Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Tuesday, April 16, 2024

Flipper Zero: Tips & Tricks To Help Get You Started!

Flipper Zero: Tips & Tricks

So what is a Flipper Zero anyway?
The Flipper Zero website describes the device as "a portable multi-tool for pen-testers and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware, and more. It's fully open-source and customizable, so you can extend it in whatever way you like."

I do own and use a Flipper Zero, but I do NOT use it for anything nefarious and don't plan on ever using it for anything like that. But I do find it VERY handy to learn about digital security risks around me with my own systems, as well as help identify and secure weaknesses for my clients! 

If you do end up purchasing one of these devices, I have a few tips to help get you going!

  1. You NEED to have a micro SD Card to be able to set up and use your Flipper Zero, but the Flipper Zero unfortunately does NOT come with an SD card.
    • Use a 32GB or smaller micro SD card; the higher the quality the better!
    • I typically format an SD card with exFAT, FAT16, or FAT32 on a computer before installing the MicroSD card into Flipper Zero. I have run into issues formatting a micro SD card through the Flipper Zero itself. So I recommend formatting your micro SD card using a computer before you install it into your Flipper Zero.
  2. Install the qFlipper software and with your Flipper Zero connected to a computer installed with qFlipper, update your Flipper Zero's firmware and databases:
  3. Next, I like to install third-party firmware. Lately have been a BIG fan of the Flipper Xtreme firmware due to its pre-installed features and tools: 
  4. Next, I recommend going through the FlipperZero Online Documentation to learn how to use the different/various functions of the FlipperZero:
  5. There is also a YouTube channel from a creator called "The Talking Sasquatch" that has some great guides to help you get going using a Flipper Zero as well!

Recommended Add-Ons:


Tuesday, December 27, 2022

Data Privacy & Data Security In Today's Digital Age


How to Become as "Invisible" as Possible In Today's Cyberage

I have been getting a lot more questions from customers lately with regard to online data privacy and data security.
"How can I keep my online accounts more secure?"
"I would like to surf the internet as anonymously and as privately as possible. How can I do that?
"I found some personal information online, and would like it removed! How do I do that?"

So I decided to write a post covering the basics of online privacy, how to improve your safety and security when online, and how to get personal data removed from the internet (if at all possible).

Limiting Personal Data From Getting Online & How To Use The Internet More Securely/Privately:

  1. Delete all social media accounts, take-down any/all personal/professional sites (blogs, websites, etc), and delete or depersonalize any/all types of online accounts. These sites have been used for years for obtaining personal information, gathering information for social engineering attacks, and even identity theft! 
    • Facebook
    • Twitter
    • LinkedIn
    • Forum Accounts
    • Other Online Accounts (ie) News Sites, Game Sites, Online Stores, etc.
  2. Remove all (or disable) unnecessary apps from your Smartphone, Tablets, eReaders, etc. 
    • Do not install apps that collect any type of personal data, or unnecessarily require you to create an account just to be able to use the app. Also, downloading and installing "THIS AWESOME FREE APP" is the #1 way for a company to easily collect data about you.
  3. Search for any personal information listed on "Data Broker" websites and submit a request for your information to be removed. 
  4. Use a VPN for any and all web surfing; preferably a no-logging VPN like Private Internet Access.
  5. Use a web browser that has your privacy in mind from the get-go. A very popular privacy-oriented web browser that is widely used is the Brave Browser. By default, the Brave Browser blocks website trackers and advertisements. It also has an incognito mode for even further private surfing, private search features, and even some VPN connection features. It's a great program for privacy conscience users.
  6. You can take things a step further and use the Tor Browser and the Tor Network to access and surf the internet. When using the Tor network, you are using a decentralized network that routes traffic through multiple servers (or "nodes") and encrypts the transmitted data each step of the way. It's quite secure and great for anonymity! Sounds amazing, right? Why isn't everyone using it? Well, it can sometimes be a bit difficult to get set up and connected to the Tor Network, and the speed of the network can be quite slow. But if security and privacy are your goals, Tor is the go-to for anonymous, encrypted internet use. This also makes it popular among nefarious people...
  7. To take things even a step further, you can use a USB Thumb Drive-based Linux operating system for privacy-oriented system usage and web/internet usage. Though you would still likely want to use a VPN as well as a secured web browser. But this is a great option to have a "temporary" bubble to use. Tails is a portable Linux OS that is my go-to if I need to use a system that is foreign to me, but I need to securely access online data or securely log in to online accounts. All without leaving a trace behind on the host system! It technically could also be used as a day-to-day OS for those wanting even further their security/privacy.
  8. If you are worried about using public Wifi, the easiest option is to get a Mobile Hotspot plan through your cellphone provider. Most cell phones are capable of creating their own Mobile Hotspot that other devices can then connect to. If that is not an option with your cellphone, then getting a physical Mobile Hotspot from your cellphone provider would be the next best thing. Speeds may not be great! But you will be using your own personal/private network when out on the go.
  9. Create a "generic" email account that has very little personal information associated with it, or even go as far as to use a fake name! If what you are sending via email is secure/critical, you can use an encrypted email service such as ProntoMail. There are also "Burner" email services that are temporary! You could create and use a somewhat personalized email for a job interview or something more official, but it would just not be permanent. I believe that ProntoMail premium is capable of providing this feature at a cost. But there are some free-ish services such as Temp-Mail and GuerrillaMail that you can use as well.
  10. Use an encrypted text messaging/messaging service such as Signal or WhatsApp
  11. Use virtual/burner credit cards for online orders. That way, your actual credit card information can't be intercepted or stolen! Privacy.com is a great example of a free/paid-for provider of this type of product/service.

Remove Personal Data From the Web

  • Data Removal Request: If you live in a state that has a "Digital Privacy Act" that requires companies to remove personal data if requested to do so, then search for any and all personal information and keep track of where it is all listed. Then reach out to those companies/services directly, and ask them to have your personal information removed or for you to be "opped out". If they do not follow through with your request, and your state DOES have a "Digital Privacy Act" or Law in place, then you can contact the FTC and/or your State Attorney General's office to report that company/service.
    Here’s a List of Data Broker Sites and How to Opt-Out of Them
  • OneRep -As cheap as $9 a month, OneRep is an automated removal service that covers over 150 data broker sites for your provided personal data.
  • DeleteMe - This service is a little more expensive at $10.75 a month, but is also highly rated for being able to remove personal data. Their system is automated as well, but where they are a "step above" is that they have actual employees that will assist with private data removal. Not all data broker services respond well to automated requests. So this is where DeleteMe stands out above the pack! That extra dollar or two could go a long way...
  • Legal Removal Request - If a removal request has gotten you nowhere, and the FTC and/or your State Attorney General is not able to help. There is legal action you could still take! You would need to find an attorney who is familiar with internet law. A lawyer could try to obtain a court order to remove your private data. That court order could then be presented to the website or a search engine (such as Google) and your data will either be removed from the website, or the URL containing the data will be omitted and blocked from search results.
  • Dark Web data is nearly impossible to have removed. It's the wild west of the internet, and the folks that use the Dark Web for nefarious things simply do whatever they want. Even if you were able to find and contact a dark web site that has your personal data/info, that alone could make you a target for further attacks and exploitation. You can't change your address obviously. But you can change your email, and phone number(s).
  • Government sites are exempt from these data removal requests as some information is public domain/public record.

Securing Your Online Accounts

In this day in age, just having a password is not enough to keep your online accounts secure, and hackers out of your accounts. Even if you do everything in your power to keep your login information secure, data breaches happen to big companies all the time! So even with your due diligence, your data can still be leaked and exposed in a data breach, data/network attack, etc.

But there are a few ways you can fight this!
  1. Use 2-Factor Authentication
  2. Use a USB Security Key
First off, it is HIGHLY recommended that you set up and use 2-Factor Authentication on all online accounts that you can. If you don't know what 2-Factor Authentication (or 2FA) is, you may actually already be familiar with this security technology. You know when you log in to your online banking on a new or different device. The bank will likely give you a call or send a text message with a code to confirm you are who you say you are. That is 2-Factor Authentication! Since 2FA has been around for a while now, calling/texting your phone with a code can be compromised. To take things a step further, you can download and use an Authenticator App on your smartphone, to generate account access codes whenever you may need them!

Both Google and Microsoft have their own Authenticator Apps. Surprisingly enough, Google (as of this post) doesn't let you back up your associated accounts and security keys. You can transfer them, however! But if you lose your phone, break your phone, or get a new phone (and forget to transfer your Authenticator data), you could get locked out of your very own accounts! So I tend to find myself recommending Microsoft's Authenticator App for creating, storing, and accessing 2FA security codes. Microsoft's Authenticator App has a backup feature and you can easily backup, transfer, and restore all of your 2FA account information if needed. This can be a lifesaver...

Now, if you want to take your account security to the NEXT level, you could purchase and use a hardware-based USB security key. A USB security key is a device that works on the same principal functions as 2FA. But instead of getting a phone call or text message with a security code, or having to use an authenticator app. You would physically plug in a USB device to gain access to your associated online accounts! So in order for you, or anyone else, to be able to get into an account that is associated with your USB Security Key. The USB Security Key would be physically plugged into the device needing account access, and then you would have to touch the USB Security Key with one of your fingers for account access to be granted. This would make it nearly impossible for anyone to exploit the phone call/text message codes, try to fake an authenticator app code, etc. The USB Security Key would have to be directly plugged into the device, and then touched for access to be granted to an associated account. Yubikey is the maker of the security keys that I have used personally, and I highly recommend their products! They make different models that have different interface types, including NFC, USB-A, USB-C, and Apple's Lightning connector.

The one downside to using a USB Security Key, however, is that you have to physically have the key with you in order to gain access to your accounts. If you lose your key, or it gets stolen, then whoever has possession of your key will then have access to all of your associated accounts. Yubikey does however allow you to disable a USB Security key in the event that something like that happens, however!
So if you do decide to start using a USB Security key for your online accounts, it's important to keep that key in a safe place, and have an alternative way of accessing accounts in case your key is ever lost, stolen, or damaged.
Some folks (myself included) purchased a second USB Security key that is all set up and ready to go but is kept stored in a safe place, just in case anything happens to the primary USB Security key.
You could also use an Authenticator app in addition to your USB Security key. An authentication app would serve as an alternate way of accessing your accounts if ever needed.

The bottom line is this: If you decide to use a USB Security key for your online accounts, just make sure you keep it stored someplace safe and secure. Also, have alternative/redundant account access in place. That way, if you lose or damage your USB Security key, you can still get into your accounts!

With the implementation of even a few of these tips, you can greatly improve your online privacy and security!

Jon Pienkowski
Owner/Operator
Pacific Northwest Computers
www.linktr.ee/pnwcomputers
360.624.7379

Friday, October 14, 2022

Recommended PC Apps, Programs, Tools & Utilities! *UPDATED*

A basic list of software tools, and utilities that we use and recommend!
We will update this list as much as possible! 

Tools and Utilities:

  • Hirens All-In-On PE/USB Boot Disk - Great bootable utility with TONS of diagnostic software; password recovery, data recovery, disk & boot loader repairs, various diagnostics, and MORE!
    http://www.hirensbootcd.org/download/
  • BleachBit When your computer is getting full, BleachBit quickly frees disk space. When your information is only your business, BleachBit guards your privacy. With BleachBit you can free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn't know was there!
    https://www.bleachbit.org/
  • GParted - GParted is a free partition manager that enables you to resize, copy, and move partitions without data loss. Some repair capabilities as well.
    http://gparted.sourceforge.net/download.php
  • Memtest86 - MemTest86 is a free, thorough, stand-alone memory test for x86 architecture computers.
    http://www.memtest86.com/
  • Offline NT Password & Registry Editor - This is a utility to reset the password of any user that has a valid local account on your Windows System.
    http://pogostick.net/~pnh/ntpasswd/
  • HFSExplorer - HFSExplorer is an application that can read Mac-formatted hard disks and disk images. It can read the file systems HFS (Mac OS Standard), HFS+ (Mac OS Extended) and HFSX (Mac OS Extended with case-sensitive file names), including most .dmg disk images created on a Mac, including zlib / bzip2 compressed images and AES-128 encrypted images
    http://www.catacombae.org/hfsx.html 
  • DiskInternals Linux Reader - Access files and folders on Ext, UFS, HFS, ReiserFS, or APFS file systems from in Windows.
    https://www.diskinternals.com/linux-reader/
  • Ext2explore - Ext2Read is an explorer like utility to explore ext2/ext3/ext4 files. It now supports LVM2 and EXT4 extents. It can be used to view and copy files and folders. 
    https://sourceforge.net/projects/ext2read/
  • IsoBuster - IsoBuster is actually a CD/DVD and BD/HD DVD data recovery software that can interpret, open, and extract various CD/DVD/Blu-ray disk image files, including DMG.
    http://www.isobuster.com/download.php
  • WinDirStat - WinDirStat is a disk usage statistics viewer and cleanup tool for various versions of Microsoft Windows.
    https://windirstat.net/
  • CutePDF Writer - CutePDF Writer is the free version of commercial PDF creation software. CutePDF Writer installs itself as a "printer subsystem". This enables virtually any Windows applications (must be able to print) to create professional quality PDF documents - with just a push of a button! ALL FOR FREE!
    http://www.cutepdf.com/products/cutepdf/writer.asp
  • Sumatra PDF Viewer - Sumatra PDF is a slim, free, open-source PDF reader for Windows. Sumatra has a very minimalistic design and is nowhere NEAR the security risk that Adobe Reader can be. Simplicity has a higher priority than a lot of features with Sumatra. It's small, secure, and starts up very fast.
    http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html
  • Piriform Recuva - Accidentally deleted an important file? Lost something important when your computer crashed? No problem! Recuva recovers files deleted from your Windows computer, Recycle Bin, digital camera card, or MP3 player. And it's free!
    http://www.piriform.com/recuva
  • RStudio Data Recovery (Paid For) - Empowered by the new unique data recovery technologies, R-STUDIO is the most comprehensive data recovery solution for recovery files from NTFS, NTFS5, ReFS, FAT12/16/32, exFAT, HFS/HFS+ and APFS (Macintosh), XFS, Little and Big Endian variants of UFS1/UFS2 (FreeBSD/OpenBSD/NetBSD/Solaris) and Ext2/Ext3/Ext4 FS (Linux) partitions. It also uses raw file recovery (scan for known file types) for heavily damaged or unknown file systems.
    https://www.r-studio.com/
  • CloneZilla - Clonezilla is a partition and disk imaging/cloning program similar to True Image® or Norton Ghost®.
    https://clonezilla.org/
  • Macrium Reflect -  Are you looking for free backup, free cloning, or free disk imaging software? Macrium's Reflect Free is one of the best no-cost solutions on the market.
    https://www.macrium.com/reflectfree
  • Microsoft Windows OS Media Creation Tool(s) - You can use installation media (a USB flash drive or DVD) to install a new copy of Windows, perform a clean installation, or reinstall Windows.
    https://support.microsoft.com/en-us/windows/create-installation-media-for-windows-99a58364-8c02-206f-aa6f-40c3b507420d

Security Software:

What is a rootkit!? A rootkit is a program or a program kit that hides the presence of malware (or itself) in a system. A rootkit for a Windows systems is a program that penetrates into the system and intercepts the system functions; Windows API. It can effectively hide its presence by intercepting and modifying low-level API functions. Moreover it can hide the presence of particular processes, folders, files and registry keys. Some rootkits install their own drivers and services in the system and they also remain “invisible".  

Software Sites:

  • Ninite.com - Great "update-all-at-once" site that lets you install/update multiple programs without dealing with individual installers, prompts, etc. One download, one install; as many programs as you like!


Let me know of any issues with links!

Pacific Northwest Computers
www.pnwcomputers.com
www.linktr.ee/pnwcomputers
360.624.7379

Monday, May 30, 2022

Windows Security Center Stops Working - Windows 11

I have run into a problem repeatedly recently. On a client computer running Windows 11, if I go to open the Windows Security Center, it won't open and I will get the following message/error:

Some websites will recommend the following:

"Go to the Settings. Select App > Apps & features and type in ‘security’ in search menu box. An icon for Windows Security will pop open. From there, click on the options (three dots) and select Advanced options. Now scroll down to Reset section and click on Reset.

You’ll get a confirmation asking if you really want to reset the app, along with your whole app data. Click on Reset to go with it."

However, so far what I have found is that "Windows Security" is not in the application list at all! 

So how can I reset the app?

Well, what I have found was a simple command you can run from the Windows PowerShell (with administrative privileges) that ultimately solved the problem for me, as well as for some of my clients who have run into this same issue as well.

  • Using Windows' search, just type in "PowerShell"



  • Right-click on its icon, and select "Run as Administrator"
  • Next, copy and paste (or type in) the following script:

Get-AppxPackage Microsoft.SecHealthUI -AllUsers | Reset-AppxPackage

  • Hit Enter, and you should get a screen like this:


That should do the trick!
Your Windows Security Center should now be working again!

Pacific NW Computers
www.pnwcomputers.com
360.624.7379

Monday, March 7, 2022

Ransomware Infection? This could help!!


Ransomware infections are a very real and very serious problem that general computer users, and businesses alike, should be prepared for!

  • First off, the best prevention to start with is to have good security software installed that can protect you from Ransomware infections (such as Malwarebytes Anti-malware, Kaspersky Antivirus, etc).
  • Secondly, have a good data backup system in place that follows the 3-2-1 backup rule to keep your data safe! 
    • The 3-2-1 backup rule simply states that you should have:
      • 3 copies of your data (your main data and 2 backup copies)
      • On two different media types (NAS drive and a thumb drive)
      • With one copy off-site for disaster recovery (cloud backup, etc).

If you do get hit with a ransomware infection, the website below can help you identify which ransomware you were infected with and if there is a de-encryption tool available to help get your data/files back: https://id-ransomware.malwarehunterteam.com/


Pacific NW Computers
www.pnwcomputers.com
360.624.7379

Monday, October 19, 2020

Protect Yourself From Cyber Attacks & Digital Fraud!


PROTECT YOUR INFORMATION

Make sure you know who you're communicating with.

  • Fraudsters pose as credible organizations, such as banks and the IRS, "phishing" for your information.
  • Be aware of COVID-related scams.
  • Criminals are taking advantage of the pandemic. Learn more about the top scams criminals are using during these difficult times.

Report suspicious texts and emails.

  • Fraudsters impersonate companies to get consumers to click links and provide personal information. These deceptive emails, phone calls, and text messages appear to come from a legitimate source.
  • Don't let online shopping scams trick you.
  • Before providing your billing information online, make sure you are working with a credible site. 
  • Don't download any software or click unknown links.

SECURITY BEST PRACTICES

Layer your protection.

  • A strong password is the first line of defense against cybercriminals. We recommend using multifactor authentication for an added layer of protection for all your accounts.

Be alert.

  • Monitor your accounts regularly, respond to fraud alerts, and report unauthorized transactions promptly.
  • Watch out for phishing attempts.
  • There are some easy ways to ensure an email is from "who you think" sent it. There are some simple methods to spot Email Spoofing, which you can find here.

Set your preference for digital documents.

  • Mailbox fraud has been an ongoing strategy for criminals. 
  • Safeguard your correspondence by signing up to receive digital information for your products and services instead of by Mail/USPS.
  •  Use a shredder to destroy paper documents when you are done with them.

Stay alert about industry trends on cybersecurity threats!

Monday, May 15, 2017

WannaCry Ransomware Virus




The now infamous "WannaCry" ransom-ware virus has been making headlines and scaring a lot of computer users around the world. It is one of the quickest spreading Ransom-ware bugs that has been released to date, but Ransom-ware viruses are not anything new.

Ransom-ware viruses are a type of virus that infect computers, and then prevent the user from accessing the operating system, or encrypting all the data stored on the computer. Then the user is asked to pay a fixed amount of money as ransom to unlock their files, allowing them to regain access to the operating system and their data again. What sets this virus apart is how quickly and widely it has spread.

As of yesterday a Security Professional, Marcus Hutchins, has been credited with stopping the WannaCry ransomware attack from spreading across the globe, by accidentally triggering a "kill switch" found in reverse engineering the virus. So for now, further infection has been stopped. But to prevent any infections from previous distributions of the bug you can do the following:

"WannaCry" Ransomware Guidelines to Stay Safe:

  • Be careful to NOT click on harmful links in your emails! 
  • Even with security software installed, if you open/download an attachment from a malicious email it can and will infect a computer and network! 
  • If you get an email from someone, look at the email address/email header and make sure it's from who it says it is. 
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as PayPal instead of PayPal or use popular service names without commas or excessive characters. 
  • Be wary of visiting unsafe or unreliable sites 
  • Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications. 
  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links). 
  • Always make have the latest update for your Antivirus; Let me know if there are any update issues! 
  • Make sure your windows have the latest updates to close the gap! 
  • If windows has reported that updates are pending/available; download and install immediately!! 
Further Steps to take in-case you WERE to get infected by the "WannaCry":
  • Make a recovery disk! The WannaCry ransomware asks for $300 or more if you a modified version if you do not pay the creators (in Bitcoin to its untraceable and not refundable) encrypt all of your files on the computer. 
  • If your computer gets infected take it off of your network immediately! The ransomware will spread to other computers on the network! You can restore from a backup. 
  • If you would like our assistance with ANY of the procedures above or would like us to secure your computer and/or network to the best of it's ability, let us know and we can schedule an onsite or remote session for you!! 

More from Microsoft on the bug and associated patches to help prevent infections from WannaCry:
https://technet.microsoft.com/…/libr…/security/ms17-010.aspx


Jon-Eric Pienkowski
_________________________
Pacific NorthWest Computers
(360) 624-7379

Friday, June 5, 2015

How can I keep my computer from getting infected? Pacific NW Computers' PC Security Tips


1. Make sure you regularly run MANUAL scans with your installed security software!
Security Programs We Recommend (Or Have Installed):
  • Avast Antivirus, BitDefender Free, Microsoft Security Essentials
  • MalwareBytes Anti-Malware
  • Spybot Search & Destroy
  • CCleaner
*For direct download links to the software listed above, visit "Pacific NorthWest Computers' Links and Recommended Software" page on our Blog Link below!
http://pnwcomputers.blogspot.com/2013/06/pnw-computers-links-and-recommended.html

Basic/General Scanning Procedure:

  • Before running any scans with any of the installed security software, be sure to FULLY update the software FIRST.
  • After updating the security software, perform the deepest and most thorough scan that the software is capable of. This is usually labeled as a FULL or COMPLETE scan.
  • DELETE or QUARANTINE any and all of the security software’s findings.
  • Make sure you DON’T download and install any scanner/security software that solicits you to download and install its software. These scanners are blacklisted because of their questionable reputation.

2. Make sure your Windows is ALWAYS up to date!

  • An unpatched Windows is vulnerable and even with the “best” Antivirus installed; malware will find its way through.
    So visit http://windowsupdate.microsoft.com/ to download and install the latest updates.
  • Be sure to download and install all CRITICAL and SOFTWARE updates! You also may have to do several “passes” of Windows updates before all the available updates/patches are actually installed.
  • Verify that your version of Windows Vista, Windows 7 or Windows 8 has the most recent service pack installed. If this is not currently installed on your system, the Windows Update website will recognize this vulnerability and request you to download and install any available Service Packs and other needed updats.

3. Stay away from questionable sites.

  • This is one of the main causes why a computer gets infected. Visiting cracksites/warezsites – and other questionable/illegal sites is ALWAYS a risk. Even a single click on the site can be responsible for installing a huge amount of malware. Don’t think: “I have a good Antivirus and Firewall installed, they will protect me” – because that’s not true… there is no “Magic Bullet”. Before you know it, your Antivirus and Firewall may already be disabled because malware already found its way on your system.


4. Be careful with email attachments!

  • Malware spreads via email as well, especially email attachments. The most common ones are emails telling you that your computer is infected and that you can find the removal tool in the attachment, emails telling you that your password has changed and can find it in the attachment, emails with product codes in the attachment from software that you purchased (which you didn’t), emails with attachments that are so called “Security Updates”, etc. etc.
  • Don’t trust any emails like the ones listed above. Don’t even attempt to preview/open them and delete them immediately instead! It may also happen you receive an email from someone you know, but with a questionable attachment present and strange content in the e-mail’s message. In this case, this person – or someone else who has your address book in his/her address book – is infected with malware (worm/spambot) and sends these emails without being aware of it.
  • Don’t click links in emails from someone you don’t know, because these links can redirect you to sites where malware gets downloaded and installed.

5. When surfing the internet…

  • Use Google Chrome or the FireFox web browser as your MAIN internet browser. These browsers does not use ActiveX controllers or BHO’s (these are programs that are a standard feature’s of Microsoft’s Internet Explorer and are “exploited” vulnerabilities that hackers use to infect computers). If a specific website (such as a financial institution website) may require Internet Explorer to be used in order for you to view their site, then use Internet Explorer. But for that specific website ONLY!
  • Don’t click on links inside pop-ups. ALWAYS close the windows via the "X" for the window vs. clicking "Cancel" or any other 'escapes' in the pop-up.
  • Download software off of the internet from websites you know and trust. A lot of free software comes bundled with other software, including malware.
  • Be careful when you are viewing videos online. Especially when you get a pop-up asking you to download a “Codec” to be able to watch the video. By default, your media player should already have the necessary codec installed to watch online videos. In the case that you’re prompted to install an additional codec while trying to watch a move online (or downloaded), it is most likely a false alert and this so-called codec may install malware.
  • Don’t install plug-ins (ActiveX) if you’re not certain what it is or why it is you need it. (Unless you are attempting to perform Windows/Microsoft Updates).
  • Glubble is a great FireFox add-on if you want to manage the sites your kids are allowed to see.

6. Watch what you download!

  • If you want to install certain software, always go to the developer’s site to download the software. Then you can be sure you’re downloading and installing the right software. Be aware of the fact that certain software (especially freeware) may contain/come bundled with extra software including spyware and/or adware. So only install when you’re sure they are OK.
  • The use of Torrent sites, Game Patches and Mods, Emulators; really anything "Free" is always a risk. Unless the download/host site is a reputable site, you can never be sure what you are exactly downloading. A file you are looking to download or have downloaded isn’t always what it’s made out to be.

If you have any questions or comments please don't hesitate to get in touch!

Jon Pienkowski
Pacific NorthWest Computers
www.pnwcomputers.com
360-624-7379

Wednesday, April 30, 2014

Microsoft Internet Explorer Vulnerability ~ Fact and Opinion


As you have most likely heard, Microsoft is scrambling to fix a major bug which allows hackers to exploit flaws in Internet Explorer 6, 7, 8, 9, 10 and 11. The company has also confirmed it will not issue a fix for web browsers running on Windows XP after it formally ended support for the 13 year old operating system back on April 8th.

The vulnerability was discovered by cyber security software maker FireEye Inc. which stated the flaw is a ‘zero-day’ threat. This means the first attacks were made on the vulnerability before Microsoft was aware of it. FireEye also revealed a sophisticated hacker group has already been exploiting the flaw in a campaign dubbed ‘Operation Clandestine Fox’, which targets US military and financial institutions.

FireEye spokesman Vitor De Souza declined to name the hackers or potential victims as the investigation is ongoing, only telling Reuters: “It’s unclear what the motives of this attack group are at this point. It appears to be broad-spectrum intel gathering.”

For its part Microsoft has confirmed the existence of the flaw in an official post: https://technet.microsoft.com/library/security/2963983

Now, Internet Explorer has always been a vulnerable browser and has exploits created/identified against it everyday. This is why for YEARS I have pushed my customers to use an alternative Web Browser such as Mozilla Firefox or Google Chrome. As previously mentioned, both of those web browsers are safer to use than Internet Explorer and are both immune from the recently identified exploit!

What makes this recent vulnerability stand out from the others, and why this particular vulnerability is making all the headlines, is that the problem is pretty widespread; affecting 1 in 4 Windows based computers and ALL Windows XP systems.

A Temporary Fix
While Microsoft rushes to fix the bug, FireEye gave concerned users two workarounds .
  1. Use another web browser other than Internet Explorer
  2. Disable Adobe Flash. “The attack will not work without Adobe Flash,” it said. “Disabling the Flash plugin within IE will prevent the exploit from functioning.”
*Adobe has released a new patch/update for their Flash Player! Allow the Flash Player to update or manually download and install the latest version here: http://www.adobe.com/support/flashplayer/downloads.html

No Hope For Windows XP
Microsoft has confirmed that no fix will be rolled out for Windows XP because support has officially ended and there are no plans to make an exception. It states:

“An unsupported version of Windows will no longer receive software updates from Windows Update. These include security updates that can help protect your PC from harmful viruses, spyware, and other malicious software, which can steal your personal information.”

The company’s advice to Windows XP users has remained the same for some time: upgrade to Windows 7 or 8 or buy a new PC. It has also repeatedly sent a pop-up dialog box to reachable Windows XP machines with the following end of support notification.

For users unsure whether their existing XP PCs can support Windows 8, Microsoft offers a software tool called ‘Windows Upgrade Assistant’ which can be downloaded here: http://go.microsoft.com/fwlink/p/?LinkId=321548

If you have any questions or concerns please don't hesitate to get in touch!

Jon Pienkowski
Pacific NorthWest Computers
www.pnwcomputers.com
360-624-7379

Wednesday, July 18, 2012

How did I get infected? Take these steps so it does not happen again!


One of the most common questions found when cleaning malware is "how did my machine get infected?". There are a variety of reasons, but the most common ones are that you are not practicing Safe Internet, you are not running the proper security software or that your computer's security settings are set too low.
Below I have outlined a series of categories that outline how you can increase the security of your computer to help reduce the chance of being infected again in the future.


Do not use P2P programs

Peer-to-peer or file-sharing programs (such as uTorrent, Limewire and Bitorrent) are probably the primary route of infection nowadays. These programs allow file sharing between users as the name(s) suggest. It is almost impossible to know whether the file you’re downloading through P2P programs is safe.

It is therefore possible to be infected by downloading infected files via peer-to-peer programs and so I recommend that you do not use these programs. Should you wish to use them, they must be used with extreme care. Some further reading on this subject, along with included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

In addition, P2P programs facilitate cyber crime and help distribute pirated software, movies and other illegal material.

Practice Safe Internet

Another one of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will.

Below are a list of simple precautions to take to keep your computer clean and running securely:

1) If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.

2)  If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.

3) If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know who is themselves infected with malware which is trying to infect everyone in their address book. A key thing to look out for here is: does the email sound as though it’s from the person you know? Often, the email may simply have a web link or a “Run this file to make your PC run fast” message in it.

4) If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of pop-ups, or Foistware, you should read this article: Foistware, And how to avoid it.

5) There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. Removal instructions for a lot of these "rogues" can be found here.

6) Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you, or will download a file to your PC without your knowledge. You can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake. DO NOT click on these windows, instead close them by finding the open window on your Taskbar, right click and chose close.

7) Do not visit pornographic websites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do, as this can often form part of their funding.

8) When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link you should message back to the person asking if it is legit.

9) Stay away from Warez and Crack sites! As with Peer-2-Peer programs, in addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.

10) Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download files from a site, and are not sure if they are legitimate, you can use tools such as BitDefender Traffic Light, Norton Safe Web, or McAfee SiteAdvisor to look up info on the site and stay protected against malicious sites. Please be sure to only choose and install one of those tool bars.

11) DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software. Sometimes even legitimate programs will try to bundle extra, unwanted, software with the program you want - this is done to raise money for the program. Be sure to untick any boxes which may indicate that other programs will be downloaded.

Keep Windows up-to-date

Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure.

Windows XP users You should visit Windows Update to check for the latest updates to your system. The latest service pack (SP3) can be obtained directly from Microsoft here.

Windows Vista users You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP2) can be obtained directly from Microsoft here.

Windows 7 users You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP1) can be obtained directly from Microsoft here

Keep your browser secure

Most modern browsers have come on in leaps and bounds with their inbuilt, default security. The best way to keep your browser secure nowadays is simply to keep it up-to-date.

The latest versions of the three common browsers can be found below:
Microsoft Internet Explorer
Mozilla Firefox
Google Chrome

Use an AntiVirus Software

It is very important that your computer has an up-to-date anti-virus software on it which has a real-time agent running. This alone can save you a lot of trouble with malware in the future.

See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources, a couple of free Anti-Virus programs you may be interested in are Microsoft Security Essentials and Avast.

It is imperative that you update your Antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. If you use a commercial antivirus program you must make sure you keep renewing your subscription. Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.

Use a Firewall

I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

All versions of Windows starting from XP have an in-built firewall. With Windows XP this firewall will protect you from incoming traffic (i.e. hackers). Starting with Windows Vista, the firewall was beefed up to also protect you against outgoing traffic (i.e. malicious programs installed on your machine should be blocked from sending data, such as your bank details and passwords, out).

In addition, if you connect to the internet via a router, this will normally have a firewall in-built.

Some people will recommend installing a different firewall (instead of the Windows’ built one), this is personal choice, but the message is to definitely have one! For a tutorial on Firewalls and a listing of some available ones see this link: Understanding and Using Firewalls

Install an Anti-Malware program

Recommended, and free, Anti-Malware programs are Microsoft Security Essentials, Malwarebytes Anti-Malware, Spybot Search & Destroy and SuperAntiSpyware. You can find these programs and more on our other blog article; PNW Computer's Recommended Software Programs & Downloads!

You should regularly (perhaps once a week) scan your computer with an Anti-Malware program just as you would with an antivirus software.

Make sure your applications have all of their updates

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is very important to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities (such as Adobe Reader and Java). You can check these by visiting Secunia Software Inspector.

Follow this list and your potential for being infected again will reduce dramatically!

Grinler. "How Did I Get Infected?" Bleeping Computer - Computer Help and Discussion. Bleepingcomputer.com, 24 Jan. 2004. Web. 22 Dec. 2011.

Friday, May 4, 2012

Fake Hard Drive Diagnostic Virus; Browser Pop-up/Redirection Fix


Pacific NorthWest Computers KNOWS rogue security and fake software applications very well. Fake software virus applications make up for 85% of the infections that we see on a day-to-day, week-to-week, month by month basis here in the shop. At first it was just fake security software programs. But the newest "trend" in the fake malicious software world is fake hard drive diagnostic software.

This fake diagnostic software virus pretends to have found issues with your hard drive, proceeds to hide your data (to seem more legitimate) and then tries to sell it self as a fix for all "problems" it has identified with your hard drive. When first released, it was not to difficult to remove. But the issue we are running into now however is that when a customer brings a system in that has this virus on it, we aren't just worrying about just getting the virus removed. But more importantly, reversing the changes the virus has made to an affected system. The big challenge has been with Browser hooks.


Most of the time when we encounter this virus it will actually "hook" into (or simply put; infect) the executable "IExplorer.exe", which is Internet Explorer. Once "hooked" the virus can change, modify how Internet Explorer functions and can generate pop-ups and redirect searches and navigation in the browser. All after the virus cleaning is completed on the affected computer. Now, most of the time programs like Spybot Search & Destroy are very effective at reversing system modifications created by viruses. But so far, this browser hook issue is not "automatically" fixed by virus scanners and utilities and since hooks can sometimes be impossible to remove. This type of an issue can prevent us from declaring a system clean and can sometimes require us to reinstall the computer's operating system. Well, we think we figured out a fix!

After working on a computer from a local insurance agency, I did some extensive poking around an infected computer's file system and registry and was able to locate a registry location for something called “DOMStorage” under Internet Explorer’s HKEY_ CURRENT_USER registry key (HKCU\Software\Microsoft\Internet Explorer\DOMStorage). In this registry entry, I found folders matching the names for some of the websites that were being generated in the random IE pop-ups's. I knew I was onto something but did not know what "DOMStorage" even was nor did I know why or how Internet Explorer even used it.

After doing some research on DOMStorage (http://en.wikipedia.org/wiki/Web_storage) it looks like DOMStorage, or Document Object Model Storage, is a web application software method and protocol used for storing data in a web browser. So I thought to myself, “Well if they can store data there, they could very well plant a program in those locations to hide and allow themselves to generate those pop-ups!”. So I went ahead and deleted all of the folders in the DOMStorage registry location (and there were A LOT of sites listed in there) and it’s safe to now say after removing those folders there have not been ANY Internet Explorer pop-ups since! After pop-ups coming up several times a minute, the system is running great and is running flawlessly for several days; with web surfing and all! No browser re-directions or anything!
So I would say this is another problem solved and another win against viruses for Pacific NorthWest Computers!

Jon Pienkowski
Owner/Operator
Pacific NorthWest Computers

Thursday, April 14, 2011

Rogue Hard Drive Error Repair Software

A new fake HD repair/error finding virus software is going around, and it hides all of your personal data so it  looks like all of your data has been lost or deleted; RUN FULL, MANUAL, VIRUS SCANS ASAP IF IT HAS BEEN A WHILE and MORE OFTEN THAN USUAL!

Wednesday, January 6, 2010

Rogue Security Program Infections; At a Glance!

More and more everyday I am see and hear about people becoming infected with Rogue security Software virus. 
Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing. – Wiki

Right now the most common form of infection they are using is web page hi-jacking and “trap” websites that are created to “host” the virus (why using Firefox is so important).

So what people end up encountering is a web page that has been hacked, hi-jacked, infected or exploited that is unknowingly “hosting” this virus and ends up spreading the infection to whom ever visits the website. In doing this, their trap has been set and the infections begin! This form of infection is commonly refered to as a “Drive-by Download“.

After the computer becomes infected, users start to see and encounter “security warning” icons in their task bar (lower right of the desktop), pop-ups warning of an infection and fake animated virus scans indicating your computer is infected as the virus itself tries to build its credibility. In  most cases the virus can even infect the Windows Security Center making it even harder for users to identify whether the software is real or not. However the goal being achieved out all of this is for the virus creators to make money. So they are hoping that the users of the computers that become infected, and fooled by the “song and dance” the virus puts on, and buy their infectious and fake security software.

So I wanted this to be a little heads up and explanation for everybody about this subject since it is the most common repair I encounter to date.

Be Aware, Stay Informed and Scan Often!
 
~Jon Pienkowski, Pacific NorthWest Computers

Monday, August 10, 2009

Recommended Browser Extensions & Add-On's


What we wanted to do is share our favorite, most recommended & most used Firefox & Google Chrome Extensions! So please, I hope you check them all out and maybe consider using them with your favorite browser! 
  1. BetterPrivacyEver wondered why you are still tracked though you tried everything to prevent it? BetterPrivacy is a Super Cookie Safeguard which protects from usually not deletable LSO's. It blocks longterm tracking on Google, YouTube Ebay and many others...
  2. Colorful Tabs (Firefox); The most beautiful yet the simplest add-on that makes a strong colorful appeal. Colors every tab in a different color and makes them easy to distinguish while beautifying the overall appearance of the interface.
  3. Cooliris; Simply the fastest and most stunning way to browse photos and videos from the Web or your desktop. Effortlessly scroll an infinite "3D Wall" of your content from Facebook, Google Images, YouTube, Flickr...
  4. Firebug  (Firefox); Firebug integrates with Firefox to put a wealth of development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page...
  5. FireFTP; A free, secure, cross-platform FTP client for Chrome and Firefox which provides easy and intuitive access to FTP servers.
  6. Flagfox; Displays a country flag depicting the location of the current website's server and provides quick access to detailed location and webserver information.
  7. Long URL Please; Replaces short urls with the originals so you can see where links actually link to.
  8. NoScript; The best security you can get in a web browser! Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks.
  9. Pocket; Pocket allows you to save web pages of interest to read later. It eliminates cluttering of bookmarks with sites that are merely of a one-time interest.
  10. WOT; Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory.
  11. Google Cast; Send content to your Chromecast and other devices that support Google Cast.
  12. LastPass; LastPass is a free password manager and form filler. LastPass is also available for Firefox, Internet Explorer, Opera and Safari.
  13. AdBlock; One of the most popular extensions, with over 15 million users! Blocks ads all over the web.
  14. Chrome to Mobile; Send web pages from Chrome on your computer to Chrome on your phone or tablet.
  15. After the Deadline; Check spelling, style, and grammar in your browser.
  16. HTTPS Everywhere; Encrypt the Web! Automatically use HTTPS security on many sites.
  17. Keep My Opt-Outs; Permanently opts your browser out of online ad personalization via cookies.
  18. Lazarus: Form Recovery; Autosaves everything you type so you can easily recover from form-killing timeouts, crashes and network errors.
  19. MightyText; Text from Chrome! Sync'd with Android ~ SMS & Texting like Google Voice in Google Chrome! 
Let us know of any issues with links!
Updated 10/9/2017
pnwcomputers@gmail.com