Back to Top

Tech, Web, Cloud & Cabling Services

Category: Virus / Adware / Spyware Removal

Security / Virus/Adware/Spyware Removal Category

Most Business PCs Haven’t Upgraded to Win10

According to a new study released by Softchoice, less than 1% of business machines have upgraded to Windows 10, opting instead for Windows 7.

Windows10controversy

Windows 10 has been one of the more controversial OS releases of recent memory, bringing privacy concerns, bugs that disable certain hardware, and other nasty surprises. And the enterprise, it seems, is avoiding it altogether.

According to a recent study by IT services firm Softchoice, less than 1% of Windows machines were actually running Windows 10. That means that, one year after the release of the latest Microsoft OS, more than 99% of machines haven’t yet made the switch.

The study was performed as part of a TechCheck analysis by Softchoice, which looked at more than 402,814 Windows devices operating among 169 organizations. So, what were these firms choosing instead of Windows 10? Overwhelmingly, they were running Windows 7.

“It appears businesses are hesitant to take advantage of the various Windows 10 upgrades and, at least for now, are satisfied with Windows 7,” Softchoice’s David Brisbois wrote in a press release. “Historically, OS upgrades have been viewed as major time and resource-consuming undertakings, and this may be influencing the decision today to hold off on Windows 10.”

The Softchoice looked at these Windows machines in both US and Canadian firms from January 1, 2016 through May 31, 2016. At the time, only 2,999 devices were running Windows 10, which accounted for a grand total of 0.75% of the whole.

In terms of business break down, 42 of the 169 businesses (25%) had no trace of Windows 10 in their environment. Additionally, 73 of the 169 (43%) had fewer than 10 devices running Windows 10 present in their environment.

In contrast, 91% of the machines were operating with Windows 7, which marked an 18% increase over the same period of time in 2015. The next largest group were the Windows XP holdouts, which counted for 5% of the devices. Devices running Windows 8 were at 4%, which is double from the 2% measured the year prior.

“It seems businesses don’t see an urgent need to move operating systems, so long as their cloud-based applications are still running fine on Windows 7,” Softchoice’s Microsoft director Craig McQueen wrote in a press release. “In addition to the security benefits, I think once organizations grasp the user benefits—such as touch and Cortana—we will start to see a boost in adoption.”

Although, some of those features may not be enough to sway some users. Cortana, for example, has proven very difficult to get rid of, and other updates have led to frozen machines. The most recent Windows 10 Anniversary Update actually broke some third-party webcams, without a workaround or fix until September. That’s bad news for a business that relies heavily on video conferencing.

Still, there are a host of new features and tools that could make it easier to get work done.

The 3 big takeaways for Readers

  • 1. A recent study by Softchoice has shown that less than 1% of enterprise organizations have upgraded their Windows devices to Windows 10, even a full year after the OS was released.
  • 2. Most business were still running Windows 7, according to the study, as Windows 8 also saw poor adoption rates after its release.
  • 3. A plethora of concerns over privacy and functionality, combined with the effort it takes to upgrade a whole organization, likely led to the low adoption numbers for Windows 10.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

5 Malware Tools and VR Terms to Know

There’s plenty of free, effective anti-malware protection available. Just don’t let it push your browser around.

Although malware was once predicted to become extinct, it remains a constant threat. Thankfully, countless tools are available to help protect your PC against such security threats—including the popular (and free) anti-malware products on this list.

: AVG AntiVirus Free

AVG AntiVirus Free (Figure A) provides protection for your computer, your browser, and your mail client. Like many other free products, AVG AntiVirus Free tries to sell you a paid license, which includes an enhanced firewall, anti-spam protection, and a few other features.

Figure A

AVG-SJTechies

Although AVG AntiVirus Free seems to do a good job protecting systems against viruses, you have to be careful about the options you choose when installing and configuring this product. Otherwise, AVG will attempt to “hijack” your browser by installing AVG Web TuneUp, changing your search page, changing your new tab pages, and changing your home page.

2: Malwarebytes Anti-Malware Free

Malwarebytes Anti-Malware Free (Figure B) offers basic protection against malware. There are two main things I like about this app. First, unlike some of the other free anti-malware products, it doesn’t try to change your browser settings or install unwanted toolbars. Second, it has a clean and intuitive interface that doesn’t leave you guessing about what to do.

Figure B

antimalware-SJTechies

The disadvantage to using Malwarebytes Anti-Malware Free is that unlike the premium version, it does not support real-time protection. You can scan your PC for malware at any time, but you won’t be alerted to infections in real time unless you upgrade to the paid version.

3: Avast Free Antivirus 2016

Avast Free Antivirus 2016 (Figure C) is probably the most comprehensive antivirus tool on this list. It offers 12 components, including Rescue Disk, Browser Cleaner, Web Shield, and File Shield. The installer lets you choose which components to install.

Figure C

Avast-SJTechies

During the hour or so that I used Avast Free Antivirus, it did not attempt to take over my browser or engage in any other obnoxious behavior. The software does, however, prominently display a warning message during the installation process telling you in no uncertain terms that Avast Free Antivirus 2016 collects personal information. At least it gives you a way to opt out of this data collection.

4: Panda Free Antivirus

Panda Free Antivirus (Figure D) is another free anti-malware solution that requires a bit of caution during the installation process—otherwise, Panda will install a browser toolbar and change your home page and your default search provider.

Figure D

PandaAntivirus-SJTechies

The free version of Panda Antivirus offers real-time protection against malware, but it does try to get you to upgrade to the paid version. That version, which Panda refers to as the Pro Edition, adds a firewall, Wi-Fi protection, and VIP support.

5: YAC

YAC (Figure E) stands for Yet Another Cleaner and—you guessed it—it’s yet another free tool for blocking threats and removing malware from an infected system. It offers a simple, easy-to-follow interface, and it doesn’t try to hijack your browser (which is a personal pet peeve, in case you hadn’t noticed). In fact, the software gives you a way to lock your browser settings so that your preferred home page, default browser, and default search engine can’t be changed without your consent.

Figure E

YAC-SJTechies

In addition to its basic anti-malware capabilities, YAC includes some nice extras, such as a tool for speeding up your computer, an uninstaller, and an ad blocker. The primary disadvantage to using YAC is that you have to upgrade to the paid version if you want to receive real-time protection. Otherwise, you’ll have to initiate anti-malware scans manually.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

49% of Businesses Hit by Ransomware

Ransom is the top motivation behind cyber attacks, according to a report from Radware, and IT professionals are most concerned about data loss. Here’s what you need to know.

Nearly half of businesses report that they were the subject of a cyber-ransom campaign in 2016, according to Radware’s, Global Application and Network Security Report 2016-2017.

Data loss topped the list of IT professionals’ cyber attack concerns, the report found, with 27% of tech leaders reporting this as their greatest worry. It was followed by service outage (19%), reputation loss (16%), and customer or partner loss (9%).

Malware or bot attacks hit half of all organizations surveyed in the last year. One reason for the pervasive attacks? The Internet of Things (IoT). Some 55% of respondents reported that IoT ecosystems had complicated their cybersecurity detection measures, as they create more vulnerabilities.

Ransomware attacks in particular continue to increase rapidly: 41% of respondents reported that ransom was the top motivator behind the cyber attacks they experienced in 2016. Meanwhile, 27% of respondents cited insider threats, 26% said political hacktivism, and 26% said competition.

While large-scale DDoS attacks dominated the headlines of 2016, this report found that only 4% of all attacks were more than 50 Gbps, while more than 83% of DDoS attacks reported were under 1 Gbps.

“One thing is clear: Money is the top motivator in the threat landscape today,” said Carl Herberger, vice president of security solutions at Radware, in a press release. “Attackers employ an ever-increasing number of tactics to steal valuable information, from ransom attacks that can lock up a company’s data, to DDoS attacks that act as a smoke screen for information theft, to direct brute force or injection attacks that grant direct access to internal data.”

Despite the growth in attacks, some 40% of organizations reported that they do not have an incident response plan in place, the survey found.

The report listed five cybersecurity predictions for 2017:

1. IoT will become an even larger risk. The Mirai IoT Botnet code is available to the public, making it more likely that cyber criminals of all experience levels are already strengthening their capabilities. “In 2017, exponentially more devices are expected to become targeted and enslaved into IoT botnets,” the press release stated. “IoT device manufacturers will have to face the issue of securing their devices before they are brought to market, as botnet attacks from these devices can generate large-scale attacks that easily exceed 1 Tbps.”

2. Ransomware attacks will continue to grow. These attacks will target phones, laptops, and company computers, and will likely take aim at healthcare devices such as defibrillators in the future, the press release stated.

3. Permanent Denial of Service (PDoS) attacks on data centers and IoT operations will rise. PDoS attacks, sometimes called “phlashing,” damage a system to the degree that it requires hardware replacement or reinstallation. These attacks are not new, but Radware predicts they are likely to become more pervasive in 2017 with the plethora of personal devices on the market.

4. Telephony DoS (TDoS) will become more sophisticated. These attacks, which cut off communications in a crisis, “could impede first responders’ situational awareness, exacerbate suffering and pain, and potentially increase loss of life,” the press release stated.

5. Public transportation system attacks will rise. As cars, trains, and planes become more automated, they also become more vulnerable to hackers, Radware stated.

You help your business avoid ransomware attacks and other cyber threats by keeping software up to date, backing up all information every day to a secure, offsite location, segmenting your network, performing penetration testing, and training staff on cyber security practices.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

3 Ways to Boost Password Security

The must-read IT business eNewsletter

Encrypted passwords

“There is no such thing as perfect security,” says Jim Waldron, Senior Architect for Platform Security at HP. If you can access a website or server, consider it vulnerable to security breaches. That’s why so many businesses account for fraud in their business models—they expect to lose a certain amount each year to security leaks, lost IP, and more.

While you can never be 100% secure from hackers while connected to the internet, there are steps you can take to help protect your personal and professional data. All you need to do is activate features that are increasingly common (or easy to manage) on modern business-class PCs: Multi-factor authentication, client-based user authentication, and password best practices.

Multi-factor authentication
Multi-factor authentication is a simple but effective security system that involves the use of at least two factors (or methods) of authentication. It groups different factors together so that even if one is compromised, the data remains protected. Under this system, factors are divided into three domains:

HP support

 

  • Something you know: Password, PIN, etc.
  • Something you have: ATM card, smartcard, etc.
  • Something you are: Fingerprint, iris, etc.

For multi-factor authentication to be successful, you want to pull from at least two different domains, with a maximum of three domains. A common example of multi-factor authentication is when you withdraw cash from an ATM. To do so, you insert your ATM card (something you have) and enter your PIN (something you know). Without both factors you can’t access your account—and neither should anyone else.

Businesses are taking notice too, and multi-factor authentication’s popularity is rising. In 2014, 37% of enterprise organizations surveyed used multi-factor authentication for the majority of their employees, and that number is expected to grow to 56% by 2016.

What you can do now
If you have a business-grade PC, chances are your PC already includes the technologies you need to start using multi-factor authentication. In fact, HP offers multi-factor authentication on all of its business PCs. Consult your manual or HP Support, and identify the factors your PC supports in addition to traditional passwords, such as fingerprint or smartcard readers. Just make sure to choose factors from separate domains.

Client-based user authentication
Every time you log into a system, your identity needs to be authenticated by that system. This process occurs one of two ways: server-side authentication or client-based authentication. With server-side authentication your unencrypted information—such as your password or fingerprint—is sent to a server where it is compared against that server’s records. With client-based authentication, the authentication process—e.g., “Does this fingerprint match the one in our records?”—is performed on the client device, such as your work PC.

While client-based authentication is not as common as its counterpart, it is far more secure. In fact, “In almost all authentication scenarios it is preferable to perform the direct authentication on the client and then communicate an ‘Identity Assurance’ to the relying party,” says Waldron.

Everyone wins when it comes to client-based authentication. The client no longer has to send unencrypted, private information over the internet or store that information on another party’s server, while the relying party no longer has to store sensitive client information on their server—reducing the amount of information that can be stolen if and when a hack occurs.

What you can do now
One of the easiest ways to use client-based authentication is with a hardened fingerprint sensor. The sensor authenticates your fingerprint directly in the hardware, rather than sending it to a server or hard drive, and returns a key that can be used to decrypt password vaults.

Password best practices
As we’ve mentioned before, passwords aren’t perfect. While implementing and using the above features might not seem practical for some of us, everyone can benefit from following basic password best practices. They are quick to implement, and can save you a lot of hassle down the line.

To make the most of your password security, your passwords should be:

  • Long—at least 16 characters. Use a password manager to store unique passwords and fill out log-in forms so that you don’t have to memorize them.
  • Complex—containing symbols, numbers, uppercase letters, lowercase letters, and spaces (if possible)
  • Unique—only use a password once, don’t recycle or repeat across accounts
  • Short-lived—the National Cyber Security Alliance suggests changing your password every 60 days
  • Difficult to guess—avoid common words found in a dictionary, all or part of your name, repeated letters, or combos that align to your keyboard layout, such as “QWERTY” or “123456”

If you are uncertain whether your password is secure enough or if it meets enough of the criteria above, there are several reliable services that will check your password strength for you. Microsoft’s Safety & Security Center offers a free password checker you can access through your browser, while Mac users can access Apple’s Password Assistant through the Keychain Access utility.

What you can do now
The first thing you can do—right this second—is revise your most important passwords to align with password best practices. That includes your work accounts, personal email, bank accounts, and any other services that contain sensitive data. If you need help remembering your new passwords, consider using a password manager such as HP Password Manager. That way you only have to authenticate once to gain access to all your systems. You can also adopt a system to make your passwords easier to remember. Using acronyms, for example, you can turn the phrase “I was born in 1986 and my parents still live on Lake Street!” into “Iwbi1986ampsloLS!”—creating a strong password that’s easy to remember.

Passwords are changing, and while they will never be perfect, they can still provide an effective first layer of defense against hackers and ne’er do wells. The above features and techniques are increasingly common on modern business PCs, making it easier than ever to protect your private data. All you have to do is use them.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

10 New Security Products to Check Out

1. IBM z13s mainframeIBM z13s mainframe

Image: IBM

Security standards are constantly changing. Here are some of the latest software and hardware products to help keep your organization secure.

In February 2016, IBM announced the IBM z13s, a mainframe with cryptographic features built directly into the hardware. According to IBM it can decrypt at twice the speed of the generations before it.

2. Cisco Firepower NGFW

Cisco Firepower NGFW

Image: Cisco

Cisco recently announced its Firepower series appliances with its next-generation firewall (NGFW) technology. There are 16 models in the series that include integrated NGIPS and advanced malware protection.

3. Illumio

Illumio

Image: Illumio

Illumio is a startup that provides adaptive security for the data center and cloud environments. The company recently achieved unicorn status as its value topped $1 billion, and it is consistently named a top enterprise security provider.

4. GOTPass

GOTPass

Image: University of Plymouth, H. Alsaiari, M. Papadaki, P. Dowland, and S. Furnell

GOTPass is a graphical authentication system developed by researchers at the University of Plymouth. It uses images to authenticate instead of traditional passwords.

5. Skyport Systems SkySecure

Skyport Systems SkySecure

Image: Skyport Systems

SkySecure is an out-of-the-box enterprise security solution to protect application workloads. The systems includes hardware, software, and management tools.

6. Spikes Security Isla

Spikes Security Isla

Image: Spikes Security

The Isla is an enterprise appliance that “isolates and eliminates all browser-borne malware.” It was launched in mid-2015, but it was independently certified as invulnerable to web malware exploits in early 2016.

7. Blackphone 2

Blackphone 2

Image: Zack Whittaker/CNET

The Blackphone by Silent Circle is an Android-powered smartphone with a built-in security center to lock down your data. The most recent iteration, the Blackphone 2, released late last year.

8. Imation IronKey Enterprise H350

Imation IronKey Enterprise H350

Image: Imation

The IronKey Enterprise H350 is a rugged, military-grade encrypted hard drive. It is available in multiple capacities and is FIPS 140-2 Level 3 certified.

9. Bitdefender Total Security 2016

Bitdefender Total Security 2016

Image: Bitdefender

For home users and small businesses, the Total Security 2016 by Bitdefender is a great option. It stacks up well against key competitors and includes device anti-theft features.

10. Qubes OS 3.1 rc2

Qubes OS 3.1 rc2

Image: Qubes

Qubes OS is a Linux-based, security-oriented OS that is focused on compartmentalization using VMs. It’s been around for a few years, but the latest version released in January 2016.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

10 Killer Cheap Upgrades for Your PC

Looking to put more pep in your PC’s step? These surprisingly cheap PC upgrades and accessories do the trick without breaking the bank.

PCupgrades1

No need to break the bank

Sure, swanky new Surface Pros and $1,200 graphics cards may capture all the headlines, but on a practical level, the real story is that PCs aren’t cheap. But if your computer’s starting to feel pokey, there’s fortunately no reason to rush out a spend hundreds on a new one.

Investing small amounts in key new PC hardware can keep your computer running strong for years to come. These upgrades—most costing well under $100—breathe new life into slow machines. You just have to be strategic and make sure you’re putting your money in the best place for your particular system.

PCupgrades2

Speed up your PC with an SSD

Let’s start in the most obvious place. If your PC still runs with a mechanical hard drive, swapping it out with an SSD will make it feel like a whole new computer. SSDs inject face-melting speed into a PC, drastically improving boot times, file transfers, and overall system responsiveness.

A lot of PCs don’t have SSDs, for two reasons: Solid-state drives use to be extravagantly expensive, and computer makers often charge hefty mark-ups for upgrading to an SSD. Fortunately, SSD prices have plummeted in recent years. Superb models like theSamsung 850 EVO ($89.39 for 250GB on Amazon) and the OCZ Trion 150 ($45 for 120GB on Amazon) can be found for well under $100 online. If you find the storage capacities a bit too tight, you can always install the SSD as a boot drive alongside your current hard drive.

A word of warning about SSDs, and all the hardware discussed in this article: You can often find lower prices if you sift through Amazon or Newegg for no-name or lesser-known brands. But you’re gambling on reliability and support when you move away from established PC hardware makers. Stick with name brand gear unless you absolutely, positively can’t afford it.

PCupgrades3

Mass storage is dirt cheap

Good news if your available storage space is filled to the brim: Traditional hard drives are even cheaper than SSDs these days. A 1TB Western Digital Blue hard drive spinning at a speedy 7,200rpm will only set you back $50 on Amazon, while a 3TB WD Blue drive is just $90 on Amazon (albeit at a slower 5,400rpm).

Hybrid drives blend the best of both worlds, combining a large amount of traditional storage with a small, speedy flash storage cache. The drive monitors your oft-used files and keeps them on the cache, where they benefit from SSD-esque speeds. A Seagate 1TB hybrid drive goes for $85 on Amazon with an 8GB SSD cache, or $114 on Amazonwith a 32GB cache.

PCupgrades4

Add RAM for more multitasking

If your computer’s having trouble running multiple tasks simultaneously, low memory is a likely culprit. Two gigabytes of RAM is the absolute minimum modern Windows systems need to run smoothly, and even PCs with 4GB of memory can start to feel pokey if you’re running several programs, keep a dozen Chrome tabs open, or game with some background processes still running.

Fortunately, memory is dirt cheap. Picking up an 8GB memory kit from Corsair ($36 for 2x4GB kit on Amazon) or Kingston ($36 for 2x4GB kit on Amazon)—two reliable brands I’ve had nothing but success with personally—will set you back less than $5 per gigabyte.

Just be sure to get the right type of memory for your PC! RAM comes in all sorts of different packages. The easiest way to tell what type of RAM resides in your PC is to download the free, superb CPU-Z software, then open the Memory tab and look for the “type” option.

PCupgrades5

MAYBE upgrade your CPU

A pokey PC may be the result of an outdated processor. Unfortunately, replacing your CPU often means replacing your motherboard too, making the endeavor pretty pricey. But not always—especially if you have an AMD-powered system.

AMD’s AM3+ and FM2 motherboards have been powering AMD’s CPUs and APUs, respectively, since mid-2012. Since many prebuilt AMD systems sport modest processors, upgrading to a modern CPU can give your PC a shot in the arm. If you’re on FM3+, the new Athlon X4 860K ($75 on Amazon) is a solid entry-level quad-core processor for gaming, while the 8-core FX-8320E ($130 on Amazon) is a great step-up option and price-to-performance champion. If you have an FM2-based system with an AMD APU, the A10-7860K ($110 on Amazon) could be a solid upgrade, complete withintegrated graphics that let you get into e-sports games at modest frame rates.

Intel switches out its motherboards and socket types much more often, and its chips tend to be much more expensive. Replacing Intel chips aren’t really an affordable upgrade in most cases.

It’s important to make sure your new chip is compatible with your existing motherboard! Before you buy, fire up CPU-Z and search for the “Package” entry in the main CPU tab to see what sort of socket your motherboard packs.

PCupgrades6

Gaming doesn’t have to be expensive

Want to dip your toes into PC gaming? Despite what fearmongers may tell you, gaming doesn’t have to cost an arm and a leg.

AMD’s Radeon RX 460 ($110 and up on Newegg) delivers great performance in e-sports games like League of Legends and Overwatch. It also lets you play modern games at a console-esque 30 frames per second with High graphics settings at 1080p, or up to 60fps at Medium settings. That’s damned good for a hair over $100. Even better: Many models pull their power directly from your motherboard, with no need for additional power connectors. That makes AMD’s budget card a great option for adding gaming capabilities to prebuilt “big box” PCs from the likes of HP and Dell, as they often pack modest power supplies that lack extra connectors.

Be careful though: Some of the more potent Radeon RX 460 models require extra 6-pin power connectors. You don’t want that if you don’t have one available—unless you want to buy a power supply, too. A 500 watt power supply from a reputable company doesn’t cost much, as evidenced by the EVGA 500 W1, which only costs $35 on Amazon.

PCupgrades7

Buy some canned air

No, seriously. If you haven’t cleaned out your PC in a year or more, mounds of dust and debris can be collected inside. Clogged fans and exhaust ports lead to overheating, which leads to your PC throttling back performance. Single containers of canned air can be relatively pricey; grab a four pack ($16.22 on Amazon) for a lower price and enough air to clean out your PC for years to come.

PCupgrades8

Improve your cooling, improve your performance

If your PC’s still running hot after blowing out the dust, the thermal paste coating the area where your CPU or GPU touches its cooler could be old, dry, and ineffective, especially if you’ve had the equipment for several years.

First, install SpeedFan and double check that your CPU or GPU is indeed overheating. If one (or both!) is, grab a syringe of thermal paste—Arctic Silver 5 ($7.43 on Amazon)—then use guides to installing a CPU cooler and refreshing your graphics card to help you apply new thermal paste after scraping off the old stuff.

Still running hot overall? Try adding a case fan or two. Case fans from reputable vendors are shockingly cheap ($7.91 from Cooler Master on Amazon, or $9 from NZXT on Amazon) and can be installed in mere minutes.

PCupgrades9

A better monitor

You spend most of your time interacting with your computer’s input and output devices, so it’s definitely worth investing in decent peripherals if you spend considerable time at your PC.

Start with your monitor. If you’re still using a lower-resolution display or (shudder) a fat CRT display, embracing a high-definition 1080p monitor will provide a huge step up in usability. It won’t break the bank either: You can buy a 1080p HP with a 21.5-inch IPS screen for just $100 on Amazon. IPS screens provide a much more vibrant image than the twisted-nematic panels found in most budget monitors.

Alternatively, if you’re a gamer with a Radeon graphics card, consider buying a monitor that supports AMD’s FreeSync technology. FreeSync synchronizes the refresh rate of your graphics card and display to eliminate stutter and screen tearing in games. While monitors with Nvidia’s competing G-Sync technology fetch steep price premiums, FreeSync adds minimal cost to a display. A 22-inch 1080p FreeSync display by ViewSonic costs just $110 on Amazon, for example.

PCupgrades10

Aural bliss

Treat your ears, too. The speakers that come bundled with prebuilt PCs tend to be utter garbage. While audio gear pricing can escalate to frightening levels, some of our favorite headsets will set you back less than a Benjamin.

If you’re a gamer, our favorite all-around gaming headset is the Kingston HyperX Cloud($67.93 on Amazon). The sound quality is second to none in this bracket, the build quality is superb, and it’s extremely comfortable—though its microphone is merely average.

Don’t need a mic? Music lovers will find a lot to love in the Sennheiser HD 280 Pro ($99.95 on Amazon), which I’ve personally been using for years now. The comfortably snug cans lack the extreme bass kick of, say, Beats or Monster headphones, but make up for it by delivering rich, accurate, and dynamic audio across the full sound spectrum. They’re beloved among Amazon buyers for a reason.

PCupgrades11

Enhance the parts you physically touch

If you’re used to crappy bundled PC keyboards, or laptop keyboards, upgrading to a mechanical keyboard will change your life. The well-reviewed Logitech G610 Orion withCherry MX Brown or Red switches only costs $90 on Amazon.That’s probably more than most people have spent on a keyboard before, but it’s cheap by mechanical standards. Once you’ve tried it, you won’t be able to go back to a rubber-dome board.

Likewise, investing in a decent mouse makes interacting with your PC that much more pleasant. The Razer DeathAdder ($42.69 on Amazon) is ostensibly a gaming mouse, but its ergonomic design and high DPI sensor help it feel good in your palm and generate nice, smooth cursor movements. I’ve been using one for more than five years now, and grimace whenever i’m forced to use a cheap mouse bundled with a prebuilt PC.

PCupgrades12

But first…

Speeding up your well-loved PC doesn’t actually have to cost any money. You’ll find a few tips repeated from here—seriously, buy an SSD—but for the most part, it focuses on no-cost software solutions for potentially boosting your computer’s performance. Try those before dropping dough on new gear!

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

The 15 most frightening data breaches

data breaches

 

Ashley Madison (2015)

All data breaches are scary, but some just have that extra scream factor.

In arguably the most embarrassing data breach of the bunch, a group calling itself “The Impact Team” stole 37 million records from adultery website Ashley Madison, including many records that customers had paid to have deleted.

Virtually all of the company’s data was stolen in the hack, including records that suggest most female accounts on the site are fake, and that the company used female chat bots to trick men into spending money.

LivingSocial (2013)

Daily deals company LivingSocial had its network compromised in 2013, with hackers stealing roughly 50 million names, email addresses, birthdays, and encrypted passwords from its SQL database.

Sony PlayStation Network (2011)

Game over, man. In April 2011, hackers raided Sony’s PlayStation Network (PSN) service, stealing personally identifiable information from more than 77 million gamers.

Sony was further criticized for delaying the release of public information about the theft and for storing customer data in an unencrypted form.

The attack took Sony’s PSN out of service for 23 days.

Internal Revenue Service (2015)

Nigerian scammers pilfered more than $50 million from the U.S. Treasury via an embarrassingly simple 2015 hack of the Internal Revenue Service website.

Information scraped from previous data hacks was used to steal Americans’ identities and request copies of past tax returns on the IRS website. The crooks then filed new tax returns with falsified data, requesting big refunds.

The hack caused massive nightmares for the estimated 334,000 people whose records were stolen before the IRS shut down the transcript request service.

Target (2013)

Hackers installed point-of-sale malware on Target’s computer network sometime in 2013, resulting in the theft of more than 70 million customer records. Stolen data included payment card numbers, expiration dates, and CVV codes.

The retailer reached out to affected customers by offering free data monitoring (standard practice) and a 10% off discount on a future shopping trip. But it was too little, too late; same-store sales slid in the quarter following the hack.

Anthem (2015)

Anthem, the United States’ second largest for-profit health insurer, disclosed in February 2015 that it had lost 78.8 million unencrypted customer records to criminals. Names, social security numbers, email addresses, and income data was stolen.

The rare piece of good news: Financial and medical records were not affected.

Adobe (2013)

Adobe revealed in October 2013 that hackers had stolen 38 million active customer IDs and passwords, forcing the company to send out a wave of password reset warnings.

Weeks after, the news got worse for the company: The thieves also made off with the source code for its popular Adobe Photoshop software.

eBay (2014)

Talk about an inside job: In 2004, online auction house eBay suffered the largest hack in U.S. history, losing 145 million login credentials to a hacker using an internal eBay corporate account.

Names, email and street addresses, phone numbers, and birth dates were compromised, but thankfully, passwords were stored in encrypted form.

Home Depot (2014)

In September 2014, Home Depot admitted that it fell prey to hackers who installed antivirus-evading malware on its self-checkout registers. An estimated 56 million sets of customer payment card data were stolen in the attack.

The company’s losses related to the event are expected to top $1 billion when all of the lawsuits are finally settled. Only $100 million of that will be covered by insurance.

JP Morgan Chase (2014)

The September 2014 breach of JP Morgan Chase proved that even the largest U.S. banks are vulnerable to data theft. Online banking login details were not stolen, but crooks did get their hands on 76 million sets of names, emails, addresses, and phone numbers of bank customers, creating serious phishing concerns.

A group of Russian hackers is believed to be responsible for the attack.

PNI Digital Media (2015)

PNI Digital Media, the company that handles online photo printing for CVS, Walgreens, Rite Aid, Costco, and many more national chains, lost an unknown number of customer records to hackers in 2015.

Given that the company boasted more than 18 million transactions in 2014, it’s likely that this breach affected tens of millions of Americans.

Heartland (2008)

Credit and debit card processing firm Heartland Payment Systems became one of the largest data breach victims in U.S. history when hackers compromised more than 130 million accounts in 2008.

The criminal ring involved in the Heartland data theft was also found to be responsible for the 2005 hack of TJX Companies involving 94 million records.

TJX Companies (2005)

In a 2005 scheme dubbed “Operation Get Rich or Die Tryin,” a group of hackers used an unsecured Wi-Fi network at a Marshalls store to break into parent TJX Companies’ computer system and steal 94 million customer records, including payment card data.

Albert Gonzalez, the ringleader of the hack, is serving a 20-year sentence in Leavenworth.

U.S. Office of Personnel Management (2015)

Earlier this year, the United States Office of Personnel Management admitted that hackers had taken 21.5 million records belonging to those who had undergone government background checks or otherwise applied for federal employment. The hackers stole a wealth of sensitive data, including security clearance information and fingerprint data belonging to secret agents.

The Washington Post reported that the attack is believed to have originated in China.

Zappos (2012)

In January 2012, online shoe retailer Zappos stated that cybercriminals had stolen data of 24 million customers, including names, addresses, and the last four digits of their payment cards.

After the announcement, Zappos had to disconnect its phone lines to keep upset customers from calling in and overloading its phone system.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Microsoft announced Attack Simulator for Office 365 Threat Intelligence

 

Admins can send simulated phishing and attack emails to find security and training weaknesses.

A few weeks ago, Microsoft released a public preview for Attack Simulator for Office 365 Threat Intelligence. On April 17th Microsoft announced that Attack Simulator is now generally available. Attack Simulator for Office 365 Threat Intelligence is available to all Office 365 E5 or Office 365 Threat Intelligence customers.

With Attack Simulator, customers can launch simulated attacks on their end users, determine how end users behave in the event of an attack, and update policies and ensure that appropriate security tools are in place to protect the organization from threats.  The GA of Attack Simulator adds a new HTML editor so realistic looking HTML emails can be sent in simulations of spear-phishing.  Also, two spear-phishing templates are available for immediate use in the spear phishing simulation.

Attack Simulator includes the three attack scenarios from our public preview.

Display Name Spear Phishing Attack: Phishing is the generic term for socially engineered attacks designed to harvest credentials or personally identifiable information (PII). Spear phishing is a subset of this phishing and is more targeted, often aimed at a specific group, individual, or organization.  These attacks are customized and tend to leverage a sender name that generates trust with the recipient.

Password Spray Attack: To prevent bad actors from constantly guessing the passwords of user accounts, often there are account lockout policies.  For example, an account will lockout after a certain number of bad passwords are guessed for a user.  However, if you were to take a single password and try it against every single account in an organization, it would not trigger any lockouts.  The password spray attack leverages commonly used passwords and targets many accounts in an organization with the hope that one of the account holder uses a common password that allows a hacker to enter the account and take control of it.  From this compromised account, a hacker can launch more attacks by assuming the identity of account holder.

Brute Force Password Attack: This type of attack consists of a hacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.

 

 

This video demonstrates how Attack Simulator can help organizations educate users to become more secure from cyber threats.  With Attack Simulator, admins can train all their end users, and especially those who are attacked most often.  This proactive training is a powerful way to ensure that your organization can prevent the impact from advanced threats.  Over the coming months, more threat simulations will be added to Attack Simulator so organizations can simulate the most prevalent threat types from the modern threat landscape.

Experience the benefits of Attack Simulator for Office 365 Threat Intelligence by beginning an Office 365 E5 trial today.  Also, learn more about how Microsoft leverages threat intelligence and the value of threat intelligence.

The 18 scariest computer viruses of all time

virus

 

Anna Kournikova (2001)

The Anna Kournikova virus is so named because it tricked its recipients into thinking they were downloading a sexy picture of the tennis star. Financial damages associated with Kournikova were limited, but the virus had a big pop culture impact: It became a plot point in a 2002 episode of the sitcom Friends.

Sasser (2004)

In April 2004, Microsoft issued a patch for a vulnerability in Windows’ Local Security Authority Subsystem Service (LSASS). Shortly after, a teenager in Germany released the Sasser worm to exploit the vulnerability in unpatched machines. Multiple variants of Sasser took out airline, public transportation, and hospital networks, causing $18 billion in damage.

Skulls.A (2004)

The Skulls.A is a legitimately spooky mobile trojan that affected the Nokia 7610 smartphone and other SymbOS devices. The malware was designed to change all icons on infected phones to Jolly Rogers and disable all phone functions, save for making and receiving calls.

F-Secure says Skulls.A caused little damage, but the trojan is undeniably creepy.

Zeus (2009)

While many malware programs on this list are little more than nuisances, Zeus (AKA Zbot) was a tool used by a complex criminal enterprise.

The trojan uses phishing and keylogging to steal online banking credentials, draining a cumulative $70 million from the accounts of its victims.

Melissa (1999)

Named after a Florida stripper, the Melissa virus was designed to propagate by sending itself to the first 50 contacts in its victims’ e-mail Outlook address book. The attack was so successful that the virus infected 20 percent of the world’s computers, causing an estimated $80 million in damage.

Virus creator David L. Smith (shown) was caught by the FBI, served 20 months in jail, and paid a $5,000 fine.

Sircam (2001)

Like many early malware scripts, Sircam used social engineering to trick people into opening an email attachment.

The worm chooses a random Microsoft Office file on victims’ computers, infects it, and sends it to all the people in the victims’ email contact list. A University of Florida study pegged Sircam cleanup costs at $3 billion.

Stuxnet (2009)

Stuxnet is one of the first known viruses created for cyberwarfare. Created in a joint effort between Israel and the U.S., Stuxnet targeted nuclear enrichment systems in Iran.

Infected computers instructed nuclear centrifuges to physically spin until they broke, all while providing fake feedback that operations were normal.

SQL Slammer/Sapphire (2003)

Taking up just 376 bytes, the SQL Slammer worm packed a lot of destruction into a tiny package. The worm slowed down the Internet, disabled 911 call centers, took down 12,000 Bank of America ATMs, and caused much of South Korea to go offline. It also crashed the network at Ohio’s Davis-Besse nuclear power plant.

Storm Trojan (2007)

Storm Trojan is a particularly sinister piece of email-distributed malware that accounted for 8 percent of all global infections just three days after its January 2007 launch.

The trojan created a massive botnet of between 1 and 10 million computers, and because it was designed to change its packing code every 10 minutes, Storm Trojan proved incredibly resilient.

Code Red (2001)

The Code Red worm, named after the Mountain Dew flavor preferred by its creators, infected up to one-third of all Microsoft ISS web servers upon release.

It even took down whitehouse.gov, replacing its homepage with a “Hacked by Chinese!” message. Estimated damages due to Code Red were in the billions of dollars worldwide.

Nimda (2001)

Released just after the 9/11 attack, many thought the devastating Nimda worm had an Al Qaeda connection (never proven).

It spread via multiple vectors, bringing down banking networks, federal courts and other key computer systems. Cleanup costs for Nimda exceeded $500 million in the first few days alone.

ILOVEYOU (2000)

The ILOVEYOU worm, AKA Love Letter, disguised itself in email inboxes as a text file from an admirer.

But this Love Letter was anything but sweet: In May 2000, it quickly spread to 10 percent of all Internet-connected computers, leading the CIA to shut down its own email servers to prevent its further spread. Estimated damages were $15 billion.

Cryptolocker (2014)

Computers infected with Cryptolocker have important files on their hard drives encrypted and held at ransom. Those who pay approximately $300 in bitcoin to the hackers are given access to the encryption key; those who fail to pay have their data deleted forever.

Netsky (2004)

The Netsky worm, created by the same teen who made Sasser, made its way around the world by way of email attachments. The P variant of Netsky was the most widespread worm in the world even more than two years after its February 2004 launch.

Conficker (2008)

The Conficker worm (AKA Downup, Downadup, Kido), first detected in December 2008, was designed to disable infected computers’ anti-virus programs and block autoupdates that may otherwise remove it from computers.

Conficker quickly spread to numerous important computer networks, including those of the English, French, and German armed forces, causing $9 billion in damage.

Michaelangelo (1992)

The Michelangelo virus itself spread to relatively few computers and caused little real damage. But the concept of a computer virus set to “detonate” on March 6, 1992 caused a media-fueled mass hysteria, with many afraid to operate their PCs even on anniversaries of the date.

Sobig.F (2003)

The Sobig.F trojan infected an estimated 2 million PCs in 2003, grounding Air Canada flights and causing slowdowns across computer networks worldwide. This tricky bug-in-disguise cost $37.1 billion to clean up, making it one of the most expensive malware recovery efforts in history.

MyDoom (2004)

In September 2004, TechRepublic called MyDoom “the worst virus outbreak ever,” and it’s no surprise why. The worm increased the average page load time on the Internet by 50 percent, blocked infected computers’ access to anti-virus sites, and launched a denial-of-service attack on computing giant Microsoft.

The worldwide costs associated with cleanup of MyDoom is estimated to be just shy of $40 billion.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

How to avoid ransomware attacks: 10 tips

As ransomware increasingly targets healthcare organizations, schools and government agencies, security experts offer advice to help IT leaders prepare and protect.

Nigerian princes are no longer the only menaces lurking in an employee’s inbox. For healthcare organizations, schools, government agencies and many businesses, ransomware attacks—an especially sinister type of malware delivered through spear phishing emails that locks up valuable data assets and demands a ransom to release them—are a rapidly-growing security threat.

“We’re currently seeing a massive explosion in innovation in the types of ransomware and the ways it’s getting into organizations,” says Rick McElroy, security strategist for cyber security company Carbon Black Enterprise Response. “It’s a big business, and the return on investment to attackers is there—it’s going to get worse.”

While ransomware has existed for years, 2015 saw a spike in activity. The FBI received 2,453 complaints, with losses of over $1.6 million, up from 1,402 complaints the year before, according to annual reports from the bureau’s Internet Crime Complaint Center. And the numbers are only growing in 2016, the FBIreports.

“The Dark Web and Bitcoin allow almost anyone to sell stolen data without identification—cyber criminals understand they can make easy cash without the risk of being jailed,” says Ilia Kolochenko, CEO of web security company High-Tech Bridge. And hackers—most of which are located in developing countries—are growing more sophisticated, even developing downloadable ransomware toolkits for less-experienced hackers to deploy, according to the 2016 Institute for Critical Infrastructure Technology Ransomware Report.

“The days of grammatically incorrect, mass spam phishing attacks are pretty much over,” says James Scott, senior fellow and co-founder of the Institute for Critical Infrastructure Technology, and co-author of the report. Hackers can now check a victim’s social media accounts, and create a fake email address pretending to be a friend or contact in order to get them to click on an infected link or attachment. “It’s much more targeted, and will exploit a particular vulnerability in a device, application, server or software,” Scott adds.

A typical ransom demand is $300, according to a report from security firm Symantec.

Health threats

The healthcare sector is highly targeted by hacker attacks, due to antiquated or misconfigured computer security systems and the amount of sensitive data they hold, says David DeSanto, director of projects and threat researcher at Spirent Communications.

The large number of employees at most hospitals also makes cyber security safety training difficult, DeSanto says. Experts commonly see attacks occur through spear phishing—targeted emails with attachments with names such as “updated patient list,” “billing codes” or other typical hospital communications that employees may click on if not warned.

In 2015, over 230 healthcare breaches impacted the records of 500-plus individuals, according to data from the U.S. Department of Health and Human Services Office for Civil Rights.

A February ransomware attack launched against Hollywood Presbyterian Medical Center in southern California locked access to certain computer systems and left staff unable to communicate electronically for 10 days. The hospital paid a $17,000 ransom in bitcoin to the cybercriminals, says CEO Alan Stefanek.

Following security best practices can help healthcare organizations protect themselves. “The best way is to make regular backups of all systems and critical data so that you can restore back to a known good state prior to the ransomware being on the system,” DeSanto says.

Without security best practices, healthcare organizations may be left with few options to retrieve information. In these cases, healthcare organizations may choose to pay the ransomware fee. Some make enough money that paying the ransom for a few infected computers is low compared to the cost of maintaining the infrastructure to protect these attacks, DeSanto adds.

Schools and businesses

Hackers are gaining traction and using new methods across other industry verticals as well. In 2014, a large European financial services company (whose name was not disclosed) discovered with the help of High-Tech Bridge that a hacker placed a back door between a web application and a data set.

For six months, the hacker encrypted all information before it was stored in a database, undetected by company staffers. Then, they removed the encryption key, crashing the application, and demanded $50,000 to restore access to the database.

However, the company did not end up paying, thanks to mistakes made by the hackers, Kolochenko says.

Other victims are not as lucky, says Engin Kirda, professor of computer science at Northeastern University. “If the ransomware hacker does the encryption well, once the data is encrypted it’s nearly impossible to decrypt,” he adds.

Such was the case for South Carolina’s Horry County School District this February, when hackers froze networks for 42,000 students and thousands of staff. District technology director Charles Hucks tried to shut down the system, but within minutes, the attackers immobilized 60 percent of Horry County’s computers. The district paid $8,500 in Bitcoin to unlock their systems.

Tips for IT leaders

To prevent a ransomware attack, experts say IT and information security leaders should do the following:

  1. Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.
  2. Keep all software up to date, including operating systems and applications.
  3. Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
  4. Back up all information to a secure, offsite location.
  5. Segment your network: Don’t place all data on one file share accessed by everyone in the company.
  6. Train staff on cyber security practices, emphasizing not opening attachments or links from unknown sources.
  7. Develop a communication strategy to inform employees if a virus reaches the company network.
  8. Before an attack happens, work with your board to determine if your company will plan to pay a ransom or launch an investigation.
  9. Perform a threat analysis in communication with vendors to go over the cyber security throughout the lifecycle of a particular device or application.
  10. Instruct information security teams to perform penetration testing to find any vulnerabilities.

Mitigating an attack

If your company is hacked with ransomware, you can explore the free ransomware response kit for a suite of tools that can help. Experts also recommend the following to moderate an attack:

  • Research if similar malware has been investigated by other IT teams, and if it is possible to decrypt it on your own. About 30 percent of encrypted data can be decrypted without paying a ransom, Kolochenko of High-Tech Bridge says.
  • Remove the infected machines from the network, so the ransomware does not use the machine to spread throughout your network.
  • Decide whether or not to make an official investigation, or pay the ransom and take it as a lesson learned.

“There is always going to be a new, more hyper-evolved variant of ransomware delivered along a new vector that exploits a newly-found vulnerability within a common-use application,” Scott of ICIT says. “But there are so many technologies out there that offer security—you just have to use them.”

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

CALL US NOW!