Jump to content

Twin Wolf Technology Group

Members
 View Profile  See their activity

  • Posts

    220

  • Joined

  • Last visited

  • Days Won

    8

 Content Type 

Blog Entries posted by Twin Wolf Technology Group

  1. Twin Wolf Technology Group
    I am seeing more and more clients with issues due to the latest Windows 10 Update.    Common issues are that printers/scanners and other devices that worked one day suddenly do not work the next day.   I also have had clients reporting their laptop will suddenly shuts down and not power back up until the laptop is plugged into the wall.   It gives every appearance that the battery is somehow bad.  It is not a bad battery at all.   The removal of the latest Microsoft update returns the laptop to normal working condition and the battery works as expected.
    What to do...
    Microsoft made a change in their policy back in June of this year.   Windows 10 users can no long block or defer any Microsoft updates.   They have taken away control of the operating system from you, the user/owner, and they dictate how your computer will operate and which updates it will receive, regardless of how it might effect you or your particular computer.
    This is a change that most people are unaware of yet most will experience these some of these issues without warning.   Keep the phone number of your computer guy/gal close at hand.   If the issues suddenly appears one day when everything worked fine the day before, it very well might be a Microsoft update.    
  2. Twin Wolf Technology Group
    I have received several questions regarding the recent news story about Hollywood Presbyterian Medical Center in L.A. whose computers were infected with "ransomware".   For those unaware of the news story, here is a link to it.
     
    http://www.reuters.com/article/us-california-hospital-cyberattack-idUSKCN0VS05M

    Ransomware is malware (malicious software) that infects a computer and encrypts all of the user's files making them unusable until they are decrypted with a unique key.   Once the files are encrypted, a ransom demand is made.   This type of malware has been around since 1989 but gained popularity around 2013 with the popularity of BitCoin, an untraceable way to make payment to the extortionist.

    So the question becomes how do you protect yourself from this type of attack.   I have a client that was attacked this way in 2014 and several lessons were learned.

    First, you should know that this type of attack is not isolated to just Windows computers.   All computers that connect to the Internet use data encryption to protect your activity.   Whether you are logging into your bank account or shopping online, your computer is using encryption to keep your data safe.  In this case the data encryption is not use to protect you but rather to make your own files inaccessible.
     
    Second, both Malware and Anti-virus protections programs, while helpful, do not give you 100% protection.   In the case of my client, he was using both an Anti-virus program and a Malware scanner.   Part of the problem here is that encrypting files is a completely normal activity for a computer and unless some unique attribute can be found, this malware appears as normal activity.   Another part of the problem that is until someone is infected and the Anti-virus/Malware software companies have time to figure out a detection, everyone remains at risk.   There is always a window of opportunity to be infected regardless of what software programs you use for protection.

    In the case of the hospital in this news story, they paid the ransom of $17,000 and got lucky that the extortionist actually sent them the decrytion key after making payment.   It is just as likely the extortionist would demand more money or simply disappear leaving the files encrypted.

    The only real solution is your backups.   I am not one to preach at people, nor use fear to motivate people.   What I offer here is my own person experience with a client that suffered this same attack.   

    My client, a mortgage broker in California, contacted me once he got the ransom demand of $300 and was unable to get to any of his files because they were encrypted.  His business came to a complete stop.  He was told the ransom demand would double every day he failed to pay.   Going to the backup seems like a simple solution but in this case it was not.   The problem is that the backup files were on an external hard drive that was connected to the computer at the time the infection took place.   All of the backup files were also encrypted, making them equally useless.   Both business files and years of family photos were lost.   A few things were recovered from a backup I had made personally when working on his computer the year before but that was little consolation.  

    Important Lesson Learned - If you backup your files to a device, such as a flash drive or external hard drive, YOU MUST DISCONNECT THE BACKUP DEVICE when you are not making the backup.   Your backup is the only safe when it is disconnected and separated from the computer.
    My personal advice to my clients regarding backups is this:
    You need to have multiple backups, I recommend 3.
    1.  Have one near the computer but disconnected unless actually making a backup. This is your convenient backup.   Used quickly and done often.   Understand that this backup is at risk of being stolen, damaged or destroyed in the event of a break-in,  or local disaster such as a fire.   It is also at risk when it is connected to the computer.

    2.  Have one outside of the home/office.  This protects you against anything that might happen to the backup that is near the computer or damaged while in use.   It needs to be in a separate physical location such as with a trusted friend.  It should not be in the same building or location as the computer except when making a backup copy.

    3.  Have one online using a service such as Dropbox or a cloud based storage.   This backup is your final line of defense.   A physical device in your possession is always superior but a copy online gives you the advantage of being accessible from any place.   A backup online provides protection if the physical backup devices get damaged or stolen.   Due to the generally slow Internet speeds in our area, it can be difficult to keep large files stored online and slow to retrieve them.

    One last bit of advice regarding backups.   If you use a software program to do your backups, realize you will likely need that particular software program installed on another computer to recover your backup if your computer is lost or stolen.   I recommend not using a software program that creates a single backup file, rather one that copies all of the files individually so they can be read on any computer without installing the same backup software program to retrieve them.
    This ransomware type malware is on the rise and often is it not talked about due to embarrassment.   Heed the advice and check to be sure your backups will save you should you suffer the same fate as my client or the hospital in this news story.
    All my best - Dan Porter
  3. Twin Wolf Technology Group
    I have just completed planning and purchasing airline tickets for a month long visit to multiple cities in the US.   Using the Internet to do so is a must and can be an exhausting process.  If you are looking for the best deals with cheapest prices, things have changed in recent years.   It used to be a quick visit to (Oribiz.com, Expedia.com, or Travelocity.com ) would be a great place to compare fares and find a good deal.   Then, over time I noticed that sometimes going direct to the actual airline website gave a better deal or other flights that were not advertised.    That made the process of getting the best deal a lot of work.
    There have been many other websites that advertise "cheap tickets".    Visiting most of those is even more time consuming and rarely did I find better deals.
    That all changed when I have discovered two websites that gave significantly different and better information when planning a trip with cheaper airfares.
    The first one is called Sky Scanner.   
    https://www.skyscanner.com/tips-and-inspiration/best-time-to-book-usa
    Not only do they give great pricing deals, they have a tool that shows how many weeks in advance to book plus many tools to find the very best deal.   I used it extensively and was impressed with the volume and detail information available.  We planned many one-way hops and the prices varied greatly.   It is now my "go-to" website for getting airfare information, tho I often still book with the actual airline.
    The second one is called  Skip Lagged
    https://skiplagged.com/
    This site has some useful information but is more aimed at a traveler that does not have and checked luggage.   Often times airlines will have flights that are multi-stop and are cheaper than direct flights to one of the layover points.   I never understood why flying further was less expensive - can't we just pay by the air mile?   

    For example, say you wanted to fly from Atlanta to Denver.    The airfare for that direct flight might be more expensive than a flight that goes from Atlanta to Portland, with a layover in Denver.    So you could purchase the longer flight to Portland but you would not board the plane for the second leg from Denver to Portland, thereby getting to Denver on a cheaper airfare.    This would not work if you had checked luggage since your luggage would go all the way to Portland.   On the other hand it provides a useful option for some people.  They also give a very interesting graph of airfare prices between now and when you plan to go, helping you see when the cheapest times are to fly.
    So, if you are planning a flight, I would suggest checking out these two sites.    Then book direct with the airline or take the information to your favorite travel agent.   I have easily saved almost $1,000 over our extensive trip.   I only wish I had learned of these tools earlier. 
  4. Twin Wolf Technology Group
    I have received several questions regarding Netflix blocking users that use a VPN to access content.   If you are a VPN user and cannot get to Netflix, I would recommend the service called "Unlocator".   It uses a different method of accessing the blocked content and as of this writing, Unlocator users users are still able to access the Netflix content they want.   You can get more information about Unlocator service at their website http://www.unlocator.com.   They offer a 7 day free trial and I find the service works well.
    Much of that is old news, but Netflix users may find the following information new and very useful.
    Netflix offers a different video selection from country to country.  Videos offered in one country's version of Netflix may or may not be available in another country's version of Netflix.   Videos are rotated in and out from time to time and new ones are added as well.   There is a website that lets you search and find the details of all the Netflix videos by country.   It also lists which videos have recently been added to that country and which videos are about to expire.   It is called the Unofficial Netflix Online Global Search and you can access it here:  http://unogs.com/    For country detail, check out this page:  http://unogs.com/countrydetail/
    If you cannot seem to find that movie at the country of Netflix you are signed into - try this search and see where it is.   You can even click the Watch Now button and be directed to it.  This site really expands the list of movies available to Netflix users.
     
  5. Twin Wolf Technology Group
    Today, September 28th,  news sources are reporting that Facebook was hacked affecting 50 million accounts or more.   It is highly recommended that you log into Facebook and change your password at this time.   More information on the hack are available here:

    https://mashable.com/article/facebook-50-million-accounts-hacked
     
  6. Twin Wolf Technology Group
    For those that do not follow the latest security scams and tricks being used to compromise your smartphone, here is the latest to be aware of:
    A new scam using WhatsApp is trying to infect smartphones with a nasty virus.
    Users of the mobile app are being warned about the scam which is affecting Android devices. They are being sent 'secret' messages, which offer an exclusive version of the app called WhatsApp Gold, with enhanced features "used by celebrities." But it is just being used as a sneaky way of installing malware onto users' smartphones.
    Officials from WhatsApp said it will never send users a message asking them to upgrade or download another app, and this is a scam by criminals trying to steal information.
  7. Twin Wolf Technology Group
    As predicted more than a year ago, we are seeing another expanded attack of "Ransomware"  (the encryption of your data and holding it for ransom).   The news reports are full of this, so I will not go over every detail yet again.   The basic questions everyone has are:
    1.  Does it or will it affect me?
    Probably not but lets layout the details.   This particular malware/virus attacks older Windows XP,  Windows Vista and some unpatched Windows 7 installations.   It does not appear to attack Windows 8 and Windows 10 systems.   So right away, those with newer operating systems can just relax.    
    2.  What do I need to do?
    If you are running an older version of Windows, including Windows 7, you need to make sure your computer is fully patched.   That means that you need to run and re-run Windows Update until it tells you there are no more updates available.   Often times, some updates will not be available for your system until a first or second set of updates has been installed.   So, be sure to run Windows Update several times.    The Windows update function can be found in the Control Panel.    
    Do not just rely on the fact that Windows is "supposed" to update itself on its own.   If it has errors, it will not inform you unless you are running it manually.
    Back in February 2016, I wrote an article about Ransomware and Backups. (see the link below)  At the end of that is an important list of what you should be doing so that if your system ever faces one of these attacks, there is a way to recover your data.   Yes, doing backups is a pain in the butt - on the other hand losing all your photos, documents and financial info is much worse.   Take the time do to it and if you need help let me know.   I can help most clients without an in-home visit.
    Do not fall victim to all the tech guys running around trying to make money off of this news.   The huge number of systems being attacked are systems in hospitals and manufacturing where they are forced to run older Windows XP systems due to software limitations.   You do not need to go out and buy more security software or pay a big fee to have a computer guy fix what is not broken.  
    Advice:
    Run Windows Update manually... Do a backup and disconnect the backup from your computer,..  Go enjoy the day and don't fall victim to all over-hyped tech disaster news.
     
  8. Twin Wolf Technology Group
    As I write this, I am shaking my head.   Another site hacked, this time one that hold passwords for thousands of people. 

    What I am commenting on is a service called One Login.  It is a password manager service.   The idea is to keep all of your passwords in one place and have a program or app on your phone keep track of them so they can all be very long and different.   You only need to remember the one password for the service and the rest is done for you.

    Well, OneLogin was broken into by hackers and all of the passwords, including the keys  to unencrypt them, were exposed.   If you have this service, you have already received an email about it.   For the people that do not have that particular password manager but do use a similar service I would like to caution you with a bit of reasoning.

    The old saying is "Don't put all your eggs in one basket".    A password manager does exactly that. It puts everything valuable in one place.   You are then trusting some company to keep the passwords to all your valuable information safe.   Consider this...  if you are a hacker, it would make sense to attack the place where there are hundreds if not thousands of passwords rather than trying to get just one password of yours.

    Personally, I solve the problem of having different passwords on different sites by making a formula out of them.  It is a rule that I apply to each website when they want me to create a password.   If follow the rule, then each site then gets a unique password.  I do not need to remember the password, instead I can recreate in my mind by remembering the simple rule.  
    Here are a few examples:
    Let's say this is my formula to make a password for any web site I visit:
    First two letters of each word of the website name,  followed by the year I was born, followed by a $ and then my initials in lower case
    Wells Fargo = WeFa56$DP
    Ebay = Eb56$DP
    Chiriqui Life = ChLi56$DP
    As you can see you end up with both upper and lower case letters, numbers, and a special character ($).   That meets all the recommendations and it is unique for each website.   Now when I visit in the future, I just think the rule out and I can figure out my password without having it written down or stored in a password manager.

    You can add other things and mix it with your own variations to make your formula unique.  Perhaps you want to use the first initial of all your kids names or maybe the last two letters of the website name.  The idea is to create a simple rule that lets you create a password for each site and makes it unique.   Keep the rule the same for every site and it will have enough variations to make a different password each time.   By doing this, you no longer need the password manager service and all of your accounts will not suddenly be exposed with a single failure should it get hacked.

    It is something to consider.    I have always said a password manager works right up until the company disappears or gets hacked.   When that happens, you do not have to deal with a single exposure, you have to deal with EVERY site.   In today's world, that can easily be 100s.

    Now... about saving the passwords in your web browser so you do not have to enter them each time - I will let you consider the risks when your computer goes into the shop for repair !
    Stay safe and enjoy the day
     
  9. Twin Wolf Technology Group

    Hackers

    By Twin Wolf Technology Group,

    Technology has become so intertwined in our lives that it is hard to imagine life without it.   It makes our lives simpler in many ways yet the complexity challenges even the most well informed.  The news is full of technology stories that can be confusing, misleading and down right scary at times.   Today there is news of more hacker activity and I want to pass along what you need to know in simplest terms.
    Equifax Data Breach   
    The security breach of Equifax happened between May and July of 2017.   We are several months since this happened.   There is a lot of information available on this, so I am not going to repeat everything here.   However, there is one important piece of information and recommendation that is important to examine.   Many websites are recommending that you go to another website to check to see if you were affected by the data breach.   Testing has shown that the website is giving false results as it wants people to signup for the free credit monitoring.   Everything "free" comes with a price.   The hidden part of this is that by signing up for the free credit monitoring, you also agree not to be part of any class action lawsuit that is sure to follow in the near future.   I might also add that there is no reason to trust Equifax at this point in time, nor some free service they are trying to give away.   
    Good information on this here:  https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do
    CCleaner Hacked 
    A very popular tool for cleaning PC's is software called CCleaner.   I personally use it as one of many in my toolkit for cleaning computers of malware and other nasty things.   Today it was learned that the latest versions of the software between 5.33.6162 and 5.34 were infected with  a multi-stage malware payload.   Luckily this was discovered quickly and it appears to only affect 32 bit versions of the software, not the more common 64 bit versions.   
    More details on the hack here:  https://www.howtogeek.com/326742/ccleaner-was-hacked-what-you-need-to-know/
    The point here is to be aware that any software installed on your computer could potentially contain malware.  Even legitimate software can be compromised.   The best things to do are:
    Backing up of your data regularly and keep it in multiple locations  (Be sure your backup does not remain connected to your computer) Regular malware scans and cleanup - this is different than just a simple virus scan Have a computer tech that knows your system before disaster happens. You do not need to be a pro yourself but you will need a pro at some point in time.   Technology is simply too complex these days and we are all vulnerable.  My advice is to plan ahead, just as you would look for a doctor before you need one, you should do the same for a technology pro.  
     
×
×
  • Create New...