Ransomware is malware that gets installed on a computer by way of an operating system exploit, a user clicking on an infected email, website link or popup ad, or from another infected computer on a network. Ransomware scrambles file data so it can't be read or used, then flashes a screen demanding a ransom to be paid to unlock the files. Attempting to reboot/restart the computer or copy the files off to another location doesn't work because the files are encrypted, and without them being unlocked after paying the ransom, they are unusable.
How to protect yourself:
Use the latest Windows operating system that you can. As operating systems age, they become less and less supported by Microsoft and therefore more vulnerable to attacks. WE recommend no older than Windows 7.
Use Windows Update to keep the latest security patches installed. If your computer does not automatically install updates, you should check manually once or twice a month to keep your operating system updated with the latest patches.
Use a good antivirus/anti-malware package. Any security software is better than none. At the very least use Windows Defender which is a free download from Microsoft. Better ones are Kaspersky or ESET. You can find out more aboutKaspersky here, and ESET here.
Do not click on popup ads that says "Viruses Detected", "Your computer needs to be scanned" or similar verbiage. Do not talk to random people calling your on your phone saying they are from Microsoft or that they have detected a virus on your computer. 100% of these are scammers.
Backup your critical data to an external hard drive or a cloud backup service. We recommend IDrive for cloud backup which you can sign up for free by clicking here. We also sell a wide variety of external hard drives at idahocomputersales.com
If you have questions, call a LOCAL computer technician in your area. If you are in the Treasure Valley call us at (208)-472-2800 or stop in our showroom at 4524 W. Overland Road in Boise.
The ransomware attack unleashed on Friday has affected more than 100,000 organizations in 150 countries, according to Europe's law enforcement agency Europol on Sunday.
The malware, which locks files and asks for payment to unlock them, hit businesses and institutions across the world, including shipper FedEx, train systems in Germany, a Spanish telecommunications company, universities in Asia, Russia's interior ministry and forced hospitals in Britain to turn away patients.
More than 200,000 people around the world have been affected by the malware, Jake Cigainero reports for NPR's Newscast.
"The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits," Europol said in a statement.
As employees return to work on Monday and turn on their computers, the number of infections could rise, the agency said.
The malware, which has been called multiple names including WannaCry, Wanna Decryptor or WannaCrypt, creates a pop-up window informing users that their files are encrypted and are no longer accessible — without a payment. Screenshots of the malware show an initial request for $300 to be paid in bitcoin, with a timer that says the ransom amount will rise if it's not paid within a certain time frame, and files will be lost after that.
Read more here: www.npr.org/sections/thetwo-way/2017/05/14/528355526/repercussions-continue-from-global-ransomware-attack
Attempts at cyber wire fraud globally, via emails purporting to be from trusted business associates, have surged in the last seven months of 2016, the U.S. Federal Bureau of Investigation said in a warning to businesses as it bid to curb such crimes.
Fraudsters sought to steal some $5.3 billion through schemes known as business email compromise, the FBI said in a report released Thursday by its Internet Crime Complaint Center.
That's up from a total of $3.1 billion reported as of the end of May, according to the survey of cases from law enforcement agencies around the world, in which cyber criminals request wire transfers in emails that look like they are from senior corporate executives or business suppliers who regularly request payments.
The total number of business-email compromise cases almost doubled from May to December of last year, rising to 40,203 from 22,143.
U.S. victims jumped to 22,292 by December 2016, from 14,032 in May 2016, and non-U.S. victims of such crime numbered up to 2,053 by December 2016 against 1,636.
Read more here: http://www.businessinsider.com/fbi-warns-that-one-in-4-falling-for-aggressive-new-wire-fraud-campaign-2017-5
f someone invites you to edit a file in Google Docs today, don’t open it — it may be spam from a phishing scheme that’s been spreading quickly this afternoon. As detailed on Reddit, the attack takes targets to a real Google sign-in screen, then asks them to “continue to Google Docs.” But this grants permissions to a (malicious) third-party web app that’s simply been named “Google Docs,” which gives phishers access to your email and address book.
The key difference between this and a very simple email phishing scheme is that this doesn’t just take you to a bogus Google page and collect your password — something you could detect by checking the page URL. It works within Google’s system, but takes advantage of the fact that you can create a non-Google web app with a misleading name.
Read more here: https://www.theverge.com/2017/5/3/15534768/google-docs-phishing-attack-share-this-document-with-you-spam
If you are still running Windows Vista, Microsoft officially ended support for it on April 11th, 2017. This means that no further security or operating system updates. The official statement from Microsoft is as follows:
"As of April 11, 2017, Windows Vista customers are no longer receiving new security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates from Microsoft. Microsoft has provided support for Windows Vista for the past 10 years, but the time has come for us, along with our hardware and software partners, to invest our resources towards more recent technologies so that we can continue to deliver great new experiences."
If you are ready to upgrade to a new system, give us a call. We'll move you into a great new experience.
Browsers such as Chrome, Firefox, and Opera are vulnerable to a new variation of an older attack that allows phishers to register and pass fake domains as the websites of legitimate services, such as Apple, Google, eBay, and others.
Discovered by Chinese security researcher Xudong Zheng, this is a variation of a homograph attack, first identified by Israeli researchers Evgeniy Gabrilovich and Alex Gontmakher, and known since 2001.
A homograph attackA few years back, ICANN voted to allow non-ASCII (Unicode) characters in web domains. Because some Unicode characters look the same, such as Cyrillic "а" (U+0430) and Latin "a" (U+0041), ICANN ruled that using Unicode characters would have led to confusions, and made it harder to distinguish legitimate domains from phishing sites.
That’s why, they voted to use Punycode instead of the real Unicode, in registering Unicode domains. Punycode is specifically equipped to handle this, as it's a standard for representing Unicode text using ASCII characters. For example, the Chinese character “短“ is represented in Punycode as “xn—s7y.”
By default, browser makers were supposed to read the Punycode URL and transform it into Unicode characters inside the browser. Nevertheless, browser makers were quick to understand that Punycode could be used to disguise phishing sites as legitimate sites.
Read more here: www.bleepingcomputer.com/news/security/chrome-firefox-and-opera-vulnerable-to-undetectable-phishing-attack/
An artificial intelligence, or AI program has again beaten a group of human poker players to win $792,000 in virtual money.
The AI program won during a recent competition against experienced poker players in China. More than 36,000 hands were played during a 5-day competition on China’s Hainan Island.
The computer went up against a group of six human players led by Alan Du, a winner in the 2016 World Series of Poker tournament. The human team said it attempted to play against the AI system like a machine, rather than using traditional methods of humans.
The winning system is called Lengpudashi, or “cold poker master.” It was developed by engineers at America’s Carnegie Mellon University. A previous version of the AI system beat four top poker players in the world in a U.S. competition last January.
Artificial intelligence is the capability of a computer to learn to perform human-like operations and make decisions. This can be achieved by putting large amounts of data into a computer for processing.
Algorithms are also used to help computers learn through experiences the same way humans do. This kind of AI technology is used in machine translation systems like Google Translate.
Last year, Google’s AI system AlphaGo beat a Korean champion in the ancient Chinese board game Go.
Read more here: learningenglish.voanews.com/a/artificial-intelligence-computer-beats-human-players-by-nearly-800000-dollars/3808995.html
Read more here: One of the biggest problems with computers, dating to the invention of the first one, has been finding ways to keep them cool so that they don't overheat or shut down.
Instead of combating the heat, two University of Nebraska-Lincoln engineers have embraced it as an alternative energy source that would allow computing at ultra-high temperatures.
Sidy Ndao, assistant professor of mechanical and materials engineering, said his research group's development of a nano-thermal-mechanical device, or thermal diode, came after flipping around the question of how to better cool computers.
"If you think about it, whatever you do with electricity you should (also) be able to do with heat, because they are similar in many ways," Ndao said. "In principle, they are both energy carriers. If you could control heat, you could use it to do computing and avoid the problem of overheating."
A paper Ndao co-authored with Mahmoud Elzouka, a graduate student in mechanical and materials engineering, was published in the March edition of Scientific Reports. In it, they documented their device working in temperatures that approached 630 degrees Fahrenheit.
Ndao said he expects the device could eventually work in heat as extreme as 1,300 degrees Fahrenheit, which could have major implications in many industries.
"We are basically creating a thermal computer," Ndao said. "It could be used in space exploration, for exploring the core of the earth, for oil drilling, (for) many applications. It could allow us to do calculations and process data in real time in places where we haven't been able to do so before."
By taking advantage of an energy source that has long been overlooked, Ndao said, the thermal diode could also help limit the amount of energy that gets wasted.
"It is said now that nearly 60 percent of the energy produced for consumption in the United States is wasted in heat," Ndao said. "If you could harness this heat and use it for energy in these devices, you could obviously cut down on waste and the cost of energy."
The next step is making the device more efficient and making a physical computer that could work in the highest of temperatures, Ndao said.
Read more here: www.sciencedaily.com/releases/2017/04/170418094538.htm
The ShadowBrokers, an entity previously confirmed by The Intercept to have leaked authentic malware used by the NSA to attack computers around the world, today released another cache of what appears to be extremely potent (and previously unknown) software capable of breaking into systems running Windows. The software could give nearly anyone with sufficient technical knowledge the ability to wreak havoc on millions of Microsoft users.
The leak includes a litany of typically codenamed software “implants” with names like ODDJOB, ZIPPYBEER, and ESTEEMAUDIT, capable of breaking into — and in some cases seizing control of — computers running version of the Windows operating system earlier than the most recent Windows 10. The vulnerable Windows versions ran more than 65 percent of desktop computers surfing the web last month, according to estimates from the tracking firm Net Market Share.
The crown jewel of the implant collection appears to be a program named FUZZBUNCH, which essentially automates the deployment of NSA malware, and would allow a member of agency’s Tailored Access Operations group to more easily infect a target from their desk.
According to security researcher and hacker Matthew Hickey, co-founder of Hacker House, the significance of what’s now publicly available, including “zero day” attacks on previously undisclosed vulnerabilities, cannot be overstated: “I don’t think I have ever seen so much exploits and 0day [exploits] released at one time in my entire life,” he told The Intercept via Twitter DM, “and I have been involved in computer hacking and security for 20 years.” Affected computers will remain vulnerable until Microsoft releases patches for the zero-day vulnerabilities and, more crucially, until their owners then apply those patches.
“This is as big as it gets,” Hickey said. “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”
Read more here: theintercept.com/2017/04/14/leaked-nsa-malware-threatens-windows-users-around-the-world/
Microsoft has started blocking Windows 7 and Windows 8.1 updates for computers running certain new chipsets.
The company announced plans last January to block next-generation Intel, AMD and Qualcomm processors from system updates on older versions of Windows, but didn't reveal when support would be cut.
The process appears to have just kicked off.
Social media users are reporting that Microsoft is now blocking access to Windows 7 and 8.1 updates on devices running Intel's Kaby Lake processors.
Instead of the normal download screen, users attempting to update their systems are facing an error message reading, “Your PC uses a processor that is designed for the latest version of Windows.
"Because the processor is not supported together with the Windows version that you are currently using, your system will miss important security updates."
Microsoft has tried to justify the move by saying that the processors offer new capabilities that makes compatibility with older systems difficult, but it's also being seen as yet another aggressive technique designed to migrate more customers to Windows 10.
Changes to Microsoft's policy have also created plenty of confusion.
Skylake processors were included in the original policy announcement, but Microsoft has back-pedalled now says that some devices running the chipset will continue to receive Windows 7 and 8.1 updates, while others won't.
Machines running Ryzen, Kaby Lake and other new processors will have to upgrade to Windows 10.
Microsoft has released a Windows lifecycle fact sheet to clarify the situation.
Read more here: www.independent.co.uk/life-style/gadgets-and-tech/news/windows-7-update-microsoft-81-download-windows-10-software-a7684256.html