TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

vulnerabilities

Windows Updates: Allow Them, Don’t Block Them

Ron Cochran is Help Desk supervisor for Tech Experts.

One of the first things you should do when purchasing a new computer (or rehabilitating an older computer) is to make sure the operating system is up-to-date with the latest security patches. In some cases, people disable the automatic updates and this can cause a whole host of issues.

Microsoft regularly puts out security patches, as well as other patches for their software. These patches are applied through the automatic update process. When that process is disabled, this means your computer hasn’t received the latest updates from Microsoft. Because your updates are halted, the system vulnerabilities that Microsoft engineers have found have not been repaired on your system.

You may remember the WannaCry Ransomware attack or, by now, heard of the most recent news of the Intel CPU flaw with Meltdown and Spectre. These two vulnerabilities, if exploited, can wreak havoc on an affected computer.

An affected system could suffer circuit issues, data corruption, system instability, and even data theft. There are always going to be people doing nefarious things when it comes to computers and the Internet, but the engineers behind your operating system and your antivirus company will always be on top of a fix for the vulnerability as soon as it is discovered.

Did you know that Microsoft releases most Windows Update patches on “Patch Tuesday” – the second Tuesday of each month? This keeps automatic system reboots to a minimum and also assists managed service providers like Tech Experts in ensuring that all of their clients’ servers and workstations have the latest software and security patches installed.

At home, you can set your Windows Updates to the “Automatic” option. That way, your system will automatically check for Windows Updates every 24 hours or so if the computer is connected to the Internet.

If you’re thinking to yourself, “I just use my home computer for browsing DIY pages, listening to music, and sending emails. Why would anyone want to get into my computer?,” reconsider how much personal information is actually stored.

It may seem as though your computer wouldn’t hold much useful information, but a hacker only needs a few passwords, an email address, phone number, and address to potentially gain access to cell phone accounts, shopping site accounts, tax information, and even banking and credit card accounts.

Even if the hacker isn’t looking for personal information like that listed above, they could still use your computer to send spam emails to other computers all over the world, slowing down your computer and Internet and causing a whole slew of issues for other computer owners.

Keeping your operating system up-to-date with the latest updates and security patches, keeping your anti-malware and anti-virus software updated and running on a regular basis, and adding robust security settings to your router and firewall will help keep all of these vulnerabilities behind closed doors. At least, until the software engineers can create and deploy the patches and updates to block access to them.

Important Aspects of Cybersecurity

Evan Schendel is a help desk specialist for Tech Experts.

In this age where dangers lie around every digital corner on your computer, what could possibly keep everyone safe and secure?

Cybersecurity experts are the first line of defense and are quite good at holding that line. These experts protect many fields ranging from hardware and software to sensitive data and financial information, even users themselves.

Hardware and Software

The maliciousness of viruses can cripple whole systems and a countless number of links or applications can deliver dangerous viruses or malware. These viruses and dangers evolve every day.

Hardware can be manipulated by vulnerabilities and exploitations as well. Without intention of frightening you, each part of your computer could be of interest to the right person, as the recent Meltdown and Spectre issues have shown. It isn’t simply your operating system or data that can be affected.

This constant cycle of attacker-and-defender leaves thousands of unfilled jobs for cybersecurity and the protection of devices. If these jobs were not filled or properly trained, computer systems across the world would fall prey to hackers. However, your device itself is not the only thing that can be harmed.

Sensitive Data and Users

When unauthorized hands gain access to personal information, it can lead to disaster. A person’s financial and personal data is important and the people who protect that data are far fewer than those seeking it out.

Anti-virus programs are made by people who know viruses well, often those who had created viruses or malware prior to their more noble ventures.

These should always stay updated and definitions for these pieces of software tend to be updated with frightening frequency. Staying up-to-date on malicious software and code is the only real method of stopping it, after all.

Systems administrators also have the need for people who can spot discrepancies or potentially malicious actions in their networks and keep standards up to snuff. Passwords and safety precautions must be set to a standard that is important to follow and uphold.

Information over the phone can also be an issue, as many users have trouble distinguishing a scammer from a legitimate caller. This is where education and prevention come in.

Educating people about how potential scammers may work is one of the most important aspects in preventing unsuspecting folks from giving their credit card information away, or worse.

Preventing these scammers from calling thousands of people a day is also of utmost importance, but requires experts and trained technicians (even the government, in some cases) to crack down on these cyber criminals.

Lastly, the most vulnerable aspect of a computer’s security is, unfortunately, the user. Tricky emails and legitimate-looking sites can be incredibly tough to distinguish from the original product. Most wouldn’t even suspect such an uncanny replication.

This is where user error molds with a criminal’s savvy nature. If this sounds unrealistic to fall for, then it’s even better, but more times than not, someone will fall for it – even the experts can be fooled by sophisticated trickery or maybe a simple lack of awareness. Luckily, if this is the first issue, the other sections can come into play and protect your systems and yourself from being subject to data loss or cyber-thievery.

Yahoo! And The Hack Heard ‘Round The World

Evan Schendel is a help desk specialist for Tech Experts.
In the age of Russian super-hackers and nationwide credit reporting agencies with pitiful security, what could be safe? One thing is for sure – not Yahoo!.

In September of 2016, Yahoo! released the news that 500 million accounts were hacked in the latter half of 2014. That news severely impacted Verizon’s business deal to buy them out, but they only lowered the price by $350 million USD to a total of $4.48 billion USD.

Three months after this business deal was done and the prior hack had been announced, Yahoo! let the nation know that approximately 1 billion accounts had been hacked in 2013. Verizon was not pleased, to say the least.

Just recently, Yahoo! released even more grave information.

In the earlier part of October, Yahoo! bumped the number of affected accounts up to 3 billion. This estimate encompasses every single Yahoo! account, including its subsidiaries like Tumblr and Flickr. That is a lot of data – and if you had any accounts (even unused) linked to these websites dating back to 2014, you could have even had the information sold.

The cybersecurity firm InfoArmor has reported some of this information has been sold on the dark web, a small part of the web not indexed by search engines.

The group selling this information has sold the data to three sources, two of which are known spammers. All paid upwards of $300,000 USD.

With this information, reused passwords from past accounts can be the largest risk, as many people recycle the same password(s) for all of their various online accounts. While no financial information was stolen, security questions, dates of birth, and backup emails were taken.

All of this can be used for not only breaking into the Yahoo! account in question, but also any other accounts with similar information.

A good course of action from here on would be to, as you should, never reuse passwords, and change any existing passwords you feel might be in danger. Ensure that no shady happenings have occurred with any accounts, up to and including bank accounts.

The information sold was reportedly utilized to spy on a range of US White House and military officials, alongside Russian business executives and government officials.

With this information kept in mind, a document was released stating that four men were indicted, two of whom were Russian intelligence officers working for the Russian Federal Security Service. Which is, ironically enough, an agency dedicated to aiding foreign intelligence agencies track cybercriminals.

To finalize, remember to keep safety measures on all your accounts and protect yourself from email fraud or spam to the best of your ability. Only sign up for accounts on legitimate websites and, when you do create an account, use a unique password for that site. For sites with sensitive information, elect to use two-factor authentication when possible.

That way, when a company’s security is pushed back in lieu of other things, you can serve as a second defense for yourself.

Is Your Network Due For A Security Audit?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Businesses always face security risks from a variety of different sources.

Performing a security audit can help you to identify where you have exposures, develop a better understanding of the security policies and controls you have in place, and catalog your IT assets.

This article presents a quick and simple guide to performing a robust security audit that will help safeguard your organization against risks.

Define the physical scope of the audit
The first major task involves determining exactly what you will audit.

For example, you may wish to focus on business processes, such as financial reporting, or asset groups, such as a specific branch office. [Read more…] about Is Your Network Due For A Security Audit?

Anti-Virus: It’s Worth Protecting Yourself

Ron Cochran is a senior help desk technician for Tech Experts.

You can have any machine — from the latest and greatest, to the old dinosaur in the corner — but if you don’t have virus protection, your latest and greatest machine might soon run like that dinosaur in the corner.

All of your sensitive images, documents, billing information, and passwords are subject to infection. No matter how careful you are, there is always something that slips through the cracks.

Often, users say, “I have such and such subscription,” or “I don’t click on anything I don’t know,” but the people spending countless hours causing havoc on computer users will always find new and sneaky ways to infect computers.

Viruses can be attached to images or links on websites. They can also be renamed to look like something that you should install. Once inside your computer, they are hard to track down even by a seasoned computer technician.

Viruses very rarely remove anything from your computer. Instead, they have a tendency to add things that can record your activities on your computer. A person could install a silent program that will start recording your keystrokes triggered by keywords; it can also take a screenshot or record email addresses and passwords. Most of the time, they don’t need to even gain access back to your computer to report the data.

They can have an email sent from your computer and Internet connection without you knowing it. That email, secretly sent from you to them, would contain your information (keystrokes, clicks, etc.).

By now, you have heard of the “crypto virus” and all of its variants. There are many solutions out there, but select few offer “zero-hour” infection reversal, however it’s something that businesses can especially benefit from. Let’s say you accidentally encrypt your machine; it would then be inaccessible until you pay the ransom to unlock your files.

Protection that offers infection reversal can revert your system back to its state right before you were infected and it would be like you never infected by the virus at all. This feature is part of Webroot Secure Anywhere, which is something we can provide.

Viruses not only help people steal your data, but they can also delete or corrupt files, degrade system performance, and make your computer run slower.

Viruses can also prevent programs from working and they can use your email to send out copies of itself to your contacts and other users. Sometimes, they can disable your computer from starting up by corrupting your BIOS firmware.

A couple of the main things that you’ll notice once you’re infected is that your system could run slower and you’ll receive all kinds of fake pop-ups, ads, warnings from “Microsoft,” etc. These type of files are referred to as “scareware” and the makers feed on the fear that you might lose your data, so you’ll pay them to “unlock” your system or “remove” the virus.

Again, we go back to protection. If you had virus protection, then it’s likely that would stop it before it even established itself inside your computer.

There are a few things you should do, if you haven’t already: get some sort of whole computer protection (such as Webroot), have restore points saved on your operating system, have a backup of your operating system install saved on some sort of external media, and save your documents, pictures, and videos to an external source.

When you find yourself in a predicament where you have to wipe an entire computer to remove an infection, you’ll be glad you took the time to prepare for the worst.

Anti-Virus Advice For Your Small Business

Brian Bronikowski is a field service technician for Tech Experts.
Anti-virus has always been a major concern for users at all levels. From trojans and keylogging programs, to ransomware and malicious software, there is always a new threat on the table.

When we purchase an anti-virus software, there is a certain feeling of security we expect to have, that there is no worry when it comes to those malicious attacks. That’s what the money goes towards. The problem is that sometimes anti-virus actually does quite the opposite.

In a recent study, household name Symantec (Norton) was labelled with multiple critical vulnerabilities that in fact make the system less secure than if it was running without an anti-virus program.

One would hope that a company of this size would be able to resolve these before they’re discovered — or at the very least, promptly look for ways to clean up their act. Unfortunately, Symantec wanted to put on the brakes and wait before patching these flaws that affect every product associated with the company.

Most of the affected systems have been patched since the first reports from June. When you see a report like this and pair it with the performance-degrading effects large anti-virus companies impose, it becomes a simple question: what do you do?

There are a multitude of protection software on the Internet and in-store. Some of these will go back and forth in terms of highest rankings. Some are big brands that are pre-installed on most computers. Others are less well known, but gaining ground. It’s all about finding the right one for you.

More often than not, we will see the likes of McAfee and Norton on systems. These are loaded for you when you buy a new system and will start as a trial. Users will often purchase the system instead of going through the arduous task of properly removing an anti-virus program.

The problem here is that generally the user will purchase whatever is “recommended” which will often be an entire security suite. These will bring a low-end computer to a halt and greatly degrade the mid-range and higher end computers.

It is important to stay away from the big names like these as there is little innovation and plenty of flaws. Some of these flaws may be performance alone and others are security flaws.

Some of the lesser known programs are often times a good alternative. With these, it’s always good to look at any recent vulnerabilities or complaints users have had.

Some protection systems have deleted files or overwritten system files in the past. Research is important for these situations. That said, common free programs, such as AVG and Avast, are found on millions of systems.

Keep in mind, most free protection softwares have one catch or another. Spam-like interfaces that constantly ask for purchase or the requirement for manual scanning are the most common culprits. If you are able to stay on top of things, these can work out well enough.

Unfortunately, most users are unable to due to the workload given to them. Protection ends up being an afterthought; one that can cost a lot more than the software itself. There is one nearly foolproof way to get rid of these worries for good: allowing professionals to take care of your protection.

Tech Experts is able to supply a managed anti-virus that is inexpensive, well-reviewed, and kept up-to-date with the latest virus definitions. We are able to install it in both home and business environments.

With that in mind, it’s an easy choice when picking what you want to shield you from the dangers of the digital world.

Severe Security Vulnerabilities Patched By Microsoft

Early last month, Microsoft released 13 security patches as part of Patch Tuesday.

While such security measures are usual, this one was particularly important because six of those patches were categorized as critical and require user attention to be put into place.

These six patches addressed programming flaws that had the potential to give cyber-attackers the means to gain full user rights in a wide array of Microsoft’s software programs. The remaining seven patches address the elevation of privileges, denial of service, and ways to bypass security features.

The programs that were at risk from these flaws included all supported versions of Microsoft Windows, the new Edge browser, Internet Explorer, Microsoft Office (including Services and Web Apps), Microsoft Server Software, Adobe Flash Player, and Microsoft .NET Framework.

According to Microsoft, these flaws were detected before any actual security breaches stemming from these issues actually occurred.

If they had not been discovered, cybercriminals may have been able to gain user rights to Microsoft programs via specially crafted websites from remote locations.

Microsoft strongly urges Windows Vista and later operating system users to ensure the latest updates have been installed, especially if they do not have their systems set for Automatic Updates.

Does Your Company Need An Internet Usage Policy?

Scott Blake is a Senior Network Engineer with Tech Experts.

With the growth and expansion of the Internet, it is important to make sure that your business has a policy in place to protect its assets.

Depending on your business, an Internet Usage Policy (IUP) can be long and drawn out or short and to the point.

An IUP will provide your employees with guidelines on what is acceptable use of the Internet and company network. IUPs not only protect the company, but also the employee.

Employees are informed and aware of what is acceptable when it comes to websites and downloading files or programs from the Internet.

When employees know there will be serious consequences for breaking the IUP, such as suspension or termination of employment, companies tend to notice a decrease in security risks due to employee carelessness.

You will need to make sure your IUP covers not only company equipment and your network, but also employee-owned devices such as smart phones and tablets. You may be surprised at the number of employees that feel they do not have to follow the IUP because they are using their own device to surf or download from the Internet.

Make sure you address proper usage of company-owned mobile devices. Your business may have satellite employees or a traveling sales force. Even when they are away, they need to be aware they are still representatives of the business and must follow the business IUP.

After all, it would not go over well if your sales staff was giving a presentation to a prospective client and suddenly, “adult content” ads popped-up on the screen because one of your employees was careless in their web habits.

The downloading of files and programs is a security risk in itself. Private, internal company documents and correspondence downloaded from your company’s network can become public, causing unrepairable damage.

On the same thought, employees downloading from the Internet open your company’s network up to malware attacks and infections.

There are a lot of hackers that prey upon the absent-minded employee downloading a video or song file by hiding a piece of malware within the download. Once the malware makes it into your network, there’s no telling what damage it can cause.

As for non-work related use of the company network and Internet, make sure your employees know there is no expectation of personal privacy when using the company’s network and Internet connection.

Make it well-known that the network and Internet are in place to be used for work purposes only. Improper use of the network can reduce bandwidth throughout the company network.

This includes all mobile devices owned by the company. This way, your employees know that no matter where they are they still must follow the guidelines of the IUP.

Make sure all of your employees sign the IUP and fully understand what it is they are signing. Make sure you answer any and all questions they may have.

This will help clear up any confusion your employees may have. This way, there can be no excuses as to why the IUP was broken.

Whenever you update the IUP, make sure you have all of your employees sign and understand the new additions and/or changes to the IUP. It may seem like overkill, but you’ll be glad you did if you ever run into any violations of your company’s IUP.

For assistance in creating Internet Usage Policies or if you have any questions, call the experts at Tech Experts: (734) 457-5000.

Top Seven Network Attack Types So Far In 2015

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

There’s no doubt that small businesses are under attack from hackers and cyber-criminals. Typically, small companies have less secure networks and looser security standards, making them easy targets.

The latest Threat Report from McAfee Labs details the types of attacks against small businesses. The chart shows the most common network attacks detected in Q1 2015.

Denial of service attacks – 37%
A denial of service (DOS) attack attempts to make a resource, such as a web server, unavailable to users. These attacks are very common, accounting for more than one-third of all network attacks reviewed in the report.

A common approach is to overload the resource with illegitimate requests for service. The resource cannot process the flood of requests and either slows or crashes. [Read more…] about Top Seven Network Attack Types So Far In 2015

Major Microsoft Windows Vulnerability Discovered

Microsoft recently released details about the newest vulnerability (MS15-034) in the Windows HTTP stack’s armor. With other recent problems in Microsoft patches, the problem may have been downplayed a bit to save face. This vulnerability, however, is more serious than it initially seemed.

The MS15-034 vulnerability is widespread. Although Windows servers are most at risk, this problem affects most products that run Windows. The chink in question lies in the HTTP.sys component, which is a kernel-mode device driver that processes HTTP requests quickly.

This component has been an integral part of Windows since 2003 and is present in all versions up to Windows 8.1. This means that any device running Windows without up-to-date patches is at risk.

It isn’t difficult to exploit this vulnerability. The only thing Microsoft is divulging about how MS15-034 can be used to compromise devices is that it requires “a specially crafted HTTP request.” It seems that this information is deliberately vague.

All one has to do is send an HTTP request with a modified range header, and access to data is granted, although sometimes limited. A similar attack was documented in 2011 on the Apache HTTPD Web server that was later patched.

There is good news though. As in other areas of life, prevention is far more effective than trying to deal with a problem’s aftermath. It isn’t difficult to protect your devices from the MS15-034 vulnerability.

The first step is to ensure that your server has the latest updates that include the patch to fix the problem.

If your server hosts a publicly accessible application, you can verify your server’s vulnerability by going to https://lab.xpaw.me/MS15-034, enter your server’s URL, and press the Check button for an instant report on your site.

If you then see the report that the website has been patched, you’re safe; otherwise, that particular system will need to be patched.