Comp 1 (0;00;00;00)

Lenovo has been caught red-handed shipping laptops with invasive adware. Read more here to find out the implications of why you should be concerned.

If your office has purchased any number of Lenovo laptops during the latter part of 2014, then these systems are likely affected by pre-installed adware.

There’s now little wonder  as to why your office’s antivirus or antimalware software might have been bugging you about a malicious adware named “Superfish”. If your systems administrator hasn’t been able to pinpoint the particular source, the culprit could really be the OS itself or Lenovo.

In 2014, several Lenovo notebook users reported injected advertisements while doing regular internet searches. The adware was identified as “Superfish” with capabilities of injecting third-party advertisements to not only on search engines like Google but by any website visited as well. Experts and technical enthusiasts have determined the adware was already pre-installed with the notebook by the time a unit is purchased.

Is It a Big Issue?

Although Lenovo would claim otherwise, experts point out that this invasive software can affect both users’ privacy and security.

For internet users who are annoyed by those numerous and deceiving web advertisements, this would already be a problem. Even the more savvy users can be deceived due to the nature of the advertisements displayed, which are designed in a way to look like they are part of the search results or the webpage itself.

A serious security threat which can spy and steal your data

Other than the ability to bombard you with online advertisements,”Superfish” also gives the perpetrators an opportunity to spy on the user’s activities when online and even monitor personal data:

  • The adware installs itself as a root security certificate in the laptops.
  • A security certificate is a small system file/key that determines which websites, servers, and software are trustworthy and which are not.
  • A root certificate can be likened to having a “master key”, where its authority will be adopted within the internet settings of a computer.
  • This makes a computer vulnerable by tricking it into thinking a website is secure, even if it’s not.

It’s a window of opportunity for cyber criminals to spy on their targets or even deceive them to give out personal data like usernames and passwords. There’s also a risk for laptops to be susceptible to malware and virus attacks since they can slip through their antivirus/antimalware software by using the certificates to make them look like legitimate files.

Lenovo’s Response

superfish-screenshot

Lenovo recently confirmed selling their units pre-installed with adware and shipping them worldwide. According to Lenovo, only units produced between September and December of 2014 were affected. Additionally, Lenovo defended the addition of “Superfish” in its laptops citing that the goal was to improve user experience when shopping online and that it does not monitor user activity.

As of January 2015, Lenovo has stopped shipping the adware on its computer products and has promised not do so in the future. It has also disabled “Superfish” and server interactions for the affected units and users. This “feature” should now cease to exist.

Check if you are affected by Superfish

 

superfish

Filippo Valsorda has setup a quick online test to see if your computer and internet connection are affected.  The test can be run here.

For more ways to stay protected, contact your local IT professionals.

Read More


Java_ai

Most systems today need to run Java occasionally. With the Java 7 end of life approaching, learn why it’s important to migrate to Java 8 to stay protected.

Oracle has supported Java SE 7 for 11 years now, however, with new developments on the latest version to support current and future technological developments, it has reached its end of life.

As of April 2015, Oracle will cease to provide updates for Java 7, which also includes discontinuing downloads for this version from their websites.

The good news is that existing customers are entitled to have continued support for any given security fixes or critical bug issues, including long term maintenance for Java 7 and older versions. All this will be available from Oracle’s Java SE Support team. However, it’s best to migrate to the latest version.

Oracle has also included an auto update feature since their January update to help migrate systems from Java 7 to 8.

Why migrate to Java 8?

Java 7 security updates will no longer be made automatically, making any systems running this version vulnerable. We strongly advise all users to switch to Java 8 for continued feature updates and to further close vulnerability exploits. Since vulnerabilities are likely to lead to exploits, its important to secure  your computer when browsing the internet on Java based websites.

Java exists to help applications and websites run correctly, which is fantastic. Being dependent on this component can lead to problems. With unpatched or outdated versions of Java, hackers can take advantage of using web browsers to serve up malware by exploiting its vulnerabilities.

By not maintaining frequent Java updates, this only serves to invite attackers to exploit your web browser and computer.

How to update Java and stay protected

Ophtek managed services clients are automatically updated.  Follow these steps to update Java manually.

Here are more detailed steps on how to install Java updates. Although the Java version shown in this tutorial is older, the method to install and update are still very much the same.

Remember that it’s worth spending a few minutes updating Java on your systems to lock them down from any possible future attacks.

For more ways to protect your office data, contact your local IT professionals.

Read More


Data_Breach

A Wisconsin based Chiropractic clinic has leaked data from approximately 3000 patients. Read the story here and learn how to protect your data.

The chiropractic clinic in Wisconsin had to notify all 3000 of their clients regarding an incident which involved their data being breached. It had come to light late November of last year when it was realized that an ex-employee and chiropractic practitioner had extracted critical client information.

The former employee had access to client data to carry out their daily role in the clinic. They went a step too far by stealing client information away from the business. The information breached included details such as client’s names, direct contact details, date of birth, insurance information and even social security numbers. The perpetrator soon resigned after carrying out the dirty deed. Officials believe that this was a classic ploy to solicit clients for the perpetrator’s own gain.

What was the motive?

Without a customer base, there’s no business. So what makes customers highly valuable besides what they may spend on your product or service? In short, it’s their data. With client data, a business will have a deeper insight into the demographics of their client base, along with contact details and other personal information. There is much power to be gained by having a list of hot leads.

In this case, this former employee has stolen the business right from under the clinic’s feet.

How to protect your business from data breaches

Although it’s easier said than done, simply setting up protective measures to safeguard your business information is an essential step.

Practical solutions that can be implemented right away

Non technical solutions

  • Be sure to carry out background checks to ensure that potential employees have no criminal offences- especially if it pertains to fraud. The same can be done periodically for existing staff.
  • Have new and existing staff sign a disclosure document to protect the business’ data, where breach of data can lead to liability.
  • Training and educate staff on what constitutes potential data breaches.
  • Have your attorney update your company’s T&Cs to protect the business in the event of a breach.

For more ways to secure your data and systems, contact your local IT professionals.

Read More


microsoft-security-essentials

Microsoft Security Essentials is not as effective as you may think. Here’s a summary of the last two AV testing evaluations carried out by AV-Test.org.

There mare any anti-virus programs available to install, some are free, like Microsoft Security Essentials (MSE) and others, like Trend Micro, Kaspersky and the like are paid with free versions available providing less features such as real time scanning.

Are paid ones any better than free AVs? A better option is to run Malwarebytes. We’ll conclude a little later.

AV-Test Results

AV-Test.org is an is an independent test center based in Germany  where they  carry out tests to evaluate which anti viruses can withstand a variety of malware. This particular test involved approximately 12,327 different malware, along with 153 emulated zero-day attacks, on Windows 7 machines.

Out of the 28 tested AV programs tested, Microsoft fared poorly by failing to protect its own operating system. In fact it came in last compared to all their 27 competitors.  These tests were carried out in December 2014 and they measured usability, performance and protection, which resulted in classifications.

This is not the first time Microsoft came last here.  They’ve also come last in the previous run of tests in 2013. They had gained top marks for MSE usability and were above averaged in performance but scored a big fat zero in the most critical part, to protect against malware!

Microsoft’s Perspective

In defense of Microsoft’s AV-test results, Joe Blackbird, representing Microsoft, wrote in a blog about it. He spoke out against the malware attacks tested by AV-Test, and stated that they’re unlikely to occur in the wild to pose a major risk to users. To support his statement, he mentioned that 94% of the samples carried out in the test were not picked up by MSE and didn’t even end up infecting their systems, hence not posing a serious risk.

Overall, Microsoft has made it clear that the AV-test results in the past does things differently as opposed to prioritizing their protection based on actual real malware threats.

Are paid anti-virus programs any better than the free ones?antivirus

Based on AV-test results, it seems like it’s highly likely. However, not all paid solutions offer the best protection. For instance, McAfee Internet Security is a paid solution and it was not far off from being the worst in protecting from the list of Malware threats. They were next to last on the list, with being only slightly better than MSE.

The highest rated AV from the test results to offer the best protection against malware attacks is Kaspersky, which happens to be a paid solution.

You do not need to necessarily go out and spend money on an AV. However, if you do run MSE, a better option is to run Malwarebytes, which is effective and free.

For more ways to secure your data and systems, contact your local IT professionals.

Read More


Major-Browsers

Browser hijacking is very common nowadays. Whilst it may not seem like a trivial issue at first, it can turn into a big nightmare!  Read on to find out why.

What is browser hijacking?

Browser hijacking occurs when a web browser is taken over by an unauthorized program, which runs without the user’s permission. We’ll outline three factors as to why it’s common.

  1. Homepage is taken over
    Automated changes are made to the browser’s settings, which usually leads it to replace the current homepage settings with its own designated search page.
  2. Tracks browsing habits
    The aim of such hijacking is to spy on your browser activity and record your personal information.  This information is then sold to advertisers.
  3. Forces users to search through a specific search engine
    Searching through an unknown search page will allow your data to be tracked. Web page redirection may also happen over to a website in order to make money from visitors by presenting search results from paid advertisers.

Some web browser hijacking can be easily cleared, whilst others can persistently remain on your system and reappear even after any attempts at clearing it.

How does browser hijacking happen?

 

No ads when browsing the internet

Many such hijacking programs present themselves as an offer on a website or are commonly bundled with free software. They are designed to trick people into installing browser hijacking programs. This strategy can also invite additional malware to become installed onto the system, creating further problems, to only end up with a heavily infected computer.

Some examples of hijacking browsers, from hundreds and thousands out there, include:

  • Astromenda Search
  • TV Wizard
  • Onewebsearch
  • CoolWebSearch
  • Conduit Search
  • Coupon server

A truly infected computer will open the doors to a barrage of undesirable hacker activity, which is why this problem should be addressed ASAP.

How to prevent browser hijacking

The main causes of browser hijacks to originate from free software download sites and from advertising. These downloads and malicious ads bundle spyware and, what we like to state as, “pretend-ware” – useless programs.

Even “trusted” vendors who offer free software may include unwanted software to be installed by default. Therefore we suggest being extra vigilant and follow our advice, which we’ll disclose later on.

Examples of added software may include, for instance, search tool bars, pc cleaners, registry fixers, and even nastier programs such as other Trojans and viruses.
What is deemed as “free” will eventually come at the cost of the user, who contrary to what most people think, is the desired product! To elaborate further on this, it’s actually people and their information that are worth a lot more than free software. The ones who fair the best are the companies behind it all, and that’s why freeware is free- it’s the incentive to attract people.

There seems to be a fine line between what is considered acceptable and what is, to put it in other words, criminal activity.

If downloading Freeware is a must …

hijack1-e1269202797108-670x670

For more ways to secure your data and systems, contact your local IT professionals.

Read More