In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.
These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money.
Microsoft has initiated a voluntary recall for AC power cords (the cord that plugs into an electrical outlet) sold with the Microsoft Surface Pro and Microsoft Surface Pro 2, and with any Microsoft Surface Pro 3 purchased prior to March 15, 2015 (“pre-March 15, 2015 Surface Pro 3”). This is being done in cooperation with various government regulatory agencies.
If these AC cords are sharply and repeatedly bent or wrapped tightly over an extended period of time, they may become damaged. Damaged AC power cords can overheat, posing a potential fire or shock hazard.
Action Required:
Stop using your AC power cord if you have a Surface Pro or Surface Pro 2, or a pre-March 15, 2015, Surface Pro 3. Replacement AC power cords will be provided at no cost through the program website.
Please go to the Microsoft website at www.surface.com/powercord to obtain your free replacement AC power cord. You should dispose or recycle your replaced AC cord in accordance with local requirements.
Review the cord care instructions on the Surface support page at Power Cord Care.
Microsoft’s Patch Tuesday update KB 3114409, intended to help admins keep Outlook 2010 from starting in safe mode, has in fact done the opposite. Many Outlook 2010 customers report that installing KB 3114409 forces Outlook to start in safe mode.
As of early Wednesday morning, the patch has been pulled, but if you’re experiencing odd problems with Outlook 2010 — it opens in safe mode only (always opens maximized and has no sounds, no reading pane, or other view settings that stick), has broken templates, and much more — you should look at theKB 3114409 article for instructions on how to remove the patch or call TMD Technology Service for assistance.
PC-maker Dell is taking action to fix a security vulnerability on a number of its laptops shipped since August 2015.
The flaw was found in the digital certificate, eDellRoot, installed by Dell Foundation Services, which is part of a support tool to make it faster and easier for customers to service their system, according to a press release from Dell. But security researchers discovered that the certificate could leave users exposed to online spying and malware attacks.
Dell posted instructions on how to permanently remove the certificate on its website and stressed that the certificate will not reinstall itself once it is properly removed.
In a PCWorld Article they report what most technology professionals have probably already heard about…
Ransomware thieves have come up with creative new schemes in the past month and are targeting people heavily this holiday season.
Current ransomware typically encrypts victims’ data and then threatens to delete the key if payment is not made. The latest variant of the prolific CryptoWall malware, however, now scrambles the filenames on infected computers, making it even more difficult for victims to recover without buying the key from the attackers.
Potentially worse, another ransomware operation, known as Chimera, has threatened to publish the data of any non-cooperative victim—whether business or consumer—to the Internet. The operation, which currently aims at German targets, demands the payment of almost 2.5 bitcoins, or more than US $800, according to German cybersecurity site Botfrei, which reported the initial attack.
“To frighten the user even more, the message indicates the threat to publish personal data and pictures somewhere on the internet – if user doesn’t pay the bribe,” states Botfrei’s analysis of the attack.
An empty threat that may still signal a trend
Subsequent analysis has found that the program does not actually steal data. While this makes its threat largely toothless, it also raises questions about whether such tactics are a possible escalation in ransomware.
It would be a logical move in the cat-and-mouse game between data-encrypting criminals and security experts. In the past, online blackmail schemes have taken one of two paths. In the oldest type of schemes, criminals hack computers or use malware to steal—or create—sensitive or embarrassing information and then demand a payment for not publicizing the information. More recent schemes involved denial of service—the criminals use encryption to deny access to data, or use packet floods to overwhelm Web sites.
“Ransomware has always been a two-pronged attack,” says Adam Kujawa, head of malware intelligence for Malwarebytes Labs. “One being against the technology of the system and the other against the psychology of the user.”
The claimed abilities of Chimera combines these two attacks, denying access to data but promising to embarrass any victims that do not pay.
Ransomware has become a significant threat to both businesses and consumers online over the past three years. The malicious software targets Windows and Macs, and even Linux servers and systems are not immune to attack. In August, Dell Secureworks researchers estimated that more than 600,000 computers had been infected by one type of ransomware, CryptoWall, in the first six months of 2015, and at least 0.27 percent of victims paid the ransom, garnering more than $1 million for the operators.
Security experts have also identified two fundamental hurdles to any ransomware schemes that threaten to publish data.
Currently, ransomware operators only encrypt data and then store the key to that data. Uploading copies of all of a victim’s data, or even a subset, is most resource-intensive and will make the ransomware more noticeable, says Chester Wisniewski, senior security advisor with security firm Sophos.
“There is nothing stopping them from saying they are going to go through your files, but are they really going to spend all that time for a few hundred dollars?”
Finally, publishing some or all of a person’s data to the Internet undermines the other part of the ransomware threat—losing access to the data. A victim could just not pay and then download their data from the information posted online, says Malwarebytes Kujawa.
Yet, future ransomware could turn the threat into a real tactic.
So what’s the latest advice? Security experts have a few recommendations.
1. Attend to your systems’ security
The first line of defense is to not get infected by ransomware. Users should avoid clicking on links or opening attachments in suspicious email messages and beware of dodgy Web sites, but also harden their systems. Update your software regularly, especially the ubiquitous code often targeted by attackers, such as Adobe’s Flash, Oracle’s Java and Microsoft’s Office formats.
In addition, users should maximize their chances of detecting malware, which is changed frequently to try to avoid security software. “There is a lot of money on the line, so these guys are working hard to keep their malware dynamic,” Sophos’s Wisniewski says.
Users should make sure to turn on the advanced settings in their security software, he says.
2. Back up your data
Historically, security firms have recommended that that businesses and consumers restore their files from backup, but not all businesses—not to mention consumers—back up their files regularly, leaving payment as the only option. In addition, it is often cheaper for a company to restore files using the encryption key rather than from backups.
“We always tell people to have backups and we tell people to never pay, but that is not always realistic,” says Chester Wisniewski, senior security advisor with security firm Sophos.
The FBI recently gave a nod to this reality. Joseph Bonavolonta, assistant special agent in charge of the Cyber and Counterintelligence Program in the FBI’s Boston office, told a recent conference, “To be honest, we often advise people just to pay the ransom.”
3. Encrypt data even on your own hard drive
Even security experts have had their files and email stolen by hackers and posted to the Internet. Increasingly, businesses are encrypting their most sensitive data and any sensitive email discussions. While encryption will not necessarily protect the content of messages, if the computer itself is compromised
This step is not foolproof, but it does add another hurdle for the data thieves.