Microsoft Office programs such as Word, Excel, and PowerPoint, use an XML format to store various bits of information not readily seen when viewing the document as intended. This information is called metadata and it is hidden data that can contain personal information, original author usernames, tracked changes, file properties, and more. Thankfully, Microsoft includes an option to “Inspect Document” that can automatically remove this metadata before sharing the file.
Email phishing attempts are increasing while, at the same time, their methods are getting harder to detect. Here are a few tips on how to look out for phishing emails.
Quick check that the Display Name matches the Email Address. The name displayed in email is not authenticated and can be any name the sender wishes. Make sure the email address matches what you expect by hovering over the name and click “Open Contact Card” (Outlook 365) or click “Show Details” (Gmail)
We just used the Windows 10 ISO to fresh install 10 Pro ver 1709 on a Surface Pro 2017. Everything completed correctly; but there were a few errors.
Our first tip off was that the camera gave an error message “Can’t find your camera” Error Code 0xA00F4244 or 0x200F4244
The Surface Diagnostic Toolkit showed that the display driver was also not completely installed, despite there being no warning in Device Manager. Sure enough, we could not adjust screen brightness. Multi touch detection was also broken.
The fix was a simple one. Surface Pro drivers do not download via Windows Update!?
We manually installed the Surface Pro Drivers and Firmware from the Microsoft Download Center here:
After the installation and couple of reboots, everything was running as expected on our Surface Pro i5 model 1796.
A new type of malware has been discovered that breaks SSL encryption, mainly to insert ads in your browsing. This “Superfish” style vulnerability means that even when you connect to your email, bank, 401(k), or even health insurance site, the connection is being re-routed on the fly to the bad guys servers but your browser will still show that green lock saying the connection is secure.
A zero day bug in Internet Explorer was found by FireEye research labs and released to the public on Saturday, 4/26/14. This virus does not have a super fancy name but is being actively exploited on the web: Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-1776).
The best post-infection removal success rate can be had by using a Rescue CD / USB. Here are three that are free:
Kaspersky Rescue Disc 10
note: Avast! requires a full installation on an unaffected machine to download and create the ISO file. Bitdefender and Kaspersky will let you download ISO files directly to burn to disc or create a bootable USB drive. In addition, Bitdefender comes with Team Viewer for Linux pre-installed to allow easy remote desktop sharing for support.
The best real time protection for your business is the one that gives you a complete overview of your company network health. I have found these two products to be the best in terms of features and confidently recommend Webroot Secure Anywhere for their great support. Bitdefender does get the highest marks in online A/V tests. However, I have found their tech support completely underwhelming, often taking days to respond to phone calls.
Webroot Secure Anywhere Endpoint Protection for Business
The following is a round-up of many available free antivirus programs and malware removal tools.
“An ounce of prevention is worth a pound of cure” -Benjamin Franklin
This old saying holds just as true in today’s modern world of electronics. This short post will deal with a few simple steps to make sure your computer and your data are secure from disaster. First, we will focus on making sure software is secure and up to date. Second, I will discuss free antivirus and antimalware real time protection software. Third, I will rehash some best practices regarding passwords. Finally, I will try to drive home the security hole of Java.
Keep Software Up-To-Date
Stop using Windows XP. Period. Technically, you still have one year of critical security updates left. Microsoft will officially stop supporting Windows XP in April of 2014, a full TWELVE years after its original release. But why wait until then? Get your data backed up and either install a free operating system such as Ubuntu, install a paid upgrade of Windows 8 or 7 ($199), or purchase a new computer running Windows 8 for well south of $500. Preventing a security breach and stolen identity is worth far more than the pain of a new computer system.
ENABLE WINDOWS UPDATE. Control PanelSystem and SecurityWindows Update – First, change the default setting of updates to also install updates for all Microsoft software (not just Windows i.e. MS Office). Once this is changed, the Windows Update window will read “You Receive Updates: For Windows and Other Products from Microsoft Update”.
Now click “Change Settings” in the left panel or go to Control PanelSystem and SecurityWindows UpdateChange settings & Choose “Install Updates Automatically“. Also, Laptop users might want to change the update frequency to “Check for Updates, but let me choose when to download and install them.” This is especially true if you are using a metered 4G cellular connection. If you do this, you MUST be sure to keep an eye out for the Windows System Update icon next to the System Clock. Speaking of which…
Enable “Always show all icons and notifications on the taskbar“. Control PanelAll Control Panel ItemsNotification Area Icons. Check box for “Always Show”. Taskbar icons are typically where applications will nag you to update them. Do not ignore these icons. Certain running programs minimize to this area as well, such as antivirus, sound settings, network settings, dropbox, boxcryptor, etc. Get to know what should be there when everything is up to date and notice when something changes.
Last – use an automated software updater program. Microsoft Windows Updates are wonderful at updating security fixes for the Operating System, Word, and Excel, but what about all those security updates to Java, Adobe, Firefox, etc? Secunia software has a FREE application called Personal Software Inspector that can handle this automatically.
Continue reading “Preventing Computer Disasters”
In the past months, every online web service appears to be a target for hacking or just plain old fashion social engineering. LinkedIn passwords were hacked in June. Yahoo leaked online account information in July. Dropbox dropped the ball (again) in August. An Amazon & iCloud social hack devastated an online blogger after a hacker took control, reset his iPhone, wiped his iPad, formatted his MacBook, and locked him out of his Gmail and Twitter accounts!
What we have learned is three fold:
- Never use the same password twice!
- Use “disposable” Credit Card numbers; or at the least, do not use the same credit card for Amazon as Apple.
- Always use Two Factor Authentication when available! Continue reading “Protecting Your Online Accounts”
“SOPA and PIPA wouldn’t stop piracy
To make matters worse, SOPA and PIPA won’t even work. The censorship regulations written into these bills won’t shut down pirate sites. These sites will just change their addresses and continue their criminal activities, while law-abiding companies will suffer high penalties for breaches they can’t possibly control.”
Keep the Internet in technocratic hands.