Zoom Zero-Day Bug: Webcam Hijacking And Other Intrusive Exploits

Jason Cooley is Support Services Manager for Tech Experts.

Internet safety is always a concern and there are a large number of tools available to assist with that. Depending on how much security you need, you may need to run multiple pieces of software. Antivirus, antimalware, firewalls, and even 2-factor authentication are security measures all doing different things.

Even with all of these types of security layers in place, there is no such thing as guaranteed safety. You can be as careful as possible and avoid anything seemingly questionable, but one thing you can’t avoid are security exploits.

An exploit could be used to track a user’s history, and possibly even every keystroke. This could potentially send passwords for anything you enter on the computer.

Recently, Zoom, a video conferencing application, was discovered to have a severe vulnerability on the Mac platform. This exploit was a very simple one: a person attempting to access your webcam could send a legitimate Zoom meeting invite, but set with certain settings on a certain server.

When the link is clicked, even without accepting the invite, the client is silently launched, turning on the end user’s webcam. Even if the Mac user had uninstalled Zoom, the client would silently reinstall and launch.

Back in 2017, a much larger user base was at severe risk of an exploit that would allow hackers to silently install malware to take remote control of the user’s computer. The CVE-2017-11882 exploit was a flaw in Microsoft Office software.

If Office was installed, a Visa paylink email was sent, and when the user opened the word document attached, it launched a PowerShell command installing Cobalt Strike, granting remote control to whoever deployed it.

It was not long before Microsoft had a security fix rolled out, but if the software was installed prior to installing the security update, the remote control software would persist and have free reign on not only one computer, but also be able to travel through the network.

These vulnerabilities are discovered in normal software and have been found in Windows’ core system more times than you probably realize. Microsoft is typically quick to roll out updates when they have the power to fix the flaw, even if it isn’t their software. This illustrates the great importance of keeping Windows up to date.

Sure, if you are at work and have an IT team like the staff at Tech Experts, your updates are managed and prioritized. While some updates are optional or just good for a more user-friendly experience, important security updates should always be installed as soon as possible.

As Windows 7 updates come to an end this year, any of these types of exploits will remain unfixed. Switching to Windows 10 or replacing your computer is the only way to keep getting the latest patches for these intrusive exploits.

If you are already on Windows 10, make sure you have antivirus installed. As always, check your system regularly for updates and get help if you need it – your safety depends on it.

Small Businesses Are Under Cyber Attack

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Ransomware, crypto jacking and phishing are now the biggest threat to the survival of small- and medium-sized companies (not to mention large companies, local governments, and even the federal government). Here are some sobering statistics:

  1. Ransomware or hackers attack a business every 14 seconds in the United States.
  2. Sonicwall (a major firewall vendor) reported a 300% increase in the frequency of attacks in 2018.
  3. Ransomware attacks on healthcare organizations will quadruple by next year.
  4. The financial impact of ransomware attacks against small companies is predicted to reach $11.5 billion dollars in 2019.
  5. MOST ALARMING: 91% of cyberattacks begin with a spear phishing email, the most common way to infect a company with ransomware.

The threat landscape has changed significantly in the last 12 months. It used to be the reliability of our client’s backups and disaster recovery options that would worry me at night. [Read more…]

Mozilla And Google Boosts Anti-Tracking And Security

Jason Cooley is Support Services Manager for Tech Experts.

Internet security changes all the time and so does the variety of issues. We have to be sure to run anti-virus, watch out for infections and phishing, and regularly change our passwords just to start the process of being safe on the Internet.

There are people that spend time to create these viruses and other hidden or unwanted system modifications.

While their motivation may not be known (usually money), one of the hazards of using the Internet is dealing with the headaches these things can cause.

On top of regular infections, there are many data gathering processes that can run in the background of your system.

These can be gathering data to send to someone attempting to steal your information. There are also websites that gather data when you visit, login, or create an account.

While there are instances where gathering data is used maliciously as I mentioned, it is also something legitimate sites can be guilty of. In 2019, you may have heard of sites like Google and Facebook gathering information, but what and how much are they gathering? What can you do about it?

Earlier this year, the International Computer Science Institute investigated Google and the Applications linked with its Playstore.

Applications downloaded from Google and the Playstore can gather data, and that can be used to create your Advertising ID. This ID is unique, but is and can be reset.

Many applications were also linking that Advertising ID with the hardware IDs of a device, such as the MAC address. This is forbidden as it allows the data to be permanently stored, even when you erase your history and erase the application data. Google is addressing the issue and already forcing some applications to change its data gathering process.

Google is also stepping up security for mobile devices in another way. Users that are familiar with Chrome and its password storing may know the browser version of Google can suggest a strong password.

This is now coming to mobile devices as well, which will sync security across all devices, prompting you to use a strong and unique password when it is determined your password is weak or frequently used.

Facebook may be the king of data harvesting. I am sure many of you have searched for something on the Internet, then noticed ads on Facebook showing that item. This is part of targeted advertising done by Facebook.

Facebook has the ability to follow you around the web, checking your browser habits and collecting user data anytime you are on a site with a Like or comment section from Facebook attached.

Mozilla Firefox introduced the Facebook Container extension for its browser last year, which keeps Facebook isolated.

While it has been out for awhile, 2.0 was just released, which blocks those sites with the Facebook links from gathering information.

Firefox is stepping up the anti-tracking to another level as well. The browser debuted its new “Enhanced Tracking Protection.” Mozilla teamed up with Disconnect, an open source anti-tracking program to create this new protection that blocks over 1,000 third party websites from gathering data while you browse the Internet.

This feature is enabled by default once the browser is updated to its newest version.

Some may not worry about their privacy online, but for those who do, it’s time to update.

How To Save Your Business From Phishing Scams

Workplaces today are filled with computers and machines, but just as these workstations optimize efficiency and profit, they also increase the possibility of attacks designed to steal, destroy, or corrupt your data through the use of malicious programs.

The most probable avenue for these malicious programs is through phishing scams. To understand how to stop these attacks, you must first understand what a phishing scam entails.

A phishing scam is an attempt for someone to steal sensitive information or install malware onto your PC by tricking you into clicking a link, opening an attachment, or providing personal information.

Although these attacks use tactics that trick people every day, you can stay safe by staying smart. Through time and practice, it can become easy to spot a phishing attack and keep your PC and personal information safe.

If you receive an email containing a threatening message, usually one demanding immediate action, it is probably a phishing scam. Most of these messages try to trick users into clicking a link or opening an attachment with threatening messages like, “Your account has been compromised! You are no longer protected! Click here to protect your account!”

Once you click the link, though, you are redirected to a phishing site.

Another example may be what seems to be an email from your boss’ boss demanding sensitive information to complete company documentation. Always beware when you see a threatening or demanding message.

Another indicator of a phishing scam is an unfamiliar email address or domain name. Some scammers may use domain names or email addresses similar to your normal contacts, but they will never be the same. If you notice an inconsistency, report the email.

Phishing scams can also normally be identified by the sender’s grammar skills. Here is an example from a phishing email: “Click here to cancel this request, else your öffice 365 accöunt…” Terrible grammar and unfamiliar characters as shown here are indicators of a scam.

Lastly, be wary of any request for any type of personal or sensitive information whatsoever, even if it initially seems to be from a trustworthy source.

Even if it does not show any other signs of being a phishing scam, always double and triple-check the authenticity of the request.

If you do stumble across a phishing scam, your best course of action would be to delete the email in question without opening any attachments or clicking any links.

In addition, you should report the incident to your superior or your IT service provider. If a phishing attack happened to you, it can happen to your coworkers as well.

Giving sensitive company information away to a scammer is the last way you want to start your week.

Their tactics are always changing, so the best way to fight attacks like these is through education and awareness rather than programs or filters. Remember the red flags of a phishing scam, and you will have no problem keeping your business safe and secure.

How To Reduce Pop-Ups And Other Browser Best Practices

Jason Cooley is Support Services Manager for Tech Experts.

One of the most annoying things about browsing the web are pop-ups. Depending on your browser, your ability to limit or block pop-ups is probably built-in. If it’s not, there is definitely an extension for that purpose.

There are also other ways to ensure you have the best and fastest browsing experience possible.

Before we get into which browsers have which kind of pop-up blocker, let’s examine a fact. Pop-ups are annoying, but not always intrusive or unwanted.

There are instances where I need a pop-up from a site as it may be an internal page that has been requested or a log-in box. This can be frustrating as we may not know a pop-up is coming from a link. It may appear that nothing has happened.

So how do you know? The best practice and safest way is to allow pop-ups from sites you trust (as needed).

Say you’re on your banking site and you click log-in. Normally, a pop-up log-in box is displayed, but nothing happens. The pop-up has been blocked.

In the browser, you can enable this webpage to allow pop-ups, thus restoring your access and keeping you secure in the process.

In addition to pop-ups, users must also be on the lookout for pop-under windows. These are typically pages that open with other pages, like a tag along. They also frequently occur when attempting to leave a web page. They pop underneath other windows, hence the name. In most cases, pop-up blockers will stop most pop-unders.

So what about the browsers? Well, let’s just cover the Big Three: Chrome, Edge, and Firefox.

These browsers all come with a built-in pop-up blocker – all of which can be enabled in the settings page of the browser.

In most cases, these will do what you want them to: stop pop-ups. However, there are some instances where pop-ups or pop-unders make it through. There are third party extensions for most browsers that will typically offer more security.

Now that these pop-ups are handled, what else can we do to make a better browser experience? There are a few things you can do to perform sort of “maintenance” on your browser.

Clearing your cache (stored data) can help a website that doesn’t want to load very quickly. Most people know about clearing your browsing history, but there are other clean-up methods available.

There are a few different types of stored data associated with browser use. Some of this is background information, temporary data, passwords, and preferences. You can choose which parts to remove, so you can still keep your saved information without having to reenter it.

Another quick and easy tune up process is to remove any unused browser extensions. This can help with basic browser speed and performance.

Maintaining a generally healthy system is also a key to browser speed. Malware and adware can often specifically affect browsers. Any malware affecting the entire system would affect your browsing speed as well.

The best practice you can have is to use a strong antivirus and scan your computer regularly. There are many factors at play and paying attention to all of them is key to the best browsing experience.

Inside The Anatomy Of The Human Firewall

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Each year, around 61% of small businesses become the victims of a malware attack. While many small businesses may think no one would ever come after them because of their size, know that over half of the total global attacks hit small businesses and, for thieves, getting access to your systems is becoming increasingly lucrative.

Companies collect more about customers than ever before: medical history, financial records, consumer preferences, payment information, and other confidential information.

Some of this information could be used in malicious ways to either harm your business or directly harm the customers, so we all understand that we must protect it from cyberattacks.

Creating a human firewall is the best way to keep your system and data safe, but what exactly is a human firewall, why do you need one, and how can you build one? Let’s take a look! [Read more…]

How Google Password Checkup Can Protect Your Data

Jason Cooley is Support Services Manager for Tech Experts.

While the terminology between a data breach and data leak may not seem very important, being prepared to react to compromised data is. Let’s start with knowing the difference between a breach and a leak.

A data breach is an unauthorized intrusion into any private system to access any sensitive data. Data breaches are typically the work of hackers.

A data leak may result in the same end game scenario, but differs greatly in that a leak is data left exposed or accessible, often accidentally.

While the hope is that you are protected and that your passwords are all secure, this realistically isn’t the case. You can have the strongest password possible, but depending on what information may be sold or accessible, the security can be entirely out of your hands.

Worse, a breach or leak won’t always make national news or show signs of unauthorized access.

If you see an out of state charge on your debit card, you’ll have a good idea that you didn’t make the purchase and suspect that you’ve been compromised. In the case of seeing unauthorized charges, the issue is clear.

However, say your email is compromised. It isn’t so obvious.

Perhaps the person with your credentials will monitor for a time in order to find valuable information on you or others.

There are so many ways to be compromised and so many types of information that someone with access to your account may be looking for.
In the past, I have used a few different websites to periodically check. This is obviously problematic, as reputable sources for compiling breached information are not overly abundant.

Being an IT professional, I felt comfortable looking for these sources. I do not recommend the same for just anyone.

Luckily, you no longer have to search to find any potentially compromised accounts. Google’s new extension “Password Checkup” is here to help.

Google Password Checkup is a browser extension that alerts you to any potentially compromised accounts.

While the browser extension is installed and enabled, it checks any account you log into using Google Chrome.

Now, this is not a foolproof protection blanket. While this is a great tool, it only checks against any data breaches that Google is aware of.

These are the same type of searches I mentioned earlier. While I would have to search before, Google Chrome can handle the work here.

If there is potential that your account is compromised, you should ensure you take steps to recover the account and change the passwords.

While there is no surefire way to remain safe, stay diligent. Remember to make sure your computer isn’t compromised by regularly running your anti-virus software.

Much like you lock your door at home, make sure you are taking care of your personal information.

Using Google’s Password Checkup is a great start, but it’s only a start. Change your passwords regularly and keep them unique.

A passphrase is a great way to have a password that is easy to remember but difficult to guess.

What Are The Top Cybersecurity Trends For 2019?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Several events in 2018 brought cybersecurity to the forefront of public consciousness, as major sectors– from financial institutions to Facebook– were affected by cybercrime.

According to Forbes, 34 percent of US consumers had their personal information compromised in 2018. Security experts and business leaders are constantly looking for ways to keep two steps ahead of hackers.

Cybersecurity trends for 2019 are a popular topic. Here is what’s anticipated this year in the cybersecurity realm.

Tougher regulations
As digital capabilities are rapidly gaining a worldwide foothold, data is becoming our most highly-valued commodity. [Read more…]

Can Anyone Really Track Your Phone’s Precise Location?

It’s 2019 and everyone willingly carries a tracking device in their pockets. People can have their precise locations tracked in real time by law enforcement, the government, and advertising companies. It may sound like dystopian fiction, but it’s a reality.

How law enforcement can track your location
AT&T, Sprint, and T-Mobile all sell data — including geographic locations associated with customer phone numbers — to a variety of sketchy third-party companies. This data, for instance, can be used by the bail bond industry to track people down, sometimes as accurate as a few hundred feet of their location. There’s not much oversight and rogue bounty hunters have access to the data. And this isn’t even a new problem.

Back in May 2018, The New York Times reported that this could happen. After the story broke, cellular carriers promised to do better. AT&T, Sprint, and T-Mobile have all promised to stop selling this data to aggregators. And it appears that Verizon already stopped before the New York Times story.

How the government can track your location
It’s worth emphasizing that the government itself can still get access to your location data from your cellular company. They just need to get a warrant, then serve that to your cellular service provider.

If the technology exists, the government can get access to it with a warrant. It is quite a change from decades ago when the government had no way to track people’s real-time locations with a device that’s nearly always on their person.

The government doesn’t even need to get your cellular company involved. There are other tricks they can use to pinpoint your location with even better accuracy, such as by deploying “stingray devices” near you. These devices impersonate nearby cellular towers, forcing your phone to connect to them.

How advertisers can track your location
It’s not just your cellular carrier. Even if your cellular carrier perfectly safeguarded your data, it’d probably be very easy to track you thanks to the location access you’ve given to apps installed on your smartphone.

As innocuous as they may seem, Weather apps are particularly bad. You install a weather app and give it access to your location to show you the local weather. But that weather app may also be selling your data to the highest bidder. You likely didn’t pay money for your weather app, so the developers will need to make money somehow to keep the lights and servers on.

The city of Los Angeles is currently suing the Weather Channel, saying that its app intrusively mines and sells its users’ location data. Back in 2017, AccuWeather was caught sending its users’ location data to third-party advertisers — even after updating the app to remove that feature.

It’s best to avoid giving third-party apps access to your location. Stop using third-party weather apps and use your phone’s built-in weather app instead.

How your family can track your location
Your phone is capable of determining its location and sharing it in the background, even if the screen is off.

You don’t need to have an app open. You can see this for yourself if you use a service like Apple’s “Find My Friends,” which is included on iPhones. Find My Friends can be used to share your precise real-time locations with family and friends. After you give someone access, they can open the app, and Apple’s servers will ping your phone, get your location, and show it to them. Of course, this is only with your permission, but it just shows how pervasive this technology is.

Inside The United States Of Cybersecurity

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Last year, Alabama and South Dakota passed laws mandating data breach notification for its residents.

The passage meant all 50 states, the District of Columbia and several U.S. territories now have legal frameworks that require businesses and other entities to notify consumers about compromised data.

All 50 states also have statutes addressing hacking, unauthorized access, computer trespass, viruses or malware, according to the National Conference of State Legislatures (NCSL). Every state has laws that allow consumers to freeze credit reporting, too.

While those milestones are notable, there are broader issues when it comes to legislative approaches to cybersecurity across the United States. There are vast discrepancies and differences among states when it comes to cybersecurity protection. [Read more…]