Monday 25 September 2017

MS Outlook: Sync Issues folder; Where and what is it?

What is the Sync Issues folder? Where is that folder located?This exists if you are using an Exchange account,the Outlook Hotmail Connector add-in or Office365 connector. In all cases, the Sync Issues folder is located in Outlook itself.

Folder List navigation

You should probably be in the Mail Navigation. To see the folder, you’ll need to switch to the Folder List Navigation. To get there, use the Navigation icons in the Navigation Pane, the Go menu or by pressing CTRL+6 on your keyboard.

Subfolders of Sync Issues

The main synchronization log is kept in the Sync Issues folder. The actual items involved are kept in subfolders called;
  • Conflicts
  • Local Failures
  • Server Failures
When an item is in such a folder, it means its changes either could not be uploaded or download or the same item got edited on two separate locations at the same time.

Verify and move before emptying the folders

If you still need the items which are listed there, verify if they still exist in your mailbox and also exist on the server by using Outlook Web Access when using an Exchange account or Windows Live Hotmail if you are using the Outlook Connector.
If they are not, then you can move the item to a folder of choice and see if the changes get uploaded now. If everything is in order, you can cleanup the Sync Issues folder if you want.

Source: MSOutlook.info

Thursday 21 September 2017

Συλλογή και επεξεργασία δακτυλικών αποτυπωμάτων - Δικαστική απόφαση

ΑΠΟΦΑΣΗ ΔΙΟΙΚΗΤΙΚΟΥ ΔΙΚΑΣΤΗΡΙΟΥ: απόρριψη προσφυγής αναφορικά με τη συλλογή και επεξεργασία δακτυλικών αποτυπωμάτων

Image result for fingerprint image Με την Απόφασή του (Υποθ. Αρ. 1930/2012) ημερ. 19/5/2017 το Διοικητικό Δικαστήριο επικύρωσε την Απόφαση του Επιτρόπου Προστασίας Δεδομένων ημερ. 2/10/2012 με την οποία είχε επιβάλει στο Απολλώνειο Ιδιωτικό Νοσοκομείο τη διοικητική κύρωση της διακοπής της επεξεργασίας και καταστροφής των σχετικών δεδομένων (βλ. άρθρο 25(1)(ε) του Νόμου) με τη διακοπή της λειτουργίας του συστήματος δακτυλοσκόπησης και την καταστροφή των δεδομένων που αφορούσαν στα δακτυλικά αποτυπώματα των υπαλλήλων.

Περισσότερες πληροφορίες στη σελίδα του Επιτρόπου Προσωπικών Δεδομένων.

Wednesday 30 August 2017

How the NSA identified Bitcoin 'creator'

The ‘creator’ of Bitcoin, Satoshi Nakamoto, is the world’s most elusive billionaire. Very few people outside of the Department of Homeland Security know Satoshi’s real name. In fact, DHS will not publicly confirm that even THEY know the billionaire’s identity. Satoshi has taken great care to keep his identity secret employing the latest encryption and obfuscation methods in his communications. Despite these efforts (according to my source at the DHS) Satoshi Nakamoto gave investigators the only tool they needed to find him — his own words.
  Using stylometry one is able to compare texts to determine authorship of a particular work. Throughout the years Satoshi wrote thousands of posts and emails and most of which are publicly available. The NSA was able to the use the ‘writer invariant’ method of stylometry to compare Satoshi’s ‘known’ writings with trillions of writing samples from people across the globe. By taking Satoshi’s texts and finding the 50 most common words, the NSA was able to break down his text into 5,000 word chunks and analyse each to find the frequency of those 50 words. This would result in a unique 50-number identifier for each chunk. The NSA then placed each of these numbers into a 50-dimensional space and flatten them into a plane using principal components analysis. The result is a ‘fingerprint’ for anything written by Satoshi that could easily be compared to any other writing.

But why? Why go to so much trouble to identify Satoshi? The source says that the Obama administration was concerned that Satoshi was an agent of Russia or China — that Bitcoin might be weaponized against us in the future. Knowing the source would help the administration understand their motives. As far as I can tell Satoshi hasn’t violated any laws and I have no idea if the NSA determined he was an agent of Russia or China or just a Japanese crypto hacker.
 The moral of the story? You can’t hide on the internet any more. Your sentence structure and word use is MORE unique than your own fingerprint. If an organization, like the NSA, wants to find you they will.

For more information and source: Medium
Author of complete article: Alexander Muse

Saturday 12 August 2017

Πως να προστατευτείτε από απάτες "ψαρέματος" (phishing) με απλές μεθόδους


Είναι πλέον δύσκολο να μην αντιλαμβανόμαστε την αυξανόμενη συχνότητα των επιθέσεων phishing μέσω ηλεκτρονικών μηνυμάτων. Μέσα σ' αυτή τη χρονιά, οι συχνότερες επιθέσεις έγιναν σε χρήστες Google Cloud Docs. Τα λογισμικά καταπολέμησης κακόβουλων επιθέσεων γίνονται ολοένα και πιο 'εξυπνα' ή καλύτερα πιο αποτελεσματικά έτσι οι προσπάθειες καταδολίευσης και απάτης επικεντρώνονται πλέον από τους hackers στην 'ολίσθηση' στο λάθος των χρηστών.

Ακόμη και να νομίζετε ότι δεν σας αφορά αυτό το άρθρο, αξίζει να το διαβάσετε. Μπορεί να μη πληρώνετε μέσω διαδικτύου, μπορεί να 'νομίζετε' ότι δεν έχετε ευαίσθητες πληροφορίες στην 'διαδικτυακή σας παρουσία'. Όμως ΕΧΕΤΕ. Από τη στιγμή που χρησιμοποιείτε το διαδίκτυο
ΕΙΣΤΕ ΕΥΑΛΩΤΟΙ!

Τι είναι το phishing;

Οι επιθέσεις phishing όπως αντιλαμβάνεται κανείς, είναι προσεγγίσεις που μοιάζουν νάναι νόμιμες και λογικές, προερχόμενες από ηλεκτρονικά μηνύματα ή/και (σε συνδυασμό) με ιστοσελίδες με πρωταρχικό στόχο την ανάκτηση πρόσβασης στο ηλεκτρονικό ταχυδρομείο του χρήστη ή έμμεσα/αμεσα στους τραπεζιτικούς λογαριασμούς του. Είναι με πανουργία και αποτελεσματικότητα προετοιμασμένες επειδή φαίνεται να προέρχονται από οργανισμούς ή εταιρείες με τις οποίες συνεργάζεστε. Σας οδηγούν σε σελίδες πανομοιότυπες με αυτές που έχετε εμπιστευτικά δεδομένα. Πέφτει στην παγίδα ο χρήστης και βάζει τους κωδικούς του νομιζόμενος ότι εισέρχεται είτε στην ασφαλή πύλη του ηλεκτρονικού ταχυδρομείου του ή στη σελίδα της τράπεζας του που του ζητά να επαναβεβαιώσει τους κωδικούς του. Ο σκοπός του ψαρέματος είναι πάντα ο ίδιος, να αποκτήσει πρόσβαση σε ευαίσθητες περιοχές του χρήστη. Οι hackers τότε αντιγράφουν τον τρόπο γραφής του χρήστη, τιμολόγια που συνήθως πληρώνει και κλέβει την (ηλεκτρονική) ταυτότητα του.

Απλοί τρόποι να μην είστε το επόμενο θύμα phishing

Πάντα να σκέφτεστε διπλά πριν κάνετε κλικ σε σύνδεσμο (link) που σας δίνεται είτε μέσω ηλεκτρονικού ταχυδρομείου (email), SMS, messenger κλπ. Αναρωτηθείτε αν ο αποστολέας θα σας έστελνε μήνυμα τέτοιου περιεχομένου. Θα σας ζητούσε κάτι τέτοιο; Για παράδειγμα οι τράπεζες συνεχώς σας θυμίζουν ότι δεν σας ζητούν τους κωδικούς σας είτε από ηλεκτρ. μήνυμα ή άλλη ιστοσελίδα. Αποφεύγετε επίσης να κάνετε κλικ σε συνδέσμους τύπου shortURLs (π.χ https://goo.gl/Z6gYE5, http://alturl.com/i3tew αυτά είναι ασφαλή), δεν ξέρετε που σας οδηγούν. Με τον ίδιο τρόπο να αποφεύγετε να στέλνετε μηνύματα με τέτοιους συνδέσμους. Δεν είναι παράνομο ή κακό αλλά όταν οι παραλήπτες σας γνωρίζουν ότι δεν χρησιμοποιείτε τέτοιους συνδέσμους, ΔΕΝ θα ανοίξουν ένα τέτοιο σύνδεσμο αν φανεί ότι αποστέλνεται απο σας.

Συνδέσμοι, URLs, Domains

Επίσης οι σύνδεσμοι δεν σημαίνει ότι σας οδηγούν σ' αυτό που φαίνεται στο κείμενο. Π.χ www.bankofcyprus.com ενώ νομίζετε ότι σας οδηγεί στην Τράπεζα Κύπρου, σας παίρνει στην Google! Κοιτάζετε το σύνδεσμο που γράφει στην κάτω μεριά του προγράμματος email που χρησιμοποιείτε (status bar). Εκεί φαίνεται πραγματικά η ιστοσελίδα που θα ανοίξετε. Οι hackers φυσικά δεν θα σας στείλουν σε 'αθώες' σελίδες όπως η Google Search Engine.
Κοιτάζετε πάντα στο address bar του browser σας και βεβαιώνετε ότι είστε στη σελίδα που θέλετε να είστε. Απομνημονεύετε τους σημαντικούς διαδικτυακούς χώρους ενθυμούμενοι το domain τους. Για παράδειγμα, η www.hellenic-bank.com ΔΕΝ ΕΙΝΑΙ η Ελληνική τράπεζα (Κύπρου) της οποίας η σελίδα φυσικά είναι www.hellenicbank.com (χωρίς την '-').
Προσοχή στην λεπτομέρεια!
 Οι phishers είναι έξυπνοι, ρισκάρουν, είναι θρασείς. Βελτιώνουν τις τεχνικές τους και σκαρφίζονται καινούργιες μεθόδους προσέγγισης του θύματος. Παίζουν ιδιαίτερα με αναγραμματισμούς των ονομάτων. Οι ιστοσελίδες http://helenicbank.com/ ή  http://hellenikbank.com/ φυσικά ΔΕΝ σας οδηγούν στην Ελληνική τράπεζα. Ο ένας συνδεσμος είναι με ένα 'l' αντί με δύο ενώ ο άλλος είναι γραμμένος με 'k' αντί με 'c'.

Ηλεκτρονικά μηνύματα, Emails

Προσέχετε τα ηλεκτρονικά μηνύματα από που προέρχονται. ΜΗΝ βλεπετε ΜΟΝΟ το όνομα. Για παράδειγμα ένα μήνυμα από τον "Christos Andreades <234ss44ff gmail.com="">" είναι προφανές ότι δεν είναι από τον Χρίστο τον οποίο ίσως ξέρετε!
Με τον ίδιο τρόπο μπορεί να γνωρίζετε κάποιο Χρίστο με email christos@mydomain.com αλλά λαμβάνετε μήνυμα από το email christos@my-domain.com. Υπάρχουν πολλαπλά τέτοια κρούσματα.

Πολλοί χρήστες του διαδικτύου χρησιμοποιούν δωρεάν υπηρεσίες email όπως της Google (gmail), Microsoft (outlook.com, hotmail.com), Yahoo (yahoo.com) κλπ. Πολλοί επίσης τα χρησιμοποιούν και για επαγγελματική χρήση (κακώς!)
Εδώ οι hackers πάλι αναγραμματίζουν το username. Γνωρίζετε πχ κάποιον με email nikoshalikakakis@gmail.com. Σας στέλνουν email με αποστολέα nikoshallikakakis@gmail.com. Ένα 'l' περισσότερο! όμως ΔΕΝ είναι από τον γνωστό/συνεργάτη/πελάτη σας!

Ένα τελευταίο στα email που πρέπει να προσέχετε είναι ποιος είναι ο αποστολέας και ποιο email είναι δηλωμένο για 'reply to'. Είναι μια από τις ιδιότητες των email. Μπορώ για παράδειγμα να στέλνω email με το όνομα μου και το email μου αλλά θέλω οι απαντήσεις (replies) να πηγαίνουν στο 'κεντρικό' email της εταιρείας μου:
Christos Doe
reply to: MyCompany
Αυτή την ιδιότητα κάνουν πολλοί hackers χρήση γιατί υπάρχει (εύκολα) η δυνατότητα να στείλουν email κάνοντας χρήση ένα πραγματικό email που γνωρίζετε αλλά για σκοπούς επικοινωνίας μαζί του και όχι με τον γνωστό σας, βάζουν στο reply to το email του hacker!

Εταιρειες με καλή δομή στις email πλατφορμες τους κάνουν χρήση του λεγόμενου SPF Record το οποίο μπορεί να απαγορεύει στους διάφορους mailservers να αποδέχονται email των εταιρειών αυτών αν δεν προέρχονται από τους δικούς τους mailservers.

Λογισμικά προστασίας

Η χρήση λογισμικών προστασίας (antivirus, antimalware, firewalls κλπ) ΔΕΝ ΕΙΝΑΙ παντα αρκετή! Πρέπει να προσέχετε διπλά, σαν να μην έχετε προστασία! Οι επιθέσεις απάτης μπορούν να έρθουν είτε από email, instant messaging (messenger, whatsup etc) ακόμη και από SMS! Σκεφτείτε διπλά πριν δώσετε ευαίσθητα στοιχεία σας μέσω κάποιου μέσου που αναφέρουμε ποιο πάνω.

Τιμολόγια, πληρωμές

Ελέγχετε όταν κάνετε πληρωμές τιμολογίων. Τα τιμολόγια πολλές φορές αναγράφουν αριθμούς λογαριασμών τραπεζών που πρέπει να γίνει η πληρωμή. Συγκρίνετε τους αριθμούς αυτούς με τους αριθμούς που έχετε κάνει χρήση σε προηγούμενη πληρωμή. Αν ακόμη συναλλάσεστε συχνά με αυτή την εταιρεία και κάνετε πληρωμές μέσω online banking, φυλάξετε τις εταιρείες αυτές στους beneficiaries που σας δίνει δυνατότητα (συνήθως) η τράπεζα σας να φυλάξετε.
Αν παίρνετε εντολές πελατών σας για πληρωμές, επιβεβαιώνετε μαζί τους με δεύτερο τρόπο (πχ SMS verification) ότι σας έστειλε να κάνετε αυτή την πληρωμή.

Επιπλέον προστασία

Τέλως ακόμη μια καλή μέθοδος προστασίας είναι και το multi-factor ή two-step authentication. Πολλοί από σας που κάνετε διαδικτυακές πληρωμές, ήδη το χρησιμοποιήτε με το λεγόμενο 'dongle' που σας υποχρεώνει η τράπεζα να έχετε για τις πληρωμές σας. Πολλές υπηρεσίες Cloud όπως η Google, Microsoft κλπ το παρέχουν και το συστήνουν.

Τελειώνοντας...

Προσέχετε στο διαδίκτυο, έχει καταντήσει να είναι πιο επικίνδυνο από το να περπατάς στο δρόμο....

Μπορείτε να επικοινωνήσετε μαζί μας για περισσότερες πληροφορίες και συμβουλές στο email μας, info(at)scicane.com

Το παρόν άρθρο όπως και τα υπόλοιπα στην ιστοσελίδα αυτή αποτελούν πνευματική ιδιοκτησία της SCICANE LTD και απαγορεύεται η χρήση/αντιγραφή/επαναδημοσίευση μέρους ή όλου του άρθρου χωρίς την έγγραφή αποδοχή της εταιρείας

Περισσότερες πληροφορίες για μας στο About Us


Solar panel grids next victim of attack?

Image result for solar panel pictureHackers could exploit a recently discovered flaw in solar panels to overload energy grids and create power cuts, according to new research.

Recently discovered 17 vulnerabilities in solar power inverters - hardware used to convert the energy gathered into electricity for the main grid. The inverters, many of which are internet-connected, could be targeted by hackers, allowing them to remotely control the flow of power, according to the research.

Westerhof a Dutch researcher, first discovered the vulnerabilities when working on an undergraduate dissertation, and explained his further research at a security conference in the Netherlands on Monday. The full details of the hack have not been released in an effort to prevent malicious attacks.

 A UK government report published yesterday proposed huge fines for companies managing essential infrastructure, if their cyber security is found lacking. Under the Network and Information Systems directive (NIS), failure to implement adequate cyber security measures to thwart hacking attempts would result in fines of up to £17 million, or 4% of a company's global turnover.

Further info & source: ITPro

Wednesday 9 August 2017

Tech support scammers have a new method for phishing attacks on Windows 10

 On Tuesday, Microsoft's Malware Protection Center announced that it had learned about new strategies to target those using Windows 10, via links that lead to fraudulent tech support sites.

The new techniques, which introduce a different layer to the mix, embed links in phish-like emails—and represent a step up from the previous methods used by scammers, potentially leading to a wider pool of victims. 
Previously, these types of scams involving tech support were done in a cold-call fashion. Now, however, a series of malicious ads will automatically redirect victims to a fake tech support page, in which Windows 10 users are presented with a display of fake Blue Screen of Death (BSOD) or other bogus Windows secthe new techniques, which introduce a different layer to the mix, embed links in phish-like emails—and represent a step up from the previous methods used by scammers, potentially leading to a wider pool of victims. Previously, these types of scams involving tech support were done in a cold-call fashion. Now, however, a series of malicious ads will automatically redirect victims to a fake tech support page, in which Windows 10 users are presented with a display of fake Blue Screen of Death (BSOD) or other bogus Windows security alerts

Sending mass emails that pretend to come from popular sites like LinkedIn or Amazon has been a mainstay of online scammers, who include links to fake bank or email login sites. But now, this tactic is being redirected to tech support sites in order to phish credentials.

More information and source: Techrepublic

Sunday 6 August 2017

TESTING SMTP AUTH USING TELNET


https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRmXnlag7HE1K23AFH4LbYwdYVnQ3LTajT3s12cfGP63v-tneC-



Test if SMTP authentication is working.


Sometimes you need to test SMTP Authentication is working on your server, and you may not have Outlook or another email client handy to test the connection.

You can verify SMTP authentication is working by using telnet and accessing the SMTP server directly. Below is a quick tutorial on how to test your server with Atmail for SMTP authentication details.
RESOLUTION
  1. First, make sure SMTP authentication is enabled via the Atmail Webadmin > Services > SMTP Settings > SMTP Authentication = On
  2. Next, create or verify an existing username and password on the system
  3. Build the Base64 username/password
    SMTP AUTH LOGIN will encapsulate the username and password as a Base64 string. This is used to prevent sending the username/password plaintext via the network connection. Using Perl, you can issue the following command to encode the username and password as a base64 string, which can be sent to the SMTP server. Note the @ symbol is escaped to pass the string via Perl.
    # perl -MMIME::Base64 -e 'print encode_base64("myusername\@domain.com")'
    bXl1c2VybmFtZUBkb21haW4uY29t
    # perl -MMIME::Base64 -e 'print encode_base64("weakpass")'
    d2Vha3Bhc3M=
  4. Access the local system. Commands we issue are highlighted in bold.
    # telnet localhost 25
    Trying 127.0.0.1...
    Connected to localhost.localdomain (127.0.0.1).
    Escape character is '^]'.
    220 mydomain.com Welcome to the @Mail SMTP Server ( Exim )
    ehlo test.com
    250-mydomain.com localhost [127.0.0.1]
    250-SIZE 52428800
    250-PIPELINING
    250-AUTH LOGIN
    250-STARTTLS
    250 HELP>
    The above command will verfiy AUTH LOGIN is enabled on the server. Next, send the following command to start the SMTP Authentication process.
    AUTH LOGIN
    334 VXNlcm5hbWU6 ( Server returns username as a base64 string )
    bXl1c2VybmFtZUBkb21haW4uY29t
    334 UGFzc3dvcmQ6 ( Server returns password as a base64 string )
    d2Vha3Bhc3M=
    235 Authentication succeeded
  5. Congratulations, SMTP authentication is now enabled and confirmed working on your server. Note you must send the Base64 string of the username and password as two commands.

Friday 21 July 2017

Millions of recent laptops will stop receiving new features and aniversary update

Laptops running on Intel Atom 'Clover Trail' chipsets will not receive any Windows 10's feature updates post the Anniversary Update, issued in summer last year.

Microsoft has confirmed that millions of recent laptops will no longer receive updates to add new features to Windows 10.
Laptops running on Intel Atom 'Clover Trail' chipsets will not receive any Windows 10's feature updates post the Anniversary Update, issued in summer last year.
Despite most of these machines only being three or four years old, Microsoft says it is unable to push these updates to 'Clover Trail' laptops, due to Intel ceasing support for the chipset.
Machines that will no longer receive these updates include those running on Intel Atom Z2760, Z2580, Z2560 and Z2520 processors, such as the HP Envy X2 laptop. Reports say that at least 10 million of these devices were sold in 2013 and 2014, according to analyst estimates.

Ahead of the launch of Windows 10, Microsoft's executive VP of the Windows and Devices Group Terry Myerson said: "Once a Windows device is upgraded to Windows 10, we will continue to keep it current for the supported lifetime of the device - at no cost. With Windows 10, the experience will evolve and get even better over time."

"If a hardware partner stops supporting a given device or one of its key components and stops providing driver updates, firmware updates, or fixes, it may mean that device will not be able to properly run a future Windows 10 feature update," says a Microsoft spokesman.

While feature updates will not be forthcoming, Microsoft has pledged to continue issuing security patches to these machines until January 2023, the end of the original Windows 8.1 extended support period.

Source & further info: TechRepublic

Thursday 29 June 2017

Petya ransomware



The Petya ransomware attack that crippled computers in 64 countries worldwide was spread by accounting software, according to Microsoft, highlighting the dangers posed by compromised third-party apps.
The outbreak started in Ukraine, where more than 12,500 machines were infected, and there is now evidence this new Petya malware variant was initially spread via an updater for the tax accounting software MEDoc.

 A large number of organizations were infected, many in Ukraine, including Danish transport company Maersk, Russian oil firm Rosneft, the Kiev metro system, National Bank of Ukraine, the law firm DLA Piper, US pharmaceutical company Merck and many others.

petya-ransom-note.png

How to protect yourself

Once the ransomware infects a machine, it then attempts to spread itself to other PCs on the network. To propagate itself, it will try to steal credentials to gain local admin privileges, attempt to use file-shares to transfer the malicious file between PCs, and then remotely execute the file. The ransomware encrypts entire hard drives and demands a Bitcoin payment of $300 to release them.
The malware can also spread itself using the EternalBlue exploit for an SMB vulnerability, which was used by WannaCry to spread between machines. The vulnerability was patched by Microsoft in March this year.
Microsoft recommends applying this security update, but for those who aren't able to, it suggests firms "disable SMBv1 with the steps documented at Microsoft Knowledge Base Article 2696547" and "consider adding a rule on your router or firewall to block incoming SMB traffic on port 445".
Another workaround for blocking infection by Petya is to create an extensionless, read-only file called perfc in the C:\Windows folder, using the steps outlined here.
Microsoft also provides a detailed a breakdown of commands and network activity that indicate a Petya infection.


Other reports say that the provider of the email address shown to receive the ransom closed it down, deactivated it so there's no way to pay or ask decryption of your data from the attacker.

While steps were taken to be able to block the attack in your pc, so far there's no 'kill switch' to stop the virus from spreading.

Ofcourse the known story still comes up: "keep you windows machine" updated with security updates and also have a good antivirus solution to protect yourself like the one we offer.

Source: Techrepublic

Saturday 10 June 2017

installing Ubuntu 17.04 with encrypted home makes boot delays

the problem is when installing Ubuntu with encrypted home, 17.04 creates a swapfile instead of a swap partition like previous versions, then the installer writes a faulty config file.

In particular, ecryptfs-setup-swap puts in /etc/crypttab a line like this:

cryptswap1 UID=XXXXXXXX /dev/urandom swap,offset=1024,cipher=aes-xts-plain64


(like there were a swap partition with UID=XXXXXXXX) while with a swapfile it should put the following line:
 
cryptswap1 /swapfile /dev/urandom swap,offset=1024,cipher=aes-xts-plain64

If you manually change that line and reboot, you get rid of the problem - before rebooting, check also that your /etc/fstab file ends with:
 
/swapfile               none  swap  sw  0  0
/dev/mapper/cryptswap1  none  swap  sw  0  0
 


Because of this error Ubuntu spends a long time waiting for the swap.

Tuesday 16 May 2017

“WannaCry” Ransomware

a ransomware attack has emerged that is worthy of tears. WannaCry ransomware has hit the scene, spreading like wildfire across 150 countries and infecting more than 250,000 machines, which includes a massive takedown of 16 UK NHS medical centers in just one day. Other major countries impacted include Spain, Russia, Ukraine, India, China, Italy, and Egypt.
Now, how is this massive attack possible? The ransomware attack exploits the Server Message Block (SMB) critical vulnerability–also known as the Equation Group’s ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers a couple of weeks ago. Basically, the attacker can use just one exploit to gain remote access into a system. Once access is gained, the cybercriminal then encrypts data with a file extension “.WCRY.” Not to mention, the decypter tool used can hit users in multiple countries at once, and translate its ransom note to the appropriate language for that country. The ransom is said to demand $300 to decrypt the files.
The good news is, consumers don’t have to worry about this attack affecting their personal data, as it leverages a flaw within the way organizations’ networks allow devices to talk to each other.
However, this attack does act as a reminder for consumers to prepare for personal ransomware attacks. In order to stay prepared and keep your personal data secure, follow these tips:
-Be careful what you click on. This malware was distributed by phishing emails. You should only click on emails that you are sure came from a trusted source. Click here to learn more about phishing emails. 
-Back up your files. Always make sure your files are backed up. That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup.
-Update your devices. There are a few lessons to take away from WannaCry, but making sure your operating system is up-to-date needs to be near the top of the list. The reason is simple: nearly every software update contains security improvements that help secure your computer and removes the means for ransomware variants to infect a device.
Schedule automatic updates. It’s always a good practice to set your home systems to apply critical Windows Security Updates automatically. That way, whenever there is a vulnerability, you receive the patch immediately.
Apply any Windows security patches that Microsoft has sent you. If you are using an older version of Microsoft’s operating systems, such as Windows XP or Windows 8, click here to download emergency security patches from Microsoft. 
Keep security solutions up-to-date
source: McAfee

Friday 5 May 2017

Tips to keep your online accounts secure

If you didn't know, the first Thursday in May of each year has been officially declared World Password Day—a day to promote good security hygiene and password habits. In 2017, that day has fallen on May 4.

Here's a simple four-step approach to better passwords:

1. Create strong passwords

Strong passwords, according to the World Password Day website, have at least eight characters, with a mix of uppercase letters, lowercase letter, numbers, and symbols. They also avoid the use of personal information, such as birthdays or middle names.

2. Use a different password for each account

Using a different password for each online account is important because, if you share passwords across accounts, one compromised password can be used to log into another account. This is especially important regarding online banking and financial accounts.

3. Get a password manager

Password managers, like LastPass or 1Password for example, can help you store multiple passwords, often in an encrypted manner, for easy access. Typically, they will require one master password with additional layer of authentication to access the stored passwords.

4. Turn on multi-factor authentication

Multi-factor authentication adds an additional layer of security on top of your standard password. For example, an app may require you answer a security question, input a unique code, or use a fingerprint scanner on top of using your password. Check the security settings of your favorite apps and passwords to see if multi-factor authentication is available.

Source: TechRepublic

Monday 1 May 2017

Companies still fail security basics, as ransomware rises

Most breaches take advantage of simple passwords

Companies are still failing to take basic steps to secure their businesses, a new report has found.

Verizon's annual Data Breach Investigations Report, published today, revealed that of the almost 2,000 breaches and security incidents that were analysed, a whopping 81% used easily-guessed or stolen passwords.

Furthermore, over 65% of malware infections were delivered via email attachments - a technique that has been around for decades. Pretexting - a form of social engineering used to obtain privileged information - is also on the rise.

With so many enterprises falling victim to age-old tactics, why are businesses still failing to take basic security measures like strong password hygiene and regular data backups?

"It's a very good question, and it's one we ask ourselves on a recurring basis," Verizon's director of international security solutions, Ali Neil, told IT Pro, "because this is not the only year that we find that the human vector is probably the most susceptible, and theoretically the easiest one by which to combat things."

"You don't have to pay a fortune for a SIEM solution or an intrusion detection solution, you actually have to enforce some basic standards," he added. "Our message is that training is the simplest thing you can do with people."

Not everyone agrees, however. Bromium's EMEA CTO, Fraser Kyne, said that companies need to spend less time focusing on employee training, not more.

"What most interested me in this year's report was that phishing attacks are actually becoming even more prevalent," he said. "One in 14 users are being duped into clicking on a bad link or attachment; but even worse, a quarter of those people go on to do it again. There is a phrase that I think is very apt here - "You can't patch stupidity'.

"Organisations therefore need to shift the onus away from controlling user behaviour if they are to get a handle on the situation. The best way of mitigating phishing attacks is to have a safety net in place, allowing end users to click with freedom, without having to worry too much about stumbling upon a bad link or malicious attachment."

The report included further interesting findings, such as the fact that organised crime gangs were behind more than half of all breaches, almost 70% of all threats to healthcare come from within the organisation, and around 50% of attacks on educational institutions were perpetrated by state-affiliated hackers.

Unsurprisingly, ransomware has also gone up by 50% compared to last year's report. Across the numerous reports put out by the security industry, a consistent rise in ransomware activity is one of the universal constants.

Source: ITPRO

Saturday 29 April 2017

GDPR (General Data Protection Regulation) Compliance Requirements

Overview

The European General Data Protection Regulation will come into force throughout Europe by 2018. It is a major change to EU data protection law and includes a significant increase in sanctions. The Council of The European Union has finished writing its new Regulation – “The Regulation on the protection of individuals with regard to the processing of personal data and on the free movement of such data,” commonly known as the General Data Protection Regulation or GDPR. It was circulated in December 2015.

The EU Parliament formally adopted the new regulation on April 14, 2016. It is due to come into force two years and 20 days after being adopted, so will become law automatically in every EU country on or around May 4, 2018.

The project to write the EU GDPR started in 2012, and is a major update to the previous EU Data Protection Directive published in 1995. It is intended to harmonize the laws across the 28 member states, clarify areas that were previously interpreted differently in different countries, increase its scope to include any organization or individual that collects data on EU citizens, and ensure that the regulations are enforced in a similar manner across all states.

Any organization that collects data (a “data controller”) or stores and processes data (a “data processor”) on residents of the EU must conform to this regulation and incorporate appropriate policies and technology to conform.

The full regulation covers many areas. The top ten provisions are:

Increased fines. Fines can be up to 4% of global turnover or €20M, whichever is higher.Opt-in consent. Users must give clear, unambiguous consent for you to use their data and you must only use it for the purpose defined.Breach notification. The local supervisory authority (see Supervisory Authorities & Their Responsibilities) must be informed within 72 hours of any data loss and users informed “as soon as possible.”Territorial scope. Any organization with data on EU residents has to conform, wherever they are based.Joint liability. Data controllers and data processors are jointly liable for data loss incidents.Right to removal. Users have the right to demand the removal of their data.Removes ambiguity. One law across the EU.Data transfer. Transferring data outside the EU is allowed, but the data controller is ultimately responsible if data is lost via a non-EU cloud provider.Common enforcement. The enforcement agencies are expected to enforce consistently across all the countries.Collective redress. Users can work together to sue using class action lawsuits.

Who does it affect?

GDPR applies to any organization (commercial or governmental) globally that collects, stores, or processes data on EU individuals. The law is an expansion of the previous directive which only affected data controllers and could only be enforced on organizations themselves based in the EU. Data processors are now jointly liable with data controllers, so if your organization collects data on individuals and then outsources the processing of that data to another entity, both you and they are jointly liable for that data.

Data controllers outside the EU

Some data controllers based outside the European Union have, in the past, claimed that they are not subject to the directive because they are not based in one of the 28 countries of the EU. The regulation makes it very clear that anyone, wherever the organization is based, is responsible if they are processing data on European data subjects.

An organization does not need to have a legal presence in a particular EU country for the courts to decide that it is responsible there to the supervisory authority. The Weltimmo case has found that the company is responsible in Hungary even though its headquarters was in another country, Slovakia. As it had at least one employee in Hungary and was offering a service to Hungarian customers via its website, it was liable for the Hungarian interpretation of data privacy laws.

Definition of personal data

The law has been written in a way that does not specify everything that is personal data to ensure the law does not become out of date if a new way of identifying people appears. Broadly speaking, any data that identifies a living person is considered personal data.

Consequences of noncompliance

The current data protection directive left the decision on the imposition of fines and the level of fines to the member states, which has resulted in different levels of fines for each country. Over time, these fines have also been modified. For example, the maximum fine that the UK regulator was able to impose in 1998 was £50,000; this was then increased to £500,000 in April 2010. Over the years, the average fine for a data breach has risen with the largest to date at £350,000 imposed in February 2016. The regulation states that fines should be “effective, proportionate and dissuasive” and the maximum possible fine has been increased to ensure that it gets the attention of organizations

The maximum fine is now €20,000,000 or up to 4% of global turnover of an organization, whichever is higher for breaking the key articles of the regulation. The introduction of the regulation states “The protection of natural persons in relation to the processing of personal data is a fundamental right… everyone has the right to the protection of personal data concerning him or her.” This level of fines should leave no one in any doubt that data protection is taken very seriously and anyone misusing or losing data on people living in the EU countries is at risk of serious penalties.

Source: Skyhigh Networks 

Friday 28 April 2017

Samsung Galaxy S8 users report phone randomly restarting, no clear fix yet

Galaxy S8 and S8+ devices have been randomly restarting, and that's not the only issue. The S8's success is critical for Samsung-is it dropping the ball?
Reports of random reboots have started trickling into the XDA Developers forums andSamsung's own Galaxy S8 forum. The restarts are happening at random times on multiple carriers and with both S8 and S8+ devices.
Recommendations for how to fix the issue have been numerous: Remove the SD card, move installed apps to the onboard memory, run device maintenance and delete apps it flags ... and none of them seems to consistently work.
source: TechRepublic

Thursday 20 April 2017

Refine Web Searches with Google



Refine web searches

You can use symbols or words in your search to make your search results more precise.

Google Search usually ignores punctuation that isn’t part of a search operator.Don’t put spaces between the symbol or word and your search term. A search forsite:nytimes.com will work, but site: nytimes.com won’t.

Common search techniques

Search social media

Put @ in front of a word to search social media. For example: @twitter.

Search for a price

Put in front of a number. For example: camera $400.

Search hashtags

Put in front of a word. For example:#throwbackthursday

Exclude words from your search

Put - in front of a word you want to leave out. For example, jaguar speed -car

Search for an exact match

Put a word or phrase inside quotes. For example,"tallest building".

Search for wildcards or unknown words

Put a * in your word or phrase where you want to leave a placeholder. For example, "largest * in the world".

Search within a range of numbers

Put .. between two numbers. For example,camera $50..$100.

Combine searches

Put "OR" between each search query. For example,  marathon OR race.

Search for a specific site

Put "site:" in front of a site or domain. For example, site:youtube.com or site:.gov.

Search for related sites

Put "related:" in front of a web address you already know. For example, related:time.com.

Get details about a site

Put "info:" in front of the site address.

See Google’s cached version of a site

Put "cache:" in front of the site address.


Tuesday 14 March 2017

Είστε ασφαλείς; Οπτική υποκλοπή δεδομένων μέσω LED του σκληρού δίσκου

Ερευνητές ασφαλείας από το Πανεπιστήμιο Ben Gurion του Ισραήλ απέδειξαν ότι αν ένας εισβολέας καταφέρει να μολύνει έναν υπολογιστή, θα μπορούσε να κλέψει δεδομένα εξ αποστάσεως, χρησιμοποιώντας μια κάμερα που μπορεί να διαβάσει το LED φωτάκι του σκληρού δίσκου (HDD).

Οι λυχνίες LED των υπολογιστών αναβοσβήνουν όταν η μονάδα βρίσκεται στο στάδιο ανάγνωσης και εγγραφής, αλλά μπορεί να γίνει μετάδοση δεδομένων και οπτικά.

Όπως αναφέρει το Wired, το malware που επινόησαν οι ερευνητές μπορεί να αναγκάσει ένα HDD LED να αναβοσβήνει 6.000 φορές το δευτερόλεπτο. Αν αυτά τα φώτα είναι ορατά από ένα παράθυρο, ένα drone ή ένας τηλεσκοπικός φακός κάμερας μπορεί να συλλάβει τα σήματα από κάποια απόσταση.

Οι ερευνητές εξηγούν σε μία δημοσίευση ότι τα δεδομένα μπορεί να διαρρεύσουν από τα HDD LEDs με ταχύτητα 4kbps. Ναι η ταχύτητα είναι απίστευτα αργή φια τα σημερινά πρότυπα αλλά είναι αρκετή για να κλέψουν όλα τα κλειδιά κρυπτογράφησης.

Οι ερευνητές για να υποκλέψουν δεδομένα, χρησιμοποίησαν μια DSLR της Nikon, μια κάμερα ασφαλείας high-end, μια GoPro Hero5, μια Microsoft LifeCam, ένα Samsung Galaxy S6, τα Glass της Google, και ένα αισθητήρας Siemens Photdiode.

Κατά την γνώμη μας είναι πολύ είναι λίγο τραβηγμένο να κινδυνεύουμε στο παρόν στάδιο από κάτι τέτοιο αλλά κάποια ενημερωση δε βλάπτει.

Για περισσότερες πληροφορίες διαβάστε το SecNews

Thursday 9 March 2017

Microsoft cuts size of Windows 10 updates by 65%

Microsoft has managed to reduce the size of its Windows 10 updates by 65% thanks to the use of differential download packages in its Unified Update Platform (UUP) technology, which only update the system with the changes rather than re-installing the entire platform.

This will be the case even for the big updates, rather than just the smaller bug fix ones, which will come as a great relief to Windows 10 users who find themselves wasting hours downloading and installing hefty operating system updates.

The innovation will come as part of the Windows 10 Creators Update, Microsoft said. "It’s also important to note that Windows Insiders may not get a differential download packages even if we ship them," Bill Karagounis, director of program management for Microsoft's Windows Insider Program and OS Fundamentals division, said.

"A baseline build has to be set for differential download packages and if that baseline build is newer than the build Windows Insiders are updating from (in the case where they are not on the latest flight) – they will receive a larger download."

Microsoft will let users decide when to update their Windows 10 devices, rather than automatically updating smartphones, tablets and desktops without notice.

Michael Fortin, the CVP of the Windows and devices group core quality and John Cable, the director of program management for Windows servicing and delivery, made the announcement in a blog post, saying the company was responding to customer feedback with the Creator's Update.

for more information read ITPro

Friday 27 January 2017

How to Run Android Apps on Your Desktop

If there’s an Android application you really love and wish you could run on your computer, now you can: there’s a dead simple way to run Android apps on your PC or Mac without fuss

What Is BlueStacks?

Let’s say there’s a mobile game you really love and want to play it on your PC with a bigger screen and a more comfortable interface. Or maybe you’ve grown used to a certain Android app for managing your to-do list or calendar. BlueStacks is essentially a self-contained virtual machine designed to run Android on a Windows or Mac computer. It comes with the Play Store pre-installed, and you can go from zero to running your favorite apps in a matter of minutes.

The entire experience is incredibly smooth on modern hardware (BlueStacks has been around for years and what was originally a pretty rocky alpha-software experience is now quite polished) and even things that previously didn’t works so well (like access to the host computer’s web cam or issues with applications that require GPS data) now work surprisingly well.

There are only two small quirks. First, the current version of BlueStacks only runs Android 4.4.2 KitKat, so if you need something newer than that, you’ll need to install the Android SDK instead. Second, multitouch is missing, unless you’re using BlueStacks on a computer with a touch screen monitor. If you are, you can use multi-touch, but otherwise you’re out of luck if the app you’re using requires it.

For more information read How-To-Geek article