Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT

Hackers get World Cup fever

  • 0
admin
Wednesday, 25 June 2014 / Published in Woo on Tech
fifa-hacked.gif

Hacktivist group Anonymous is at it again, this time targeting Brazilian websites apparently in protest of Brazil’s costly hosting of the FIFA World Cup. While more traditional protests had been going on for many months with only nominal impact and attention, Anonymous immediately gained the media spotlight after claiming through Twitter to have hacked over 100 websites, including Brazil’s federal police website. Many of the website attacks consisted of Denial of Service assaults or simple defacements, but Anonymous sharply made their point by posting a list of logins and passwords purportedly from the police website, as well as claiming to also have harvested numerous operations documents and email exchanges.

What this means for you:

Just like any hot media item, hackers will be leveraging the globe’s enthusiasm for the World Cup, and it’s likely you will see spam and phishing attempts based around news, events and celebrities of the sport. As always, avoid clicking links in emails unless you can verify they lead to legitimate websites. Cybercriminals will also be counting on plenty of people searching for news about World Cup matches, so make sure you examine your search results carefully and only visit websites you know and trust.  Don’t rely just on your antivirus software to protect you – use your common sense laced with a healthy dose of skepticism to avoid hackers scoring a goal on you.

Anonymousbrazilfifafootballhacktivistprotestsecuritysoccerworld cup

ATT Insider Breach Exposes Customer Data

  • 0
admin
Wednesday, 18 June 2014 / Published in Woo on Tech
ATT Hacked

Telecommunications giant AT&T disclosed on June 13 that three employees of one of its vendors used their privileged access to hack a server containing sensitive customer data, including Social Security Numbers, birth dates and cellular phone numbers. Thus far, AT&T hasn’t revealed how many are affected by this breach, and for the moment it appears that the hackers gained unauthorized access for the purposes of unlocking older generation AT&T phones for use on other carrier networks. The breaches happened in April, but AT&T is only just now notifying affected customers.

What this means for you:

Unlike previous data breaches, the exposed customer data hasn’t appeared for sale (yet!) on the internet black market, but AT&T is offerring a free year of credit monitoring as a mea culpa to its affected customers. If you were affected by this breach, you should have already received a notice from AT&T of the potential exposure. This latest breach demonstrates an important point about security: no matter how much you invest in protecting your perimeter, serious threats may already be behind your “firewall”. As an individual, there is very little you can do to help AT&T be more secure, but you can take your credit history and activity seriously, and always keep your eyes peeled for unusual activity on any online account, regardless of whether they are financial services or not.

attbreachcellphoneshackedsecuritysensitive personal information

Zombified Computers get 2 week reprieve

  • 0
admin
Wednesday, 04 June 2014 / Published in Woo on Tech
Computer Security

Coming hard on the heels of the international sting two weeks ago that resulted in the arrest of nearly 100 “RATters”, law enforcement agencies in several countries again acted together to take down two very large botnets that together number well over 1.2 million compromised Windows computers, arresting a Russian hacker who allegedly managed the powerful zombie networks. Botnets are essentially large collections of “zombified” computers that can be controlled remotely and are a favored tool of cybercriminals and hackers that can execute a variety of activities including widespread phishing campaigns to steal sensitive personal data and focused DOS attacks used to cripple websites and servers.

What this means for you:

The UK Crime Agency believes that though they have control over the botnets for the moment, that control won’t last long – maybe 2 weeks – before the zombified computers are drafted into another botnet. In those 2 weeks, the various involved law enforcement agencies are hoping to take advantage of the temporary reprieve to notified the owners of the infected machines that they need to clean up their computers ASAP. If you receive a conspicuously official looking notice from some form of local law enforcement, it might be legitimate and not just another scareware scam. Some obvious signs that your computer might be infected (and possibly part of the one of the 2 busted botnets) include:

  1. Websites loading in your browser that are clearly not where you intended to go, or what the search results said they would be
  2. Computer performing unusually slowly or erraticly, unexpected crashing or other unusual behavior
  3. Files suddenly becoming corrupt or unusable

The last one is of special concern – it could mean your computer is infected with Cryptolocker, a nasty bit of malware that locks your files up and holds them for ransom. This might also mean that even if you were inclined to pay the ransom to get your data back, you may not be able to, as the take down of the botnet may also result in no one, criminal or lawful, being able to unlock your files. Sadly, if you hit this point and don’t have a recent backup of your data, it is gone forever.

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

botnetcryptolockercyberattacksgameover zeusphishingrattingsecurityzombie

Quantum data teleportation may lead to spy-proof networks

  • 0
admin
Sunday, 01 June 2014 / Published in Woo on Tech
Future computer chip

Dutch scientists have recently announced a breakthrough in quantum mechanics that could have significant applications in networks and security. Where previous experiments in this field have demonstrated that information could be transmitted across great distances (up to 90 miles) via quantum mechanics, the researchers at Delft University were able to instantaneously transfer information between two quantum-entangled bits (Qubits) ten feet apart from each other, and they theorize this could be accomplished at greater distances as well. While this may not sound like a practical distance, there are two important facets to consider: the information doesn’t actually traverse the distance, the information just exists in two different places at the same time, and the materials used to build the Qubits (in this case, diamond) could conceivably be produced on a mass-scale.

What this means for you:

Though it sounds like science fiction, quantum computers are actually being built and are in use, though mostly in highly experimental situations. The benefit of quantum data communications go beyond speed: because data isn’t transmitted so much as teleported across distances, it would be theoretically impossible to intercept, tap or otherwise tampered with a quantum bit of information without altering it, and thereby rendering any sort of eavesdropping impossible. Quantum-based encryption keys would be unbreakable and could never be intercepted or replicated as has been the weakness exploited in Heartbleed and countless other security hacks. However, we are still years away from a quantum internet, or even a quantum home computer or router, so don’t give up on your current security measures just yet. Also keep in mind that even though quantum security is impossible to hack in theory, the devices that will be built to use quantum mechanics will still be designed by people, which means that it is only as impervious or infalliable as the humans that created it.

Image courtesy of Renjith Krishnan / FreeDigitalPhotos.net

data transfereavesdroppingencryptionHackingquantumsciencesecurityspying

New Scam Locks iPhones for Ransom

  • 0
admin
Wednesday, 28 May 2014 / Published in Woo on Tech
Locked iPhones

A new scam to extort money out of Apple mobile device users has surfaced in Australia, with scattered reports in other countries as well. Affected devices are locked out via Apple’s own “Find my iPhone” platform with a message that demands a ransom payment of $100 USD to unlock the phone. Security analysts are unsure at this point as to how the perpetrators are gaining access to victim’s AppleID accounts, and so far Apple is refusing to comment on this issue. According to posts on Apple’s Support Forums, the only reliable way to unlock the device is to reset it back to factory settings and restore your data from a backup, if one was actually created and maintained for that device.

What this means for you:

So far, there is a tenuous link between some of the victims and the recent eBay hack that exposed user accounts and encrypted passwords, where the victims admitted to using the same password for both eBay and iCloud. However, several other victims of this new ransom scam did not use the same password as their eBay account, so eBay’s exposed data may not be the only source. Bottom line, you should use strong, unique passwords for online accounts, especially for the ones that are tied to important services like online banking, email and any account that has access to confidential data, either yours or your clients/customers.

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

ApplehackeripadiPhonepasswordransomscamsecurity

Cyber Ratters ratted out and busted

  • 0
admin
Wednesday, 21 May 2014 / Published in Woo on Tech
Spyware Users Busted

It’s a beautiful day on the internet when I can report good news instead of bad. In what appears to be a new and very positive trend in modern law enforcement, several agencies around the world came together in a global sting that bagged nearly 100 cybercriminals selling and using the Remote Access Tool (RAT) “Blackshades”, a very popular hacking tool used to spy on and even extort thousands of victims through their compromised computers. Lest you think this is a new trend in cybercrime, “Ratting” has been around for years, but perhaps its profile was elevated through the unfortunate victimization of Miss Teen USA 2013, Cassidy Wolf, high enough to galvanize authorities to do something other than attempting to squash Ratters one at a time.

What this means for you:

According to analyst estimates, Blackshades was being used to compromise hundreds of thousands of computers world-wide at the time of the sting. It was readily available and cheap, and did not require sophisticated technical skills to use. In the case of Ms. Wolf, the software was installed by a former acquaintance, but typically users are infected and “ratted” through a link on Facebook or via email, often sent by other infected machines. As with any malware incursion, a healthy level of caution and up-to-date antimalware could have prevented the infection, and in the case of Miss Teen USA, a great deal of heartache and trauma. If you are one of the many who refuse to lock their unattended computers with a strong password, consider the victimization of Cassidy Wolf as a cautionary tale and take immediate steps to secure your privacy and safety.

blackshadescrackdowninvasion of privacyrattingsecuritysting

Java, Flash…Silverlight?

  • 0
admin
Wednesday, 21 May 2014 / Published in Woo on Tech
Microsoft Silverlight

Security holes in Adobe’s Flash and Oracle’s Java have become so commonplace, it’s actually helped to raise awareness about the necessity of keeping these platforms updated, but there’s a third platform that many of you probably use everyday without ever realizing that it too needs to be patched. Would it surprise you to know that it’s a Microsoft product? Microsoft’s Silverlight technology was originally built to compete with Flash, but it’s probably best known as the platform that delivers Netflix’s streaming content to your computer. Hackers, unfortunately, are very much aware of how widespread Silverlight is, and are currently pressing their attacks on older versions of Silverlight, seeing as their usual punching bags, Java and Flash, are now firmly in the security spotlight.

What this means for you:

If you’ve ever watched Netflix streaming content on your computer, you have Silverlight installed. Even if you don’t use Netflix streaming, there is a high probability Silverlight is installed on your computer, even if it’s a Mac. Depending on how long ago it was initially installed, it might be out of date, especially if you disallowed automatic updates of the software. The latest version of Silverlight is 5, and to make sure you are up to date, you can use this link here. While you are at it, double check to make sure Java and Flash are both up to date as well, but be careful of the “optional software” both companies push when you update their platforms. Oracle variously pushes the Ask toolbar or McAfee Security Scan, the former a very annoying adware-spawning toolbar, and the latter may be redundant if you already have a decent antimalware app installed. Adobe is a little less obnoxious, but it does offer to automatically install Google Chrome (and the Google Toolbar), which may be redundant if you already have it installed, or possibly very confusing to a less savvy computer user who thinks Internet Explorer is the web browser.

adobeask toolbarexploitflashhackersjavamcafeemicrosoftoraclesecuritysilverlightupdates

Hacked Baby Monitor Leads to Scary Parenting Moment

  • 0
admin
Wednesday, 07 May 2014 / Published in Woo on Tech
Hacked!

As a parent, there is perhaps nothing more frightening than to have your child’s well-being threatened, and when that threat comes from a device meant to help safeguard children (and relieve parental anxiety), the impact can have far-reaching implications. Proving that some hackers out there have no grasp of human decency or compassion, there have been at least two separate known incidents of network-enabled baby monitors being hacked and then used to audibly taunt and yell at the toddlers devices were monitoring. In both cases, the devices weren’t hacked in the true sense of the word, but were exploited through a weakness that is common across the internet: easy-to-find default passwords. The parents, not knowing that the passwords should be changed, left the devices configured as they came out of the box, and the baby-screamers used that opening to perpetrate their irredeemable acts.

What this means for you:

In comparison to the above, getting hacked as an adult seems almost laughable, but when you think about it, it’s just as scary. In case you missed my blog about “ratting” and you aren’t feeling insecure enough about your security and privacy, you should have a read. The lesson hard-learnt here is this: make every attempt to understand all the devices you use, especially the ones that may be safeguarding the security, privacy and happiness of your family. Read the instructions that come in the box, and if they are incomprehensible, get on the internet and ask questions, or grab your nearest tech geek to have them review the device for potential security issues. Don’t take for granted that a device manufacturer (or website publisher, or software programmer) has your security and privacy top of mind when they are making and marketing their product. The lure of profit encourages even the most trusted brands to cut corners on occasion, which can lead to scary situations like the above.

baby monitorschild safetyHackingparentingprivacysecurity

Another Zero-day IE Flaw Surfaces

  • 0
admin
Wednesday, 30 April 2014 / Published in Woo on Tech
MS Zero Day Warning

I shouldn’t have worried that my special “Microsoft Zero-day Warning” graphic was going to gather dust. Would it surprise you to hear that a serious security flaw has been found in all versions of Internet Explorer up to the latest, version 11? This particular loophole allows attackers to use a specially crafted Flash file downloaded from compromised websites (like the ones linked to in spam, scams and phishing emails) to gain full access to your computer, and will likely lead to a badly infected computer and theft of your personal information. Though there are some band-aids offered by Microsoft, as of now there is no word whether this hole will be plugged by an emergency patch released soon, or on “Patch Tuesday” (2 weeks from now), or even later than that. Because of the severity of the security flaw, even the Department of Homeland Security is recommending everyone avoid using IE until this is fixed. Oh, and remember Windows XP? It won’t be getting patched, so yet another burning reason to switch browsers, and upgrade as soon as possible.

What this means for you:

This flaw is being exploited “in the wild” as you read this, though not widespread yet, and has thus far been used to target government employees and defense contractors. Given how large the target surface is, this exploit is highly likely to spread beyond these focused attacks. Unless your work requires it (or disallows the use of other browsers), you should stop using Internet Explorer for anything except known work-related websites. And if you have to use IE, you can disable the Flash add-on until the hole is plugged. This article from Microsoft explains how to do this, but make sure you use the little drop-down to the right of the headline to switch to the appropriate version of IE for specific steps. Chrome, Firefox or Safari are good alternatives to IE, and who knows, you may find that they can permanently replace IE for most of your web browsing tasks.

exploitflawinternet explorermicrosoftsecurityzero day

Router backdoors hidden but still usable

  • 0
admin
Wednesday, 23 April 2014 / Published in Woo on Tech
Warning!

In December 2013, French security hacker Eloi Vanderbeken uncovered what appeared to be a backdoor programmed into several models of DSL routers. The affected devices were built around hardware manufactured by Taiwanese company SerComm and the finished products came from several well known brands like NetGear, Linksys and Belkin, to name a few. This backdoor allowed anyone with knowledge of the hole and local access to the router (say through a nearby Wi-fi access point) to gain administrative access to the router and could lead to a complete takeover of the network controlled by the device. Now, several months later, this backdoor is not only NOT fixed, but appears to have been purposefully concealed behind the digital equivalent of a secret knock, which once given, opens the backdoor right up to the same level of exploitation as discovered in December.

What this means for you:

If you own a DSL router, you should check this list to see if your model appears on it. If it does, I recommend replacing it immediately. Even if it does not, you should check to see if your router is among the many models that are compromised in other significant ways. If you happen to be among the fortunate that uses a router not on any of these lists, you should still review the security settings and passwords used by the device, and if you don’t know how to program or even access your router, you need to get someone who does to review the device for you. The router is the front door to your home or business network, and you should not trust your security to something that can be easily broken down or opened with a readily available master key.

Image courtesy of creativedoxfoto / FreeDigitalPhotos.net

backdoorbelkinbreachexploitlinksysnetgearriskroutersecuritysercomm
  • 13
  • 14
  • 15
  • 16
  • 17

Recent Posts

  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...
  • The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    I have had this conversation more times than I ...
  • Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote work is no longer a temporary arrangemen...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP