by Felicien | Aug 16, 2018 | Education
If you are connected to the internet, then you are a target for malware, viruses, and hackers. Every day, 350,000 new malware programs come to the surface. Your firewall and anti-virus protection can only provide so much security. That is why it is very important that you know how to spot fraudulent software and fake updates. Fortunately, there are several common red flags that you and your colleagues can learn to watch out for.
t
Red Flag #1: An Offer to Scan Your System Pops Up on Your Screen
Be very wary of software pop-up ads! If an ad (often disguised as an alert) pops up unexpectedly on your screen and offers to scan your computer for malware or viruses, do not click on it. There is an extremely high probability that the real malware or virus is the downloadable software itself. For example, many of these fake software pop-ups will install a keylogger that records your keystrokes, including logins and passwords – which compromise your system and any accounts that you access through the infected computer. Anti-virus and anti-malware software should only be purchased and installed from well-known, reputable sites.
Red Flag #2: You Receive an Alert That Your Device is Full of Viruses
If an ad is warning you that it has already discovered multiple viruses on your computer, this is another red flag that the software is fake. If you click on the ad, then it will offer to install software to clean up your computer — but the truth is, this program will infect your computer with viruses or malware. This is not how real antivirus software actually warns users.
Red Flag #3: Software Suddenly Demands Your Information
The sneakiest of software scams are often introduced to your computer through an infected email that provides a way for malware to be installed on your system. This malware will provide you with an alert that looks very much like a legitimate anti-virus software alert. If you click on the alert, it will eventually request your credit card information or your personal information. Real anti-virus software never does this.
Red Flag #4: You Receive an Email with an Update Link
If you receive an email with a link to update, beware. The vast majority of modern software and apps will alert you through the software itself or via the system tray when an update is imminent, not with an email. Chances are that the update link in that email will install malware or result in a drive-by download. Beware of emails like this. They should not be opened; much less should any links inside them be followed.
Red Flag #5: A Pop-up Appears That Informs You That You Need to Update A Plug-In
Many of us have problems browsing the web when a pop-up appears via our web browser and tells us that a particular plug-in, say Adobe Flash, needs to be updated or we cannot view the page. These pop-ups can be incredibly convincing, with authentic looking logos. But do not be deceived. This is malware. That is not how a reputable software company will let you know that an update is needed. Never update your software through a browser pop-up.
Red Flag #6: You Receive an Alert from Software You Don’t Own
This one might seem a bit obvious, but many people don’t keep track of what software is on their system, especially if it is a work computer. Because of that, it can be easy to fall for a serious looking alert and click on it before making sure that software in question is something that is actually installed on the system. This trap is more common in businesses than on personal computers, but equally dangerous for both.
Red Flag #7: You get a Pop-up Alert That Your Browser is Outdated
Once again, this is not how modern browsers let you know that you are running an outdated version. This particular scam started making the rounds in February of this year. It detects what type of browser you are using and tailors the pop-up to that browser, with pretty convincing graphics.
Being Smart
Make sure you know what software you actually have installed on your system, especially when it comes to anti-virus software. Be familiar with how that software alerts you that an update is needed, and whether or not it automatically updates. Do not trust updates by email, or any browser pop-ups that try to get you to install something. Be careful about letting a program have access to your computer, or update your browser. Legitimate companies do not use those methods!
Conclusion
A little awareness and common sense can go a long way in helping you and your colleagues to avoid falling for scams that can compromise cybersecurity. In an age of ever-evolving cyber threats, a healthy dose of suspicion can go a long way toward protecting your computer from malicious software and internet scams!
by Felicien | Aug 16, 2018 | Education
What Do We Know About Terminal Fault (L1TF) Chip Vulnerabilities?
Understanding The L1 Terminal Fault (L1TF)
Intel has recently confirmed L1 Terminal Fault (L1TF) chip vulnerabilities in its processors that can be manipulated by malware and malevolent virtual machines with the intention of stealing private information from a computer’s memory.
Who or What is Vulnerable?
In short, Intel’s desktop, workstation, and server CPUs are exposed. What Intel initially described as impregnatable memory, has been found to have holes. That means sensitive data from other software and other customers’ virtual machines can be stolen from malicious software and guest virtual machines either on a vulnerable device or a cloud platform.
This private information may involve personal and financial accounts, passwords, and encryption keys. Also, they pose a threat to be taken from other customers’ virtual machines, including both System Management Mode (SMM) memory and SGX enclaves.
SGX, made by Intel technology, is intended to guard private information from code geared to peep and pry.
SMM serves as a computer’s clean-up operator. This is an alternate software system that is usually placed in the computer’s firmware. It also has total control over the computer’s hardware and absolute admittance to all of its data.
Let’s break down the three areas, which Intel has named its L1 Terminal Fault (L1TF) bugs:
CVE-2018-3615
CVE-2018-3615 impacts Software Guard Extensions (SGX). More specifically, Intel says, “Systems with microprocessors utilizing speculative execution and software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via side-channel analysis.” The researching teams who discovered CVE-2018-3615, named the vulnerability, Foreshadow.
The Fix:
Fixing this vulnerability will require the microcode update. To be safe, it is also recommended that you update your operating system and VM hypervisor. The patches should be available now for just about all operating systems.
This bug was discovered by two different groups:
Jo Van Bulck, Frank Piessens, Raoul Strackx from imec-DistriNet – KU Leuven.
Marina Minkin, Mark Silberstein from Technion, Ofir Weisse, Daniel Genkin, Baris Kasikci, Thomas F. Wenisch from The University of Michigan, and Yuval Yarom from University of Adelaide and CSIRO’s Data61.
CVE-2018-3620
According to Intel, “Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis.” In short, CVE-2018-3620 affects operating systems and SMM.
The Fix:
To fix this, operating system kernels will need to be patched. Also, the SMM needs the microcode update, to be safe.
CVE-2018-3646
Intel states, “Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and side-channel analysis.” CVE-2018-3646 affects hypervisors and virtual machines.
The Fix:
Fixing CVE-2018-3646 will require the microcode, operating system, and hypervisor updates in order to protect your data.
Extra Fix:
The way hypervisor software operates is by allowing virtual machines or processors to be run off shared resources of a physical server. At the same time, they use multi-threading – a technique by which a single set of code can be used by several processors at different stages of implementation. Intel calls this Hyperthreading, and it can split one of its cores to act like two separate processors of the multi-core CPU for the hypervisor. This technique creates what Intel calls “sibling threads.”
Since these threads share a pool of L1 cache memory attached to the core, a malicious guest, on one of the virtual processors, could manipulate the third variant of the L1 Terminal Fault and get data used by the other sibling thread.
Even though the virtual processor will recognize this and deny the request of the hacker, if the data is in the cache at the same time, it can be revealed to the hacker.
Both CVE-2018-3620 and CVE-2018-3646 were discovered by Intel’s engineers after the university researchers who discovered “Foreshadow” informed Intel about CVE-2018-3615, the SGX issue.
The Ultimate Fix
The real fix to all these problems will be made by replacing the processors. As Intel stated, when addressing L1TF, “These changes begin with our next-generation Intel Xeon Scalable processors (code-named Cascade Lake), as well as new client processors expected to launch later this year.”
For now, the best advice is to keep patching and be aware of any changes you see in the area of performance and speed with the patches.
by Felicien | Aug 16, 2018 | Education
As providers are all too well aware, their payments from Medicare are affected by their score in the Merit-based Incentive Payment System (MIPS). MIPS imposes a number of requirements; if these are not met, payments may be reduced or denied.
The MIPS requirements apply to all Medicare claims, even those whose performance is not necessarily affected by a MIPS constraint. Among these universal requirements is the meaningful use of electronic health records (EHRs). Within the EHR requirements, we have the promotion of interoperability with other EHR systems, and within that, we have the security requirements. Among the security requirements is an annual security risk assessment.
What Has Changed?
In the Federal Register of July 27, 2018, the Centers for Medicare and Medicaid Services (CMS) proposes that the current security risk assessment requirement in MIPS be replaced. The suggested replacement will be an attestation to the activities included in the security risk assessment standard that has been performed in the past MIPS year.
This essentially switches the scoring of the security risk requirement from the equivalent of a numeric grade to a pass/fail scoring system. A practice or institution passes if it has done the assessment; how well it has done on the assessment falls by the wayside. The requirements are stated in a bare-bones fashion in the Code of Federal Regulations at 45 CFR 164.308.
CMS states that their rationale is, in part, a result of the realization that a risk assessment is done well, or not at all.
What A Serious Risk Assessment Entails
The thinking behind this can be found in the Office of Civil Rights (OCR) newsletter for April 2018. This newsletter distinguishes a gap analysis (“find the holes”) from a security risk assessment (“make sure there are no holes”). It is a highly useful guide to discerning the scope and the level of effort required for a serious risk assessment.
An article on the HHS website goes into greater detail explaining what is subject to the security rules and why:
All e-PHI created, received, maintained or transmitted by an organization is subject to the Security Rule. The Security Rule requires entities to evaluate risks and vulnerabilities in their environments and to implement reasonable and appropriate security measures to protect against reasonably anticipated threats or hazards to the security or integrity of e-PHI. Risk analysis is the first step in that process.
The guidance issues from OCR noted that the CFR requirements are divided into two categories: required and addressable.
The addressable requirements are not optional. Rather, if the approach specified in an addressable requirement is not feasible, the provider organization must develop an effective alternative to approach to achieve the same end and document this. The tendency to document-but-not-implement should be firmly resisted.
Did You Really Do A Risk Assessment?
Experts suggest that OCR has significantly underestimated the time required to do a serious risk assessment. Obviously, you have to look at hardware-associated risks. Are the BIOS files in your desktops and laptops updated? Has router firmware been updated?
You must take a hard look at software-associated risks as well. Are operating systems patched? You must strategically assess administrative risks: are you enforcing complex password requirements? Are you using biometric identifiers? Is data access truly on a need-to-know basis?
A Helicopter-Level View Is Not Adequate
The reader may protest that those concerns are nowhere to be found in the guidance. True. The point is that an adequate risk assessment will have revealed these as questions that need to be asked on a day-to-day operational basis. A risk assessment that is not dynamic misses all the critical points of vulnerability.
A risk assessment should point out any unnecessary risks and then offer a solid plan to eliminate them. It’s good to remember that the whole point of the endeavor is to make sure that the government (and all organizations) move toward better Internet and network security. With cyber breaches occurring on almost a daily basis, there’s every need to be more cautious about how we handle, store, and transmit Big Data.
The current cost of a data breach has reached between $1.3 million and $3.5 million. The number one most sought-after data that hackers are vying for is healthcare information. On the Dark Web, 30,000 up-to-date healthcare records will fetch a pretty price.
Conclusion
Under this proposed rule change, you will no longer be given a percent of compliance score on your risk assessment. You will simply be in or out of compliance. The upside is less administrative hassle; all you have to do is carry out the activities and attest that you did this. The downside is that this may lead to a relaxation of vigilance at a time when threats are constantly increasing.
by Felicien | Aug 15, 2018 | Education
Hackers are constantly throwing in new and clever phishing attacks that threaten email users’ security. KnowBe4, one of the top security attentiveness and simulated phishing platform contributors recently issued the top 10 phishing email subject lines from this year’s second quarter. Please note, the attacks used most often contain email subject lines that relate to a user’s passwords and security warnings.
An estimated 1 out of 3 people will open a phishing email each day. This tricky way of gathering people’s personal and financial information is getting bigger, despite all the warnings from technology experts.
What is Phishing?
Phishing is a technique that hackers practice to steal personal information, like credit card info or login authorizations. The hacker replicates an existing login page from an online service such as Dropbox, Apple, Gmail or your financial institution. This made-up website holds a code that delivers all the personal data you submit directly to the hacker. To lure you to the bogus website, hackers send a believable email to you. Quite often, the email sent to you will ask you to log in to your bank account because your bank has exposed a transaction that you did not authorize.
Hackers can make these emails look and sound real and their exploits have been very successful. They often use fear. The email will make it sound like you need to take action NOW! So without really checking, the victim clicks the bad link and continues to the bogus landing page where they give the cyber thief their log-in and password information.
Why is Phishing a Concern?
It is reported that consumers, businesses, and organizations will lose an estimated $9 billion in 2018 globally. With so much personal information tied to finances now shared online, hackers use phishing in order to illegally steal your money.
The Anti-Phishing Working Group (APWG) latest quarterly release reported:
Over 11,000 phishing domains were created in the last quarter alone.
The number of phishing sites rose 46% over the previous quarter.
The practice of using SSL certificates on phishing sites continues to rise to lure users into believing a site is legitimate.
Is Phishing Just a Risk for Personal Users?
Because they store a lot of files in the cloud, Phishing is also a risk for all kinds of companies: Digital design companies, financial institutions, security companies, etc. According to hackmageddon.com, there were 868 reported company security breaches or cyber-attacks in 2017.
What do Hackers need to be successful?
There are generally three things hackers do to gain access to your information:
Build an email account to send emails
Buy a domain and set up a fake website
Think of a tech company that is used often to mask itself as a legit website (Dropbox, Amazon, eBay, etc.)
What Can I Do to Avoid Phishing?
It has become increasingly difficult to guard yourself against phishing. As hard as Apple, Google, and other tech companies have worked to filter them out, hackers are always devising new ways to phish. However, here are some tips on spotting phishing emails:
Try to avoid clicking on buttons and/or links in emails.
Begin using password managers. A password manager aids the user in creating and retrieving complex passwords and storing the passwords in an encrypted database. Therefore, if hackers get one of your passwords, they can’t use it on any of your other accounts.
Don’t put total faith in the green lock icon in your address bar. This only ensures that it is a private channel but does not inform you about who you’re communicating with.
Allow 2FA (two-factor authentication). Two-factor verification is an extra layer of safekeeping otherwise known as “multi-factor authentication.” 2FA requires a password and username, and also something that only the user knows (mother’s maiden name) or has (passcode texted to another device, such as a cell phone).
Be extra cautious if the browser plugin of your password manager doesn’t show your login credentials automatically.
Be quick to report suspicious emails to your friends and colleagues. Organizations who make it easy for their employees to report attacks will see a significant decrease in cyber-attacks. The quicker an IT department can respond to a threat, it will minimize the threat potential damage inflicted on people.
Ironically, the trend for most of these phishing emails are warnings about security alerts.
Here are the top 10 from Q2:
Password Check Required Immediately (15 percent).
Security Alert (12 percent).
Change of Password Required Immediately (11 percent).
A Delivery Attempt was made (10 percent).
Urgent press release to all employees (10 percent).
De-activation of [[email]] in Process (10 percent).
Revised Vacation & Sick Time Policy (9 percent).
UPS Label Delivery, 1ZBE312TNY00015011 (9 percent).
Staff Review 2017 (7 percent).
Company Policies-Updates to our Fraternization Policy (7 percent).
by Felicien | Aug 15, 2018 | Education
If you are in a startup company or run a small business, the simplest software update can easily cause anxiety for you and your group of employees. Everyone has experienced the update that causes glitches and hiccups that can disrupt the workflow.
With that said, why should you upgrade to Windows 10? Is it worth the hassle? Let’s look at the reasons why upgrading to Windows 10 will benefit you and your team in the long run.
10 Reasons Why You Should Upgrade to Windows 10
The Need for Speed
One of the major advantages Mac has had over Windows for years is the speed at which they start up when the power button is pushed. Windows 10 has a feature called Fast Startup. How it works is when you shut down your computer, rather than just placing everything in RAM, Windows will save an image of your loaded kernel and drivers in what Microsoft calls the hiberfile. The next time the system boots up, it just reloads this file, making it boot abundantly faster.
The Return of the Start Menu
For Windows 10, Microsoft has created an updated version of the Start menu that includes the familiarity of the classic menu from older versions along with parts of the Start screen that they introduced with Windows 8.
In this newest version, you will see a left rail with buttons to access different settings and locations. On the right, there are Live Tiles, which will light up to keep you up to date.
Talk to me, Cortana
The ability to be able to talk and interact with your technology hands-free is liberating and can also be exciting. Not only can you instruct Cortana to play music or jot down notes for you, Cortana will remind you to pick up needed items using your Android iPhone and Windows Phone. Another smart feature Cortana offers is Her Notebook, which tracks your interests, giving you information, such as when your favorite band is in town, team scores, local weather, and even traffic updates for your drive to and from work.
Apps at Your Employee’s Fingertips
For those still using Windows 7, there is no way to utilize the app store. Windows 10 opens up the possibilities for your team to get software more readily to assist them with various tasks. Windows 10 makes these apps safer as well, since they now run in their own sandboxes. Utilizing social media to promote your business is easier with Windows 10 and the easy-to-use media apps, which include access at your fingertips to the following:
Photos
Videos
Calendars
Maps
Mail
Music
People
The Added Touch
Microsoft took all of the basic features from Windows 8, but then added several new ones in Windows 10. The 2-in-1 laptops with Windows 10 allow you to have both touchpads and touchscreens in one device. Microsoft is adding the touchscreen to many desktop and laptop computers.
A Call to Action
Windows 10 gives you the advantage of allowing pops-up notifications for messages, updates, and important news. The Microsoft Action Center shows messages from email, system updates and warnings, and messages and updates from apps. Sometimes the updates come at a time when you are absorbed in a project or task. When that happens, you can quickly dismiss the notification. Windows 10 gives you the opportunity to go back and see the entries you missed when you are not as busy.
A New Browser
Windows 10 comes with a brand-new browser called Microsoft Edge, which has great compatibility and speed. Tests have revealed that Edge is easier on both tablet and laptop batteries than Chrome. It is 15% more secure than Chrome as well.
Added Security
Keeping Secure Boot from Windows 8, Microsoft has made it even more secure. A specific code runs immediately when your computer starts up to make it incredibly difficult to penetrate. Windows 10 makes it so there is no way around these security measures. Windows 10 also implements Device Guard which provides better security against malware.
The Virtual Desktop Advantage
Just like on a Mac, Windows 10 lets you open multiple windows and apps at the same time. If you are multi-tasking on a work project and personal tasks, you can easily do this with Windows 10 and the virtual desktop feature.
Xbox App
Windows 10 has an Xbox app that allows you to track your online friends, while also letting you stream games from the console to the PC. Utilizing The Windows Store gives Xbox players an easy way to find and purchase games with a simplified flow between the PC and Xbox.
Wrap Up
Upgrading to Windows 10 shouldn’t be stressful or difficult. Though it does take a few minutes to perform the update, you’ll have access to some new and helpful features. In addition, your network security will be improved. Once you get the hang of it, you’ll wonder why you waited so long to make the move.
