Skype Hit with Ransomware Threat

If you use Skype*, do not respond to any pop-up messages similar to this one:

Several people have reported receiving “fake Flash” ads in Skype which, if triggered, can lead to a ransomware attack.

It has been reported that if an effort to infect a user’s PC with ransomware an advertisement appears followed by the above pop-up message. The triggered ad has obviously been designed to look like the real thing. Do not be fooled. The app, when opened, would download a malicious payload, which locks the user’s computer and encrypts its files for ransom.

Many other users in the past few days have also complained of similar issues with Skype’s in-app ads, with at least two other people having the same “fake Flash” ad into Thursday. I hope this problem has Microsoft re-considering in-app advertisements in Skype.

All signs point to this “fake Flash” ad as a spin off of a recent Locky ransomware campaign that also delivers a Kovter trojan, which remains on the system to carry out click-fraud and malvertising campaigns. Locky, which became one of the most notorious ransomware threats last year, uses a similar malicious JavaScript-based attack to lock computers, which execute directly on Windows without the help of any other app. I wrote about Locky back in May 2016. Check it out here.

* This threat does not involve Microsoft’s Skype for Business service.

Share This:

Was Apple Hacked – Is Your iPhone in Danger?

Apple’s iPhones and Apple IDs are a tough nut to crack for hackers, but it’s not impossible. At least that’s what a group of hackers seem to suggest, as they’re currently attempting to blackmail Apple for up to $100,000 before they start “remotely wiping millions of iPhones”. Can they actually do it? Should you be worried? It’s unclear at this point.

Apparently, the hackers have been in contact with Apple’s security team for quite a while now. They even posted a video on YouTube to prove they have actual access to iCloud accounts, access which can be used to remotely wipe iPhones.

Apple, understandably, doesn’t appear to be willing to pay up the ransom. “We firstly kindly request you to remove the video that you have uploaded on your YouTube channel as it’s seeking unwanted attention, second of all we would like you to know that we do not reward cyber criminals for breaking the law,” a screenshot of a message purportedly coming from an Apple security team member reads.

The hackers say they have access to more than 300 million Apple email accounts, including @icloud and @me domains. The number is the source of some confusion though, because a different hacker from the group claimed they had 559 million accounts in all. They have not explained how they gained access to Apple ID credentials.

The hackers are threatening to move forward with remotely wiping Apple devices on April 7th, unless Apple pays up.The problem here is that Apple has not publicly commented on the matter so far. On the off-chance that the hackers are indeed holding access to millions of iCloud accounts, you may want to consider changing your password to protect your Apple ID just to be safe. For the record I changed mine today – just to be safe.

Share This:

Outlook Rules to Improve Your Workflow

Image result for outlook 2016 pngMicrosoft Outlook is one of those tools many of us not only use every workday – but countless times – throughout each day. The more skills you master in Outlook – the more time you will have to get things done. Here are some of my favorite Outlook tips.

Setup Rules

Rules can help you automate management of your messages, whether it is blocking Junk Mail or moving specific messages to a folder. For instance, you could have all messages from your boss moved to a particular folder, so you never miss them. With the full version of Outlook, you can create some pretty complex rules.

Here’s a simple rule where I’m moving messages from the recipient folder. Select a message from the recipient then click the Home tab then click Rules > Create Rule.

Check the box From recipient then check Move the item to folder.” Choose an existing folder or create a new one. Select it and click OK. You can run the rule right away or at a later time. There are rules you can setup to receive an alert when you get an email from a particular recipient or messages with certain words. Check out how to move new messages to a specific folder.

create rule 2

Also, advanced rules were added to Outlook.com a couple of years ago.

Use Color Categories and Flags

Use the Color and Categories feature to help prioritize and focus on what’s in important. Select a message and click the Categorize menu then choose an appropriate color. You can customize these colors to a particular meaning. Click Categories > All Categories > select a color and then Rename. Keyboard commands can also be assigned so you can quickly mark a message.

Categorize

The Follow Up Flag can also help you remember messages you need to look at when you have the time. When you flag an email message, it will appear on your To Do List and Tasks lists so you can remember to attend to it.

Follow up

Schedule Using Delayed Delivery

Outlook lets you delay the delivery of an email to a particular time of the day. This feature is handy if you know a recipient won’t get to your message until a given time. If you’re aware that a user checks email around 3 AM in the morning, create a new message then click the Delay Delivery button under Options. Make the appropriate modifications to Delivery options such as Do not deliver before date and time.

Delay delivery

Create a Search Folder

A Search Folder is a powerful way to triage your messages and bring some sanity to your inbox. For instance, you can create a search folder for mail you want to follow up, or flag messages from specific people, groups or list.

Outlook-2013-search-folders.png

Click the Folder tab then click New Search Folder then choose the type of Search Folder you want to create from within one of the groups. Select the mail folder and click OK. A search folder is created in the Navigation Pane. Any messages I choose to follow up will be available there when I need them.

Set Junk Email Filter Level

Junk Mail can slow down how much productive emails you can get to throughout the day. Using Outlooks Junk Mail Filter, you can minimize its impact. Click the Home tab then click the Junk menu in the Delete group then click Junk Email Options.

I recommend starting with the Low setting first and see how it works for you. If Junk messages are too aggressive, then you can move to a higher option. In case the filter mistakenly flags an important message, I would keep the Permanently delete option unchecked.

Junk Mail

These tips were just the tip of the Microsoft Outlook iceberg. You can check out some of our previous Outlook articles here.

Share This:

Facebook Stories Arrives But What Is It?

Facebook Stories is rolling out to everyone on Facebook. Along with it comes a filter-tastic new in-app camera, as well as a direct messaging feature.

The update started rolling out this morning on iOS and Android and it brings with it three parts: a redesigned in-app camera, a new feed of ephemeral stories at the top of the News Feed, and a private messaging feature called Direct. Taken together, the features represent the biggest changes to Facebook’s core product in several years.

Just like Snapchat, Facebook Stories consist of photos and images that disappear 24 hours after they are posted. You can decorate your posts with text, drawings, stickers, and Snapchat-like animated filters. While the basic suite of creative tools is the same across Facebook’s products, the flagship app’s stories have a few twists of their own. It’s the first Facebook app to get animated face filters.

Facebook Stories works exactly like on Instagram; Stories live above your News Feed for 24 hours, and can include both videos and images with a variety of filter effects. There’s even now a dedicated camera button on the top left of the app to serve as a constant reminder to post some goofy filtered-up photo.

But to Facebook, the filters are more than just trivial additions. People are sharing more visual content than ever, and these effects are a way to augment and provide context for the moments being shared on screen.

Facebook apparently is so smitten with filters that the company has a small team of artists creating the filters, and works to adapt the filters for each region so that they are relevant to everyone using them. It’s also partnering with various brands for themed filters, including Power Rangers, Minions, and Wonder Woman masks, and intends to introduce “new ways for the Facebook community to create their own frames and effects” in the coming months.

One area Facebook is a bit different from other apps is that you have the option to share Stories directly onto your Timeline and News Feed as well, giving them a bit more visibility by placing them among standard posts. You can also now share 24-hour media with only a few specific people via a ‘Direct’ feature.

Stories is clearly a big push for the Facebook, and the fact that they live above your News Feed is remarkable, considering the latter has always been your main way of experiencing media on the social network.

 

 

Share This:

Apple’s iOS 10.3 Arrives with Little Fanfare

Today Apple delivered iOS 10.3 to compatible devices, adding a small number of new features.

This is the 4th updated to iOS 10. The original iOS 10 release shipped back in September and brought with it some new features and was followed up by iOS 10.1 in October and again iOS 10.2 arrived in December.

Each of those two most recent updates came with a single marquee feature – Portrait mode (for iPhone 7 Plus only) in iOS 10.1 and the new TV app in iOS 10.2. iOS 10.3 is no different in that there is nothiing really flashy here. This time the marquee feature is Find My AirPods, which is a little ridiculous (if you ask me).

In addition to “Find my AirPods”, iOS 10.3 adds a single Apple ID profile interface in Settings, a Touch 3D-compatible weather icon in Maps, and various CarPlay improvements. There’s new file system called Apple File System (APFS) that is better optimized for the NAND storage used in i-Devices. In other words, not much. Or, as BGR puts it, iOS 10.3 is “packed with new features.”

Apple also shipped even less interesting updates to macOS, watchOS, and tvOS. So if you’re using Apple devices, be sure to fire up Software Update to get the latest software.

Share This:

Our Privacy Has Just Been Sold

I do not normally post articles here that have a political angle however today news out of the US Senate resulted in this one – which should worry each and everyone of us.

This morning, Republican senators voted to remove Obama administration restrictions designed to keep internet service providers (ISPs) from selling our private data. The vote passed along party lines, 50-48. This means that very soon – your private data will more then likely be sold to the highest bidder – without your control or your knowledge.

The Current Situation with Your Internet Data

The policy, originally proposed by then acting FCC Chairman Tom Wheeler outlined clear guidelines for how ISPs were to handle your data. In short, they could not use it without your permission and they certainly were not able to share sensitive information like browsing history and location data with advertisers.

The Effect on Your Privacy Effected by this New Action

As of today, that rule is a step closer to being a memory. Congress essentially just opened the floodgates to some of the sleaziest corporations on the planet using your data however they see fit, and they did it while assuring each of us that it was in our best interest.

Worse, the ruling could put the FCC in danger of not being able to create similar ones in the future. According to the Congressional Review Act:

Once a rule is thus repealed, the CRA also prohibits the reissuing of the rule in substantially the same form or the issuing of a new rule that is substantially the same, “unless the reissued or new rule is specifically authorized by a law enacted after the date of the joint resolution disapproving the original rule.

If you’re wondering how we got here, follow the money: the 22 Republican senators behind the push to strike down the original ruling have pocketed more than $1.7 million from telecom companies since the 2012 election.

On its own, the lack of privacy each of us face on the internet is already a scary proposition. Removing the few guidelines that protect us from shady backroom deals is outright terrifying.

This is just the opening shot in an on-going war. Already through the Senate, up next is the House of Representatives, where it’s expected to get the needed number of votes thanks to a Republican-controlled House voting along party lines, and finally Trump’s desk. He’s expected to sign the bill.

It’s no secret what Trump and his Republican-controlled Congress plan to do to the internet: shift control to corporate interests. Newly-installed FCC chairman, Ajit Pai has made it clear he intends to dismantle net neutrality rules. Last month, he even went as far as blocking language in the privacy rules that required ISPs to adopt reasonable security measures to protect our data, and notify each of us when a breach occurs.

 

Overturning net neutrality guidelines, when coupled with a complete lack of privacy, seems to put all of us on a one-way collision course with the antiquated cable TV model. That means tiered pricing, prioritized service, and always-on monitoring of your internet activity. And thanks to this sacrifice at the alter of capitalism, ISPs are set to profit handsomely while doing away with any notion of an open internet.

For the rest of us, we’re at the mercy of a group of rich suits, a group we’re now trusting to ethically handle data containing our most sensitive information.

Share This:

Two Windows 10 Cumulative Updates In One Week

Microsoft released a new cumulative update for Windows 10 earlier this week, fixing two fairly minor issues in the OS. Microsoft today released yet another update for Windows 10 users.

Image result for windows 10 updates

Similar to the update from earlier this week, the latest update is also a minor one and it only comes with fixes for two issues. The update, KB4016635, brings the OS build number up to 14393.970.

Here’s the changelog for the update:

  • Addressed a known issue with KB4013429 that caused form display issues with       CRM 2011 on Internet Explorer 11.
  • Addressed the issue with KB4013429 that prevents users from updating apps         from Windows Store with 0x80070216 error.

Needless to mention, the update is available to all Windows 10 users and you can get it from Windows Update in the Settings app.

Share This:

3 Windows Preview Builds in a Week

This morning I started my workday with this. I docked my Surface Book for another busy workday and had to wait 30-40 minutes while yet another Windows Preview Build was installed.

Less than 24 hours after it delivered build 15060 to Windows 10 Insiders on the Fast ring, Microsoft shipped yet another build, 15061.

What makes this unusual is that Microsoft has now shipped three builds in a single week: Build 15058 on Tuesday, build 15060 on Thursday, and now build 15061 today (Friday). That’s a lot of Preview Builds… even for me!

Like the previous several builds, Windows 10 Insider Preview build 15061 does not bring any new features. Instead, Microsoft is completing the development of the next major Windows 10 version here and is just fixing bugs at this point.

You can check out the original Microsoft blog post for a list of changes, improvements, and fixes, and a separate list of known issues. Neither is very long.

Share This:

Microsoft’s March Patches Arrive

Microsoft’s batch of security patches for March is one of the largest ever and includes fixes for several vulnerabilities that are publicly known and actively exploited.

Microsoft published 17 security bulletins covering 135 vulnerabilities in its own products and one separate bulletin for Flash Player, which has its security patches distributed through Windows Update. Nine bulletins are rated critical and nine are rated as important.

The affected products include Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Exchange, Skype for Business, Microsoft Lync, and Silverlight.

The highest priority should be given to the MS17-013 security bulletin, which addresses remote code execution, privilege escalation, and information disclosure flaws in the Windows Graphics Component, Graphics Device Interface (GDI), and Color Management. These vulnerabilities affect Windows, Office, Skype, Lync, and Silverlight.

The remote code execution flaws can be exploited by tricking users into opening a specially crafted website or document. What’s worse is that one of the vulnerabilities is publicly known and another is already actively exploited.

Another important bulletin is MS17-012, which fixes a vulnerability in the Windows SMB network file-sharing protocol that was publicly disclosed over a month ago.

The MS17-006 and MS17-007 bulletins for Microsoft Edge and Internet Explorer also contain vulnerabilities that have been publicly disclosed, including a critical remote code execution one.

On the server side, the Microsoft Exchange and IIS bulletins, MS17-015 and MS17-016, should be prioritized because these systems are typically exposed to the internet. Server administrators should also direct their attention to the bulletins for Hyper-V virtualization (MS17-008) and Active Directory Federation Server (MS17-019).

The high number of patches in this release are because Microsoft decided to postpone by a month the security updates it had originally scheduled for February. This unprecedented decision was made due to an unspecified last-minute issue and especially since there were a number of publicly known flaws.

Also, it seems that Microsoft has backtracked on its plan to stop organizing patch information into security bulletins, at least for this month. The company had planned to stop using bulletins in favor of a new portal called the Security Updates Guide.

Share This:

Tech Tips in Bad Weather

A massive winter storm is slated to slam the eastern portion of the United States tonight. The area where I live could see as much as 2 feet of snow.

These are some tech tips to help you prepare for the storm:

Keep Your Mobile Devices Charged

Make sure you keep your mobile devices, smartphones and laptops charged so if your home loses power you have a way to communicate and stay informed.

Stay on social media

Posting on Facebook, Twitter or Instagram is an easy way to let friends and family know you’re safe. Social media will also alert you to breaking news and updates on the storm.

Watch your local news

This should be a no-brainer, but you should be tuning into your local news for updates on the storm. In the case of a power outage, you could pull that old radio out of the closet. Don’t own a radio? Check your old iPods or smartphones. The iPod Nano and some Android smartphones, such as the HTC One M9, also include FM tuners.

Internet down? Use text instead of voice

Cell phone networks can quickly become overloaded during storms and natural disasters. It’s best to send a text message, rather than continuing to attempt a phone call. Standard text messages have dedicated bandwidth on cell carriers’ networks. If Web connectivity (or even worse electricity) is spotty or down, and the phone circuits are overloaded, your text messages have the best chance of getting through.

Charge all your batteries

It’s always smart to be prepared for the power to go out. Make sure all of your devices (not just your smartphone) are fully charged. When power and Internet are down, CNET editor Dan Ackerman recommends using a laptop’s USB port to charge your smartphone.

Apps could be a lifesaver

If you still have power and Internet, you should be keeping an eye on weather apps. Some of my favorites are NOAA Weather Radar, The Weather Channel, Weather Underground (Android, iOS) and 6abc (Philadelphia). Make sure to check out local apps because they will be there to help you stay up to date with where you live.

Share This:

1 2 3 4 5 142