numbers, CVV numbers, expiration dates, and cardholder names.

There are several wrinkles and interesting pieces of information that go hand in hand with this news.

First, if a customer has a Sears-branded credit card, their data was definitively not compromised. Second, according to [24]7, the breach of their system occurred on September 27, 2017, but the incident was not reported to either Sears or Delta until five months after the incident occurred.

Attempts to reach out to [24]7 to discover why it took them five months to notify their impacted customers have been met with silence. All the company will say about the matter is that the investigation is ongoing.

For their part, both Sears and Delta have been handling the fallout from the incident as well as can be expected. They’re in the process of notifying impacted customers, and free credit monitoring will be offered.

The key problem, however, is this: Since [24]7 waited five full months to notify Sears and Delta, any fraudulent charges that may have been made on customer credit cards have likely already been made. In addition, linking them to the breach at this point is going to be an uphill battle to say the least.

Security researcher Craig Young, who has been following the issue, had this to say:

“Time is a critical factor for preventing fraud whenever there is a breach of financial data. Delta has assured customers that they won’t be held responsible for fraudulent charges, but it seems likely that if fraudulent charges related to this have not already been identified, there is little hope they will ever be connected to this breach.”

Indeed, [24]7’s handling of the incident is a classic example of how not to handle an incident like this. Continue reading Credit Card Breach Hits Two Large Companies

Does Your Business Have A Cybersecurity Incident Response Plan?

If your company has an incident response plan that you can rely on in the face of a cyber attack, then you’re ahead of most of the world, according to research recently conducted by the Ponemon Institute. Shockingly, more than 75 percent of survey respondents from around the world admitted that they have no formal incident response plan. Even worse, half of the companies that indicated they had an incident response plan said that it was informal.

Curiously, given these statistics, 72 percent of organizations indicated that they were more resilient today than they were the year before. They also indicated a high level of confidence in their staff to respond appropriately to any problem that arose.

Given the stark reality and the ever-increasing number of attacks, that comes off more like bravado than genuine confidence. Ted Julian, the Vice President of product management of IBM Resilient (sponsor of the Ponemon Institute’s research) had this to say:

“Having the right staff in place is critical, but arming them with the most modern tools to augment their work is equally important. A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall cyber-resilience.”

This year, most of the provisions of a new piece of legislation, GDPR (General Data Protection Regulations) come into effect, and companies that don’t have a formal incident response plan by then could pay a hefty price. Even if that weren’t the case, the research concluded that the overall cost of a data breach was nearly a million dollars lower on average when companies were able to deal with the breach decisively and contain it within thirty days.

The bottom line is, if you don’t have one yet, now is the time.