Tag: Branding

Hackers Zone In On Microsoft Products To Attack

Congratulations to Adobe Flash Player for not being the software most targeted by hackers.  Security vendor “Recorded Future” has just published their annual list of the software hackers most commonly focus on when targeting computers and handheld devices for attack.

For the last several years, Adobe’s Flash Player has topped the list, but this year they have been dethroned.  Microsoft now has the embarrassing honor. There are multiple Microsoft programs on this year’s list, with some of them having exploits that date back more than a decade.

It’s a shameful honor to say the least, and even worse, in this year’s report, Microsoft captured seven of the top ten places.

The most often abused security flaw this year was CVE 2017-0199.  Found in a variety of Microsoft Office products, the flaw allows a hacker to embed and execute VBS (Visual Basic Scripts) that contain Powershell commands into an Office document.  Recorded Future has found exploit kits for sale on the Dark Web that automate the process going for between $400 and $800.

Hot on the heels of the #1 entry is CVE 2016-0189, which is one of a whole raft of Internet Explorer vulnerabilities that allow hackers to take unfettered control of a victim’s PC, laptop, or smartphone. It is one of the reasons Microsoft has moved away from IE in preference for Microsoft Edge.

Despite this dismaying news, Recorded Future notes that attacks via exploit kit are down significantly, with a staggering 62 percent drop in new variants.

The report’s author, Scott Donnelly, had this to say:

“The observed drop in exploit kit activity overlaps with the rapid decline of Flash Player usage.  Users have shifted to more secure browsers and attackers have shifted as well.  Spikes in cryptocurrency mining malware and more targeted victim attacks have filled the void.”

Despite the shifting landscape, the central lesson is clear.  Hackers tend to take advantage of known exploits.  Companies that keep their software properly patched dramatically reduce their chances of being targeted.

Most “Wannacry” Hacks Were On Windows 7 Machines

Last year’s Wannacry attack was bad, but in many ways, it was a self-inflicted wound.  According Webroot’s recently published “Annual Threat Report,” almost all of the machines that succumbed to the Wannacry attack were running Windows 7.  That attack is estimated to have caused in excess of $4 billion in total losses.

The central problem is that businesses have been much slower than individuals to make the shift from Windows 7 to the much more secure Windows 10.  For example, in January 2017, only one Enterprise computer in five was running Windows 10, a figure which climbed to 32 percent by year’s end.

Contrast that with the number of Enterprise computers running Windows 7.  In January 2017, a staggering 62 percent of Enterprise computers were still running Windows 7.  That figure declined as the year went on, but only marginally, dropping to 54 percent by the end of the year.

Meanwhile, Windows 8 was running on 5 percent of Enterprise computers in January 2017, and had dropped to 4 percent by the end of the year.  Windows Vista and XP both represented a tiny fraction (less than 1 percent) of Enterprise OS’s.

Contrast that to the Windows 10 migration figures for individuals.  In January 2017, 65 percent of home users had made to switch to Windows 10.  By the end of the year, that figure had grown to an impressive 72 percent.

A Webroot spokesperson had this to say about the report:

“While Windows 10 won’t solve all security woes, it’s a step in the right direction.  Combined with advanced endpoint protection that uses behavioral analysis and machine learning, adopting Windows 10 can greatly reduce enterprises’ vulnerability to cyber-attacks.”

All that to say, if you haven’t moved away from outdated operating systems at your company, this is yet another compelling reason to do so immediately.  No matter what legacy systems you may be running that rely on old OS’s, it’s just not worth the risk.

Microsoft Is Issuing Surface Book 4 Replacements

Do you own a Surface Book 4?  If you do, you may have been unfortunate enough to get one that suffers from a peculiar screen flickering issue.  It’s not known exactly how many Surface Book 4’s have been affected by the issue, but thousands of angry users have been comparing horror stories about it on various discussion forums around the web.

For their part, Microsoft has been very slow to even acknowledge the existence of the issue, even though there are some user videos showing the screen flicker in real time. In addition, there are videos of various crude hacks and workarounds owners have been using to get the screen to behave normally. These have included popping their computers in the freezer or running a hair dryer over them.  Even when these “fixes” worked, they only worked for short periods of time.

Finally, the company has officially acknowledged the problem, and have now begun offering to replace the units for anyone dealing with “Flickergate.”  Sadly, it’s too little, too late for some frustrated users, who have shelled out an average of $450 to replace the problematic screens on their own.

If you have a Surface Book 4, are dealing with the aggravating screen flicker issue and haven’t replaced it on your own yet, stop by Microsoft’s website and follow the prompts to see if you qualify for a replacement.

Over the past couple of years, Microsoft has done a good job at demonstrating nimbleness and responsiveness to customer complaints, which makes their handling of Flickergate more than a little disappointing.  Our hope is that in the months ahead, whatever shape or form the next issue the company faces might be, they’ll return to recent form and be much more responsive than they were this time around.

Apple May Soon Say Goodbye To Intel Chips

Rumors have been circulating for years that Apple has plans in the works to cut Intel and their chips out of the equation, in preference for using their own custom chips in its laptops and desktop computers.  Their iPhones and other devices already use custom chips, and according to the latest buzz, the move is designed to foster seamless interaction and cross-compatibility across the entire Apple ecosystem.

Back when such rumors initially began circulating, it was believed that the driving force behind Apple’s desire to cut Intel out of the equation was simply that they were looking to increase their profits.  Under the conditions of the current arrangement, Apple pays 5 percent of its profits to Intel in exchange for use of that company’s chips.  That, combined with the fact that using Intel chips makes it relatively easier for competitors to copy Apple’s innovations combines to create a compelling reason.

Nothing has come of those rumors for more than a decade, but the most recent iteration of the rumor may have some teeth to it. This is considering Intel’s ongoing troubles with the Spectre and Meltdown vulnerabilities that impact all Intel chips made during the last decade.  Put that together with the above, and suddenly it seems like Apple has a lot of incentive to want to make a change.

The company’s stock took a hit on the heels of the rumor, but most in the Apple community feel it would be a net benefit to the company.  Not only would it give their products a competitive edge, but it would also allow Apple more control over their product development roadmap and ecosystem.

A recent Bloomberg report notes that Mac Pro laptops are slated to begin shipping with an Apple proprietary chip in the place of Intel’s hardware beginning next year.  In addition, according to the latest buzz, Apple plans to complete the transition across their entire product line by the year 2020.

More information on this topic as it becomes available.

Now Is A Good Time To Upgrade To SSD Drives

If you’ve been considering swapping out some of your old HDDs to SSDs, now is a great time to do so, thanks to the convergence of two factors.

First is the fact that the manufacturers of SSDs have been  making strides in terms of increasing the capacity of the drives they’re offering. They are doing this while simultaneously offering other enhancements that reduce data duplication, making their products faster and more efficient than their HDD counterparts.

Second is the fact that there is currently a dramatic oversupply of memory chips, which has been allowing SSD manufacturers to lower the prices of the products they’re selling.

According to a recently released report from DRAMeXchange:

“The oversupply will continue in NAND Flash market, where suppliers face the pressure to consume production capacity.”

The company is anticipating that the average price of enterprise PCIe SSDs and SATA SSDs could fall by ten percent or more over the course of the next quarter.  Further, the firm notes that the enterprise SSD market has been growing at a blistering pace.  This year, they expect that the sales of SSDs will top 30 million units, up from less than 20 million just last year, and the company expects a similar rate of growth for at least the next three years.

It seems that businesses of all shapes and sizes are enthusiastically lining up behind SSD technology, and with good reason.  Not only are the prices increasingly attractive, but manufacturers are really going the extra mile by offering a raft of new capabilities, in addition to more overall storage capacity.

Obviously, this convergence of factors won’t be long-lived, so if you’ve been planning to upgrade your equipment, now is the time to do so before the winds change direction and prices start to increase again.

You Can Now Search Google From iMessage With App Download

There’s a fun, new update for Apple’s iMessage app that will probably make lots of power users happy.  As long as you also have Google’s iOS app installed, you’ll be able to perform Google searches from within iMessage itself.

In order to make it work, you’ll have to go into the app drawer (App Store icon) and enable the iMessage extension.  Once enabled, all you have to do to use Google search is to tap on the Google shortcut icon to get the search box.  Even better, the update includes shortcuts for watching trending YouTube videos, scoping out nearby restaurants, checking out local weather conditions, and even a handy GIF search.  There’s also a quick news search option.

If you search for restaurant recommendations, the new app makes the results easy to share in the conversation you’re having. Although curiously, this feature doesn’t carry over to YouTube videos or news.  Even so, it can be situationally useful.

In a similar vein, Google’s keyboard app, “GBoard” also now has search built into it.  In fact, you don’t even have to have GBoard installed.   As long as you’ve got the core Google App, the search extension will appear in iMessage’s app drawer.

These are small changes, but if you spend a lot of time texting, you’ll find them invaluable.  Think back to prior text conversations you’ve had.  There have probably been a number of occasions when you found yourself wishing you could do a quick search on whatever topic you were talking about.

It’s great to see these kinds of changes as the cellphone market continues to grow.  When the iPhone first burst onto the scene, apps were few and far between.  Now, not only are there untold thousands of apps on the market, but they are becoming increasingly integrated.  That’s very good to see.

Credit Card Breach Hits Two Large Companies

Delta Airlines and Sears Corporation have both been notified of a data breach that has exposed the credit card information of some 100,000 Sears customers and “hundreds of thousands” of Delta customers.

Neither Delta nor Sears were breached directly. A live chat service called [24]7 (used by both companies), was breached, allowing access to Sears and Delta customer data including credit card numbers, CVV numbers, expiration dates, and cardholder names.

There are several wrinkles and interesting pieces of information that go hand in hand with this news.

First, if a customer has a Sears-branded credit card, their data was definitively not compromised.  Second, according to [24]7, the breach of their system occurred on September 27, 2017, but the incident was not reported to either Sears or Delta until five months after the incident occurred.

Attempts to reach out to [24]7 to discover why it took them five months to notify their impacted customers have been met with silence.  All the company will say about the matter is that the investigation is ongoing.

For their part, both Sears and Delta have been handling the fallout from the incident as well as can be expected.  They’re in the process of notifying impacted customers, and free credit monitoring will be offered.

The key problem, however, is this:  Since [24]7 waited five full months to notify Sears and Delta, any fraudulent charges that may have been made on customer credit cards have likely already been made. In addition, linking them to the breach at this point is going to be an uphill battle to say the least.

Security researcher Craig Young, who has been following the issue, had this to say:

“Time is a critical factor for preventing fraud whenever there is a breach of financial data.  Delta has assured customers that they won’t be held responsible for fraudulent charges, but it seems likely that if fraudulent charges related to this have not already been identified, there is little hope they will ever be connected to this breach.”

Indeed, [24]7’s handling of the incident is a classic example of how not to handle an incident like this. Continue reading Credit Card Breach Hits Two Large Companies

Coca Cola Breach Proves Employees May Be Significant Threat

<img class=”alignnone size-full wp-image-7918 alignleft” src=”https://www.securepc-wi.com/wp-content/uploads/2018/07/coca-cola-resized.jpg” alt=”” width=”300″ height=”225″ />Coca-Cola is the latest company to fall victim to a data breach.  Unlike some of the others that have recently made headlines, however, this one was conducted from within.

In September 2017, an employee at one of the company’s subsidiaries stole an external hard drive containing personal data belonging to more than 8,000 company employees.  Law enforcement officials notified the company when the drive was confiscated, but urged them not to make a public announcement regarding the incident until their investigation had been concluded.

Coca-Cola complied with this request, which is why we’re only hearing about it now.  Once the company got the green light from law enforcement, they notified all impacted personnel via a letter, which included::

“Our investigation identified documents containing certain personal information for Coca-Cola employees and other individuals that was contained in the data held by the former employee.  We do not have any information to suggest that the misappropriated information was used to commit identity theft.”

As is becoming standard practice in the aftermath of such incidents, the company also announced that it would offer one free year of identity monitoring to the people impacted by the breach.

This latest announcement serves to drive home one of the main points made in a recently conducted survey, “The Global State of Information Security Survey 2018,” which concluded that insider threats are one of business’ top security concerns.

This breach is significantly smaller in both scope and scale than some of the others we’ve seen so far this year.  However, the company is still suffering backlash, which has impacted both the trust of its employees and the company’s stock price.  As of now, the company’s stock price is down nearly 4 percent over the last three months, with additional losses likely in the near term.

Microsoft Helping With Ransomware In Office 365

Microsoft recently made small but significant changes to its Office 365 subscription service and to OneDrive, which are often used in tandem.  The goal is to make it easier for users whose files have been encrypted by ransomware (or otherwise corrupted) to recover them.

The most significant of the changes is a new button that Office 365 users will see a new “File Restore” function in both applications.  If you’ve saved your Office 365 files to OneDrive, you’ll be able to restore files in a thirty-day window.  In the event that your files are accidentally deleted or corrupted, getting them back is as simple as pressing the button and selecting the files to be restored.

That’s a huge win for Office 365 and OneDrive users, but there’s more.

The additional changes include:

  • A mobile alert sent to the phone number you select, which will inform you if your files may have been encrypted or otherwise tampered with
  • Support for end-to-end email encryption in their mail service (Outlook), including the web version of the mail app
  • Office now scans all links embedded in PowerPoint, Excel and Word documents to check if they point to malicious content on the web
  • All file attachments and links embedded in emails are now scanned for known phishing threats and viruses
  • Outlook.com now gives users the ability to prevent email recipients from forwarding your emails
  • The ability to password protect OneDrive shared links

That last one is also significant, and is a feature that OneDrive’s user base has been clamoring on about for quite some time.  OneDrive has made it incredibly easy to share files via a link-based system, but unfortunately, never offered users a way to secure those links.  That, thankfully, has now changed.

Individually, all these changes are quite good, but taken together, they represent a significant step in the right direction.  Kudos to Microsoft for taking the threat of ransomware so seriously, and adding specific features to help protect their users.

Passwords May Be Dead Soon If Microsoft Gets Its Way 

Karanbir Singh (a program manager at Microsoft) is on a mission:

Kill the password.

As he said in a recent blog post:

“Nobody likes passwords.  They are inconvenient, insecure, and expensive.  In fact, we dislike them so much that we’ve been busy at work trying to create a world without them–a world without passwords.”

The company’s stated goal is to make it possible that an end user will never have to bother with passwords on a day to day basis and would instead provide credentials that are virtually impossible for hackers to crack or breach.

To accomplish this goal, the company is looking at a number of options, including biometrics and multi-factor authentication schemes.

Singh notes that this isn’t just blue-sky thinking, either.  Already, more than 47 million users and more than five thousand businesses are utilizing “Windows Hello for Business.”  Another solution currently in use is the Microsoft Authenticator app, which allows users to access their Microsoft accounts via their smartphones.

Additionally, as part of the Windows 10 update issued in April (2018), any user with a Managed Service Account or Azure Active Directory can now access their Windows 10 PC without having to enter their password, via the authenticator app and Windows Hello (provided that S-mode is enabled).

The company is also taking advantage of the newly ratified Fast Identity Online (FIDO2) security protocol, and is in the process of updating Windows Hello to enable secure authentication across a wider range of scenarios.  For example:  The company is currently working on a proof of concept for shared PCs that will allow users to log on via FIDO2 security keys, which will allow employees to carry their credentials with them.

They envision a scenario in which any user can simply walk up to any device the organization controls and authenticate without ever having to enter their username or password. This would be especially useful for analysts, help desk personnel, and anyone working in the medical profession.

Obviously no firm timeframes have been given, but as mentioned, some of these technologies are already in use and will be refined in the months ahead.