Archives

Planning for Windows 7 End of Life

Planning for Windows 7 End of Life

By Diel on November 17, 2023

Windows 7 end of life

Get fully transitioned to Windows 10, avoiding Windows 7 end of life.

Keep your business safe with the latest security patches.

Microsoft Windows 7 end of life is coming and you need to be prepared! Critical security updates will stop on January 14th 2020. We can help manage the transition and deal with the nuances of Windows 10 to help keep your business running smoothly.

Source: https://www.microsoft.com/en-us/windowsforbusiness/end-of-windows-7-support

Contents

  • When is Windows 7 no longer supported?
  • What happens when Windows 7 support ends?
  • Will Windows 7 support be extended?
  • Why is Microsoft ending support for Windows 7?
  • What happens if I continue to use it?
  • How can I upgrade without a lot of disruption?
  • How do I deal with Windows 10 issues?
  • Cost comparison and considerations of Windows 7 vs Windows 10

When is Windows 7 no longer supported?

Although the official end of life date is January 14th, 2020, Microsoft will continue to support Windows 7 through a Windows 7 end of life extended support service agreement. This is a paid monthly fee for maintaining and extend support for Windows 7.

This is a possible option.

  1. How long will Windows 7 be supported?
  1. Until January 14th, 2020

 

  1. When is Windows 7 no longer supported?
  2. January 14th, 2020

The Windows 7 end of life countdown is on. When Microsoft introduced Windows 7 in 2009, the Windows 7 end of life countdown clock was set at ten years. The company committed to supporting the product for a decade. They stated that once this period was over, the product would be discontinued so that the company could focus on supporting newer technologies and great experiences. That time has come, and businesses need to put provisions in place so that they are not negatively impacted. 

What happens when Windows 7 support ends?

Windows 7 is supported by Microsoft until the date mentioned, but you can still continue to use Windows. There is nothing stopping you. The question is should you continue to use it?

  1. Can I still use Windows 7 after 2020?
  1. Yes, you can, but it is not recommended. Why not? Well, there is not going to be any support for the product. So, if something goes wrong, there is nothing you can do about it. Plus, this means that security patches and updates won’t be released, which could put you at risk of a cyber attack. 

  1. Is Windows 7 still updated by Microsoft?
  1. Until January 14th, 2020, it will be. After this date, there will not be any updates. 

 

Microsoft will still likely provide some critical patches, after all, they recently provided a patch for Windows XP, which has long since been unsupported. However, your business can’t rely on that. Some patches will come, but many won’t and you will be vulnerable every day that you don’t update to the latest supported version of the Microsoft operating system.

 

Will Windows 7 support be extended?

Yes, Microsoft will be ending support for Windows 7. However, they are offering an extended support package, which will run until January 2023. Nevertheless, this comes at an added cost and it won’t last forever, so the sooner you upgrade your system, the better.

 

Why is Microsoft ending support for Windows 7?

Microsoft releases new operating systems and updates with a cyclic schedule to keep pace with technology development and implement new features enabled by improved hardware and industry trends. The useful life of a PC with windows is typically 5-7 years although a 3-year cycle is more appropriate to keep your hardware updated in step with technology advancements.

 

What happens if I continue to use it?

You won’t get feature updates or security updates, you will essentially be running a vulnerable unsupported windows operating system. Basically, you lose mainstream support and are at risk. It will still continue to operate just fine for a period. We can look to the history of Windows XP, now not allowed in many organizations due to the many unpatched security holes that exist.

 

How can I upgrade without a lot of disruption?

The best thing to do is to use the assistance of a specialist IT company who can manage this upgrade for you. That is where we come in. You need to upgrade your computers while ensuring all of your data is backed up, security is at an optimal level, and you’re not offline to your customers. You cannot afford to cut corners. An experienced company will be able to navigate this for you. 

 

How do I deal with Windows 10 issues?

Windows 10 is distinctly different from running Windows 7. Windows 7 users will need to understand the key differences so they can learn how to make the most of this platform. The good news is that Windows 10 brought back the feel and look of Windows 7; it is not as radically different as Windows 8 was. The difference being, of course, the new added features and the enhanced performance. Windows 10 saw the return of the start menu where you can access everything from Microsoft Edge to Microsoft Word, just like Windows 7, yet it brings the live tiles from Windows 8, which are featured to the right of the main menu.  

 

One of the biggest changes to the Windows operating system, when Windows 10 was introduced, was Microsoft Edge. This was the company’s update to Internet Explorer. It represents the first time the browser has been rebranded since 1995. Not only did it bring a new interface but plenty of new features too. This may take a little bit of time for your business to get used to but with the help of experts who can configure it to suit your company, it will be a lot easier.

 

Cost comparison and considerations of Windows 7 vs Windows 10

 

There are some savings to be had by buying a new computer with Windows 10 already on it (to the tune of $100 or so).  

Furthermore, the expected lifetime for computers is 5-6 years (not in terms of failures only, but at the point where they become too slow to continue using them at a business, due to lost productivity).  

Most computers with Windows 7 still on them are close to that age, so it doesn’t make sense to throw more money at them by upgrading the operating system (since they’ll be thrown out soon), but rather to upgrade the whole machine (and get the OS already installed on, and at a discount).

Windows 10 Life Cycle

Finally, you will want to know about the Windows 10 life cycle. After all, with Windows 7 ending, you may be concerned about the same happening to Windows 10 in the near future. The truth is that all Windows products have a life cycle. By knowing the key dates, you will be able to make the best decisions regarding when to upgrade and update your software. At the moment Windows 10 will be updated twice every year. First in March and then again in September. Updates are cumulative, meaning each update is built on the one that preceded it. 

Read more about Windows 10 IT support

Top 10 Cyber security Vulnerabilities

Top 10 Vulnerabilities

By Diel on November 17, 2023

Top 10 Cyber security Vulnerabilities

Intel Corp is a leader in the tech world of cyber security and uncovers an average of 245 new computer related threats daily. The experts at Intel have developed a Threat Dashboard that lists all the current threats, vulnerabilities, ransomware, exploit kits and campaigns of which their experts are aware that are designed to nefarious invade electronic devices for the purpose of stealing valuable personal and confidential information.

Intel has determined the following to be the Top 10 Vulnerabilities of which computer users everywhere need to be aware:

Cyber security vulnerability list:

CVE-2017-0038

A vulnerability in Microsoft Windows could allow remote hackers to gain access to sensitive information. The flaw exists in the Graphics Device Interface (gdi32.dll), which hackers can exploit using an EMF file. The EMF file format is an extension of the spool file format, Enhanced MetaFile, which Windows uses for reading, filing, storing, and printing documents.

Uncovering CloudFlare Vulnerability: Cyber Security Risks and Customer Data Exposure

Cyber security researchers discovered a vulnerability affecting websites that use CloudFlare, a content delivery network that sits between the computer user and their internet host. The vulnerability could result in possible memory leaks that expose private customer information, posing a serious risk to website users’ sensitive data

CVE-2016-1019

This cyber security vulnerability affects Adobe Flash Player, a popular freeware used for accessing internet applications, viewing multimedia, and streaming audio and video. Remote hackers can exploit the vulnerability to cause a denial of service, application crash, and/or execute arbitrary code using unspecified vectors. As such, it poses a serious cybersecurity risk to users of the software

CVE-2016-4117

This vulnerability also affects Adobe Flash Player’s by enabling remote code execution.

CVE-2016-0189

This vulnerability allows remote hackers to execute arbitrary code, cause a denial of service or memory corruption in Microsoft JScript 5.8 and VBScript 5.7 and 5.8 engines, which are used in Internet Explorer’s versions 9 through 11 and other products.

CVE-2016-7200

Microsoft Edge’s Chakra JavaScript engine is affected and allows remote hackers to execute arbitrary code, cause a denial of service or memory corruption using a “crafted” website which are those built for purposes of carrying out a cyber attack.

CVE-2017-0037

Cybersecurity experts have identified a vulnerability in Microsoft Internet Explorer that could lead to remote code execution. The flaw is related to the “HandleColumnBreakOnColumnSpanningElement” and could potentially be exploited by remote attackers. It poses a significant cybersecurity risk to users of the browser.

CVE-2016-7201

Microsoft Edge’s Chakra JavaScript is affected with this vulnerability and allows remote hackers to execute arbitrary code, cause a denial of service or memory corruption using a crafted website.

CVE-2016-7288

This vulnerability also affects Microsoft Edge and could result in execution of arbitrary code or a denial of service and the flaw lies within the scripting engines that are exploitable using crafted websites.

CVE-2017-0016

This vulnerability causes memory corruption in Microsoft Windows applications and could result in a denial of service with the flaw lying in mrxsmb20.sys and the way SMB traffic is handled.

Enhance Cyber Security: Partner with “EyesEverywhere” for Reliable Consulting Services

Computer users face an ongoing challenge of keeping up with the latest computer viruses and hacking vulnerabilities, which can affect anyone, anywhere, anytime. To fight nefarious computer invasions, it’s crucial to maintain up-to-date security software and develop a working relationship with competent IT professionals. For reliable cyber security consulting services in Toronto, consider partnering with EyesEverywhere. Our team of experts can help assess your vulnerabilities and implement effective security measures to protect your business from cyber threats.

text of Potentially Unwanted Programs (PUPs)

Potentially Unwanted Programs (PUPs)

By Diel on November 17, 2023

How Potentially Unwanted Programs (PUPs) Can Compromise Cyber security

What Is PUP in cyber security?

The term Potentially Unwanted Programs or PUPs in the cyber security world refers to software programs that contain possibly malicious adware or cause other unspecified objectives like installation of toolbars or nefarious programs.

PUPs: The Voluntarily Downloaded Software That Can Harm Your Computer

The title was given to this type of software to distinguish it from malicious software (malware) because PUPs are voluntarily downloaded by computer users who don’t read and/or fully understand the true terms and conditions of download agreements that may include installation of other programs whether wanted or not.

PUPs as Adwares: How They Infect Electronic Devices and Compromise Cyber Security

Typically, PUPs are adwares that appear as coupons, underlined words, advertising banners, or annoying pop-up ads on websites that users frequently visit. The intention of these ads is to entice users to click on them, subsequently installing malicious content onto electronic devices. This content may include optimization tools, web browser toolbars, and other unsafe cyber products that compromise the security of the device.

These crafty PUPs do nothing but generate “pay-per-click” income for the PUPs’ creator from unsuspecting personal computer and hand-held electronic device operators who unknowingly download malicious programs onto their electronics. Most PUPS get into electronic systems via bundled installations of “freeware” software, PDF creators, download managers and video streaming or recording.

A lot of PUPs are bundled within customized installer tools on download websites like Brothersoft, Softonic and CNET that enable computer users to download various computer software programs.

Indications of Potentially Unwanted Programs (PUPs) on Electronic Devices:

PUPs can be difficult to detect. Ransomware, for instance, displays a pop-up window on the computer screen, demanding a specified amount of money to restore encrypted data. Other symptoms of PUPs are not as noticeable and include the following indications:

Injection of advertising banners within website pages you visit.

Website text is randomly turned into hyperlinks. hyperlinks are links to another location, document or file that are typically activated by clicking on a word or image that is highlighted on the computer screen.

Slow running computer (not caused by running too many programs or lack of hard drive or memory space).

Slow internet connection.

Frozen or unresponsive browser.

Cursor drags 10 seconds behind the mouse.

Different home page continually appears.

New toolbars appear that you can’t remove.

Pop-ups that recommend fake software or software updates.

Bombardment with pop-up ads; close one and another appears even when you’re not online.

Browser redirects repeatedly redirect users from the website they’re trying to access to a different one.

Lots of bounced back email (indicative of having been hacked).

Unfamiliar icons appear on desktop.

Constant computer crashing.

Cell phones and other electronic devices are not immune and are vulnerable to mobile malware, the symptoms of which may include short battery life (drains quickly) or cell phone bills that include charges for things you didn’t buy or messages you didn’t send.

Botnets and other types of malware are nearly impossible to detect unless you run a cyber security scan. Computer users can protect electronic devices. How?  from land and mobile cyber threats by using anti-malware security software designed specifically for personal computers, smartphones, tablets, and other devices. Safeguards exist specifically designed to keep Android devices from infected applications, unauthorized surveillance, and nefarious malware.

Inasmuch as Intel uncovers 245 new cyber threats per minute. It has never been more important to utilize up-to-date cyber security software to protect electronic devices from malicious infections that can turn one’s life upside down or completely halt business operations.

If you suspect that your electronic devices have been infected by PUPs or other malicious software, it is important to take swift action to protect your data and privacy. You can seek help from cyber security consulting services in Toronto, such as Eyes Everywhere. Our team of professionals can help you locate, identify, and eradicate PUPs and other malware from your devices. Contact us today to safeguard your digital assets

To read more about PUPs you can visit here

Yahoo Security Breaches

By Diel on November 17, 2023

Yahoo’s Cyber Security Crisis: What You Need to Know

Hackers Forge Cookies to Steal 32 Million Yahoo Accounts: A Security Breach

Yahoo has faced numerous cyber security crises with high-profile hacking incidents, including one that impacted over half a million account holders. Months later, the company acknowledged another cyber security breach from 2015 that endangered more than half a million account holders.

The United States Securities and Exchange Commission (SEC) confirmed that more than thirty two million Yahoo accounts were hacked in a cookie forging attack that dates back to 2015.

Apparently, hackers used a sophisticated cookie forging exploit which they were able to execute without having to know or use account passwords.

Yahoo will determine which accounts were invaded by hackers that took or used forged cookies and will notify account holders potentially affected by the breach. The tech giant identified and invalidated the cookies which essentially cut off the hackers.

Regarding the cyber security breach involving the cookie forging exploit, Yahoo wrote in SEC filings:

“In November and December 2016, we disclosed that our outside forensic experts were investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password. Based on the investigation, we believe an unauthorized third party accessed the Company’s proprietary code to learn how to forge certain cookies. The outside forensic experts have identified approximately 32 million user accounts for which they believe forged cookies were used or taken in 2015 and 2016 (the “Cookie Forging Activity”). We believe that some of this activity is connected to the same state-sponsored actor believed to be responsible for the 2014 Security Incident. The forged cookies have been invalidated by the Company so they cannot be used to access user accounts.”

Internal investigation by the SEC determined that Yahoo had enough knowledge of the hacking situation to disclose it in 2014, that several unidentified senior executives of the company failed to “properly comprehend or investigate” the breach and that its legal team should have opened an inquiry about the hacking in 2014. An SEC filing states:

“The Independent Committee found that failures in communication, management, inquiry and internal reporting contributed to the lack of proper comprehension and handling of the 2014 Security Incident.”

This latest information saved Verizon $350 million in its prolonged negotiations to acquire Yahoo which will be deducted from its initial $4.83 billion buyout offer. Also in light of these recent developments, Yahoo’s Chief Executive Officer (CEO) has agreed to take full responsibility for the oversights and will forgo the annual bonus and equity grant which will be redistributed to Yahoo employees.

Read the recent news about Yahoo here

Problems with WordPress

By Diel on November 17, 2023

IT Services in Peril: The Dilemma of Questionable Websites on WordPress.com

IT Services Companies Struggle with Balancing Free Speech and Cyber Security in the Wake of Terrorist Activities

It’s not surprising that IT security is a major concern for tech companies based in the United States, as they are favorite targets of cyber hackers and can unknowingly become breeding grounds for nefarious activities that include global terrorism. These activities focus on American tech companies because they provide the infrastructure necessary for extremist groups around the world to thrive and prosper, while they tread closely on the edge of free speech that is valued and protected by the First Amendment to the U.S. Constitution.

American society highly values the right to free speech and tech companies worldwide are now struggling to determine where free speech crosses the line into something altogether different that can be used for dangerous and nefarious purposes.

One of the latest victims is WordPress.com, which is a free hosting site for any website built with WordPress. Executives of the tech giant are now grappling with that issue after the non-partisan advocacy and research group known as the Counter Extremism Project (CEP) identified WordPress.com as host to a number of questionable websites.

WordPress.com has been identified as a hosting source of websites that feature violent videos (firing squads, beheadings) and dangerous terrorist propaganda that many find offensive and outside the scope of free speech.

Safety is important to us

Automattic is the parent company of WordPress.com and its spokesperson issued a statement saying “While our service is designed to enable users to freely express their ideas and opinions, however controversial, safety is important to us. As such, we don’t allow websites of known terrorist groups or genuine calls for violence against individuals or groups on WordPress.com.” The CEP’s research contradicts that statement and executives at WordPress.com are currently investigating the matter.

The CEP shared correspondence from a WordPress.com employee who identified himself as “Sal P.,” who indicated “WordPress.com is deeply committed to free speech and will not take content down just because we find it offensive or disagree with the point of view,” adding that a review will be conducted of those individuals or groups that CEP alleges maintain iffy websites on WordPress.com and appear on the federal government’s “Specifically Designated Nationals and Blocked Persons List.”

David Ibsen is the Executive Director of CEP and he told The Washington Post “In our experience dealing with tech companies, when they don’t want to do something, they talk about free speech, and when they want to do something, they talk about terms of service.”

Whatever you want to call it, executives at WordPress.com have a huge problem on their hands, as well as plethora of other vulnerable American tech companies.

For IT management and security consulting services contact us.

Is Alexa Spying on You?

By Diel on November 17, 2023

Alexa: Amazon’s Revolutionary Virtual Personal Assistant

Amazon’s contributions to the tech world continue with the introduction of Alexa which is a “virtual personal assistant” that uses Amazon Echo (hands-free speaker system) to provide audio to multiple electronic devices for purposes of asking and receiving responses to a variety of questions. Alexa can also be used for playing music and audiobooks, setting alarms, creating “to do” lists, providing real time information about traffic and weather and other voice interaction capabilities.

Alexa can also act as a “hub” for several “smart” electronic devices which operate using various wireless protocols. Most of those devices allow activation of Alexa by speaking a “wake word” but some require users to push a button to activate Alexa’s listening capabilities. Currently Alexa is only available in English and German languages.

Alexa has created a lot of buzz about privacy issues and questions as to whether or not the device can be used for nefarious spying purposes. After WikiLeaks revealed that the Central Intelligence Agency (CIA) employs a huge arsenal of remote hacking tools, registered users of the website Reddit.com raised the issue of Alexa’s possible collaboration with the CIA. Reddit.com is a website that allows registered users called Redditors to submit content in a variety of forms and those submissions are voted up or down by fellow-Redditors to organize posts and determine where they rank and appear within the website under a variety of categories.

One of the recent submissions was a video clip that poses questions to Alexa with regard to its connection to the CIA in which viewers can hear a woman ask “Alexa, would you lie to me?” to which the device responds “I always try to tell the truth. I am not always right but I would never intentionally lie to you or anyone else.”

The anonymous lady posing the questions in the video then asks “Alexa, what is the CIA?” to which the device immediately responds “The United States Central Intelligence Agency, CIA.” She then asks “Alexa, are you connected to the CIA?” A noise can be heard that resembles the dull “dunk” sound you hear when you click on something that can’t be viewed but Alexa offered no answer. The lady asks the same question again and gets the same sound and no answer, which is completely atypical of the device’s normal response capabilities.

Some folks give Alexa the benefit of the doubt suggesting that it doesn’t respond because it’s experiencing some kind of problem registering the question but others fear the device didn’t know how to respond and is actively recording and spying on them.

Interestingly, Redditors got the same response from other virtual assistants known as Google Now and Apple’s Siri. When they asked Google Now “Are you connected to the CIA?” the device responded “Me? I don’t know.” Similarly, when Redditors asked Siri the same question, the device responded “I can’t answer that.”

It’s not surprising that this video has unleashed a flurry of conspiracy theories about the CIA using multiple electronic devices, including telephones and televisions, to spy on people. Contributing to the conspiracy theories is the fact that it is well known that Amazon has previously worked with the CIA, including in 2014 when the agency paid $600 million for Amazon to develop a cloud computing infrastructure designed to specifically meet the needs of the CIA. Recently Amazon also became involved in a murder trial during which it claimed First Amendment rights to requests for releasing recordings that Alexa might have in relation to the case.

Most companies don’t want to alienate clients by collaborating to exchange information with any government agency but a few have been known to do so in addition to Amazon, including Yahoo which is suspected of being in cahoots with the FBI and NSA by providing user data to those intelligence agencies.

The liberal voice for world, business and sports news, reviews, opinions and analyses known as The Guardian indicated in 2014 that Amazon is also not particularly careful about protecting private user information which promotes and contributes to the perpetuation of conspiracy theories about Alexa.

Amazon attempted to quell conspiracy implications by releasing a statement about the video reviewed by Reddit saying:

“This was a technical glitch which we have fixed. Alexa’s response to this question is:

” Are you connected to the CIA?

“No, I work for Amazon.”

Mitigating Privacy Risks: The Importance of Cyber Security Consulting for Virtual Personal Assistants

In light of privacy concerns surrounding virtual personal assistants such as Amazon’s Alexa, it’s important to consider the potential risks and how to mitigate them. Cyber security consulting can play a crucial role in helping individuals and businesses protect their sensitive information from unauthorized access or data breaches. These services may include conducting security assessments to identify vulnerabilities, developing security policies and protocols, implementing encryption and other data protection measures, and providing ongoing monitoring and support to prevent and address security incidents. By working with a cyber security consultant, individuals and organizations can take proactive steps to safeguard their privacy and mitigate the risks associated with using emerging technologies like Alexa. Give us a call today to find out more about our services.

 

Next Generation iPhones

By Diel on November 17, 2023

IT Consultants Empower Apple’s Next Generation iPhones with Enhanced Face Detection

What’s in Store for Apple’s Next Generation iPhones? IT Consultants Drive Enhanced Face Detection Technology!

What could Apple possibly come up with to incorporate into its next generation iPhones that will make everyone want the updated version? Well, according to the U.S. Patent and Trademark Office, the tech giant has applied for and been issued a Patent for a technology that enables “enhanced face detection using depth information.” That should do it!

The tech giant will use specifically modified software and hardware modules in its newest iPhone creation. According to the Patent and Trademark Office, Apple’s new technology will be available for both still images and videos.

The Patent Application indicates that the new technology uses a combination of camera modules, depth sensors and computer imagery to produce “depth maps” which it uses to accurately identify human faces that appear in the image. Apparently, the new technology breaks down the image into smaller frames or “windows” and then selects one or more in which to “test for presence of human faces.”

The feature uses depth information to make the identification process easier and more accurate, but becomes less reliable when more faces appear at varying depths and locations within the image/video, which could contribute to false detection issues, according to the Patent and Trademark Office.

This news comes amid rumors that c may be ramping up its reality capabilities and might introduce an innovative 3D selfie camera, which will rely on infrared modules that are capable of projecting patterns of optical radiation into images that will allow the device to split the image or video into depth maps.

Until the announcement is made by Apple, these innovative features are pure conjecture but, if and when the new technology becomes available, it will only be included on premium iPhone models and is expected to also have a premium price of over $1000.

The Intersection of Technology Advancements and IT Consultant

It’s interesting how technology advancements like Apple’s new face detection technology can impact different industries, such as IT consulting. With the introduction of new features and capabilities in smartphones, there will be a growing demand for IT consultants to help individuals and businesses navigate and optimize the use of these technologies. In today’s fast-paced and ever-changing tech landscape, having the right IT support is essential for staying competitive and efficient. So, while Apple’s new technology may not directly relate to IT consulting, it’s a reminder of the importance of staying up-to-date with the latest tech advancements and seeking the right expertise to fully utilize them.

App Blocking by Microsoft

By Diel on November 17, 2023

Strengthening IT System Security: Analyzing Microsoft’s App Blocking Feature

The rapid evolution of IT systems and the increasing number of cyber-attacks have made it critical for technology companies to ensure the security of their products. This post will discuss the benefits of Microsoft’s app blocking feature and how it is likely to improve the security of its IT system.

Microsoft is a giant in the technology field and leads the way in development of new innovative software programs designed to make every aspect of life easier.

Because it manufactures so many popular applications, Microsoft software programs have become a lucrative target for computer hackers who target Microsoft users in order to gain access to millions of computers (unbeknownst to computer users worldwide) that hold a plethora of valuable personal and confidential information.

In an effort to curb the nefarious hacking that has plagued Microsoft users worldwide and in an attempt to get customers to use options offered in its “Windows Store” more often, Microsoft is currently evaluating an innovative function for Windows 10 that prevents installation of desktop apps unless they come directly from the official Microsoft Windows Store.

The move by Microsoft to evaluate and implement a new feature for Windows 10 that prevents the installation of desktop apps unless they come from the official Microsoft Windows Store is a significant step towards improving IT system security.

When enabled this option will prevent computer users from installing classic Win32 applications, which include many popularly used programs like Google Chrome and Adobe Photoshop. Win32 is the programming interface used for 32-bit and 64-bit Windows Operating Systems, starting with Windows 95.

Enhancing App Security: Microsoft’s New Feature for Windows 10

This new feature limits the scope of apps users can install and may be very useful to newbies since they are much less likely to install malware on their electronic devices. The Windows Store offers apps to meet most of their needs and newbies can also get a variety of Win32 apps from the Windows Store using Microsoft’s Desktop App Converter.

The new feature is disabled by default in Windows 10, but users can easily enable it if they choose by going to the Apps and Features category and selecting Settings. Users will have the option of allowing or blocking installation of Win32 apps altogether as well as an alternative that gives priority to apps from the Windows Store without blocking standard desktop applications (which will result in a prompt asking for approval of the installation anytime you run a non-Windows Store app).

Users who enable the feature and then attempt to install a Win32 app will get a warning in the form of a dialog box that reminds them that the Windows Store is the only “safe and reliable” place to obtain software.

Microsoft is expected to release the Windows 10 Update in April, 2017 which will include a variety of other new features for use in Windows 10.

Microsoft is also developing an update for its IT system, specifically for Windows 10, which aims to create a truly universal operating system for electronic devices by prohibiting users from installing any Win32 apps. The move is aimed at improving the security of its IT system by restricting access to potentially harmful software that could compromise the system’s integrity.

Exploit Kits — Recent Computer Security Threats

By Diel on November 17, 2023

Navigating the Complexities of IT Security in the Face of Constant Cyber Threats

Cyber criminals are continually devising new ways to invade electronic devices and computer networks in order to steal valuable confidential information that is exploited for nefarious purposes. The never ending introduction of new malicious software (malware) threats is almost impossible for IT professionals to keep pace with, much less prevent, so it is especially difficult for the average computer operator to follow.

Security software developers are also kept busy creating new ways to detect, identify, locate and eradicate malware threats, the ever changing nature of which requires the continual creation of new software programs or updates to existing programs in order to defend against invasive cyber crimes.

Cybercrime has become so prevalent that a standard has evolved for naming various malware threats that are known as “Common Vulnerabilities and Exposures” or CVEs and there are a lot of them.

Challenges Against Malware

The variety and number of computer viruses and malware that IT professionals deal with on a daily basis are staggering. In addition to viruses, ransomware and thousands of other malware security threats, the latest means of illicitly gathering information is known as “exploit kits” (EKs) which are software programs designed to run on web servers that are capable of finding and exploiting vulnerabilities in any and all electronic devices that are connected to and communicate through the server. This enables cybercriminals to upload nefarious software programs and execute malicious codes in multiple vulnerable machines.

It has never been more important to use security software and to install manufacturer updates as soon as they become available. In addition, precautionary measures should include backing up files, removing unused programs, avoiding random clicking, only opening attachments from reputable sources and updating all frequently used programs all of which are essential elements to protecting electronic devices from cyber invasions.

Top 10 Most Prevalent EKs Identified by Intel for IT Security in 2017

Focusing on just one type of cybercrime, the following is a list of the top 10 EKs that Intel has identified as the most prevalent during the first few months of 2017, each of which includes multiple CVEs in the particular class of Exploit Kit:

1 – Neutrino Exploit Kit
Neutrino EK and its predecessor Neutrino-v surged in popularity in the middle of 2016 and are known for infecting compromised sites and malvertising with various malware applications. The creators and distributors of this kit are known as Operation Afraidgate and Operation ShadowGate and there are over 30 CVEs dating back to 2013 that have been identified as current potential threats in this category of Exploit Kits.

2 – RIG Exploit Kit
Created and distributed by Operation Deep Panda, Operation DragonFly, Operation Pitty Tiger and Operation Afraidgate, the latest VIP version of RIG EK is called RIG-v and uses new URL patterns. RIG is spread through advertisements that have been inserted into websites which are legitimate and unknowingly feature those suspicious ads. This EK has been around since 2012 and the nearly 50 updated versions that have been introduced since then keep RIG at the top of the list of biggest cyber threats.

3 – Empire Pack Exploit Kit
The Empire Pack Exploit Kit is also known as RIG-E and was introduced in 2016 to take advantage of flaws in Adobe and Microsoft software applications and 5 different CVEs have been found in this category of EKs.

4 – Sundown Exploit Kit
Operation ShadowGate introduced the Sundown EK which is also known as Beta Exploit Pack and was last updated at the end of 2016. This EK distributes remote-access Trojans (RATs) to malicious links using phishing emails sent directly to computer users who unknowingly click on those malicious links. Sundown EK is known to use steganography (a non-secret data or text used to conceal information) to hide exploitation codes contained within the malware. This EK dates back to 2014 and 17 CVEs have since been identified in this category of EK.

5 – Bizarro Sundown Exploit Kit
This EK is the predecessor of the Sundown EK and was first discovered in October, 2016. Intel has found 5 CVEs in this category dating back to 2014 that were distributed by Operation ShadowGate.

6 – Magnitude Exploit Kit
The Magnitude EK is also known as Popads and uses malvertising attacks to infect a plethora of victims who visit compromised websites. Intel has discovered 25 different CVEs dating back to 2011 in this category of EK.

7 – Astrum Exploit Kit
Astrum EK is also known as Stegano and hides in malicious advertising banners that are used by many websites. Intel has identified 12 CVEs dating back to 2010 in this category of EK.

8 – Sweet Orange Exploit Kit
The Sweet Orange EK uses phishing emails containing malicious links or attachments to spread various malware applications. To date 14 different CVEs have been found in this EK category that date back to 2012.

9 – Sednit Exploit Kit
Three different CVEs dating back to 2013 have been found in this category of EKs which are distributed by a hacking group that calls itself “Sednit” and creates malware that targets flaws contained in Microsoft’s Internet Explorer.

10 – CK Exploit Kit
The CK EK was first discovered in 2012 and affected primarily Korean and Chinese websites with “drive-by” downloads that infected users’ electronic devices. To date 7 different CVEs dating back to 2011 have been identified in this category of EK.

For as long as there have been computers, there have been hackers devoting their time to invading personal privacy and stealing valuable information that is then exploited for nefarious purposes. The types and numbers of viruses, malware, exploit kits and other invasive tools continue to expand exponentially, not only in type and number, but also in sophistication and frequency. It’s never been more important to use up-to-date security software and to maintain a good working relationship with an IT professional who stays abreast of the latest threats and ways to combat them to protect privacy and confidential information.

More information can be found on each of the above-identified EKs as well as multiple other potential cyber threats at Intel’s website (http://tld.mcafee.com/) that is devoted completely to cyber security. This informative site offers a wealth of information about multiple campaigns, vulnerabilities, ransomware and exploit kits that have been and continue to be used to gather confidential information for nefarious purposes.

Top Ten Cyber Threats

By Diel on November 17, 2023

The Constant Battle Against Evolving Cyber Threats and the Role of Cyber Security Companies

Computer operators around the world devote more and more time to fending off nefarious invasions into their electronic devices and computer networks. The ever changing list of viruses, campaigns, vulnerabilities, exploit kits, malicious software (malware) and a plethora of other cyber threats also keep cyber security companies busy keeping track of them so they can manufacture and provide customers up-to-date security software to locate, identify and eradicate cyber threats that are becoming more and more sophisticated and numerous.

It has never been more important to maintain up-to-date security software than today when cyber criminals continue to devise new cleverly deceptive ways to steal valuable information for purposes of exploitation. To help protect against nefarious invaders it is important to install manufacturer updates for all programs (especially those related to cyber security) used frequently and to remove from computers those programs that are seldom or never used in order to eliminate possible vulnerabilities. It’s also advisable to back up important files frequently and to avoid clicking on advertising and other types of links and attachments included in emails unless you are sure of their authenticity.

The U.S. Department of Homeland Security (DHS) divides cyber threats into two categories (vulnerabilities and exposures) and created the standard for security vulnerability names that’s known as Common Vulnerabilities and Exposures (CVE). In depth information about multiple CVEs can be found at https://cve.mitre.org.

Top 10 IT Cyber Threats: Current List from Intel’s Threat Landscape Dashboard

The following is by no means a comprehensive list but comprises the current top ten cyber threats discovered by Intel Corporation which maintains a website devoted solely to cyber security known as the Threat Landscape Dashboard which can be viewed by visiting http://tld.mcafee.com.

1 – CVE-2016-7200

Microsoft Edge’s Chakra JavaScript engine lets remote hackers execute arbitrary code or cause denial of services via memory corruption in crafted websites.

2 – CVE-2016-7201

Operates the same way as CVE-2016-7200.

3 – CVE-2016-4190

Allows hackers to execute arbitrary code or cause denial of services using memory corruption via unspecified vectors on Adobe Flash Player, Windows and Linux.

4 – Cerber Ransomware

Cerber ransomware is sold to distributors in underground Russian forums and targets Office 365 users by encrypting files and playing an audio file that demands ransom to unlock the stolen data.

5 – Locky Ransomware

The continually evolving Locky ransomware does not infect computers using the Russian language but targets Windows users by encrypting files in multiple local and remote locations, as well as removable drives, mapped drives and unmapped networking.

6 – Satan Ransomware

This ransomware is hosted on the Dark Web and is provided free of charge for hackers to use as a “ransomware-as-a-service” (RaaS). Developers of the ransomware require 30% (of the ransom) to use the service and will reduce the amount based on funds actually received.

7 – RIG Exploit Kit

RIG is spread using suspicious ads that have been inserted into legitimate websites.

8 – Neutrino Exploit Kit

This EK and its predecessor Neutrino-v surged in popularity in 2016 and use compromised websites and malvertising to infect computers with various malware.

9 – Operation Shamoon 2

This cyber attack used seemingly legitimate credentials to spread malware across networks targeted in Saudi Arabia in late 2016 and used components similar to attacks perpetrated in 2012.

10 – Operation Methbot

This fraud campaign was discovered in 2016 and uses a bot net that spoofs thousands of name brand website domains to fraudulently net between three and five million dollars every day.

This is only one of multiple lists of top ten threats discovered by Intel and the lists are always changing and the information therein always valuable. It behooves computer operators everywhere to make themselves aware of various cyber threats and to take measures to protect against them.

Read more about this subject here