Tag: cyber security

The Threat You Might Not Have Heard of – Stalkerware.
We’ve all heard of ransomware and malware at this point, but there’s one that may be flying under the radar. I’m talking about stalkerware.

Stalkerware is a type of software or application designed to monitor or secretly record you on your devices. The phrase was coined because it was often used by spouses or other intimate partners who want to secretly spy on their partners.

While in some cases it may be deliberately installed, there are variations of this now that are more insidious. Applications that can detect your GPS location even in the background, as well as applications aimed at parents looking to track their children’s devices that collect more data than they’re supposed to are two notable examples.

In either variation they’re definitely a violation of the user’s privacy. The Google Play Store (for Android phones) and Apple App Store (for iOS phones) both prohibit applications aimed at tracking your loved ones use without their knowledge or consent, but so many things are added daily it’s inevitable some will slip through.

On the other end, applications you install on purpose that collect data they shouldn’t is also a major problem. The data they’re collecting is often sold to third parties who then use it to market to you on websites you frequent.

Most of us are aware the free websites and applications we use on the internet are not really “free”. The cost is being inundated with sales ads, but ads specifically targeted to you by data you didn’t know was being extracted by your computer or phone is a violation none of us would willingly sign up for.

We’re left questioning how much privacy we can really expect on the internet, and what is needed to protect that privacy. Much more is required of our governments and legislatures to ensure that the private details of our lives aren’t sold to the highest bidder.

One high profile example going on right now is over the popular phone application TikTok. TikTok was recently banned in India due to privacy concerns, which the company vehemently denies.

It’s our recommendation that you vet the software, websites and applications you download or visit thoroughly, as well as uninstalling any not currently in use. While this won’t completely mitigate the risk of stalkerware, it may help minimize the damage.

Looking for more to read? We suggest these tech articles from the last week.
This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
July 1, 2020
Returning to the Office? Here’s What You Need to Know.
The last few months have been hectic to say the least. A global pandemic has forced us to reconsider our office norms, when working from home became a necessity rather than a rare occurrence – prior to the pandemic only 1.3% of job postings on ZipRecruiter specified working from home.

The numbers vary but it’s estimated upwards of 50% of the knowledge-based workforce is working from home right now. Tech workers have had to scramble to adjust their security measures to cover employees on their home networks. In some cases, it still hasn’t been enough (Hacking against corporations surges as employees take computers home – Reuters.)

Now, as many cities and states begin to open, you may be wondering if it’s time to get back to the office. Here’s our steps for doing it smartly and safely.
- Evaluating devices that have been used at home thoroughly before introducing them back to the work network. Whether it’s their office device or a home device they normally use at work, you want to make sure it won’t function as a Trojan horse to your organization, inviting malware and/or viruses into your office.
Make sure these devices are also updated with any software patches and updates that may have been missed while working from home. You want to make sure they have been fully patched when they return to your network.
Consider requesting that everyone update their credentials and re-enforcing any efforts into enabling 2 Factor Authentication(2FA). Employees working from home may have let their work machines be used by family members, or otherwise have left these devices unattended in areas where they may have been accessed by others.
When returning to work we think it’s a good idea to also have a fresh start when it comes to passwords and other credentials, and if you haven’t been already consider requiring 2FA on work devices and work accounts.
Finally, we’ll all have to consider germs going forward and for the considerable future. It’s a good idea to have a plan in place for disinfecting these devices safely and consistently.
This doesn’t cover everything necessary for returning to work safely, but it’s my hope it gives you a place to start when it comes to the technology side of things.

Whether you’re returning to work or are still working from home, Valley Techlogic can assist you with these topics and more. Feel free to reach out, our brilliant tech team would be happy to assist you.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
June 24, 2020
Routers and Their Safety – How to Easily Improve Your Network
It was recently reported by ZDnet (https://www.zdnet.com/article/unpatched-vulnerability-identified-in-79-netgear-router-models/) that 79 Netgear routers from as far back at 2007 and across 758 different firmware versions had an unpatched vulnerability that would let a hacker take over the device remotely.

We rely on routers as our literal gateway to the internet – so how can you be sure the one you’re using is safe? Also, how can you keep it that way?

As the above article has shown one of the ways is just to be cognizant of news regarding the devices you use. An emergency patch was issued, and a more permanent patch is planned for later this month. Even if you normally shy away from the nitty gritty technical aspects of any news cycle it’s a good idea to keep an eye out for news regarding your specific devices.

It’s always a good idea to keep up to date on patches for all your devices. In the case of routers these normally come in the form of firmware updates.

This may seem intimidating but here are the steps for making sure your routers firmware is up to date.
1. Type your routers IP address into the search bar of your preferred web browser to access it’s web portal. It’s usually on the box or even on the router itself, it can also be found here (https://whatsmyrouterip.com).
2. Enter your username and password. If this is your first-time logging in again the information can usually be found on the router itself. This is also a good time to change the password!
3. Locate the firmware or update tab. The location may vary depending on which model router you have, referring to the instructions of your router is probably a good idea.
4. Go to your router manufacture’s website to find the firmware update file. You can usually find it by searching for your routers model on their site.
5. Download the update and apply it through the router’s web portal. Again, the router’s web portal is found by it’s IP address.
6. Reboot the router to ensure the update is applied.
By following these steps, you can be sure your router has the most up to date software version and is the most protected from bugs and malware.

What if you can’t find a firmware update for your router? If it’s a newer model there may not be one out yet, however if your router is on the older side it may have reached it’s end of life. Every brand is different, Cisco for example has a policy of supporting routers on the software side for 3 years and the hardware side for 5 years.

Most technical companies will provide advance notice if they have a product reaching end of life. It’s a good idea to keep track of this information for all your devices, as a device that’s not receiving regular updates may be less safe to use on the internet.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
June 21, 2020
DDoS Attack or Not? Yesterday’s Outage Left Many Systems Down for Hours

Yesterday, an outage stemming from T-Mobile left many major systems down. Affected websites included T-Mobile itself, Instagram, Comcast, Sprint and Chase Bank. Was it a massive DDoS attack or just a server misconfiguration as they’re claiming?

First, it’s probably a good idea to explain what a DDoS attack or Distributed Denial-of-Service attack is and what it aims to do.

A DDoS attack is a cyber attack where the perpetrator or group of perpetrators seeks to make a server or network unavailable by attacking its connection to the internet. They typically do this by flooding the affected systems with traffic, overloading them and causing them to go down.

These attacks can happen to a single computer, an office, or even on a global scale. The website https://digitalattackmap.com/ attempts to track these DDoS attacks on a global level, however it’s somewhat controversial among cyber security experts as they question the veracity of it’s data.

Many time these outages are made apparent by the website https://downdetector.com/ which accurately tracked the cascading wave of websites that went down in yesterdays event.

Down Detector is a reliable source for tracking whether the connection issues you’re having are stemming from your network or the website or service you’re trying to access is truly down.

So, was yesterday’s event a DDoS attack or just an error? The public will probably never know. However as cyber crime continues to ramp up – purported to be a $6 trillion dollar industry by 2021 – it’s a good idea to have the best protections in place so you and your business don’t fall victim.

A DDoS attack aimed at your systems may expose other vulnerabilities, and the downtime alone can be costly. If your IT team isn’t adequately prepared to defend against this or any of the other varieties of cyber attacks plaguing the technology market, it might be time for a new team.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!

June 17, 2020
10 Tips for Staying Safe Online When Working from Home
In light of the ongoing health crisis many of us are placed in the unusual position of working from home. While you may have concerns about keeping up your usual level of productivity and being able to communicate effectively with your coworkers while working in separate places there may be one issue flying under the radar, how do you stay safe online while working from home?

It’s unfortunately not a given, in many work places you have an IT team that maintains (or should!) a high level of security for your office computers and network. These same measures are not in place on your home network or on your home computer.

With so many of us working from home hackers may be seeing this as an opportunity to access your company’s private data via unsecured personal computers and home networks. These 10 tips will prevent this from happening.
1. Don’t reuse passwords. If you’re able to choose your own work passwords it’s important they’re varied, if hackers get access to one of your accounts and you use the same password for everything then they have access to all of them.
2. Practice good password safety. It’s imperative that passwords for your work accounts follow good password safety practices. Hackers may be able to use your work accounts to access the rest of your company’s data. If you set your own password make sure it follows the rules of 16 characters in length, mixing characters and avoiding dictionary words if possible.
  Also destroy any written copies of your password, real life phishing exists! Use a password manager like LastPass instead.
3. Secure your home network. It’s shocking how many home networks don’t have a password at all, or if they do it’s a single word with no mixed characters or even your router’s default password.
  This is not a good idea! Hackers can use your network to access your home machine, and from there it may be game over. Like the tip above practice good password safety when it comes to your router’s password.
4. Enable 2-factor authentication if it’s available to you. Many laptops these days feature security measures such as facial recognition or fingerprint readers that will help keep your device safe. Don’t forget to enable the same feature on your phone!
5. Speaking of 2-factor authentication. You may find that your workplace uses 2-factor authentication to secure the applications you use on a daily basis to do your job, if they don’t bring it up! This will further prevent people from accessing your company data.
6. Install updates. At work your IT team is probably installing updates for you, on your home device you’re responsible for doing so. In general, you shouldn’t be ignoring updates but while accessing your company accounts it’s even more important.
7. Practice good online safety. The security measures enabled on your company network may prevent a total takeover in the case of someone accidentally downloading malware, this is not so at home.
  Don’t open attachments from senders you don’t know. Be careful which websites you visit, and always have your firewall enabled!
8. Be careful with public networks. During this time, it might be tempting to get out and at least work outside at a café or somewhere with public Wi-Fi. However, this public Wi-Fi may leave your machine vulnerable, especially if you’re not practicing some of the safety measures above.
9. Make sure your work is backed up. You’ll probably need some help from your IT team for this one but ensure the work you’re doing is backed up to your office servers or saved in some way. Recovering lost data from your home machine alone may be more difficult.
10. Last but not least, use an anti-virus software. Find out which anti-virus software your company IT team recommends, or if you need a recommendation reach out to us. It’s extremely important for staying safe online.
We hope these tips help. For those not working remotely or for tips on staying safe while in public right now, we recommend referring to the CDC Website for the most up to date information: https://www.cdc.gov/coronavirus/2019-ncov/index.html

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can visit us on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://twitter.com/valleytechlogic.
March 16, 2020