Computer News & Safety tips  – Harry Waldron MVP Rotating Header Image

EMAIL Security – Google Docs download phishing attack FEB-2017

This new email phishing attack has been successful as it pretends to be an email attachment download.  Using realistic looking Outlook login screen, the bad guys capture just enough information to steal credentials.  When email ID/password is discovered, attackers quickly use them to spread more spam based phishing attacks to compromise even more user email accounts.

https://isc.sans.edu/forums/diary/Dynamite+Phishing/22121/

Last week I ran across a very successful phishing campaign, what’s odd in most ways it was nothing special. The attacker was using this more like a worm, where stolen credentials would be used within the hour to start sending out a mass amount of more phishes. I’ve decided to call this “Dynamite Phishing” because there is nothing quiet about this at all. It seems about 40% of the credentials were used for more mailings, and the other account’s credentials had not been used.

The initial phishes came in from a K12 domain from several affected individuals. The email subject was  “You have an Incoming Document Share With You Via Google Docs”. The contents of the email were base64 encoded, while it appears to be common Content-Transfer-Encoding, it’s not something I typically run into especially when looking at Phishes.

The link in the document went to a malicious landing page, that was setup as a generic Outlook Web Access 2013 login page.  The attacker would then login with stolen credentials to spam extensively to all contacts.  While most people have good protections from Emails coming from external entities into their email environment, many don’t push the same protections intra-domain.  The volume of email sent from the Phished accounts to other Internal accounts is what made this so successful.

Smartphones – 2017 Mobile World Congress links

The MWC 2017 conference in Barcelona features some of latest developments from major smartphone manufacturers

http://www.mirror.co.uk/tech/mobile-world-congress-2017-biggest-9925547

http://www.mirror.co.uk/all-about/mobile-world-congress

https://www.mobileworldcongress.com/

The MWC trade show in Barcelona is the second biggest of the year, following the Consumer Electronics Show in January. All the major smartphone manufacturers including Samsung, HTC, Microsoft, Xioami and LG use the show to debut their latest handsets as well as smartwatches and tablets.

Windows 10 – Samsung Galaxy notebook business evaluation

This review by CIO magazine shares some of advantages in use of Windows 10 verses the Chromebook, Apple tablets, or Android tablet.  The evaluation is primarily focused on business usages for mobile or remote workers. 

http://www.cio.com/article/3175050/tablets/first-impressions-of-samsungs-galaxy-book-with-windows-10.html

Samsung has announced its latest Windows 10 hybrid — the Galaxy Book. It’s follows the same design as its predecessor, featuring a keyboard portfolio that also acts as a stand for the tablet and adjusts to three different viewing angles. However, Samsung took all the customer feedback on the first device, and focused on improving the hybrid.  I had a chance to get hands-on time with the Galaxy Book ahead of its announcement at MWC 2017. And, although my time with the device was limited, based on my first impression, it seems Samsung might finally have an enterprise-worthy hybrid.

Samsung chose to go with a bigger keyboard and backlighting help make the device feel more like a notebook than the Tab Pro S.  The 12-inch model includes an Intel Core i5 and 8GB of RAM — more than enough for the average user; the tablet also includes two fans to help prevent overheating. I didn’t have a chance to push the performance of the device, but I was impressed at how it handled basic tasks compared to the Tab Pro S. Samsung will still offer the device with 4GB of Ram and an 128GB SSD, but for those who want more power, 8GB option as well.

Samsung hopes to entice business users and IT departments to the Galaxy Book with a trade-in program, extended warranties, dedicated support and new protection plans. Samsung hasn’t announced any type of workstation for this enterprise-focused device, but the device includes two USB Type-C ports and a MicroSD port. Samsung did not announce pricing or availability, but it has confirmed that both the keyboard and the S Pen will ship with the device.

Software – Top rated 2017 FREE Windows applications from PC Magazine

This is a valuable in-depth guide sharing PC Magaine’s top choices for free software.  A total of 178 products are highlighted in the link below:

http://www.pcmag.com/article2/0,2817,2487049,00.asp

Windows doesn’t get the attention it used to in today’s mobile world. But we have not fully abandoned the desktop. The real work (and a lot of the play) of computing requires a full personal computer system. To get the most out of that, you need software. Software can be expensive if you’re not smart about it. Free programs have been a mainstay of the desktop experience for decades, and the offerings only get more powerful and fascinating each year. As PCs compete with smartphones, it gets even better. Software developers can adopt an ad-based model, donation-ware to keep things afloat, or a shareware/freemium model that charges for extra features.

Software for productivity is what this list is about; there’s plenty of other places to find free games. So take a look at the list of 178 programs. The  criteria to qualify for this review is listed below:

* The software has to typically have a Windows-based download; we mark it if it has a version for other platforms, even mobile or cloud-based (see the Legend below).
* In some cases, we’ve included Web-app versions that are as good, or better, than some downloadable programs.
* If it’s on a tiered sales model, the free version cannot be trial-ware that doesn’t work after a time.
* The program should have little or no advertising to support it. Some freemium software depends on showing a few limited ads to exist.

Microsoft – Windows Server 2016 in-depth guide by Network World

An in-depth guide for the new Windows Server 2016 environment is a free available resource for registered users of Network world.

http://www.networkworld.com/article/3173353/windows/review-deep-dive-into-windows-server-2016.html

Windows Server 2016 was officially released in September, but we waited until all of the bits were at production level before taking a deep dive into Microsoft’s flagship server operating system. What we found is an ambitious, multi-faceted server OS that focuses much of its energy within the Microsoft-centric world of Windows/Hyper-V/Azure, but also tries to join and leverage open source developments and initiatives, such as Docker.  A Windows Server 2016 deployment requires plenty of thought and planning. There are two license options, Datacenter or Standard. And there are three installation choices, the regular GUI server version, the server core (no GUI) version and lastly Nano server.

Facebook – How to report FAKE USER accounts in 2017

Below are the latest guidelines that describe how to report an impersonation of a user account to Facebook security team.  Please be careful in accepting “FRIEND” or “CONTACT” requests as FAKE ACCOUNTS are used to gain trust & confidential information. These FAKE ACCOUNTS can gleam information even to create identity theft exposures. 

A few PERSONAL TIPs listed below when new FRIEND REQUEST is received:

1. Always verify before you trust (never click just on a photo recognition alone)
2. click on name of account (but do not yet CONFIRM as friend)
3. look at their list of friends (are there just a few — with strange & possibly fake accounts listed)
4. Do posts look out of character for person
5. Or if you actually accept the “friend request” – do you immediately get a private chat message probing for information

https://www.facebook.com/help/167722253287296

How do I report an account for impersonation?

If you have a Facebook account and want to report someone that’s pretending to be you or someone you know:

1 — Go to the profile of the impersonating account — If you can’t find it, try searching for the name used on the profile or asking your friends if they can send you a link to it.

2 — Click  on the cover photo and select Report

3 — Follow the on-screen instructions for impersonation to file a report

If you don’t have a Facebook account and want to report someone that’s pretending to be you or someone you know, please fill out  this form.

Encryption – Legacy SHA1 algorithm now completely UNSAFE

While this early 1995 encryption protocol has replaced by improved standards in newer products, even in 2017 there are “pockets” of current use

http://www.networkworld.com/article/3173787/security/stop-using-sha1-it-s-now-completely-unsafe.html

Researchers have achieved the first practical SHA-1 collision, generating two PDF files with the same signature. Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm’s use for security-sensitive functions should be discontinued as soon as possible.

SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made.

However, despite these efforts to phase out the use of SHA-1 in some areas, the algorithm is still fairly widely used to validate credit card transactions, electronic documents, email PGP/GPG signatures, open-source software repositories, backups and software updates.

AMD – New 2017 Ryzen CPU chipset announced

AMD has recently announced their new 2017 Ryzen CPU processor series  

AMD Unveils Cheap, Powerful Flagship Ryzen CPUs
http://www.pcmag.com/news/351883/amd-unveils-cheap-powerful-flagship-ryzen-cpus

After four years of development and amidst the building speculation of gamers and PC enthusiasts, AMD today announced that its Ryzen CPUs are now available for pre-order and will ship on March 2  Like their chief competition—Intel’s Core i7 processors—Ryzen will come in several flavors, which you can pre-order starting at $329. That price gets you the base model, the Ryzen 7 1700, an eight-core, 16-thread processor with a base clock speed of 3GHz that can be boosted to 3.7GHz. The next step up is the $399 Ryzen 7 1700X, which increases the clock speed to 3.4GHz with a 3.8GHz boost. Finally, there’s the top-of-the-line $499 1800X, which runs at 3.6GHz and can be boosted to 4.0GHz. Like the 1700, the 1700X and 1800X both have eight cores and 16 threads.

Microsoft Security Updates – FEBRUARY 2017 to be bundled with MARCH 2017 release

During final QA testing apparently some issues was discovered that warranted further improvement prior to distribution to millions of users.  Microsoft will merged the FEBRUARY 2017 security updates into MARCH 2017 release, allowing time to resolve all issues.

https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/

Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today. After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change to the existing plan.

Microsoft – Proposes Global Cybersecurity Accord for 2017

Microsoft & other vendors have proposed improved cybersecurity initiatives on a collective basis during coming year.

http://www.technewsworld.com/story/84311.html

Microsoft has called on governments around the world to create a “digital Geneva Convention” as a way to normalize international cybersecurity rules and protect civilian use of the Internet.   President Brad Smith, who is also Microsoft’s chief legal officer, addressed the issue at the annual RSA conference, saying that governments — with the assistance of technology companies in the role of NGOs — need to establish international rules to protect civilians from cyberthreats during peacetime.

“The tech sector plays a unique role as the Internet’s first responders, and we therefore should commit ourselves to collective action that will make the Internet a safer place, affirming a role as a neutral Switzerland that assists customers everywhere and retains the world’s trust,” Smith wrote in an appeal posted online.   There are two key focal points:

1 — Economic Damage Seventy four percent of the world’s businesses expect to be hacked every year, with the economic losses from cybercrime averaging US$3 trillion per year, according to Microsoft.  Cyberattacks historically have focused on military and economic espionage, Smith noted.

2 — Institutional Threat — Microsoft is not alone in promoting cybersecurity cooperation among government institutions.  The Electronic Privacy Information Center earlier this week announced a new Democracy and Cybersecurity project, designed to address growing alarm about the impact of cyberattacks on democratic institutions.  The organization has urged the U.S. Congress to update federal data protection laws, and to establish a data protection agency designed to address the increased risks of identity theft and data breaches, said Marc Rotenberg, executive director of EPIC.