United Airlines Hacked…. Again

Another Day – Another Security Breach. Now it seems airlines are under fire.

United Airlines is the latest to fall victim to a data breach. The hackers stole flight manifests, which disclose information about passengers on the flight and their destinations. News reports are pointing fingers at hackers backed by China.

Many are attributing the attacks to the same group that earlier this year attacked health insurer Anthem and U.S. Office of Personnel Management (OPM). In February, Anthem informed millions of its customers that hackers had gained access to the company’s computers, potentially stealing personal information of 80 million former and current customers. In June, OPM reported a hack affecting its systems compromised the personal information of 21.5 million current and former federal workers.

As has occurred with many other breaches, attackers hide often hide (and observe) inside an organization’s network for many months before they are detected. It is clear that commonly used detection tools are simply not performing as intended or just as likely, are not implemented correctly.

It is very clear now that companies and government agencies need to take a critical look at how they can identify whats changing in their environments, and assess how those changes affect their security postures and attack surfaces. This monitoring of network activity has to occur on a constant basis now.

Airlines Under Siege by Hackers

It is clear that airlines are being attacked from all angles today. Data systems including membership programs, reservations systems, and even in-flight activity have all be compromised on various airlines this past year.

The airline industry, like all industries for that matter are going to have realize that they make up a critical part of the infrastructure that appeals to nation states and cybercriminal groups, and they must to do a better job to secure their systems.

This was the second security breach for United Airlines in the past 12 months and the FAA, which demonstrates the need to prioritize and refocus their attention around cybersecurity.

You can read my May 16, 2015 story, “United Airlines Bug Bounty” about the earlier United Airlines hack.

Personal Security – Personal Responsibility 

As I have suggested countless – endless times here. Individuals must take security seriously and not to depend on corporations to do this for them. Using strong and unique passwords as well as two factor authentication whenever possible will go along way to protecting your information even if the airline you just booked a flight with was hacked.

Share This:

Windows 10 Day is Finally Here!

Today Microsoft launched their official Windows Launch Portal where they are sharing a large collection of information relating to the Windows 10 launch. If you want to learn more about Windows 10 I highly recommend checking it out.

If you head over to http://blogs.windows.com/launch/ you will see a couple of things about Microsoft’s new operating system.

First you will see a social media tracking area with embedded tweets as users around the world upgrade to Windows 10 and use the hashtag #UpgradeYourWorld to talk about it.

Next Microsoft shares information about their partnerships with multiple organizations that are reaching out to the community to assist users with their Windows 10 upgrade. Microsoft’s has announced their goal of having Windows 10 installed on one billion devices in the next 2-3 years. Users stuck on an OS (Windows XP) for 13+ years will not happen again if Microsoft can do anything about it and this vision is part of seeing it through.

Over the last nine days Microsoft has been involved in their own countdown to Windows 10 with their 10 Reasons to Upgrade to Windows 10 videos. Each day a new video has been released highlighting a Windows 10 feature and they are all at the launch portal in one place.

  1. Familiarity in Windows 10
  2. Do personal things with Cortana on Windows 10
  3. Do unexpected things with Microsoft Edge
  4. Game Epically on Windows 10
  5. Do multiple things at once with Windows 10
  6. Security in Windows 10
  7. Say “Hello” to Windows Hello on Windows 10
  8. A look at the great built-in apps in Windows 10
  9. Continuum on Windows 10
  10. Do one-stop shopping with the new Windows Store

There is also a collection of Media Assets that include some good information, especially for the Windows 10 newbie.

First is the Windows 10 Quick Guide which is available in a Word document. The 14 page document takes you through all the key areas of Windows 10 including Cortana, Microsoft Edge, Windows Hello and Windows Store.  This document would be a great primer for someone who is unfamiliar with Windows 10. I highly recommend checking this out.

Finally, there are some new videos available that go into depth on specific Windows 10 areas:

Windows 10 Apps

The Windows 10 Experience

A Deeper Look at Microsoft Edge

Happy Windows 10 Day!

Share This:

Windows 10 Rolls Out Tomorrow

After an abundance of testing, Windows 10, the latest version of the Microsoft Windows operating system begins rolling out tomorrow, July 29. The new OS is scheduled to roll out in phases, going first to Windows Insiders and then being released in waves to users who have made reservations online. Enterprise users will begin seeing Windows 10 on August 1.

Windows10 release date

The Last Windows

Windows 10 will be the “last” version of the operating system. Rather than releasing future upgrades as discrete, numbered generations, Microsoft plans to roll out continuous updates as part of its operating system “as-a-service” model for Windows.

Microsoft reports that Windows 10 is “the Windows you know, only better.” Some key features of Windows 10 include the return of the Start Menu (which Windows 8 eliminated, resulting in endless and angry user complaints); the debut of a new browser, Microsoft Edge, to replace Internet Explorer; and advanced integration of Cortana, Microsoft’s voice-controlled digital personal assistant.

Windows 10 will also be the first universal version of the operating system, meaning that the same code will be used across all Windows devices, from desktop computers and tablets to Windows phones.

Among some of the other new features arriving with Windows 10 will be a unified, cross-device Windows store; screen views that are optimized for each device; and support for game streaming from Xbox One consoles.

 

Pre-Tested and Ready to “GO”

According to Microsoft, Windows 10 has been heavily reviewed and tweaked ahead of its release date based on the input of five million Windows Insiders, of which I was one who have been taking multiple pre-release builds for testing.

I have been using Windows 10 on several devices, my Surface Pro 3, my home office desktop PC and a Acer laptop. I have had my ups and downs with Windows 10 and at one point a few months ago I feared it had “bricked” mySurface. However the last new builds and the “RTM” (release to market) build I am currently using is polished and is performing very well. My highlights include the “Cortana” integration and the new sleek internter browser, Microsoft Edge.

Lessons of Windows 8

This is a far cry from the approach Microsoft used before launching Windows 8 which was built in secrecy and forced on consumers. This led to such a disaster that Microsoft skipped Windows 9 and went on to 10.

I have found that Windows 10 really does bring the best of Windows 7 and 8 together into a truly functional modern operating system. Windows 10 changes it’s behavior based on the type of device you are using, which is the opposite of what Windows 8 tried and failed to do. Which was to basically force your device to work with it, which was a disastrous design flaw.

Updates Controlled by Microsoft

The future of Windows is now built on an “as-a-service” path. This means that ongoing updates will be delivered automatically. In other words, consumer and small-business will no longer be able to selectively avoid software updates as they’re released.

The software periodically checks for system and app updates, and downloads and installs them for you.”

Welcome to Windows 10. It’s going to be winner I believe friends.

Share This:

Patch Tuesday Lives!

Patch Tuesday is not dead! 

That is what many experts have now concluded.

With Windows 10’s launch only 4 days away, the new operating system will debut July 29 on previewers’ PCs,  the question of whether Patch Tuesday lives and breathes, or will die, maybe quickly, maybe slowly, still remains officially unanswered. However many security professionals and industry analysts have come to the conclusion that Patch Tuesday will continue, possibly in the same form it has since 2003.

“Patch Tuesday is not going away any time soon,” said Chris Goettl, product manager for patch management vendor Shavlik. “It’s been blown out of proportion.”

“Patch Tuesday” is the label that’s been stuck to the second Tuesday of each month, the day Microsoft has issued its security updates since 2003. Microsoft of course prefers the more upbeat “Update Tuesday.” which I kind of prefer as well. Iwas really hoping that this practice would no go away because it really does make patching more predictable, especially for information technology staffs who manage networks and large numbers of computers.

Two months ago, Patch Tuesday’s future seemed in doubt after Windows chief Terry Myerson said, “We’re not going to be delivering all of the updates to all of these consumers on one day of the month,” when talking about changes to Windows Update under Windows 10.

Many in the technology sector used that comment to conclude that Microsoft was killing Patch Tuesday and would instead roll out security fixes as soon as they were ready, returning to its pre-2003 practice. Two weeks ago, when Microsoft shipped its July batch, some marked it as the last-ever Patch Tuesday. I was indeed saddened by this possibility.

Not so fast! While observers agreed that Patch Tuesday would be moot for consumers on Windows 10, even in May they were certain it would remain a factor for businesses, which again I believe is a critically important tool for IT departments.

So Patch Tuesday may have a heartbeat after all. I for one hope so.

Share This:

Staff Technology Training – Session 17

Today we provided our regular – quarterly technology training to the staff. The topics covered included SharePoint, OneDrive for Business, Skype for Business, Password Management & Two Factor Authentication.  You can check it our here, as well as all of our previous training classes here.

 

 

Share This:

Microsoft’s New Send App

IMG_2537aMicrosoft wants to streamline your email and give you another way to share files. Today Microsoft launched a new app called Send which is only on iOS for now.  Send makes email more like SMS by removing the subject line and taking you directly to your contacts list.

Microsoft thinks email can be a bit too cumbersome by modern communication standards; you have to open the app, open a compose window, type your contact into the recipient field, and then write a subject line before you even really get to your message.

On the other hand, you probably have many email contacts without a phone number logged in your address book, and you might not feel like asking them for it, or inviting them to use an SMS app.

That’s where Send comes is supposed to come in – it gives you the benefits of quick SMS-like communications with your existing email contacts, without requiring a phone number or separate app.

It doesn’t ask for a subject line, signature or salutation, and it will surface your frequent and recent contacts right when you open the app. If your contact is a Send user too, you can also see when they’re typing a response.

It’s an interesting approach that could fill a real niche: quick messages with email contacts you don’t care to ask for their phone number or IM accounts. It’s not meant to replace a traditional email app, however; you can message any email, but it will only show conversations started via the app itself.

I tried this a couple of times yesterday and it really does make send a file to someone very easy. The best way is to have both the sender and receiver use the app. It is not necessary but it is much easier for the receiver of the file.

Share This:

Adobe Hack Worsens

The Adobe Flash problem is far from over. It is now being reported that hackers are working to break into federal agencies using the recently patched Flash vulnerability.

Adobe released an emergency update to fix a critical flaw in its Flash Player browser plugin last week. The vulnerability is actively exploited in the wild via limited, targeted attacks. Internet Explorer for Windows 7, Firefox and Windows XP users are vulnerable.

The FBI issued a warning in a memo.

“The FBI has received information regarding a likely ongoing phishing campaign that started 08 July 2015 and was observed targeting U.S. government agencies. This campaign is similar to a June campaign launched by similar malicious actors. In both campaigns, the e-mails contain a link that exploits Adobe Flash vulnerability CVE-2015-5119.”

This Adobe flaw, and two previous ones, were made public after the Hacking Team was hacked themselves. The Italian company made a name for itself helping governments and intelligence agencies spy on people. But now the tables have been turned as the team’s private documents have been exposed online. The recent Adobe Flash flaw was part of that hack.

As part of the attack, hackers sent a tweet from the Hacking Team’s twitter account that offered a link to 400 GB of the company’s source code, e-mails and internal files. Adobe so far has been the biggest victim.

Adobe said successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. Adobe said an exploit targeting this vulnerability has been published publicly.

There is little doubt that cybercriminals have already got their evil little hands on this latest flaw and will integrate it in their exploit kits with much haste. This is one of the fastest documented cases of an immediate weaponization in the wild, possibly thanks to the detailed instructions left by Hacking Team themselves.

Share This:

Microsoft Releases Emergency Patch

Microsoft has released a rare emergency patch, outside of their normal monthly “Patch Tuesday” schedule for a critical flaw, affecting all supported versions of Windows.

Microsoft Patch Tuesday

The software giant said in an advisory Monday that the vulnerability, if exploited, could “allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.”

In other words, a previously undisclosed flaw in the way Windows handles certain fonts can allow a hacker to take over an entire machine.

Users running Windows Vista, Windows 7, 8, 8.1 and Windows RT are all affected, including those running Windows Server 2008 and later. A Microsoft spokesperson confirmed in an emailed statement that Windows 10 Insider Preview is also affected.

The “critical”-rated software update lands almost a week after its scheduled Patch Tuesday where it typically issues security fixes. Microsoft said it believed the flaw was public but did not have any evidence to suggest it was being actively exploited.

The patch is available over Windows Update.

Share This:

Cyber Threat Shifts from Spam to Malware

There may finally be some good news in the war against spam. The overall percentage of spam among e-mail messages dropped an amazing 49.7 percent last month, the lowest level since 2003. This is the first time the figure has been below 50 percent in more than a decade, according to a new study by Symantec.

Symantec reported these figures in its “Symantec Intelligence Report” for the month of June. Enterprises in the mining sector had the highest spam rate, at 56.1 percent, according to the report. The manufacturing sector was a close second at 53.7 percent. The finance, real estate, and insurance sectors had the lowest of any industry, at 51.9 percent.

It is apparent that spammers treat all businesses the same with regard to size. On average, companies experienced a spam rate of between 52 percent and 53 percent no matter the number of employees. The only variance to this pattern was companies with 251-500 employees, which experienced a 53.2 percent spam rate.

Spam Appears on the Decrease While Malware Increases

Despite the good news with spam, there were several troubling observations I found in Symantec report. There was a grand total of 57.6 million new malware variants reported in June, up from 44.5 million created in May and 29.2 million in April. The increase in malware variants indicate, something that many of us already knew. Hackers are changing tactics and shift to the very dangerous cybercrime tool of malware, as opposed to spam and phishing,

In addition to the increase in malware variants, ransomware attacks were up in June, with over 477,000 detected during the month. While still below the levels seen at the end of 2014, June represented the second month in a row that ransomware attacks increased since reaching a 12-month low in April. Crypto-ransomware was also up in June, reaching the highest levels since December.

On social media, meanwhile, hackers continued to rely primarily on manual sharing attacks, which require victims to propagate the scam by sharing content themselves.

Share This:

Another Healthcare Organization Hacked

As this week concluded there was news from Reuters reporting yet two more security breaches to healthcare organizations. These continuing news stories almost always arrive months after the security occurred.

I say this again tech friends. There is really only way to protect your information today.

The best way to protect your information from falling into the hands of cypercriminals is to use strong, unique and encrypted passwords. The best way to do this is by using a “Password Manager” like LastPass and when possible also use Two-Factor Authentication.UCLA hit by data breach

University of California (UCLA) Health, which runs four hospitals, and drug retailer CVS Health’s photo service reportedly has had millions of individuals’ private records exposed in a recent cyberattack.

UCLA Health reported that hackers breached its network on May 5, and accessed systems that contained personal information on about 4.5 million patients and healthcare providers. On-going investigations have shown that attackers may have gained access as early as September 2014.

The organization says it’s working with the FBI as well as a cyber-surveillance firm to look into the breach and has expanded its internal security team to implement new measures to protect its network going forward.

UCLA Health has begun notifying potentially affected individuals by mail and is offering 12 months of identity theft recovery and restoration services as well as credit monitoring and a $1,000,000 insurance reimbursement policy and additional healthcare identity protection tools.

CVSPhoto, which offers photo printing services also reported that customer credit card information collected by an independent vendor that manages its site, may have been compromised as well. The service has been temporarily suspended.

The two incidents are the the latest in a serious of attacks on US-based healthcare organizations.

Earlier this year insurance firm Premera Blue Cross admitted in March that its systems containing 11 million customer records were breached. Also In February, health insurer Anthem found its database of 80 million records exposed in a cyberattack.

Share This:

1 2 3