Monday, June 24, 2019

Old Drivers Could Cause WiFi Issues After Windows 10 Update

Does your computer contain a Qualcomm wireless network adapter?  If so, be aware that Microsoft is warning you that your computer system may suffer a sporadic loss of Wi-Fi connectivity after installing the Windows 10 update.

The update was released in May 2019, stemming from an issue with out-of-date network drivers.
If you haven't yet installed the May 2019 update and you want to, you'll need to jump through an extra hoop by going to device's manufacturer and downloading the latest Wi-Fi driver. Note that you will not be able to install the May 2019 Windows 10 update without taking this step.

According to the official Microsoft bulletin on the matter: "To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, 1903, until the updated driver is installed."

Here's another thing to bear in mind about the May 2019 Windows 10 update.  Once it is installed, you will start seeing alerts in the form of pop-up boxes any time you connect to Wi-Fi networks that are secured with TKIP (Temporal Key Integrity Protocol) or WEP (Wired Equivalent Privacy).  These are older protocols with several known, serious security flaws.

According to Microsoft, "In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3."

In other words, the end is nigh for any technology that uses TKIP or WEP protocols for Wi-Fi connections.  If that's what you've got, it's time to upgrade your equipment.

Overall, most technology experts regard this as a good move.  Sure, it comes across as a bit heavy handed, but as past experience has shown, if Microsoft didn't take a rather aggressive step like this, nothing would change.  Kudos to Microsoft!

Do you want to make sure that your network is safe from all kinds of online threat? Call SpartanTec, Inc. now.



SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto

Thursday, June 20, 2019

Tips For Preventing, Detecting, and Fighting Identity Theft


A victim of identity theft spends about 600 hours trying to clear their identity. This means obtaining affidavits and reports that prove the theft, finding out what has been compromised, and working to retrieve their identity. That is a lot of time to spend on a crime that you have fallen victim to. Unfortunately, you cannot protect yourself 100% against identity theft. Fortunately, there are ways for you to reduce your risk by acting right away when your personal information has been compromised. So how do you improve your information security?

Place Fraud Alert

Place a fraud alert on your credit report by getting in touch with three credit bureaus. A fraud alert will last from 90 days to seven years and will notify businesses to take additional steps to confirm your identity once actions are taken on your credit.

Credit Report Security Freeze

A security freeze goes a step further than a fraud alert as it requires a PIN or password before a company can check your credit report. Compared to a fraud alert, there is a fee to place a security freeze on your credit report unless you are already a victim of identity theft.

Get Your Free Credit Reports

Every year, you are entitled to a single free credit report from every one of the three credit bureaus. By getting one of these reports once every four months, you could monitor your credit throughout the year. The only disadvantage is that you could only obtain one report from the bureau at a time. Therefore, when the identity theft does not appear on all three of the reports, you may miss it for a year.

Purchase Credit Reports

If you have used up your annual credit reports, you could always buy one for a minimum of $11 (Equifax) or all three for a minimum of $15 from TrueCredit.com. You might be able to obtain a free credit report when you subscribe to a credit monitoring service. Be sure that you cancel the credit monitoring service before the trial is up so that you won’t get charged.

Check Your Accounts Online

When your bank lets you view your accounts online, then sign up. Once done, log in so you can check your account on a regular basis to ensure that there are no unauthorized charges were made on your account. Protect your login information. Avoid writing it down and don’t tell your log in details to anyone.

Enrol In Credit Monitoring

Although it is not recommended due to the high costs compared to the alternatives, credit monitoring is one good way of detecting identity theft. Compare to the cost of a few credit monitoring services to the price of ordering your credit report, and you will find that purchasing a few credit reports a year could be cheaper. If you decide to enrol in a credit monitoring program, be sure to do your research well.

Keep Your Social Security Number Safe

Your social security number could be lethal to your credit if this sensitive information gets in the wrong hands. Don’t carry our social security card in your wallet. Do not write the number down. Don’t forget to be cautious especially when you are giving your number to a customer service representative.

Get Your Check Order

Another method for thieves to take your identity is through stolen checks. With your checking and routing account number, a thief could make new checks and use them to buy things. If you order new checks, get them from the bank instead of having it mailed to your house.

Stop Pre-Approved Credit Card Offers

All of those preapproved credit card offers contain some of your personal information on them. Thieves are known to utilize these offers to obtain credit cards on the name of the victim. Shred all the credit card offers before you throw them away. Or opt out immediately so you can stop them right away.

Pay Your Bills Online

When you mail bills, you are making it easy for thieves to steal your identity. Several banks now offer online bill pay. This is a much better alternative to sending your bills from an unsecured post office box.

Call SpartanTec, Inc. if you want to make sure that your personal information are secure from various kinds of online threats.



SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto

Wednesday, June 12, 2019

Online Retailers Breached By An Unstoppable Credit Card Stealing Malware


Since 2014, countless e-commerce sites have been infected by a credit-card stealing software that was proven to be very difficult to stop. Security experts revealed that the malware seemed to be unstoppable because several hacking groups nowadays are using different variations of the code. The attacks have become consistent and extremely common, which prompted information security professionals to dub it as Magecart.

Magecart is a type of cyberattack wherein hackers add malicious computer code into websites as well as third-party suppliers of digital systems. Their goal is to steal credit card information as customers key in their details at a checkout page. Although stealing credit card information online, otherwise referred to as skimming, is not new, the attacks on smaller companies and on payment pages has become persistent and successful that it lead to the rise of its very own small cottage industry.

In 2018, several large scale online retailers reported that their websites have been infected by Magecart hackers. Among these retailers are Newegg, Sotheby’s, Ticketmaster, and British Airways.
Volexity researcher Matthew Meltzer said digital card skimming has attracted countless hackers due to its simplicity and high probabilities of success.

“Other attacks rely on social engineering, the installation of malware, or the direct compromise of databases containing sensitive information.” Meltzer added. “One of the reasons why digital credit card skimmers have grown in popularity is likely due to the ease of this attack methodology as well as its success rate in comparison to others,” he explained.

The success of Magecart can be partly attributed to the fact that it is almost impossible for a customer to detect, as per Symantec’s security researcher Candid Wueest.

Skimming usually happens when consumers enter their credit card info when buying something online. Wueest explained that online consumers have no way of knowing of the theft. He said, “You will have basically no chance by naked eye.”

Megacart became increasingly popular in 2018 but the malware can be traced by to 2014, according to RiskIQ’s head researcher Yonathan Klijnsma. The skimming activity has increased significantly over the years. He said the web based credit card skimming has become a small black market industry. Researchers at RiskIQ were able to track the code type used by skimmers and discovered that they were being sold in dark web forum sin 2016. That resulted to a rise in groups purchasing and selling the building blocks of code for the successful execution of the Magecart attacks.

Klijnsma reported that they discovered six groups that sold various code skimming kits. Other groups build their own, with about 11 different groups utilizing some sort of code to skim consumers’ credit card information. And even though he cannot provide a rough estimate as to the number of credit card information that were stolen, Klijnsma said he believes that skimmers had accumulated far more credit cards than what were stolen in high profile breaches such as those of Target and Home Depot.

Protect your company, your consumers, and your personal information. Call SpartanTec, Inc. now.


SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto

Tuesday, June 11, 2019

Digital Skimmers Are Dangerous For Websites With E-Commerce


If your business website incorporates an e-Commerce platform that allows you to sell directly to your customers, be aware. According to the latest research by the security firm RiskIQ, there are currently more than half a dozen large, well-organized hacking groups targeting businesses just like yours.

These groups are all using the same basic family of malicious code, collectively referred to as Magecart.  Their preferred targets are websites that use the Magento e-commerce platform. Although historically, they haven't been bashful about targeting other e-commerce platforms as well.

The gist of how they do their damage amounts to digital skimming.  This type of attack is conducted by first penetrating your site's security features. This allows the hackers to inject malicious code onto your site that monitors any transactions that take place when your customers make a purchase from you. In the process, they are "skimming" their payment details and sending them off to a server under the control of the hackers, where they can make use of the payment data for their own purposes.
Given the nature of the attack, there's no outward sign that your customers' payment information has been compromised.  They'll only find out later, when transactions they have not authorized begin appearing on their payment card statements.

In tandem with the research conducted by RiskIQ, Malwarebytes security researcher Jerome Segura has uncovered a new twist on the basic Magecart skimming tactic. This new tactic sees attackers injecting e-commerce sites with code that causes it to pop up a malicious iFrame at the time of payment. Then, the user simply hands over their payment data, not suspecting that it's not a normal part of the e-commerce platform.

In whatever way it is accomplished, the researchers following the development and maturation of Magecart attacks all agree on one thing.  Once the data has been collected, it is sent to a server somewhere in Russia.  Beyond that, the trail becomes too tangled to follow.

Conclusion - stay alert and contact SpartanTec, Inc. in Fayetteville to make sure your e-commerce solution is secure.


SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto

Wednesday, June 5, 2019

Hackers Using WhatsApp To Install Malware On Phones

If you're among the masses of people using WhatsApp, for either Android or iOS, be advised that the Israeli hacking consortium known as the NSO Group may have installed spyware on the device you use WhatsApp on.
A massive security flaw identified as CVE-2019-3568 has been discovered and weaponized by the NSO Group.
This allows them to install spyware and steal a variety of data from impacted devices.  Worse, the group is installing their Pegasus spyware, which is among the most advanced on the planet. It's very good at hiding itself, deleting incoming calls, and other log information in order to remain hidden.
The good news is that Facebook, which owns WhatsApp, has patched the flaw with an update. As long as you're using the latest version, you're protected.  Unfortunately, not everyone keeps their apps up to date. Prior to the patch being released, all 1.5 billion of the app's users were considered vulnerable.
According to the official company statement:
"The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to 2.18.15."
Although millions of users have already updated their software, the sad reality is that for most people, keeping apps up to date generally ranks quite low on their list of priorities. That means there are still untold millions of users who are vulnerable.
If you use the app or if you know anyone who does, the best thing you can do is to update to the latest version right away and have your phone thoroughly scanned to be sure you don't have the Pegasus Spyware already embedded in your system.

Call SpartanTec, Inc. to help your company setup an effective data protection program. 




SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto