Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT
Tuesday, 19 November 2019 / Published in Woo on Tech

Two-fer Tuesday

It’s late and we’re fighting through a rather difficult month of technology challenges for our clients, but I wanted to make sure you got a heads-up on two important news items that happened this week. The first one actually happened months ago, but we are only hearing about it now, after the companies involved were able to plug the gaping security hole. As you can imagine, I’m fairly jaded when it comes to hearing about yet another vulnerability in our technology, but this one raised an eyebrow as it literally affected hundreds of millions of Android users.

Really Google? Again?

Google and Samsung recently confirmed a rather large security failure in the Camera app of both Google and Samsung smartphones that could be exploited to gain essentially unfettered access to the camera, microphone and GPS functions of your phone, all by installing a simple app that only requests storage access permissions. Discovered by security research firm Checkmarx back in July of this year and eventually fixed (supposedly) in August, Google and Samsung only just recently approved the publication of this vulnerability after confirming the patch has been successfully deployed to counteract this weakness.

While this particular incident wasn’t even out of sight of our rear-view mirror, news of a new email-delivered ransomware attack hit my inbox. For this latest campaign the hook was set to exploit everyone’s heightened awareness of keeping your computer up to date, an awareness that we have played no small part in pumping up, and now, ironically, may end up tricking clients into infecting their computers with ransomware. This time, the attack comes as the form of a fake email notification from Microsoft urging readers to, “Install Latest Microsoft Windows Update now!” and provides a spoofed EXE file renamed to appear as a JPG image file. If the reader happens to fall for the con, the attachment downloads the Cyborg ransomware variant and quickly encrypts the users data in files ending with “777”, leaving behind a note with instructions on how to get your files back if you pay the ransom in bitcoin.

The average Windows user probably doesn’t realize that Microsoft doesn’t use email to notify its customers that updates are available, primarily because it can do so right through the operating system. Unfortunately, we are all so used to receiving information via email that we’ve grown accustomed to these types of notifications for just about every other aspect of our digital lives. As a whole, we’ve become too trusting to question everything we receive digitally out of necessity as researching or vetting everything is essentially impractical for the average human. As such, you should continue to make it a rule to NEVER open an attachment that you haven’t vetted fully. Always call the sender to verify if you receive an unsolicited attachment, and if you are at all unsure, check with your nearest IT professional.

Image Courtesy of Stuart Miles at FreeDigitalPhotos.net

  • Tweet

What you can read next

Windows XP
Windows XP – the OS that won’t die
Windows 10 logo
MS loses lawsuit over unwanted Windows 10 upgrade
Windows 10 Countdown

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...
  • The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    I have had this conversation more times than I ...
  • Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote work is no longer a temporary arrangemen...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP