• Posted on March 27, 2017 2:45 pm
    Joseph Forbes
    1

    The Cyber Division of the U.S. Federal Bureau of Investigation (FBI) has issued an alert to warn the healthcare industry that malicious actors are actively targeting File Transfer Protocol (FTP) servers that allow anonymous access. According to the law enforcement agency, attackers have targeted the FTP servers of medical and dental facilities in an effort to obtain access to protected health information (PHI) and personally identifiable information (PII), and use it to intimidate, blackmail and harass business owners. “The FBI recommends medical and dental healthcare entities request their respective IT services personnel to check networks for FTP servers running in anonymous mode. If businesses have a legitimate use for operating a FTP server in anonymous mode, administrators should ensure sensitive PHI or PII is not stored on the server,” the FBI said. The agency cited research conducted in 2015 by the University of Michigan, which showed that more than one million FTP servers had been configured for anonymous access. These servers allow users to authenticate with only a username, such as “anonymous” or “ftp,” and either a generic password or no password at all. The FBI pointed out that vulnerable FTP servers can also be abused to store malicious tools or to launch cyberattacks. “In general, any misconfigured or unsecured server operating on a business network on which sensitive data is stored or processed exposes the business to data theft and compromise by cyber criminals who can use the data for criminal purposes such as blackmail, identity theft, or financial fraud,” the FBI warned. In 2015, IBM named healthcare as the most attacked industry, with more than 100 million records compromised, after in the previous year this sector did not even make it to the top five. An IBM report for 2016 showed that the volume of compromised records was smaller, but the number of data breaches increased, causing operational, reputational and financial damage to healthcare organizations. A report published recently by Fortinet showed the top threats targeting healthcare companies in the last quarter of 2016, including malware, ransomware, IPS events, exploit kits and botnets.

    Blog Entry, DATA, Hacking
  • Posted on March 26, 2017 12:00 pm
    Joseph Forbes
    No comments

    This list describes common causes of slow Internet connections in homes. A poorly performing connection can be caused by broadband router configuration errors, wireless interference, or any of several other technical issues with your home network. Use these tips to not only diagnose but also fix the causes of slow Internet connections. Many of them apply to wireless hotspot connections, too. 1 Check Your Broadband Router Settings stefanamer/iStock As the centerpiece of a network, a broadband router can be responsible for slow Internet connections if configured improperly. For example, the MTU setting of your router will lead to performance issues if set too high or too low. Ensure your router's settings are all consistent with the manufacturer's and your Internet Service Provider (ISP) recommendations. Carefully record any changes you make to your router's configuration so that you can undo them later if necessary. 2 Avoid Wireless Signal Interference United States Radio Spectrum - Frequency Allocations. www.ntia.doc.gov Wi-Fi and other types of wireless connections may perform poorly due to signal interference, which requires computers to continually resend messages to overcome signal issues. Household appliances and even your neighbors' wireless networks can interfere with your computers. To avoid slow Internet connections due to signal interference, reposition your router for better performance and change your Wi-Fi channel number. 3 Beware of Worms... Internet Worms An Internet worm is a malicious software program that spreads from device to device through computer networks. If any of your computers are infected by an Internet worm, they may begin spontaneously generating network traffic without your knowledge, causing your Internet connection to appear slow. Keep up-to-date antivirus software running to catch and remove these worms from your devices. 4 Stop Network Applications Running in the Background Some software applications you install on a computer run as so-called background processes - hidden behind other apps or minimized to the system tray - quietly consuming network resources. Unlike worms, these applications are designed to do useful work and not the kind a person wishes to remove from their device normally. Games and programs that work with videos in particular can heavily utilize your network and cause connections to appear slow. It's easy to forget these applications are running. Always check computers for any programs running in the background when troubleshooting a slow network. 5 Isolate and Repair Faulty Network Equipment When routers, modems or cables malfunction, they won't properly support network traffic at full speeds. Certain technical glitches in network equipment negatively affect performance even though connections themselves can sometimes still be made. To troubleshoot potentially faulty equipment, temporarily re-arrange and re-configure your gear while experimenting with different configurations. Systematically try bypassing the router, swapping cables, and tests with multiple devices to isolate the slow performance to a specific component of the system. Then decide if it can somehow be upgraded or repaired... or if it needs to be replaced. 6 Work with Your Internet Service Provider (ISP) if Necessary Command Prompt - Ping - Unresponsive IP Address. Bradley Mitchell / About.com Internet speed ultimately depends on the service provider. Your ISP may change their network's configuration or suffer technical difficulties that inadvertently cause your Internet connection to run slowly. ISPs may also intentionally install filters or controls on the network that can lower your performance. Don't hesitate to contact your service provider if you suspect they are responsible for a slow Internet connection.

    Blog Entry, DATA, Internet
  • Posted on March 19, 2017 11:16 am
    Joseph Forbes
    No comments

    Websites getting blacklisted is a very extensive problem faced by businesses. When it happens, web masters panic and the vendors face an interruption in their daily business as they struggle to assist their concerned consumers to clean their websites and return online. It can happen due to a variety of reasons. Even Google may blacklist a website, and on an average, it's been estimated that about 10,000+ websites get blacklisted on a daily basis.​ Getting to Know about the Mishap Many businesses cannot afford to install costly monitoring programs or employ security experts and often take time to realize that their site has been blacklisted. Almost 50% of the business owners are warned about the compromised site by a search engine, browser or other alert when they try to visit their own site. Time is the biggest enemy of blacklisted websites as every minute that the site remains blocked is precious and leads to revenue losses due to the bad impact on its marketing activities and eventually sales and loss of the organization’s reputation. Be Prepared to Deal with the Problem It might take several hours or even days to get rid of the malware and protect a website based on the infection’s severity; it also depends on whether or not the website is secured by an effective and frequent backup regimen. The foremost part of the fix is eradication of the malware and restoration of the website. Even after this process, the web masters have to request Google to review the site before getting the block removed. Dealing with Black-listed Websites Web hosts find it to be a nightmare to handle blacklisted client websites, straining their operations and possibly weakening their credibility. Clients generally fail to understand the reason behind the blacklisting of their site and tend to unjustly put the blame on their host. Smart hosting vendors should extend assistance to their customers and help them get over the trouble at the earliest. Hosts that provide robust tools to solve the problem of their clients will finally instil a sense of loyalty and confidence in them. Vendors that lack these tools may waste considerable resources on remediation and in the process, even lose their valuable clients. Blacklist remediation will not be an extensive ordeal if the affected site owners have smart automatic backup regimen in place as they can restore the functionality and files of the affected site easily with the right tools. To help their clients, hosting vendors should be aware of the following remediation steps so that it can be implemented efficiently and quickly as soon as a client finds out that his website has been blacklisted. Look for Malware Check for malware by running efficient antivirus programs on all the computers used by an admin for logging into the website. Also, scrutinize the server logs for any activity by the admin whose computer is infected. Change the logins and passwords for all accounts, including those of database access, FTP, CMS accounts, and system administrator. Ensure that strong passwords are set. A sophisticated hosting provider should let their customers to make these changes easily on a dashboard interface. Let customers know how important it’s to install the latest editions of Operating Systems, apps, blogging platform, CMS, and plug-ins. Delete any new or modified file that has been added to the server after detection of the problem and execute a complete system restore. The restoration can be completed through a single click if you provide a cloud-oriented auto backup and disaster recovery services to your clients. If not, the clients will have to find the latest clean editions of each modified file and manually download them. Request Google to Review the Site and Remove the Blacklist This is the best way for hosting vendors to handle the remediation as soon as possible; just ensure that the tools required for getting a customer’s website back online are ready with you always.

    Blog Entry, DATA, Internet
  • Posted on March 14, 2017 11:45 am
    Joseph Forbes
    No comments

    Several small and midsize businesses are susceptible to Distributed Denial of Service (DDoS) attacks. What would be the best way for such businesses to handle this problem? Plan ahead – this is what security experts suggest based on their experiences in the past! A majority of the small businesses and start-ups have small teams with very little resources to defend DDoS attacks. As indicated by the name of the attack, it stops users from accessing the services and a site by hurling lot of data against the firm’s web and hosting services. If you are wondering if DDoS attacks are really so common that businesses need to be concerned about it, statistics indicate that around 2,000 such attacks happen on a daily basis costing a loss of revenue in the range of $5,000 - $40,000 per hour for businesses. Hackers can be fake vandalists, competitors, hactivists or extortionists. If your company isn’t equipped with professional network security experts, here are few things you can do to stay safe from DDoS attacks. Stay Prepared Every business should have a disaster recovery plan ready for DDoS attacks. Some of the best practices should include identifying the key employees who are given the responsibility. Establish the roles of every team member, their tasks and requirements. Give the team the needed practice on a mock basis so that those involved are aware of how to handle things when a disaster happens inevitably. Work with your internal PR and IT teams, ISP and hosting providers to recognize the susceptible aspects of failure, routes of escape and technical gaps. Understand DDoS Attack  There are many well-tested DDoS prevention programs that run advanced algorithms to identify various kinds of traffic. They try to sniff out, identify and filter different kinds of benign and malevolent bots and allow only legitimate traffic. It’s not easy to judge from just one instance if the hack is just amateurish or professional, though it’s fairly assumed that any network attack that crosses 50 Gbps is likely to be professional. Mostly multiplied under the inoffensive category of 'network security programs,' few of the very common hack devices are called stressors or booters. As implied by the name, these devices intensify and focus the payload of DDoS. Be Ready to Respond with Your Guns As in all cases of disaster reaction, stay calm without panicking. Ensure that your services are up and running; give your customers a brief. Your team can respond readily only if you’ve prepared properly. Co-ordinate with your team members and optimize the tactics for the disaster response. Once the attack is mitigated by your tech team, ensure that the communication team is ready to reveal the details to the press and legal team is prepared to handle the possible regulatory and compliance part. If you are asked to pay the attacker a ransom, don’t do it as this will only mark your organization and they may return for more. Once you are identified this way, other hackers may also sense it and come your way. Learn and Implement Once the attack subsides, try to learn things from the attack. Analyse strongly as to what went right and what went wrong.  Ensure that your legal and IT teams collect the required forensic information. Create a communication protocol to deal with the internal team queries, your clients and the press. Try to detect the network holdups from the attack and select an infrastructure with inherent resiliency. Analysis and communication are the two aspects that will go a long way in preparing for the next attack and enhance your team morale. And, you should be wary of the latest threats emerging in the cyber world such as the latest DDoS Extortion Attack.

    Blog Entry, DATA, Hacking
  • Posted on March 10, 2017 12:02 pm
    Joseph Forbes
    No comments

    The term Denial of Service (DoS) refers to events that render systems on a computer network temporarily unusable.  Denials of service can happen accidentally as the result of actions taken by network users or administrators, but often they are malicious DoS attacks. One of the more recent DDoS attacks (more on these below) occurred on Friday, October 21, 2016, and rendered many popular websites completely unusable for most of the day. Denial of Service Attacks DoS attacks exploit various weaknesses in computer network technologies. They may target servers, network routers, or network communication links. They can cause computers and routers to shut down ("crash") and links to bog down. They usually do not cause permanent damage. Perhaps the most famous DoS technique is Ping of Death. The Ping of Death attack works by generating and sending special network messages (specifically, ICMP packets of non-standard sizes) that cause problems for systems that receive them. In the early days of the Web, this attack could cause unprotected Internet servers to crash quickly. Modern Web sites have generally all been safeguarded against DoS attacks but they're certainly not immune. Ping of Death is one kind of buffer overflow attack. These attacks overrun a target computer's memory and break its programming logic by sending things of larger sizes than it was designed to handle. Other basic types of DoS attacks involve flooding a network with useless activity so that genuine traffic cannot get through. The TCP/IP SYN and smurf  attacks are two common examples. remotely overloading a system's CPU so that valid requests cannot be processed. changing permissions or breaking authorization logic to prevent users from logging into a system. One common example involves triggering a rapid series of false login attempts that lock out accounts from being able to log in. deleting or interfering with specific critical applications or services to prevent their normal operation (even if the system and network overall are functional). DoS attacks are most common against Web sites that provide controversial information or services. The financial cost of these attacks can be very large. Those involved in planning or executing attacks are subject to criminal prosecution as in the case of Jake Davis (pictured) of the hacking group Lulzsec. DDoS - Distributed Denial of Service Traditional denial of service attacks are triggered by just one person or computer. In comparison, a distributed denial of service (DDoS) attack involves multiple parties. Malicious DDoS attacks on the Internet, for example, organize large numbers of computers into a coordinated group called a botnet that are then capable of flooding a target site with immense amounts of network traffic. Accidental DoS Denials of service can also be triggered unintentionally in several ways: many users suddenly trying to access a network or server at the same time, such as visiting a public Web site where a major social event is happening network administrators accidentally unplugging a cable, or incorrectly configuring routers a system becoming infected with a computer virus or worm

    Blog Entry, DATA, KnowledgeBase (KB)
  • Posted on January 26, 2017 11:55 am
    Joseph Forbes
    No comments

    Keeping track of passwords can seem like a hassle. Most of us have multiple sites we visit which require password logins. So many, in fact, that it's tempting to use the same username/password combo for all of them. Don't. Otherwise, it takes only the compromise of a single site's credentials to have a toppling domino affect on the security of all your online assets. Fortunately, there is a fairly straightforward way to have different passwords for each site you use but still make the passwords easy enough to remember. Creating Unique Passwords Before you begin creating strong passwords, you need to consider the use of those passwords. The intent is to create strong passwords unique to each account, but easy enough to memorize. To do this, first begin by splitting the sites you frequently login to into categories. For example, your category list might read as follows: social networking sites auction sites ecommerce sites email accounts banking sites forums A word of note here about forums. Never use the same password for a site's forum as you would for logging into the site itself. Generally speaking, the security on forums is not as strong as it is (or should be) for the regular site and thus the forum becomes the weakest link in your security. This is why, in the example above, forums are split into a separate category. Now that you have your categories, under each appropriate category, list the sites to which you must log in. For example, if you have a Hotmail, gmail, and Yahoo account, list these under the category 'email accounts'. After you've completed the list, you're ready to begin creating the strong, unique, and easy-to-remember passwords for each. Creating Strong Passwords A strong password should be 14 characters. Each character less than that makes it a little easier to compromise. If a site absolutely won't allow a password that long, then adapt these instructions accordingly. Using the 14 character password rule, use the first 8 characters as the common portion to all passwords, the next 3 to customize by category, and the last 3 to customize by site. So the end result ends up like this: common(8)|category(3)|site(3) Following this simple rule, when you change your passwords in the future - which, remember, you should do often - you'll only need to change the first common 8 characters of each. One of the commonly recommended means of remembering a password is to first create a passphrase, modify it to the character limit, then begin swapping characters for symbols. So to do that: Come up with an 8 letter passphrase that is easy to remember. Take the first letter of each word to form the password. Substitute some of the letters in the word with keyboard symbols and caps (symbols are better than caps). Tack on a three letter abbreviation for the category, also replacing one of the letters with a symbol. Tack on a site specific three letter abbreviation, again replacing a single letter with a symbol. As an example: In step 1 we might use the pass phrase: my favorite uncle was an air force pilot Using the first letters of each word, we end up with: mfuwaafp Then we swap some of those characters with symbols and caps: Mf{w&A5p Then we tack on the category, (i.e. ema for email, and swap out one character of ema: e#a Finally, we add the site abbreviation (i.e. gma for gmail) and swap out one character: gm% We now have a password for our gmail account of Mf{w&A5pe#agm% Repeat for each email site, so perhaps you end up with: Mf{w&A5pe#agm% Mf{w&A5pe#aY%h Mf{w&A5pe#aH0t Now repeat these steps for the additional categories and sites within those categories. While this may look hard to remember, here's a tip to simplify - decide in advance what symbol you will equate with each letter. Be sure to check out these other tips for remembering passwords. You may be surprised to learn that some of the oldest advice may just be the wrong advice.

    Blog Entry, DATA, Internet
  • Posted on January 17, 2017 11:59 am
    Joseph Forbes
    No comments

    If you want to completely erase a hard drive, it's not as easy as deleting everything on it. To truly erase hard drive data forever, you'll have to take some extra steps. When you format a hard drive you don't actually erase the hard drive of data, you only erase the location information for the data, making it "lost" to the operating system. Since the operating system can't see the data, the drive looks empty when you look at its contents. However, all the data is still there and, unless you truly erase the hard drive, can be recovered using special software or hardware. The most responsible thing you can do before recycling a hard drive, or even disposing of one, is to completely erase the hard drive. If you don't erase the hard drive, you risk exposing sensitive personal data that you previously deleted - data like social security numbers, account numbers, passwords, etc. According to most governments and standards organizations, there are only three effective methods of erasing a hard drive, the best of which depends on your budget and future plans for the hard drive: 1 Wipe the Hard Drive Using Free Data Destruction Software DBAN (Darik's Boot and Nuke) Hard Drive Wiping Program.By far, the easiest way to completely erase a hard drive is to use free data destruction software, sometimes called hard drive eraser software or disk wipe software. Regardless of what you call it, a data destruction program is a piece of software designed to overwrite a hard drive so many times, and in a certain way, as to make the ability to extract information from the drive nearly impossible. Some more stringent hard drive erasing standards forbid using data destruction software, probably because of the possibility of user error and the variety of software and methods that exist. However, as long as your drive doesn't contain national security information, you should feel very comfortable using any one of these programs to erase a hard drive. How To Wipe a Hard Drive Important: You must erase a hard drive using this method if you, or someone else, ever plans on using the drive again. The next two ways to erase a hard drive will make the drive unusable. For example, you should erase a hard drive this way if you're selling or giving the drive away. 2 Use a Degausser to Erase the Hard Drive Garner HD-2 Hard Drive Degausser. © Garner Products, Inc.Another way to permanently erase a hard drive is to use a degausser to disrupt the magnetic domains on the drive - the very way that a hard drive stores data. Some NSA approved automatic degaussers can erase dozens of hard drives in an hour and cost tens of thousands of dollars US. NSA approved degaussing wands, used to manually degauss a hard drive, can be purchased for around $500 USD. Important: Degaussing a modern hard drive will also erase the drive's firmware, rendering the drive completely useless. If you want to erase a hard drive, but also want it to work properly after being erased, you must erase the drive using data destruction software (option 1, above) instead. Note: For the average computer owner or organization, degaussing probably isn't a cost effective way to completely erase a hard drive. In most cases, physically destroying the drive (below) is the best solution if the drive isn't needed any more. 3 Physically Destroy the Hard Drive Shattered Hard Drive Platter. © Jon Ross (Flickr)Physically destroying a hard drive is the only way to absolutely and forever ensure that the data on it is no longer available. Just as there is no way to extract the written information from a burned piece of paper, there is no way to read the data from a hard drive that is no longer a hard drive. According to the National Institute of Standards and Technology Special Publication 800-88 [PDF], "Destruction of media is the ultimate form of sanitization." Most of the standards that exist to erase a hard drive mention several ways to physically destroy one including disintegration, grinding, pulverization, incineration, melting, and shredding. You can destroy a hard drive yourself by nailing or drilling through it several times, making sure the hard drive platter is being penetrated each time. In fact, any method of destroying the hard drive platter is sufficient including sanding the platter after being removed or shattering it (as shown here). Warning: Wear safety goggles and take great caution destroying a hard drive yourself. NEVER burn a hard drive, put a hard drive in a microwave, or pour acid on a hard drive. If you'd rather not destroy your hard drive yourself, several companies offer the service for a fee. A few services will even fire a round of bullets through your hard drive and send you the video!

    Blog Entry, DATA
  • Posted on January 15, 2017 11:56 am
    Joseph Forbes
    No comments

    The first thing to do after installing a hard drive is to partition it. You have to partition a hard drive, and then format it, before you can use it to store data. To partition a hard drive in Windows means to section off a part of it and make that part available to the operating system. Most of the time, the "part" of the hard drive is the entire usable space, but creating multiple partitions on a hard drive is also possible. Don't worry if this sounds like more than you thought - partitioning a hard drive in Windows isn't hard and usually only takes a few minutes to do. Follow the easy steps below to partition a hard drive in Windows 10, Windows 8, Windows 7, Windows Vista, or Windows XP: Note: Manually partitioning (as well as formatting) a hard drive is not necessary if your end goal is to install Windows onto the drive. Both of those processes are included as part of the installation procedure, meaning you don't need to prepare the drive yourself. How To Partition a Hard Drive in Windows Open Disk Management, the tool included in all versions of Windows that lets you partition drives, among a number of other things.. Note: In Windows 10 and Windows 8/8.1, the Power User Menu is the easiest way to start Disk Management. You can also start Disk Management via command-line in any version of Windows but the Computer Management method is probably best for most people. When Disk Management opens, you should see an Initialize Disk window with the message "You must initialize a disk before Logical Disk Manager can access it." Tip: Don't worry if this window doesn't appear. There are legitimate reasons you may not see it - we'll know soon if there's a problem or not. Skip on to Step 4 if you don't see this. Note: In Windows XP, you'll see an Initialize an Convert Disk Wizard screen instead. Follow that wizard, making sure to not select the option to "convert" the disk, unless you're sure you need to. Skip to Step 4 when done. On this screen, you're asked to choose a partition style for the new hard drive. Choose GPT if the new hard drive you installed is 2 TB or larger. Choose MBR if it's smaller than 2 TB. Tap or click OK after making your selection. Locate the hard drive you want to partition from the drive map at the bottom of the Disk Management window. Tip: You may need to maximize the Disk Management or Computer Management window to see all the drives on the bottom. An unpartitioned drive will not show up in the drive list at the top of the window. Note: If the hard drive is new, it will probably be on a dedicated row labeled Disk 1 (or 2, etc.) and will say Unallocated. If the space you want to partition is part of an existing drive, you'll see Unallocated next to existing partitions on that drive. Important: If you don't see the drive you want to partition, you may have installed it incorrectly. Turn off your computer and double-check that the hard drive is properly installed. Once you've found the space you want to partition, tap-and-hold or right-click anywhere on it and choose New Simple Volume.... In Windows XP, the option is called New Partition.... Tap or click Next > on the New Simple Volume Wizard window that appeared. In Windows XP, a Select Partition Type screen appears next, where you should choose Primary partition. The Extended partition option is useful only if you're creating five or more partitions on a single physical hard drive. Click Next > after making the selection. Tap or click Next > on the Specify Volume Size step to confirm the size of the drive you're creating. Note: The default size that you see in the Simple volume size in MB: field should equal the amount shown in the Maximum disk space in MB: field. This means that you're creating a partition that equals the total available space on the physical hard drive. Tip: You're welcome to create multiple partitions, that will eventually become multiple, independent drives in Windows. To do so, calculate how many and how large you want those drives to be and repeat these steps to create those partitions. Tap or click Next > on the Assign Drive Letter or Path step, assuming the default drive letter you see is OK with you. Note: Windows automatically assigns the first available drive letter, skipping A & B, which on most computers will be D or E. You're welcome to set the Assign the following drive letter option to anything that's available. Tip: You're also welcome to change the letter assigned to this hard drive later on if you want. See How to Change Drive Letters in Windows for help doing that. Choose Do not format this volume on the Format Partition step and then tap or click Next > Note: If you know what you're doing, feel free to format the drive as part of this process. However, since this tutorial focuses on partitioning a hard drive in Windows, I've left the formatting to another tutorial, linked in the last step below. Verify your choices on the Completing the New Simple Volume Wizard screen, which should look something like this: Volume Type: Simple Volume Disk selected: Disk 1 Volume size: 10206 MB Drive letter or path: D: File system: None Allocation unit size: Default Note: Because your computer and hard drive are unlikely exactly like mine, expect your Disk selected, Volume size, and Drive letter or path values to be different that what you see here. File system: None just means that you've decided not to also format the drive right now. Tap or click on the Finish button and Windows will partition the drive, a process that will only take a few seconds on most computers. Note: You may notice that your cursor is busy during this time. Once you see the new drive letter (D: in my example) appear in the listing at the top of Disk Management, then you know the partitioning process is complete. Next, Windows tries to open the new drive. However, since it's not yet formatted and can't be used, you'll see a "You need to format the disk in drive D: before you can use it. Do you want to format it?" instead. Note: This only happens in Windows 10, Windows 8, and Windows 7. You won't see this in Windows Vista or Windows XP and that's perfectly fine. Just skip to Step 14 if you're using one of those versions of Windows. Tap or click Cancel and then proceed to Step 14 below. Tip: If you're familiar with the concepts involved with formatting a hard drive, feel free to choose Format disk instead. You can use my tutorial linked in the next step as a general guide if you need to. Continue to my How To Format a Hard Drive in Windows tutorial for instructions on formatting this partitioned drive so you can use it. Advanced Partitioning Windows doesn't allow for anything but very basic partition management after you create one, but a number of software programs exist that can help if you need them.

    Blog Entry, DATA
  • Posted on January 5, 2017 11:24 am
    Joseph Forbes
    No comments

    You’re not really sure How the Heck They Got Your Password, but they did, and now you’re freaking out. The password to one of your accounts has been cracked and you don’t know what to do to get control back of your account. Let’s look at several things you can do to get control of your account and get things back to a secure state: If Someone Cracked Your Password But You Can Still Log Into Your Account The worst case scenario is that your account password gets hacked and the hackers change your password. Hopefully the security questions that you answered when you set up your account will help you regain control of your account and allow you to reset your password back and lock them out. What if there aren’t any security questions? Many accounts have a password reset process that will allow you to initiate a reset using an email account that you have on file with the account provider. Unless the hacker has changed this email address, you should be able to regain control of your account by having the password reset link sent to your email. If They’ve Taken Control Of Your Account and Locked You Out By Changing The Password If the person who cracked your password has locked you out by changing your password then getting it reset might be a little more complicated. You may need to contact the account support line of the account provider and explain the situation, they should be able to verify that you are who you say you are via other means such as by looking at the phone numbers you have on file, verifying your address, or reviewing the answers to your security questions. Make sure that you inform the account provider that this just happened and that any new information recently added to your account is false and that you want to place your account on hold until everything is sorted out. Reporting the password hack quickly is essential to limiting the damage. If The Account Was Your Main Email Account If your main email account is hacked then things can become even more complicated because, chances are, you have a lot of other accounts pointing to your email account for password reset purposes. Thankfully most email providers have multiple ways of verifying that you are whom you say you are. Follow their account password reset procedures and if all else fails contact their account support. The next step you should take after resetting your main (hacked) email account password is to change all passwords for any other account that you have that point to that account for password reset purposes. The reason: the password crackers could have initiated password resets for those other accounts. Steps to Take To Prevent it From Happening Again: Make Your Next Password Much Stronger When creating passwords to replace ones that have been cracked, you need to create a much stronger, longer, and more complex password. For tips on creating strong passwords, check out our article: How to Make a Strong Password. Use Two-factor Authentication If It’s Offered Another way to prevent future account compromises is to enable two-factor authentication on the accounts that support it. Two-factor authentication usually requires some kind of token, such as a PIN that is sent by the account provider via an already established communication line that you have verified, such as a mobile phone or secondary email account. Other methods of two-factor authentication use fingerprint readers such as those featured on newer iPhones, iPads, and some Android devices. Linking these devices to your account works in two ways.  If you never lose your phone, you will always be notified of when someone or you are accessing online accounts.  If you lose your phone, then someone has your whole life in their hands.

    Blog Entry, DATA, Data Recovery
  • Posted on December 30, 2016 10:00 am
    Joseph Forbes
    No comments

      It's a really awful way to start a day: you press the power button on your computer and nothing happens. Few computer problems are more frustrating than when your computer won't boot. There are many reasons why a computer won't turn on and often very few clues about what might be the problem. The only symptom is usually the simple fact that "nothing works" which isn't much to go on. Add to this the fact that whatever is causing your computer not to start could be an expensive part of your PC to replace - like the motherboard or CPU. Do not fear because all may not be lost! Here's what you need to do: Read #1 below (it'll make you feel better). Pick the best troubleshooting guide (#2 - #9) based on how your computer is acting or #10 if your PC stops at any point because of an error message. Note: The "computer won't start" troubleshooting guides below apply to all PC devices. In other words, they'll help if your desktop or laptop won't turn on, or even if your tablet won't turn on. I'll call out any important differences along the way. Also, all are applicable no matter what Windows operating system you have installed on your hard drive, including Windows 10, Windows 8, Windows 7, Windows Vista, and Windows XP. Steps 1 through 5 even apply to other PC operating systems like Linux.   Don't Panic! Your Files are Probably OK When faced with a computer that won't start most people tend to panic, worried that all the data on their PC is gone forever. It's true that the most common reason a computer won't start is because a piece of hardware has failed or is causing a problem but that hardware isn't usually a hard drive, the part of your computer that stores all of your files. In other words, your music, documents, emails, and videos are probably safe - just not accessible at the moment. So take a deep breath and try to relax. There's a good chance you can figure out exactly why your computer won't start and then get it back up and running. 1.  Don't Want to Fix This Yourself? See How Do I Get My Computer Fixed? for a full list of your support options, plus help with everything along the way like figuring out repair costs, getting your files off, choosing a repair service, and a whole lot more. 2.  Computer Shows No Sign of Power Try these steps if your computer will not turn on and is showing no sign at all of receiving power - no fans running and no lights on the laptop or tablet, nor on the front of the computer's case if you're using a desktop. Important: You may or may not see a light on the back of your desktop PC depending on the kind of power supply you have and the exact cause of the problem. This goes for the power adapter you may be using for your tablet or laptop as well. How To Fix a Computer That Shows No Sign of Power Note: Don't worry about the monitor yet, assuming you're using a desktop or an external display. If the computer is not turning on because of a power issue then the monitor certainly can't display anything from the computer. Your monitor light will likely be amber/yellow if your computer has stopped sending information to it. 3.  Computer Powers On... and Then Off Follow these steps if, when you turn your computer on, it promptly powers back off. You'll probably hear the fans inside your computer turn on, see some or all of the lights on your computer turn on or flash, and then it will all stop. You won't see anything on the screen and you may or may not hear beeps coming from the computer before it shuts off by itself. How To Fix a Computer That Turns On and Then Off Note: As in the previous scenario, don't worry about the state your external monitor is in, if you have one. You may have a monitor issue as well but it's not possible to troubleshoot it quite yet. 4.  Computer Powers On But Nothing Happens If your computer seems to be receiving power after turning it on but you don't see anything on the screen, try these troubleshooting steps. In these situations, the power lights will stay on, you'll likely hear the fans inside your computer running (assuming it has any), and you may or may not hear one or more beeps coming from the computer. How To Fix a Computer That Turns On But Displays Nothing This situation is probably the most common in my experience working with computers that won't start. Unfortunately it's also one of the most difficult to troubleshoot. 5.  Computer Stops or Continuously Reboots During the POST Use this guide when your computer powers on, shows at least something on the screen, but then stops, freezes, or reboots over and over again during the Power On Self Test (POST). The POST on your computer may happen in the background, behind your computer maker's logo (as shown here with the Dell laptop), or you may actually see frozen test results or other messages on the screen. How To Fix Stopping, Freezing, and Reboot Issues During the POST Important: Don't use this troubleshooting guide if you encounter an issue during the loading of the operating system, which occurs after the Power On Self Test is complete. Troubleshooting Windows related reasons why your computer won't turn on begin with #6 below. 6.  Windows Begins to Load But Stops or Reboots on a BSOD If your computer begins to load Windows but then stops and displays a blue screen with information on it then try these steps. You may or may not see the Windows splash screen before the blue screen appears. This kind of error is called a STOP error but is more commonly referred to as a Blue Screen of Death or a BSOD. Receiving a BSOD error is a common reason why a computer won't turn on. How To Fix Blue Screen of Death Errors Important: Choose this troubleshooting guide even if the BSOD flashes on screen and your computer restarts automatically without giving you time to read what it says. 7.  Windows Begins to Load But Stops or Reboots Without an Error Try these steps when your computer powers on, starts to load Windows, but then freezes, stops, or reboots over and over again without generating any kind of error message. The stopping, freezing, or reboot loop may happen on the Windows splash screen (shown here) or even on a black screen, with or without a flashing cursor. How To Fix Stopping, Freezing, and Reboot Issues During Windows Startup Important: If you suspect that the Power On Self Test is still going on and that Windows has not yet started to boot, a better troubleshooting guide for why your computer won't turn on might be #5 above. It's a fine line and sometimes hard to tell. Note: If your computer won't start and you see a blue screen flash or remain on the screen, you're experiencing a Blue Screen of Death and should use troubleshooting guide #6 above. 8.  Windows Repeatedly Returns to Startup Settings or ABO Use this guide when nothing but the Startup Settings(Windows 8 - shown here) or Advanced Boot Options(Windows 7/Vista/XP) screen appears every time your restart your computer and none of the Windows startup options work. In this situation, no matter which Safe Mode option you choose, your computer eventually stops, freezes, or restarts on its own, after which you find yourself right back at the Startup Settings or Advanced Boot Options menu. How To Fix a Computer That Always Stops at Startup Settings or Advanced Boot Options This is a particularly annoying way in which your computer won't turn on because you're trying to use Windows' built-in ways to solve your problem but you're getting nowhere with them. 9.  Windows Stops or Reboots On or After the Login Screen Try this troubleshooting guide when your computer powers on, Windows shows the login screen, but then freezes, stops, or reboots here or anytime after. How To Fix Stopping, Freezing, and Reboot Issues During Windows Login The stopping, freezing, or reboot loop may happen on the Windows login screen, as Windows is logging you in (as shown here), or any time up to Windows fully loading. NTLDR is Missing. 10.  Computer Doesn't Fully Start Because of an Error Message If your computer turns on but then stops or freezes at any point, showing an error message of any kind, then use this troubleshooting guide. Error messages are possible at any stage during your computer's boot process, including during the POST, at any time during the loading of Windows, all the way up to the Windows desktop appearing. How To Fix Errors Seen During the Computer Startup Process Note: The only exception to using this troubleshooting guide for an error message is if the error is a Blue Screen of Death. See #6 above for a better troubleshooting guide for BSOD issues.

    Blog Entry, DATA, Data Recovery
  • Posted on December 28, 2016 8:53 am
    Joseph Forbes
    No comments

    If you were anywhere near the internet in the U.S. on Friday (Nov 2016), you probably noticed a bunch of your favorite websites were down for much of the day. Now experts are saying it’s all because thousands of devices – like DVRs and web-connected cameras – were hacked. Once the hackers had control over these devices, they manipulated them into sending an overwhelming number of requests to a company that serves up the websites for Netflix, Google, Spotify and Twitter. When the traffic became too much to handle, the sites crashed. It was an old-school attack – often called a distributed denial of service attack, or DDoS – powered by the new web of devices called the internet of things or IoT. Security experts have been warning for a few years that internet-connected devices are susceptible to hacking. They just didn’t know exactly what hackers might do once they broke into your connected television, refrigerator or thermometer, for example. (Other than some disturbing hacks on baby monitors, that is.) Now we have our answer, and it’s worse than what the experts imagined. Focusing on security cameras and DVRs that record footage in businesses outside of the U.S., hackers created an army of devices to take down large chunks of the internet. It’s not all the device manufacturers’ fault. Websites and services will have to adapt and do more to prevent attacks like these from being so effective if we want to keep the internet up and running. Here’s a primer on why the devices are so easy to hack, and how hackers turned them into a zombie army that attacked the internet. How internet-connected devices are easily taken over DVRs and security camera are connected to the internet. That’s on purpose, of course. This feature lets users access them remotely, along with anyone else they need to let in. It’s what lets users check in on security cameras when no one’s at home or at a business, and what lets manufacturers update device software without making a house call. But this feature is also kind of a bug. Devices in the so-called internet of things are stupid-easy to connect to remotely by just about anyone, not just those with whom you want to share access. If something is connected to the internet, it has an IP address. If something has an IP address, it can be found on search engines like Google and Shodan, a searchable registry of IP addresses with information about the connected device. Hackers can find hundreds or thousands of hackable DVRs and cameras just by entering some search terms. Then, they try to break in... How hackers can break into your devices Internet-connected devices often come with default passwords. Think you’re the only one whose username and password are “admin” and “admin”? Many, if not most, device makers don’t require you to set a unique username and password, so many people end up sticking with the defaults. Hackers can find a list of vulnerable DVRs on search engines and try out that default password. If you never changed it, they’re in. But even if you do change those defaults, hackers have other options. Advanced methods utilizing services called SSH and telnet let hackers force their way into your device, since changing the password on your device’s web app does not necessarily change the password coded into the device. So while the camera was storing security video to prevent crime, hackers were quietly brute-forcing their way into the DVR and adding it to their army of attack soldiers. So how did a camera take down Twitter? To take over the cameras, hackers inserted Mirai, malicious software that lets bad guys use at least 100,000 devices as soldiers in its zombie army. That’s according to Flashpoint, a cybersecurity company that has been tracking the proliferation of Mirai across the internet of things since it was first used in a massive attack in September. The technical name for this zombie army is a botnet, and hackers have been making them out of computers for a very long time. Now that hackers can make botnets out of the internet of things, they have a more powerful tool to carry out attacks like the one that happened Friday. They used the botnet to send tons and tons of junk requests to Dyn, a company that manages web traffic for all the websites that were affected. Dyn couldn’t sort out the good requests from the bad, and as a result internet users in many parts of the US were cut off from a number of websites. Now you know how an army of DVRs and cameras kept you off Reddit for most of Friday. We still don’t know who the hackers are and what they’ll do next. It also remains to be seen how websites will change their habits to prevent outages like the ones we saw Friday. As for the manufacturers of internet-connected devices, there has been an interesting development. On Monday, connected-camera manufacturer Xiongmai said it will issue a recall of its devices caught up in the botnet army that attacked Dyn on Friday, according to Reuters. If more companies follow suit, it might give manufacturers more reason to lock down cybersecurity on their devices before putting them up for sale.

    Blog Entry, Cloud Apps, DATA
  • Posted on December 22, 2016 12:02 pm
    Joseph Forbes
    No comments

    In the early days of computers, storage was calculated in megabytes and most systems relied on floppy drives. With the rise of hard drives, people could store more data but it ws not very portable. CDs brought digital audio but also the means to provide high capacity portable storage that made it easy to share large amount of data and easy to install applications. DVDs expanded on that by bringing movies and TV shows and capacities well beyond what hard drives could even store. Now through a number of factors, finding a PC that includes any sort of optical drive is becoming very difficult. Rise of Smaller Mobile Computers Let's face it, optical discs are still quite large. At nearly five inches in diameter, the discs are big when compared to the size of modern laptops and now tablets. Even though the optical drives have been greatly reduced in size, more and more laptops have dropped the technology to conserve on space. Even though a large number of ultraportable computers have in the past dropped the drive in order to allow for thinner and lighter systems, the original MacBook Air showed just how thin a modern laptop could be without the drive. Now with the rise of tablets for computing, there is even less space to try and incorporate these large drives into the systems. Even if you are not talking about the size of the mobile computer, the space used up by an optical drive can be used for more practical things. After all, that space could be better used for the battery which can extend the overall running time of the system. If the system is designed for performance, it could store a new solid state drive in addition to a hard drive for added performance. Maybe the computer could use a better graphics solution that would be useful for graphics work or even gaming. Capacity Has Not Matched Other Technologies When CD drives first hit the market, they offered a huge storage capacity that rivaled traditional magnetic media of the day. After all, 650 megabytes of storage was well beyond what most hard drives were at the time. DVD expanded this capacity even further with 4.7 gigabytes of storage on the recordable formats. Blu-ray with its narrower optical beam can almost achieve 200 gigabytes but more practical consumer applications are generally much lower at 25 gigabytes. While the growth rate of these capacities is good, it is nowhere near the exponential growth that hard drives achieved. Optical storage is still stuck in the gigabytes while most hard drives are pushing even more terabytes. Using the CD, DVD and Blu-ray for storing data is just not worth it anymore. Terabyte drives are generally found for under a hundred dollars and offer faster access to your data. In fact, many people have more storage in their computers today than they are likely to use over the lifetime of the system. Solid state drives have also seen tremendous gains over the years. The flash memory used in these drives is the same that was found in the USB flash drives that made floppy technology obsolete. An 16GB USB flash drive can be found for under $10 yet stores more data than a dual layer DVD can. The SSD drives used within computers are still fairly expensive for their capacities but they are getting more and more practical every year such that they will likely replace hard drives in many computers thanks to their durability and low power consumption. Rise of Non-Physical Media With the rise of smartphones and their use as digital music players, the need for physical media distribution has slowly eroded. As more and more people started to listening to their music on these players and then their smartphones, they did not generally need a CD player other than to take their existing music collection and rip it into the MP3 format to listen on the new media players. Eventually, the ability to purchase the tracks through the iTunes store, Amazon MP3 store and other media outlets, the once ubiquitous physical media format has increasingly become irrelevant to the industry. Now that same problem that happened to CDs is also happening to the video industry. DVD sales made up a huge portion of the movie industries revenues. Over the years, sales of the discs have declined greatly. Some of this is likely from the ability to stream movies and TVs from services such as Netflix or Hulu. In addition, more and more movies can be purchased in a digital format from stores like iTunes and Amazon just like they can with music. This is extremely convenient especially for those people that want to use a tablet for watching video while traveling. Even the high definition Blu-ray media has failed to catch on compared to previous DVD sales. Even software which always used to be purchased on disc and then installed has moved into the digital distribution channels. Digital distribution for software is not a new idea as it was done years before the internet through shareware and bulletin board systems. Eventually, services such as Steam for PC games rose up and made it easy for consumers to purchase and download programs to use on their computers. The success of this model and that of iTunes lead many companies to start offering digital software distribution for computers. Tablets have taken this even further with their app stores built into the operating systems. Heck, even most modern PCs do not come with physical installation media anymore. Instead, they rely on a separate recovery partition and backups that are made by the consumer after the purchase of the system. Windows Lacks DVD Playback Natively Probably the biggest factor that will lead to the demise of the optical drive in PCs is Microsoft dropping support for DVD playback. In one of their developer blogs, they state that the base versions of the Windows 8 operating system will not include the software necessary for playing back DVD videos. This decision carried over to the latest Windows 10. This is a major development as it was a standard feature in previous versions of the operating system. Now, users will either have to purchase the Media Center pack for the OS or will need a separate playback software on top of the OS. The primary reason for this move has to do with costs. Apparently, Microsoft says that companies licensing the software were concerned about the overall cost of the software to be installed on the PCs. By removing the DVD playback software, the associated license fees for the video playback codecs can also be removed thus reducing the overall cost of the software. Of course, it will just be one more reason that consumers will likely abandon the hardware as it will be useless without the added software expense. HD Formats, DRM and compatibility Finally, the last nail in the coffin for optical media is the whole format wars and piracy concerns that have been plaguing the high definition formats. Originally, it was the battle between HD-DVD and Blu-ray that made adoption of the new format problematic as consumers waited for the format wars to be worked out. Blu-ray was the eventual winner of the two formats but it has not caught on hugely with consumers and much of this has to do with the DRM schema present and the difficulties of working with it. The Blu-ray specification has gone through multiple revision since it was first released. Many of the changes to the format have to do with piracy concerns from the studios. In order to prevent perfect digital copies from eating into sales, changes keep being introduced to make it more secure from being copies. This change has resulted in some newer discs from not being able to be played in older players. Thankfully computers have all the decoding done by software rather than hardware. This makes them more adaptable but it requires constant upgrading of the player software to ensure functionality with upcoming discs. The problem is that security requirements can change which may result in some older hardware or software from being able to view the videos. The end result is that it can be a major headache for the consumers who wish to have the new optical formats in their computers. In fact, users of the Apple software have it even worse as the company refuses to support the technology within the Mac OS X software. This makes the Blu-ray format all but irrelevant for the platform. Conclusions Now optical storage is not going to completely disappear from computers any time soon. It is just very clear that their primary usage is changing and is not a requirement for computers like they once were. Instead of being used for storing data, loading software or watching movies, the drives will likely be there to convert the physical media into the digital files for playback on computers and mobile devices. It is almost certain that the drives will be completely removed from most mobile computers in the near future. There is little use for the drives when it is so much easier to view them off a digital file than the disc. Desktops will still pack them for a while as the technology is so inexpensive to include and there are not the space issue of mobile computers. Of course, the market for external peripheral optical drives will survive for a while for anyone that still wants to have the capability that will be dropped from their future computers.

    Blog Entry, DATA, EDUCATION