New Age of Security

mobile-security

Open Whisper Systems has taken mobile device voice and texting to a new level with the release of its Signal 2.0 app.

The original version of the free, open source, encryption app for iOS encrypted calls between phones on which the Signal app was installed. Version 2.0 add encryption for SMS text message as well as voice communication. This is but another step in the agile development process for which the objective is “a unified app that will work on iPhones, Android-based phones, and desktops.”

Signal 2.0 ensures complete end-to-end encryption of voice and text based on the TextSecure protocol. The app has already been cited as easy to use and, although it is open-source, it nonetheless features forward secrecy, eliminating the potential for a once hacked, always hacked scenario. In other words, if someone is able to decrypt your message, they will not be able to do so to future messages, because forward security utilizes a new, random key for every session.

The Humorous Side of Cellular Security

In most cases, there is no humorous aspect to security. It is interesting at the very least to note that some Signal users have complained that the app requests access to their contact list. This is a case of being overly sensitive about messaging security that goes back to the days of tin can and string telecommunications. Just as that communication required another person with a tin can attached at the other end of the string, so does modern encryption technology.

And, just as it would be foolish to speak into a tin can and a string without the string being attached to the right person with another tin can, so it is necessary that the app knows that the person you want to contact has his or her own tin can.

The Serious Side of Cellular Security

Lest we forget, there are even government agencies that would like to eavesdrop on our messages. The forward secrecy aspect of Signal 2.0 stymies their efforts as well. The significance of this matter has not been overlooked by the popular WhatsApp. Although not yet fully encrypted over all platforms, WhatsApp has partnered wth Open Whisper for encryption of their own messaging system.

Cellular security is, indeed important, for governments, businesses, and individuals. Ask anyone (except Hillary Clinton). The Intercept recently issued the following caveat.

“It’s important to keep in mind that no technology is 100 percent secure, and an encrypted messaging app can only be as secure as the device you install it on. Intelligence agencies and other hackers can still exploit security bugs that have not been fixed, known as zero-day exploits, to take over smartphones and bypass the encryption that privacy apps employ. But apps like Signal go a long way to making mass surveillance of billions of innocent people infeasible.”

Call Tech Sentries if you have any doubt about your security. We provide peace of mind.

Just When You Thought It Was Safe…

safe-modeJust when you thought it was safe in the water … Well, you know the rest of the story.

Just because something looks safe, that does not mean that mean that it is. In fact, it now appears that just because something says that it is safe, no longer means that it actually is.

Unfortunately, that now applies to your computer’s Windows’ OS Safe Mode.

No Safe Is Safe

We should all be aware by now that there is no such thing as a safe safe. The infamous Willie Sutton claimed that there would never be a safe that he could not crack. The theory is simple: If you can figure out how to build a safer safe, someone else can figure out how to break into it.

That is precisely what has happened to Windows’ Safe Mode. That even includes computers with Windows 10’s Virtual Safe Mode, according to a report released on September 15, 2016, by CyberArk Labs.

It’s Kind of Like Judo

The attacks on Safe Mode are similar to the fundamental concepts behind Judo and other martial arts. Leverage the other person’s strengths against them. In this case, the strength is Safe Mode and hackers can now use it against you and your business.

The strength of Safe Mode is that it allows users to boot their PCs and servers using only those tools that are essential to the operating system. Put another way, the computer or server booted in Safe Mode restricts the operation of third-party software. That can – and often does – include security software.

Safe This Way

This new innovation of hack enters through the door where you least expect it – the one that is marked “Safe This Way.” While that may sound innocuous enough, to a safecracker more like an invitation. Hackers see it the same way. We think it identifies a safe route or place. Safecrackers and hackers see it as the route to the place where the safe is.

From the hackers’ perspective, “Once in Safe Mode, logins can be stolen and otherwise with defeated pass-the-hash lateral techniques can be used to compromise other networked machines. A fake login screen can be shown using a COM object technique to emulate a normal boot and cloak Safe Mode. Users who then type in their credentials assuming a normal reboot will hand their logins to attackers.

Once attackers break through the perimeter and gain local administrator privileges on an infected Windows-based machine, they can remotely activate Safe Mode to bypass and manipulate endpoint security measures.

In Safe Mode, the attackers are able to freely run tools to harvest credentials and laterally move to connected systems – all while remaining undetected.”

What Should We Do Now?

Unfortunately, not much. However, we advise the following precautionary measures per CyberArk’s and PC Pit Stop’s advice: Network administrators should

  • cycle privileged account credentials to disrupt pass-the-hash attacks
  • enforce the least privilege by stripping local administrator rights
  • deploy security tools capable of running in Safe Mode.\
  • ensure your operating system and applications are updated
  • run a security scan at least once a week
  • think before you click

Finally, read our newsletters and releases to stay abreast of threats and ways to prevent them. And don’t be afraid of the dark.

For any further information, please contact Tech Sentries at 843-282-2222.

dropbox got hacked

The Sky Is Falling! The Sky Is Falling! Dropbox Got Hacked!

“Have you heard?dropbox got hacked

Dropbox was hacked!” 

“Oh no! When did that happen?”

“In 2012.”

“Now you’re telling me?”

 

If No News Is Good News Does That Make Old News Bad News?

Well, it’s a little bit of both. The good news is that it is old news. Dropbox has fixed their security issues. Everything should be fine now.

According to Information Age, “The company was alerted to the breach when users noticed they were receiving spam on email accounts they only used for Dropbox. Their investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts.” (Emphasis ours.) That item was posted on 01 August 2012. Seems innocuous enough. Things happen.

Now for the bad news. Fortune magazine published a report on 31 August 2016 first released by Motherboard on 30 August 2016. Thanks to these updates, we now know what “a small number” means. To the surprise of many, it is close to 70 million. That’s small compared to the national debt, but it’s kind of a big deal for any of the 68,680,741 accounts whose email addresses and password details were stolen.

 

Don’t Run. Reset.

There is no need to panic (unless you are one of the 68,680,741). What’s done is done. It’s water under the bridge. There is nothing anyone can do to undo what has been done. Dropbox initiated a password reset during the last two weeks of August. According to a Dropbox spokesperson, “We’ve confirmed that the proactive password reset we completed last week covered all potentially impacted users.” That makes you wonder how similar “all potentially impacted” and “a small number” are.

Dropbox recommends that users also reset their passwords as a precautionary measure. Tech Talk has published seven easy steps to enable a two-step verification for Dropbox account access. Those steps are listed below.

  • Sign in to dropbox.com.
  • Click on your name from the upper-right of any page to open your account menu.
  • Click Settings from the account menu and select the Security tab.
  • Under Two-step verification section, click Enable.
  • Click Get started.
  • For security reasons, you’ll be asked to re-enter your password to enable two-step verification. Once you do, you’ll be given the choice to receive your security code by text message or to use a mobile app.
  • After enabling the feature, consider adding a backup phone number that can receive text messages as well. If you ever lose your primary phone, you’ll be able to receive a security code to your backup phone number instead.

That does it. Be good to go. The sky is not falling. We will let you know if it is.

In the meantime, if you need any additional information, contact us here at Tech Sentries at 843-282-2222.

CYBERATTACK – BEYOND THE HEADLINES!

When there’s an attack – cyber or otherwise – there are headlines. Satellite and cable news channels come alive, stirring everyone’s imagination. How did it happen? Who dunnit? What should we do now?

ciber crimeHow long a cyberattack remains a headline depends on the next major story that breaks. That’s just the nature of things. An attack happens, followed by headlines and hoopla, then most everyone moves on.

Unless, the attack happens to you.

No One Is Exempt

Former U.S. President Ronald Reagan once said that “Recession is when your neighbor loses his job. Depression is when you lost yours.” We might paraphrase that as “A cyberattack is when you neighbor’s computer is hacked. A disaster is when yours is.” It’s a disaster we all want to avoid.

Every computer device, personal or business, is at risk. What, or whom, is attacked is up to the attacker. We may not even know the reason. One thing we know is that the questions the new commentators are asking are no longer important to us when we have been attacked.

We want to know how this happened and what we can do to prevent it from happening again. And, oh yes, how much damage has been done, and do I still have any money in my bank account? The attack is not a headline that slips silently into oblivion. It can be a disaster felt in FEMA-like magnitude as one wonders what has happened to personally identifiably information (PII) and personal health information (PHI) or, in the case of businesses, intellectual property (IP).

Triage and Recovery

According to a recent report from Deloitte, recovery from a typical cyberattack could take years. All the initial stir in the wake of an attack is simply triage. The efforts to stop attacks in progress, assess damages, and implement remedial action may take days or weeks. But, time is not the only issue. The Deloitte study reveals those early triage activities address less than 10 percent of the actual total impact. The therapy (impact management) and recover process may take years.

Think of it like having a heart attack. The EMTs (Notice that the “T” stands for “technicians”) arrive on the scene quickly to check vital signs and stabilize the injured. Then it’s off to the Emergency Room and, sometimes, Intensive Care. Then…well, you know the rest. Recovery is usually a long road with a low speed limit, with a big medical bill at the end. During the cyberattack recovery process, infrastructure must be repaired, relationships may need to be addressed, and systems may need to be redesigned – all with a big bill at the end.

An Ounce of Prevention

There’s an old adage that parents used to tell their children to teach them to brush their teeth. “They’re just your teeth. Ignore them and they’ll go away.”

Cyberattacks are not like your teeth. They will not go away if you ignore them. Being aware is only the beginning. You must also be prepared.

With technology advancing at an historically unparalleled pace, no individual can keep up with the increasingly stealthy attacks of the nefarious minions who may seek nothing more than to disrupt some anonymous person’s life or business.

The only reasonable remedy that can provably prevent penetrations and intrusions is by using Managed Security Service Providers (MSSP). We are the guys in the white hats. As your partners in the battle against cybercrime, we defend and protect your systems and your information with round-the-clock, automated monitoring. We spot existing and potential threats and stop them before they cause extensive damage and expense.

Contact Tech Sentries today to learn more.  You can reach us at 843-282-2222!

Common Computer Viruses

How to Understand the Terms of Common Computer Viruses

Part of owning a computer is having to deal with the different viruses and bugs that can corrupt your system. In this article, we will educate you about some common terms for computer viruses and what they mean. These terms can get used incorrectly so it’s important for you to know what they mean and how they are used. You may come into contact with files that can compromise your computer, so it’s critical that you get some great anti-virus software. Tech Sentries can help you know just what you need and we’ll also do all the legwork behind the scenes to keep your system safe!

Recognizing Computer Viruses

Just what is a virus? What does it do? A computer virus can do a lot of damage. They are programs that mix into your other Common Computer Virusessoftware programs where they spread and multiply. They are almost always there due to nefarious intent. It can be hard to know when and if you’ve been infected by computer viruses, so you need to know the symptoms to look for. They include lost space on your hard drive, data that becomes corrupted, pop-ups that are relentless, and personal information that becomes compromised.

Computer Worms

Computer worms have a very serious implication and can cause a lot of damage in your system. Worms don’t need other software programs in order to clone themselves. This makes them different than viruses. They look for soft spots in your security and networks in order to infect other computers. While your files are not altered, these computer worms recreate themselves on their own, making them very destructive.

Trojan Horses

Trojan horses, or trojans for short, are very sneaky and hackers absolutely love them. They are considered malware and are most often spread through attacks on social engineering. While they cannot reproduce themselves, they are still highly dangerous and can cause catastrophic damage. This makes them different than other computer viruses. Once a system has been infected with a trojan horse, it helps hackers be able to get your personal information, credit card numbers, passwords, etc. They can even cause your webcam to get turned on without you knowing it.

Rootkits

Rootkits are considered trojans and they look for access through administrative routes in order to gain root. Rootkits conceal themselves and can also hide things like registry keys, other files and even your network connection. Rootkits are so destructive and difficult to remove that more often than not, your entire operating system will have to be reinstalled in order to clean your system of them.

The internet is full of potential dangers as you download various files or even click on certain links. It’s impossible to know all of the dangers or prevent them. The only way to have the assurance that your computer is safe is to have superb anti-virus software that runs constantly. Tech Sentries knows exactly how to protect your computer and will keep it protected by doing the behind the scenes work while you are busy with other things. This means you will never have to even think about computer security because we will do it for you in the background at all times! While there are many products on the market to protect you from computer viruses, none can compare to the superior protection we offer here at Tech Sentries.

For more information, please call us here at Tech Sentries today! 843-282-2222.

Avoiding Online Scammers

Avoiding Online Scammers After the Orlando Shooting

It seems that scammers always come out in the wake of tragedies to exploit the generosity of people who are anxious to help the victims of these events. Unfortunately, it’s no different with the recent shootings in Orlando. The kindness of strangers is always a unique opportunity for the internet scammers to come to the surface. We want to point out some of the things scammers often do in the wake of tragedy and major upheaval.Avoiding Online Scammers

Scammers will appear on the tail of tragic events due to the high level of emotion. The Better Business Bureau of Florida has warned the public to be extra vigilant in the wake of the Orlando shootings. Knowing what to look for and using good common sense will go a long way in protecting you against cybercrimes.

Crowd-funding websites are often quickly organized after these types of tragedies. The problem is that it can be difficult to know who is behind them. Anyone can set up a GoFundMe type of site, claiming to raise money to benefit victims and their families. Because these sites are hard to properly vet, make sure you know who is behind it if you choose to donate through a crowd-funding site. The Better Business Bureau expects fraudulent sites raising donations to come after the Orlando shootings. It’s a way that scammers target people while they’re emotionally vulnerable.

If you would like to donate to the families and victims of the Orlando shooting, please do it through safe online sites, such as well-known charities. If you get emails with links asking you to click on them in order to donate, avoid them and close out that page. Go to your charity of choice directly by entering in their website address or doing a search for them. Avoid links that come in your email. Scammers also will take a popular charity or donation site and register it with a slightly misspelled name, luring people in that way. Many won’t notice it. This is why it’s important to do a double check of the accuracy of the URL address you are typing in.

A few other things to be aware of are:

  • Vague Appeals – Don’t donate to sites who don’t clearly lay out how funds will be used and how they will be distributed.
  • Proper Government Registration -Most states require bona fide charities to register with a government agency of that state before they can legally solicit funds. Making sure that your charity is registered is another way to stay safe with online giving.
  • Individual Family Funds – Often, families of victims may have their own trust funds set up, and these are not required to be registered. In these cases, the Better Business Bureau encourages you to make sure the funds are received through a legitimate third party, such as a bank or lawyer.
  • Clarity and Transparency – Any legitimate charity should always make it clear on their website how donations will be used and distributed. They will state financial goals and what they hope to do with the funds once they are raised. They want their donors to be as aware of the entire process as possible.

Remember, NOTHING should seem vague when donating to a charity. Never give personal information such as bank accounts, without knowing exactly who you’re donating to. If you suspect you have been scammed, notify the local authorities immediately. Also, be cautious and watch for changes in your credit score, odd accounts opened up with your name, and other signs of identity theft. It’s always a good idea to have an identity theft safeguard policy in place.

The bottom line here is that there are lowlife internet scammers just waiting to take advantage of the Orlando shooting tragedy. They are using a variety of phishing ploys that will try to lure you into everything from blood drives to links that claim to have exclusive video footage of the details of that awful night. Don’t ever click on these links just out of shock value and curiosity! Stay safe online and be sure to go through tried and true charities to donate and help the victims of this horrible crime.

Be sure to warn your friends through social media if you become aware of scammers. Word of mouth is still the best way to help people stay aware! Tech Sentries is always here to help you stay safe online and our prayers go out to all the families of the Orlando shooting.

downloading software safely

Tips for Downloading Software Safely

We all have to download software sometimes, and most of the time it’s because we purchased that software from a reputable company, and we don’t worry about the safety of the download.  However, there are other times, we’re sort of “shooting in the dark,” and maybe it’s a free download we saw advertised (and it looks REALLY interesting).

downloading software safely

For the less experienced computer users, downloading software safely might pose some problems and unexpected results.

Can you really trust software developers to have your best interest at heart?  After all, those extra security measures are sometimes costly; it’s so easy to choose profit over safety.

One would think that directly downloading a piece of software from the developer would be a guarantee of rock solid safety.  Unfortunately, this may not be the case.

Here are some tips to make downloading software safer:

1. What’s the Reputation of the Site?

Go ahead and take the time to visit the website of the company offering the product you want to download.  Pay particular attention to the product page.  You can check on the safety rating by using “WOT” which means Web of Trust

If you’re a newbie, be sure to load the WOT Extension as it will prevent you from even loading any unsafe sites, not just download unsafe software.  WOT focuses more on the reputation and the ethical stance of the site, while SiteAdvisor is preoccupied almost entirely with malware detection alone.  Pay attention to what both of these tools tell you.  If your site/software passes muster with both of these tools, you’re probably safe.  But not so fast…

2. Download and Scan 

Go ahead and download the software, but right away you should scan it using your anti-virus software. Upon completion of the scan, you should have a better idea of the safety of the downloaded file. Even still, you are not finished. Read on…

3. Are There Unwanted Extras? 

This might be the last step, but it’s certainly not the least important. This might sound complicated, but you need to check for any and all bundles of extras or options that are simply not needed and therefore, not wanted. The downloaded file can contain or download additional software. Some of these extras can be a real pain in the neck to get rid of — things like changing your browser’s default settings, or messing with your home page. So even if your anti-virus software says the fie is good this no guarantee that you are safe.

Conclusion

In this day and age of ransomware and polymorphic viruses you need more than traditional anti-virus protection. At the current time ransomware and viruses are capable of morphing every 15 seconds. To keep up with the onslaught, the traditional approach would require updating your virus definitions every 15 seconds.

As you can imagine this is an impossible task.

This is where Tech Sentries steps in. We incorporate a Proactive White List technology. Simply said this means it does not matter how many times or how often executable files change, if they are not on our approved list we are going to stop it from running on your computer.

If you want to learn more about Tech Sentries go to our website www.techsentries.com or give us a call at 843-282-2222.

Text Scam Myrtle Beach

Two-Factor Authentication Text Scam

[st_row gradient_color=”0% #FFFFFF,100% #000000″ gradient_direction=”vertical” img_repeat=”full” 1=”video_url_mp4″ autoplay=”yes” child_of=”none” div_padding_top=”10″ div_padding_bottom=”10″ div_padding_right=”10″ div_padding_left=”10″ id_wrapper=”elm_5942cfb94901a” ][st_column span=”span12″ id_wrapper=”elm_5942cfb948fd1″ ][/st_column][/st_row]

cyberattack tech sentries

The Most Common Types of Cyber Attacks in 2016

2016 presents more cyber threats than ever, but there are also more solutions than ever. Here at Tech Sentries, we’re working hard to help you “Guard Your Technology” and stay protected and secure! The following are some great tips to help you get used to practicing “safe cyber” habits.

Common Cyber-Attacks:

Cyber-attacks are no joke and unfortunately, they are increasing all the time. According to several reports, the most concerning cyber-attacks for this year include hacking and other means of online extortion, scams that involve hacking and stealing Cyber attack tech sentriespasswords, scams involving asking you to “recovery your passwords,” digital threats and hacks that can actually cause damage to your hardware, and many other such attacks. Because of the huge increase in our use of mobile devices, the attacks on mobile security have also increased significantly.
The best way to prevent mobile cyber attacks is to prevent your personal info from being exposed. This means, if possible, don’t store personal data on mobile devices. If you must keep it there, be sure to NEVER keep it all in the same location! If you were to be hacked on your mobile device, it would be way too easy to gain access to everything—your credit cards, ID, and other info — especially if you make it easy by keeping it all in one neat folder.
There is another cyber-attack method happening more and more called ransomware. This is where entire systems in hospitals and schools, etc., become hacked into and all the files and data are rendered useless. The only way to restore the lost files is for the victim to pay a huge sum of money to the hacker to restore it, which may or may not work! This rewards the criminal behavior, but at the same time, people feel they have no choice. Unfortunately, giving into the demands of these hackers’ only increases the likelihood that the cyber attacks will continue.

Password Recovery Scams:

There are many scams involving password recovery. Cyber criminals hack into your email account and then gain access to passwords and other sensitive information. Not only is your account (and life) seriously compromised, but the hackers also have access to all your contacts, which could cause your friends, family and business associates to be attacked as well. It’s a very ugly problem.

Back Up Your Data:

Since digital attacks can really render your devices unusable or even frozen, it’s important that you make a habit of backing up all your information on a regular basis! Just remember there are three rules to follow – back up, back up and back up. It’s the best and only proven way to recover lost data should anything happen to your computer or mobile device.

One other crucial tip is NEVER use the same password or username for multiple accounts. Get in the habit of creating passwords that are extremely strong, using symbol characters, capital and lowercase letters and numbers. The combination of these characters will make it far more difficult to hack into anything. Change your passwords regularly – at least once every couple of months, and even more often if you can.

Anything that has a Wi-Fi or Bluetooth connection can be a target of digital attacks as well. You may not be aware that modern appliances such as refrigerators, smart cars, smart TVs, etc., do not come equipped with software programs that protect them against hackers and cyber-attacks. This doesn’t leave you feeling very safe for sure. So what to do? Back up your files and all data! Keep up with your backups and keep them going.

Update Vulnerable Applications:

Keep them up to date and you will be keeping yourself safer. It can be inconvenient, but it’s well worth it! These updates are where programs fix breaches or holes in security. Getting lazy about installing updates just makes you more vulnerable to cyber-attacks.
At Tech Sentries, we do this for you.

We hope these tips have helped you get started with keeping your safe from cyber threats. For more information, call Tech Sentries today! (843) 282-2222!

Tech Sentries Security

The Greatest Offense is a Great Defense

There are safe programs that Tech Sentries considers approved for you to use in your computer work. It may happen that, once in a while, a program will be blocked that you really want. Don’t fret…that’s the robust nature of our security checks and this level of guard against malicious threats is unparalleled. You can always tell us if we should authorize a certain program or software for safe use. This approval can be for all computers in a location or the authorization can be for just one.

It’s crazy to think there are people who lurk about online just to steal your identity, harass you slander yoTech Sentries Securityur good name, hack into your personal banking, and a host of other crimes. There are many online threats these days and unfortunately, not many of the products available in the market place do an adequate job protecting you –UNTIL NOW! At Tech Sentries, you can count on the best protection available to keep you and your online presence safe and secure!

And it doesn’t end there—it gets better! Our product can get rid of that obnoxious adware that pops up every time you try to shop online. Even though adware isn’t considered a virus, it can still make you feel hijacked by constantly popping up when you don’t want it or need it. We’ve all felt overwhelmed by annoying adware, but you don’t have to any longer! Whether it’s adware, spyware or ransomware, Tech Sentries can block it for good.

Did you know that you can get a virus without even clicking on anything in certain websites? The virus can get in and infect your computer through security holes in commonly-used software that is often free. Programs like Adobe Flash Player and Java are prime examples. The best way to avoid this issue to is to keep your programs constantly updated, but due to the inconvenience of that, many people don’t bother. At Tech Sentries, we do it all for you automatically, so you’ll never have to think about updating again!

There is no greater security than what you will get with Tech Sentries!

1 2 3 4