Google and Mozilla Block Adobe Flash Plug-In

Standard

plugin

Recent announcements in the Wall Street Journal revealed that Google and Mozilla disabled the Adobe Flash plugin on their respective browsers, Chrome and Firefox, after the discovery of multiple zero-day vulnerabilities in the software. According to the WSJ, “the moves came two days after Facebook‘s top security executive, Alex Stamos, publicly called for Adobe to discontinue Flash.” This movement seems to simulate Steve Job’s thoughts from back in April of 2010. Jobs penned a 1700 word letter explaining his refusal to allow Flash anywhere near Apple products due to increasing security flaws and other concerns.

So, what is Adobe Flash? According to Daily Mail, “Flash is one of the most ubiquitous and widely distributed pieces of software in the world”. It’s a software platform that is used to stream and view audio and video content inside of web pages; also referred to as Shockwave Flash. Because Flash is such a global software, odds are fairly high that you have Flash on your computer right now.

Since the zero-day vulnerabilities have erupted, experts say that most web browsers are looking to adopt  HTML5 in place of Adobe Flash to match Apple, Youtube,  and Vimeo.  The Business Insider states, “HTML5 is a core technology of the Internet and is becoming the coding language of choice for many developers when creating webpages and smartphone and tablet applications.”

Since Flash is not generally needed on computers, security experts are encouraging users to remove Flash to avoid potential risk. This is, of course, is solely based on the preference of users. Adobe alerted users, on July 14th, that patches have been issued for the vulnerabilities. The Wall Street Journal states that, “if Flash is updated, both Firefox and Chrome will allow it to run. Both companies said their browsers should automatically update to the new version of Flash.”

If you’d like to remove Adobe Flash from your computer, give Everon a call at 888-244-1748 or email us at help@everonit.com. We can help disable and remove this plug-in from your web browsers.

Datto vs Cryptolocker

Standard

alto2box

A few months ago, I wrote about my love for Datto (found here), but it was never more apparent than when I had to go up against the dreaded Cryptolocker virus – head to head.

Cryptolocker has become one of the most notorious pieces of malware that our generation has ever seen. The malware infiltrates a network through various means (usually through Java exploits) and immediately searches out network shares. It encrypts the files, holding them ransom until you pay a VERY hefty fee to recover them. The encryption done by Crytolocker is very secure and it is always changing.

Most recently, I dealt with a case of this virus with a client who was exposed through a Java exploit. Although our antivirus (Webroot Secure Anywhere) picked up the virus and quarantined it,  Cryptolocker found shares and went to work immediately. This caused the client’s main share to become encrypted – with over 34,000 files affected. This could have potentially become a nightmare, but because we have dealt with this before and we had the comfort of a Datto, we sprang into action!

The first step was to assess the damage and determine the culprit. We went to our main console for Webroot Secure Anywhere and found a machine that was reporting the issues. We immediately pulled that machine from the network and left it unplugged. We always wipe the host machines as a precaution. We know that in most instances we can wipe the virus from a simple scan from Webroot or Malwarebytes, however, due to Crytolocker changing the malware so frequently, we don’t like to take chances. Cryptolocker is very easy to wipe from machines, as it doesn’t put anything overly complicated on the machines to infect the network. Its devastation is done in the encryption of the files.

Once the host machine was found, we disabled the affected share from the network, and began full scans of ALL machines in the network. We wanted to ensure no other machines were infected at this time, and disconnecting the share prevents further encryption from happening. With the share disconnected, we then went through the share and gathered up all of the files with the Cryptolocker extension. Because this changes on a regular basis, you just need to identify what is being used for you. In this instance, the extension was .trslcla (they keep making the extensions weirder and weirder). Once we have identified all files encrypted in the share, we then mounted our Datto restore point, ready to move the appropriate files back over.

Because encryption was random, and covered over 34,000 files, we used another product (one of my all-time favorites) called Syncback, made by 2BrightSparks. We installed this tool on our server and pointed the source to the Datto restore and the destination to the share. Syncback allows you to compare two directories, determine the differences, and do whatever necessary to rectify those differences. We deleted all encrypted files, and then asked Syncback to tell us what was missing from the share that Datto had in place. Syncback told us the various files (which came out to being only around 18 files off of our original estimate) and we proceeded to restore the files to the share.

Because of Datto’s ease in which you can do restores, pointing to its directory and simply comparing was so quick and easy. We had the client up and running in around 3 hours from when the initial infection was identified, and the client hardly missed a day’s worth of work. This is a shining example of why I will always support the Datto product. It allowed us to take, what could have been an absolute disaster, and turn it into a huge win.

There are certainly no shortages of Crytolocker blogs that we have written in the past. See herehere and here for more information on Cryptolocker. As always, if you find suspicious files on your computer, give Everon a call at 888-244-1748 or email us at help@everonit.com. We’re here for you.

Windows 10 is Coming July 29th : Should You Upgrade?

Standard

 

Windows_10_Logo.svg

With the release of Microsoft’s latest operating system right around the corner, people are starting to wonder if they should upgrade. There isn’t a clear cut answer and the decision to upgrade varies by depending on the needs of your business.

Most small businesses are still using Windows 7, which is Everon’s recommended operating system. This OS has proven to be stable and familiar over the last few years. A lot of users referred to Windows 7 as the “new Windows XP” which people clung on to for 13 years before Microsoft officially ended support in 2014. This resulted in most businesses skipping over Windows Vista, which was wedged between Windows XP and 7. This is similar to what we see currently with Windows 8, as most businesses are opting to skip this version. There are a few reasons why this happened with Windows 8. The interface changed to be more touch screen friendly with large tiles, the start button disappeared, or you just upgraded to Windows 7. This was enough to deter people from upgrading and fall into the  ”if it isn’t broke, why fix it” mentality.

With Windows 10, Microsoft is hoping to take the best features of Windows 7 and 8 to create a sleek operating system. The start menu is back,  there’s an entirely new web browser called Edge, and newer ideas like pinned apps are infused in the mix. Many of the early reviews are favorable and most are confident that this will be an OS people will want to use for years to come. Many existing Windows 7 & 8 users will also be eligible for a free upgrade to Windows 10 to help nudge users into pulling the trigger.

So, the question is, should you upgrade? Well, If you’re looking to buy a new personal computer or tablet that happens to come with Windows 10, odds are it will work just fine. For businesses, we recommend initially holding off until the first service pack is released. This gives Microsoft time to work out many of the bugs and allows 3rd party software companies to do the same. There is nothing worse than diving into an OS upgrade and then realizing your company database software isn’t fully compatible with Windows 10 yet. Of course this is just our suggestion and upgrading prior to the first service pack may not cause any issues at all. Before making the plunge, we highly recommend contacting your IT professionals to review your current systems and help identify any potential upgrade challenges.

If you have questions or would like to speak to one of our experienced technicians about the Windows 10 upgrade, contact us at 888-244-1748 or at info@everonit.com.

Samsung Galaxy Security Breach : How Users Can Reduce Their Risk

Standard
samsung galaxy phones-2

A random sampling of the popular Samsung Galaxy S4 and S6 phones, from around the Everon office.

According to reports released on June 16th, over 600 million Samsung mobile devices are vulnerable to a security risk that stems from a flaw on a pre-installed keyboard software produced by SwiftKey. If exploited, the device’s predictive text software can allow hackers to remotely access the phone’s GPS, camera, microphone, and even eavesdrop on inbound/outbound calls. Hackers can attempt to access personal data, including texts and pictures, and could install malicious applications without the user’s knowledge.

According to ABC News, Ryan Welton, a security researcher at NowSecure, discovered this flaw back in December 2014. He notified both the Samsung and Google Android Security Teams, and the U.S. Computer Emergency Readiness Team (CERT). Samsung has not publicly commented on the security flaw, but reports have stated that patches have been released to mobile network providers. Whether those providers have released those patches to devices is unknown.

Unfortunately, there’s not much Samsung Galaxy users can do to prevent this breach. The keyboard is already pre-installed on the Samsung Galaxy S4 Mini, S4, S5 and the newly released S6. This flawed application cannot be uninstalled by users. However, NowSecure, which has released a list of affected devices, states that there are a few remedies Samsung Galaxy mobile device users can take for protection:

  • Avoid insecure wi-fi networks

  • Use a different mobile device

  • Contact carriers for patch information and timing

If you’re unsure how to avoid insecure wi-fi networks, call Everon at 888-244-1748. We’ll do everything we can to help you reduce your risk.

——-

You may also like:

 

Product Review: Lumia 1520 – My new cell phone

Standard

 

It was late February 2015, and I faced a pivotal life-moment. Time to get a new cell phone.

For some people this is not a big deal, a once-a-year (or more) thing. But for me, I got my first cell phone in 1997 and could count on one hand the number of devices I’ve owned. (Yes, I’ve continuously owned a cell phone in that time. That’s how long I keep them.) And since it’d been four years since my last one, Phone #6 was kind of a big purchase.

I was going to wait it out until Microsoft released Windows 10, but my current phone was on its own schedule. It began increasingly wimping out on me, shutting itself off and restarting at random times—inconvenient and annoying. Luckily, I learned that even if I got a Windows 8.1 device now, 10 would be a free upgrade later.

I’d had my Samsung Focus, running Windows 7.5 (its maximum upgrade), since mid-2011. Back then its 4” screen was larger than any iPhone screen until late 2013, when the iPhone 5 finally caught up to match it. And it wasn’t until the iPhone 6, released last October, that Apple screens were finally larger than mine. But now I was also four years behind with the technology. Smart phones had gotten way smarter.

lumia 1520 pic

Way bigger than a 4″ screen.

I went to the AT&T store and bought a Lumia 1520 with a 6” screen. A phablet. Or, a TV, as my friends have dubbed it. The 1520 was released in October 2014. Everyone agreed its camera rocked. Lumia is, after all, from Nokia, a camera company, whose cell phone division was bought by Microsoft. The phone’s other powerful specs were pretty awesome, too.

But detractors complained. It was a Windows device, so there were less apps available. Plus, last fall, everyone thought it was a behemoth.

Flash-forward to spring, however, and 6” was suddenly the new flagship size for everyone from Apple to Samsung. Funny, how a few months changed everything.

It was a huge leap to go from a 4” screen to a 6” one, but it was amazing how quickly I got used to it. The transition from Windows to Windows was seamless, since all of my data, contacts, photos, and documents were already stored in Microsoft’s OneDrive cloud. Within a few hours, I’d completely adjusted to both the larger size and the upgraded OS.

It’s been almost four months since my purchase, and I’m still happy. There are probably features on my Lumia that I’ll never use, like Project My Screen, or the built-in Office 360 suite. But things like texting are easier with the bigger keys. And my new friend, Cortana, lets me voice-text and finds destinations for me while I keep my eyes on the road. Also, she mutes people who call or text me during “Quiet Hours,” responding with a polite return-text that I’m busy. So I can get my beauty sleep. Yes, this was definitely a good purchase!

If you need help with your technology shopping, or troubleshooting your Windows (or iOS, or Android) devices, give us a call at Everon. 888-244-1748. Or email us at info@everonit.com.

——-

You may also like: