Wednesday, December 19, 2018

Windows 10 Patching

 In recent Microsoft blog posts, it was revealed that Windows 10 updates come in B, C, D flavours.
The B updates are the 2nd Tuesday you are probably familiar with. The C and D updates are "preview" updates of the patches, fixes, and enhancements that may or may not be released to the user base at the next B update on the 2nd Tuesday.

 Some users view this practice as releasing updates and fixes not fully tested. You can get these C and D updates by checking for updates with the Windows Update System setting. Using the Windows Update system setting is also a method of getting the latest signature updates for Windows Defender.

 In my experience in a large corporate Microsoft environment, the updates released for download are tested, just not by the entire user base. Before the recent Windows 10 quality control issues I felt comfortable and secure in the practice of checking for updates before most daily sessions on Microsoft products. I also check for updates in browsers, VPN, smart phone, routers, wireless access points, and similar.

 Your experience may differ. If so, be aware that manually checking for Windows updates can make you a "seeker" looking for the latest update to protect your environment.

 It is good practice to keep your Media Creation Tool current, take explicit restore points before any and all updates, and practice 3-2-1 backup.

 If your comfort level leans in getting the latest updates/fixes before general release, use the appropriate Windows Setting. If nor, be aware and use caution with the Windows Update setting.

 Important: Microsoft will release out-of-band updates when a serious vulnerability is being exploited. Today, December 19, is one such case. A vulnerability in current use takes advantage of a vulnerability in Internet Explorer. Applying the KB4483224 update should protect you from any site that exploits the un-patched vulnerability. The patch can protect you even if you don't use Internet Explorer as a browser.

Friday, December 7, 2018

Internet of Things Privacy risk?


 For the holiday giving and receiving, a smart device might be under a tree. If so, how Internet safe might they be?

 Baby monitors that connect to the Internet. Helpful? Harmful? Can Internet connected devices connect to your home network devices?

  Mozilla has put together a site to allow checking on the "creepy" factor of devices.


https://foundation.mozilla.org/en/privacynotincluded/


 Your privacy may vary. Using network segmentation is advised.

Apple updates everything 12/06/2018

 Remember Apple does not reveal all security fixes in updates.

 Also Real Time Text can be both helpful and harmful.

 iOS 12.1.1
 macOS Mojave 10.14.2
 tvOS 12.1.1

Tuesday, December 4, 2018

SamSam Ransomware

 I have mentioned the SamSam ransomware strain in past presentations and blog posts. Recently the Department of Homeland Security has issued several bulletins warning of a rapid rise in infections from this ransomware strain. The delivery methods vary, but the effectiveness has caused the DHS bulletins. Companies and individuals infected usually get their files back after paying the ransom and applying the decryption key(s).
 Consider taking the time now to create a backup on an external disk or device that is NOT left plugged in and available to your computer(s).

Monday, December 3, 2018

Caution - Some iPhone apps sneak in fees and charges

 Two apps are cited as being found in the Apple App store. Fitness Balance and Calories Tracker.
There may be more. The tactic employed informs the user to press and hold the Touch ID with the user's finger to identify the user via fingerprint to "unlock" features of the app. The app then uses an in-app payment request to charge the user. Since the fingerprint scanner "pre-scans" the payment request is approved.

 In a similar scam, a game lights up buttons on screen for the user to rapidly touch the flashing button. One of those buttons is an in-app purchase and approve button.

Wednesday, November 28, 2018

Yet another out-of-band Microsoft Windows 10 update November 27, 2018

 Out-of-band updates (not Patch Tuesday) usually imply fixes so dire they can not wait till the normal patch Tuesday update cycle.

 Windows 10 versions prior to the October 2018 update (released November 13 along side of the patch Tuesday updates) have updates available to them today.

 Prior windows 10 updates:
 1607 Anniversary update
 1703 Creators update
 1803 April 2018 update

KB4467682 has a page long list of improvements and fixes.

Wednesday, November 14, 2018

Your information

 Many sites and activities collect information. No fake news there.

 Due to the General Data Protection Regulation (GDPR) the consumer has gained some control and transparency of this information and data.

 Google collects a lot. Spend some time at https://myaccount.google.com to gain insight. Google apps and apps using Google analytics collect information you may or may not see at the Google site.

 Facebook obviously collects all the information you give or post. Facebook also collects information about you supplied by your contacts and friends, the applications and surveys they use, then all their contacts. Use the Your Facebook Information tab on your Facebook page to view the information they provide to account holder's requests.

 Apple recently added the ability to download the information it has collected on your Apple account. Sign in with your apple ID(s) at https://privacy.apple.com/account. The collection and download to the requesting device may take days to compile and complete.

 Another problem/issue is WEB tracking and WEB site analytics.

 Tracking allows sites to "follow" you as you surf using tracking or "third-party" cookies. Most browsers allow user control of these types of cookies. Other blog posts have and will detail more control of tracking.

 Analytics are more troubling to my mind. WEB site analytics allow to collect and reflect back to the sites, any or all user interactions while on the site or any of their child sites. How long it took you to respond to a popup, How long you hovered over a link. Analytics used for good allow the site developer to better tune the site for a better user experience. Analytics used for bad can capture keyboard input like passwords, credit card numbers, then send that information over another encrypted channel to site designed to collect this information, bypassing the encrypted tunnel used by the site visited.

Tuesday, November 13, 2018

Microsoft Windows 10 October update (1809) released today November 13

 The 1809 re-release to occur today November 13. Still called October 2018 update.

 Once you decide is you want the update or want to postpone the update, take the appropriate actions.

Sunday, November 11, 2018

Some reported recent SCAMs

First

This is very clever. `I would probably fall for it if not warned.
Give this wide distribution. This scam is actually very clever. Just
when you thought you'd heard it all. Be very careful out there!
Beware of people gifts.
The following is a recounting of the incident from the victim:
Wednesday a week ago, I had a phone call from someone saying that he
was from some outfit called: "Express Couriers," (The name could be
any courier company). He asked if I was going to be home because
there was a package for me that required a signature.
The caller said that the delivery would arrive at my home in roughly
an hour. Sure enough, about an hour later, a uniformed delivery man
turned up with a beautiful basket of flowers and a bottle of wine. I
was very surprised since there was no special occasion or holiday, and
I certainly didn't expect anything like it. Intrigued, I inquired as
to who the sender was.
The courier replied, "I don't know, I'm only delivering the package."
Apparently, a greeting card was being sent separately. (The card has
never arrived!) There was also a consignment note with the gift.
He then went on to explain that because the gift contained alcohol,
there was a $3.50 "delivery/ verification charge," providing proof
that he had actually delivered the package to an adult (of legal
drinking age), and not just left it on the doorstep where it could be stolen or
taken by anyone, especially a minor.
This sounded logical and I offered to pay him cash. He then said that
the delivery company required payment to be by credit or debit card
only, so that everything is properly accounted for, and this would
help in keeping a legal record of the transaction.
He added, "Couriers don't carry cash to avoid loss or likely targets
for robbery."
My husband, who by this time was standing beside me, pulled out his
credit card, and 'John,' the "delivery man," asked him to swipe the
card on a small mobile card machine with a small screen and keypad.
Frank, my husband, was asked to enter his PIN number and a receipt was
printed out. He was given a copy of the transaction.
The guy said everything was in order, and wished us good day.
To our horrible surprise, between Thursday and the following Monday,
$4,000 had been charged/withdrawn from our credit/debit account at
various ATM machines.
Apparently the "mobile credit card machine," which the deliveryman
carried now had all the info necessary to create a "dummy" card with
all our card details including the PIN number.
Upon finding out about the illegal transactions on our card, we
immediately notified the bank which issued us a new card, and our
credit/debit account was closed.
We also personally went to the Police, where it was confirmed that it
is definitely a scam because several households had been similarly
hit.
WARNING: Be wary of accepting any "surprise gift or package," which
you neither expected nor personally ordered, especially if it involves
any kind of payment as a condition of receiving the gift or package.
Also, never accept anything If you do not personally know or there is
no proper identification of who the sender is.
Above all, the only time you should give out any personal credit/debit
card information is when you yourself initiated the purchase or
transaction!

Second
 This one involves card-less ATMs. Some banks now their customers the ability to use ATMs with a smart phone in addition to the ATM card. Usually preceded by a call from your bank detailing a problem that needs you attention. If you duly provide the account information, the criminals use those bank credentials to log into the bank with your account, add a phone number, then use the card-less ATM access to withdraw funds.

Third
 This was covered in another post. The bank calls, using the Caller ID on your bank card so it will appear to be your bank. Good English and grammar is used. A reported problem, your card was used recently at a remote location. Do you still have possession of your card? You do. Can you verify for the bank the card number?  Can you verify for the bank the expiration date?  The security code? 
 We value you as a customer and will express deliver a replacement card. To process the card the bank needs your account password and/or your PIN. This will save you the valued customer time as your PIN will be preset ready for your use. Again, criminals have all the information they need to withdraw your funds.


 Banks and financial institutions have millions of customers. Anyone who supplies those credentials for you account will fulfill the request. Protect those credentials. For ANY unsolicited request for those credentials, call the bank directly. Do NOT click on a link, do NOT enter info into an unsolicited pop-up or WEB page. Contact the bank at a known good phone number.

Tuesday, November 6, 2018

Your voter Information publicly available

  We got a postal card mailer. No envelope, anyone could read it.
The mailer had our voting record and score   AND the record and score of ALL our neighbors.

 Looking into this, it came as no big surprise that voter registrations, voting records, party declarations (if provided by you), and other details to identify you at the polls. 

 What was a surprise  -  an app for your smart phone that supplies all that information for any/everyone in your contacts lists. The idea being you can then contact those who might not vote and urge them to the polls today.
 OR, just those who've declared to the correct party.

 The app can also supply information on close races, get "badges" for contacting others via the app to vote, and similar.

 All this information is public and obtainable, just not to this level.

Tuesday, October 30, 2018

iOS 12.1 available today, October 30, 2018

 Those with new iPhones are probably aware and updated.
 Some cool features to play with: Group FaceTime, new emojis, dual SIMs (for iPhones equipped), camera enhancements. AND bug fixes.

Friday, October 26, 2018

Windows 1803 out of band patch release

 Today after 18:00 CDT i could load and update KB4462933 on our Windows 10 1803 machines.
No update for the 1809 machine.

 Reports are that the October 2018 update is still causing problems in beta test AND enough issues/problems plague the 1803 April 2018 release     so an out-of-band release.

 You can check the fixes on Microsoft's site for KB4462933 to decide your course of action.

 I applied the patch, no issues yet.

Thursday, October 18, 2018

Texas and other state's Voter records for sale



 A reported dark web site selling voter records. Most of the data is considered public information.

 We used to live in Alaska. Until very recently we would receive political calls on our new phone number here for Alaska elections. These seem to have stopped.

 The news is not that states collect these records. The news is not that the states make available these records. The news is that an entity is collecting, aggregating, then selling these records.

Monday, October 8, 2018

Recent Patching News - 8-Oct-2018

 iOS 12.0.1 released today. Local attacker fixes. Thus someone needs physical access to your iPhone.
Not as uncommon as you may think. You have probably seen people attempting to locate a wondering smart phone in restaurants and other venues, I know I have.  Apple does not always disclose all security issues and it is good practice (sic) to keep up with updates/upgrades.

 Unless you are running Windows. Microsoft has pulled their Windows 10 October 2018 update after reports of user files being deleted/removed. Problem is old profiles for users inactive for a year or more. If you have updated your Windows 10 instance, you should check each and every user account to ensure that account's data is still listed AND available. If not, contact Microsoft for a resolution.

Wednesday, August 22, 2018

Microsoft Outlook tracking

 I noted this in our Microsoft outlook email inbox
 I had not turned this notification on. Yet another instance of "being useful" or more feature rich than the competition.

These were not useful to me. To disable, open Outlook calendar Options 


and disable Events from email.

Monday, July 30, 2018

a recent iPhone iPad scam


 Crafted to cause a sense of panic, these attacks seem to have a list of valid and current iCloud users.
Clicking on the "Call" button will initiate a call to "Apple Care". For a charge on a credit card, the caller will load a "mobile device management" suite to prevent such attacks. Instead the mobile device management suite will enroll you in a suite designed to deliver malware to your iDevice.
 Stories abound with friends, family, neighbors, and others falling for more and more sophisticated attacks.
 When in doubt, which should be almost always, contact the vendor via normal or out-of-band means.

Monday, July 9, 2018

Apple releases iOS 11.4.1 9-July-2018

 Bug fixes and improves the security of your iPhone and/or iPad.

USB restricted mode on as default. Thus USB access restricted after one hour.

If you really want/need to allow USB Accessories after an hour of locking time


AND security updates for most Apple products, MacOS, Safari, iTunes, watchOS, tvOS, and iCloud.

Wednesday, June 27, 2018

CCleaner and Avast AntiVirus install

 Sun City Computer Club members are reporting an install of Avast AntiVirus when loading CCleaner as advised on the club's Windows Malware Removal page.
 As ad blockers become more effective and pervasive, more companies are changing strategy to regain revenue.

 In the case of CCleaner, the unsolicited install of Avast AntiVirus. Avast purchased Piriform (CCleaner's developer) last summer.

 As you may recall CCleaner had problems with distributing malware as part of its install last September.

 More and more sites that distribute applications are offering or loading "companion" applications as well as the intended applications. Read the entire page before downloading. Read the End User License Agreement (EULA) and/or Terms and Conditions before downloading.

 Some users also report difficult or ineffective Avast removal.

 The Global Data Protection Regulation (GPDR) of the European Union has caused some changes in the function of both Avast and CCleaner, causing some to speculate the products were or are collecting user's data.

 CCleaner can be an effective application. This and similar problems/issues are becoming more common. As always be informed, aware, and careful.

Friday, June 22, 2018

Windows June Patch Tuesday

 The June Windows patch and update has 39 important and 11 critical vulnerabilities addressed.

 Of the 50 patch or updates the ones worrisome to researchers include CVE-2018-8225 and CVE-2018-8231.

 CVE is a database of vulnerabilities. For 2018 there are over 12000 listed so far.

 CVE-2018-8225 is a vulnerability in DNS (Domain Name System) that allows a reply to a DNS query to run malicious code in the context of the local system account. Very bad.
 CVE-2018-8231 is a vulnerability in the HTTP protocol stack with a similar affect.

 Some members avoid patching. This month's patch set may not be one to avoid or postpone.