fbpx
Open post

Hackers take aim at the Winter Olympics

2017 was a big year for technology and it’s hacking abusers. With the new year already in progress we were all hoping for a nice downtime from the bad news and potential dangers. Sadly that isn’t the case right now. Recently reported were attempts of maleware infection affecting those involved in the Pyeongchang Winter Olympics.

Apparently, emails containing maleware-infected documents were distributed to organizations involved in the organization involving the Winter Olympics. These emails were spoof accounts, which means they were simply made for the purpose of distributing the maleware, and used the false pretense of being someone they were not. The emails were reported to have been sent from South Korea’s National Counter-Terrorism Center, and that the email contained information that would help the process of antiterror drills in the region to prepare for the games.

The security firm McAfee confirmed the attempted malware intrusion upon inspection of the reports. Since December 22nd of 2017 there have been emails such as these circulating , attempting to either gain sensitive information such as passwords and emails or financial information. The emails that were received are reported to have been sent from Singapore but the content in the email was written in Korean. Along with the emails were the documents that held the malware, and those documents read as “Organized by Ministry of Agriculture and Forestry and Pyeonchang Winter Olympics”.

Through time, the emails had altered the way which they spread the malware, from a document to a hidden text, or picture, which is a tactic known as steganography. McAfee reports the implants in the emails lead to an established link between the victim and the attacker’s server, to enable the attacker to gain access to executable commands and install additional problems. McAfee expects there to be more attacks such as these to continue up until the event, and to be weary of the recent past examples that involved this form of attack.

Well, it looks like this year may be another trial that we all must pull together to overcome. In the meantime, give us a call at Re2tech to enhance your online defenses and become more understanding of your network and systems!

 

Keep up to date on your technology and it’s vulnerabilities and solutions with RE2Tech. We make I.T. easy!

Have you taken precautions? Is your sensitive information at risk?

Give us a call or send us an email for all your I.T needs! We at Re2tech make I.T. happen!

Phone: 952-223-4422

helpdesk@re2tech.com

 

Open post

Googles discovered CPU vulnerabilities, and how it can affect you

Google is a forerunner in the online world for many aspects, but one of the main focuses of Google is security. Google has a “Project Zero” team dedicated to researching vulnerabilities their customers may be facing while also doing their best to provide solutions to the problems.

Last year the Project Zero team had come across a security flaw due to something called “speculative execution”, which is described as a technique used by most modern processors (CPUs) to optimize performance.

This security flaw is seen as a more serious flaw, due to it’s capabilities for leaking vulnerable information to an unknown party. Malicious persons may take advantage of the said vulnerability in the speculative execution process to read system memory that should otherwise be inaccessible. This may lead to the exposure of information such as passwords, encryption keys, or even sensitive information that is present in open applications. It was also noted that a virtual machine attacked through the vulnerabilities of speculative execution could also lead to access of physical memory in the host machine, further enhancing the dangers.

The affected CPUs are rather wide, but include AMD, ARM and Intel, as well as devices and OS running on those CPUs. Google has stated that the research team has updated their systems to defend against the speculative execution attacks, and cooperated with hardware and software manufacturers across the industry to protect a more broad range of technology and people. This cooperation has lead to mitigation of the affected from this form of attack.

Google has released a list of products and machines that have the mitigation and protection in place, the following are secured from the speculative execution attacks.

  • Android- Those with the latest security update are secure. Nexus and Pixel devices are also secure with the latest security update.
  • Google apps/ G Suite- no action needed
  • Google Chrome- There may be some necessary actions required on the users end. A link to the page is here
  • Google Cloud Platform- Google App engine is secure.
    Google Compute Engine: additional action required here
    Google Kubernetes Engine: additional action required here
    Google Cloud Dataflow: additional action required here
    Google Cloud Dataproc: additional action required here
  • All other Google Cloud products have been cleared and are secured.
  • Google Home/Chromecast -no action needed
  • Google Wifi/OnHub – no action needed

Google has stated that in order to take advantage of this new method of attack that uses speculative execution, the attacker must first run malicious code on the system they targeted.

Google has stated that there are three variants of the attack, which cant be mitigated with one method, but needs a specific method for all three attack variant. Some vendors have patches for one or two of the attack variants, and Google is working with them to ensure all three get mitigated over time.

It is good to know Google is helping to spread the necessary information for others to protect themselves against such a potentially dangerous attack! As for other means of protection, why not give us a call at Re2tech! We will ensure a strong security for your network and help teach you about your own system along the way! We make I.T. happen!

Keep up to date on your technology and it’s vulnerabilities and solutions with RE2Tech. We make I.T. easy!

Have you taken precautions? Is your sensitive information at risk?

Give us a call or send us an email for all your I.T needs! We at Re2tech make I.T. happen!

Phone: 952-223-4422

helpdesk@re2tech.com

 

Open post

Smartphones with breach options, new option discovered

Smartphones are the present and the future, there is no doubt about that. They offer an immense control in a life and helps people stay up to date on what people are eating and how close WW3 is. It’s no surprise this is also the same device that is the target of hackers and the like, who want to steal information and jump start their own lives off of someone else’s.

Recently a study from NTU (Nanyang Technoloical University, Singapore) discovered a new method to which hackers may abuse in order to gain access to our little rectangular life box’s. The new access method actually involves your phones pin code.

There has been many vulnerabilities with smartphones since they have been released, involving things like the accelerometer, gyroscope, and proximity sensors. However through each vulnerability we have always come up with a means of patching said vulnerability. Well now we have another to patch involving the pin code. This was discovered through the experimentation with six different smartphone sensors and state-of-the-art machine learning, and deep learning algorithms. Through this experimentation the researchers from NTU has had a 99.5% accuracy within a three attempt confines, and the type of smartphones involved were using the Android operating system. The researchers used the 50 most common PIN numbers to experiment in this process.

Before this method came to be, the dominant phone hacking technique only had a 74% chance of success, while that is still very large, this new method is much more alarming. NTU’s technique can be used to guess all 10,000 possible combinations in a four-digit PIN.

The means by which the researchers came across this method is quit astounding actually. What was studied was the orientation, the light variation across the screen, and which thumb pressed the pin numbers. This led to the realization of variables that the phone is exposed to while someone enters specific numbers, allowing the deep thinking algorithm to narrow the possibility in pin combination and have a much easier time at assessing the correct possible combination. It is also worth mentioning that the technology used has a means of increasing it’s success rate with more exposure to possible pins and means of them being entered.

While this discovery may be frightening, it also means we have a way to understand it’s method and develop some manner to combat it, preventing hackers to use and abuse this information. Researchers at the University think that access to phones sensors and sensor information is too large of a risk and should be on lock-down in devices to prevent this method of access from ever becoming an issue.

Technology sure can be daunting, but with every virus there is a cure, with every method there is an equally effective anti-method. Let’s be sure to continue our cautiousness with our sensitive information and stay up to date on their strengths and weaknesses! That’s all for today, be sure to call for e-mail use for any questions or installations! Here at Re2tech, we make I.T. happen!

Open post

Forever 21…for the hackers with new credit card information

Hello all! We hope everyone had a nice relaxing holiday before the new year was rang in! Unfortunately during the holiday rest, someone got a little too relaxed. The known clothing company “Forever 21” was a victim of another security breach for the 2017 year.

The popular clothing store had apparently been hit with malware at some of their store locations, causing customers who paid with credit card in store, to have their information exposed to those hackers who installed the malware.

The company has made a statement addressing the issue, and reminding customers to constantly keep track of their card purchases and report any suspicious charges as soon as they see something to mitigate chances of their accounts being drained.

From the investigations findings, it was reported that the malware was installed and activated somewhere between April 3rd and Nov. 18th of 2017. There has been no number confirmation as of yet on the amount of people affected by this breach. It was noted that those who paid with card over Forever 21’s website are not affected, for the malware did not have any grasp on those lines of payment.

Forever 21 has a phone number to call that will answer questions about the breach.

Forever 21’s security breach hotline:

1-855-560-4992 Monday through Friday  between 8a.m. to 6p.m. P.S.T.

There we have it, another last security breach for 2017 before the new year could ring in. Hopefully this will be the last attack that will be revealed involving the 2017 year, for there have already been far too many!

Stay vigilant and informed, and as always if you need any IT help whether it be questions or installations, be sure to contact us and we will see that your network becomes secure and your insecurities are no more!

Open post

Cloud security going into 2018

The cloud is becoming more and more preferred as times goes by. Data and applications are streaming to it at a faster rate every hour, and more people are deciding to turn to cloud services on a daily. There is no question as to why this is happening, the cloud services are extremely convenient and offer functionality that you cant find anywhere else! In saying that, this also means cloud services are under a watchful eye by everyone, even the nefarious types.

Threats to the cloud

Generally when we have something good, people like to mess it up. The cloud is no different, there are people who have already interfered with the cloud and it’s services to steal data for very selfish and rather rude reasons. 2018 will be no exception to this, for there are quit a few issues with the newly born service that can easily be manipulated. Despite popular belief, cloud services and their security are not in the hands of the service provider, rather the customer. Knowing that, we should evaluate the potential risks with cloud technology and understand the vulnerabilities of the information stored on the cloud.

  • Data breaches– This can occur in multiple ways, ranging from intent to steal information on the cloud, human error, vulnerabilities in applications relating to the cloud, or just poor security understanding and practices.
  • Insufficient identity, credentials, and access management– Persons with ill intent may gain access to cloud stored information and cause all sorts of trouble due to a lack of credential security, which would enable unauthorized access to your data.
  • Insecure interfaces and application programming interfaces– Cloud technology providers expose UI’s and API’s that customers may use to manage their cloud experience. This is both great and bad, for this means the protection you could have is in your hands, and were you to become accessed by some unwanted party, they now have full access to your cloud security, and the providers of that cloud will have little to no feasible way to rescue you. There is a lacking of accidental and malicious attempts of policy circumventing.
  • System vulnerabilities– This is the big contender that has gained spotlight this last year for cloud tech. These are exploitable bugs in the program that allow malicious actions to gain access to a system and steal data, taking control of the system, or disrupting service operations.  Vulnerabilities within the components of the operating system put security of all the services and data at significant risk. Because the cloud has systems from various organizations placed close to each other, if the cloud is breached, that means those other systems are now vulnerable as well.

The cloud is a fantastic service that will no doubt lead to other great systems and functionality in the world, however right now while it is still young, it has quit a few quirks to work out before it can be considered a fully safe and developed system. Now that doesn’t mean don’t use the cloud, it means be mindful of what you put on there, and the risks that are present in the technology your using.

Open post

2018 predictions: Healthcare security breach

As we all have become aware, 2017 was a free for all when it comes to security breaches.  There were countless phishing scams, ransomware, state-sponsored attacks and new forms of attacks that all made headlines and shook us to our boots. However 2018 means a new year and a new us! Right? Well we hope so, but thus far the the outlook isn’t in our favor.

Recently a VP at Tripwire gave his predictions for 2018 and our security in the online world. The prediction does not bring bright bearings, in fact it seems 2018 may be quit ill.

The Tripwire VP predicts that healthcare security will be breached, due to the ever growing vulnerability in medical devices and electronic healthcare records. 2018 is expected to have hospitals, insurers and healthcare manufacturers in the sights of hackers  and cybercriminals.

It is expected that the healthcare industry is not prepared for the kinds of attacks that may come, with things like the WannaCry incident and the UK NHS.  Not all ransomware is noisy and boisterous which is where the real danger may lie for the healthcare industry.

In relation to the healthcare being a target for 2018, there is also a lot of talk about the cloud, and it’s  potential security abuse over the horizon in 2018. It should come to no surprise that since cloud technology is still pretty new, that defending the cloud is still a process in the works. We should not be taken by surprise when there is another cloud data management leak, and should be cautious until they have developed a stronger, more prominent protection for cloud storage. There is talk of security becoming up to date near the end of 2018 for this form of technology, but until then we may see leaks of credentials and misconfigurations, as well as other exploited vulnerabilities.

Let’s all learn from the mistakes of not only ourselves, but each others, and make 2018 predictions like this nothing but a false alarm! If you need help with your online presence, give us at Re2tech a call and lets discuss your security options and optimizations! 

Open post

2018 security expenses expected to rise in response to 2017

2017 was full of news on companies and corporations that had security breaches, and the effects on the masses that would follow because of them. Because of this hard pressed security year, it is expected that in 2018, the total expenses on security spending will rise, by about an estimated 8%.

A research firm known as Gartner took data from 2017’s data breaches and calculated in the response from similar companies and corporations, to derive an expected shift in security spending, as well as the changing views on cyber security.

In 2017 it was estimated that the total spending on security measures summed up to about $89.1 billion. The $89 billion expense resulted from the events of the previous year that spurred people to take cyber security more serious and treat it as an actual threat. The same reasoning is behind the estimated spending for 2018, which is at $96.3 billion. This increase comes at no surprise in response to the overwhelming coverage of security breaches all over the world, and these breaches are estimated to affect the three years following the event. So moving into 2019 we can already estimate a larger security spending sum.

Gartner uses multiple factors under the umbrella of cyber security to make these estimations more accurate. The several sub sections of cyber security involve the following:

-Identity Access Management

-Infrastructure Protection

-Network Security Equipment

-Security Services

-Consumer Security Software

It was made clear by Gartner that out of all these sub sections, the section that would be most invested in this coming year would be Security Services, priced at $57.7 billion which is an increase from last this years $53 billion. The other sub sections of security spending is also estimated to increase this coming year, just not as largely as Security Services.

Gartner also says that the spending will continue to go up from here in the next few years, with more than 60% investing in data loss prevention, protection and encryption tools. Currently spending is at about 35% for protection tools, so there is an obvious large spike in response to recent events around the world with enterprises and their security.

Let’s buckle up and get ready for an interesting new year! Before the new year rolls in, why not be the first to pave the path of a more secure cyber presence and let us at Re2tech work to hatch down your vulnerable information and close any back doors in your network!

Open post

The most popular passwords, proven by hacked accounts

So apparently, every year SplashData compiles a list of passwords and rates them according to occurrence. These passwords are from accounts that have been stolen and made public. There are millions of these accounts and the similarities in the passwords show the unoriginal ideas people come up with to secure their information.

Due to the sheer number of accounts that was used to support this data, you can trust what your about to see as being something that can be applied to a greater population. The reason SplashData makes this list every year, is  to make it apparent that we need to take our passwords more seriously, and stop using pop culture and sports references. SplashData also noted that the list supplied this year, is using passwords mainly from North America and Western Europe, and that adult websites and the Yahoo hack were excluded from this list.

We actually did an article a while back about password security, and how our thoughts on a strong password have changed and the best way to form a password. You can find that article by clicking here

Now, for the list of disappointments

  1. 123456
  2. Password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. letmein
  8. 1234567
  9. football
  10. iloveyou
  11. admin
  12. welcome
  13. monkey
  14. login
  15. abc123
  16. starwars
  17. 123123
  18. dragon
  19. passw0rd
  20. master
  21. hello
  22. freedom
  23. whatever
  24. qazwsx
  25. trustno1

They say great minds think alike, but it seems not so great passwords do the same thing!

It is amazing to see the thought that occupies someones mind for a split second that makes them say “hey that should be my password, no one will ever think it’s so simple and obvious!” as you turn around and high five your friend for wearing the same Starwars shirt.

Let’s try to take our online security a bit more seriously into this next year, you could even call it a new years resolution!

If you do have any concerns about other aspects of your online security or network, give us a call and let’s ensure your walls are made of hacker kryptonite! (my password is Sup3rM4n…not really)

Open post

Net neutrality and the FCC’s use of deceased people’s name

Lately the internet has been abuzz about net neutrality and preventing it from being stolen from us, lest we want to see a degradation in our society. Even knowing this, and having sent the FCC millions of petitions and signatures, the chair of the FCC still ignored the pleas of the masses and voted for tearing down our rights to online access and freedom to roam. Not only did the FCC ignore the masses, but the FCC also decided to revive the dead and use them against us.

 

What is net neutrality? 

First lets quick cover the basis of what net neutrality is. Net neutrality is basically a guiding rule or principle. It preserves our right to roam and communicate freely online, without the interference of those in a higher power position. It is free speech for the internet. This allows us to have access to all forms of information without any bias in the mix, restricting what we see and read and learn. For example, if net neutrality does become history, Fox news could pay to have specific internet providers show news from them, and them alone. This would cause a great tunnel vision in our society, and depending on peoples specific situations, cause a rift in general knowledge and understanding, leading to more chaos separation in our society.

Deceased commentators 

So back to the first paragraph, deceased persons coming to life. On multiple instances, there has been a realization that people who have passed away are somehow posting onto the FCC’s site, tickets that are in favor of getting rid of net neutrality. Family members of these deceased commentators have outright called on the FCC for their immoral and illegal actions, demanding they stop such horrid actions and be taken to court for just desserts.

Comments by the deceased were sometimes word for word, the same as other comments by other deceased persons. This shows the action as being a form of spam. But the issue at hand is that the FCC is using identities of Americans who have died to try and defend their actions by putting words in their mouths and pretending they were still alive.

As a response, the FCC has said that unvetted commentary has lost all forms of power online, and will therefore be dismissed. The only way comments will be considered is if they are cryptographically secure identities, tied to living persons.

The FCC has stated they will not help in the pursuit of those using deceased Americans identities.

Net neutrality is obviously something very important for more than just online surfing, it gives access for students and education, for keeping the world in mind and staying up to date on global events and being able to read both sides and come to ones own conclusions. Net neutrality is so much more than just “the internet” it is a necessity in a world ever growing in technological involvement.

Educated yourself on the issue

Learn about net neutrality, make an educated, well thought out decision on the matter, and then give your comments to the FCC. Here is a helpful link to the FCC’s site where you can submit your comments. http://gofccyourself.com

Posts navigation

1 2 3 4 5 6 7
Scroll to top