Cyber Monday (27th November 2017)

Computer Culture Admin - Monday, December 18, 2017

Your age, gender, and location can determine how likely you are to fall victim to internet crime on the biggest online shopping day of the year, according to a new report from OpenVPN.


In the USA, last year's Cyber Monday (Monday after the Thanksgiving holiday) was the biggest online shopping day in the history of US e-commerce, with $3.39 billion spent online. This year's promises to be even larger. However, malicious attacks against consumers increase almost 40% on Cyber Monday, and online shoppers need to be more vigilant than ever to ensure the safety of their personal information.


To help consumers better understand their risk of falling victim to an attack, a new report from OpenVPN analysed cybercrimes reported to the FBI and CSN in 2015 and 2016—concentrating on internet crime, fraud, and identity theft. With this data, researchers found the states that were affected most in the country for cybercrime victims, the amount of money lost, the number of victims, and the most victimized sex and age.


In terms of gender, men fell victim to cybercrime more, 75% more often than women, the report found—possibly because men spend more money online, it noted. In terms of age the report found, people over age 50 were the group most likely to fall victim to attacks in about 30 states.

HP Patches Hundreds of Laptops to Remove Hidden Keylogger

Computer Culture Admin - Monday, December 18, 2017
Hacked In November 2017 Hewlitt Packard revealed that nearly 500 of its notebooks dating as far back as 2012 were shipped with a secret keylogger installed. Before the issue was publicly disclosed, HP owned up to the mistake of leaving this tool inside of its laptops, and on Nov. 7 posted device-specific patches for most of the models affected, which can be downloaded.

Hopefully, the tool was already removed from your notebook, as Microsoft bundled those patches into the November Windows update, but if you have any concerns feel free to get in contact.

Security researcher Michael Myng discovered the keylogger when probing the Synaptics touchpad software on an HP laptop. HP’s security bulletin says the “potential security vulnerability” affects all laptops with “certain versions of Synaptics touchpad drivers”— not necessarily just HP models. The keylogger is disabled by default, however.

“A party would need administrative privileges in order to take advantage of the vulnerability,” the bulletin states. “Neither Synaptics nor HP has access to customer data as a result of this issue.” HP told Myng that the keylogger was a debugging tool.

The same security bulletin includes separate software updates for every HP laptop loaded with the keylogger, and HP says you should install those updates “as soon as possible.”

For the original article please go here.

Refurbished Computers Donated

Computer Culture Admin - Monday, December 18, 2017

This month Computer Culture, in partnership with the McPhail Foundation Charitable Trust and Air New Zealand donated 11 refurbished computers to pupils from Bamford Primary School.


Generally the computers we donate are for underprivileged school children that don’t have access to computers at home.


We are very pleased to be able to give back to the community and thank both Air New Zealand and the McPhail Foundation Charitable Trust for their generosity, both in equipment and time.

Uber Has 57 Million Records Stolen and Hides Data Breach for A Year

Computer Culture Admin - Monday, December 18, 2017
HPUber is known for pushing the limits of the law and has dozens of lawsuits pending against it, but this one went too far and now comes the reckoning.

Bloomberg was first to report that hackers stole the personal data of 57 million customers and drivers from Uber, a massive breach that the company concealed for more than a year. Recently, they fired their chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers to "delete the data". Yeah, sure!


Victim Of A Simple Credentials Phishing Attack?

Here’s how the press describes the hack: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company. If you read between the lines, that could very well be a simple credentials spear phishing scheme, done with some crafty social engineering, or perhaps careless developers leaving internal login passwords lying around online.


Failure To Disclose

Joe Sullivan, the outgoing security chief, spearheaded the response to the hack last year, a spokesman told Bloomberg. Sullivan, a onetime federal prosecutor who joined Uber in 2015 from Facebook Inc., has been at the center of much of the decision-making that has come back to bite Uber this year.


Bloomberg reported last month that the board commissioned an investigation into the activities of Sullivan’s security team. This project, conducted by an outside law firm, discovered the hack and the failure to disclose, Uber said.


No doubt regulators will also be asking tough questions about why they were not informed about the breach until this week, and class-action lawsuits... heeeere we come!


Uber says it has "not seen evidence of fraud or misuse tied to the incident." Let's hope that they are right, but it is highly unlikely that these records were deleted. It's practically sure they are sold on the dark web or will be. There are many ways that data could be abused by criminals without Uber ever becoming aware.

All organizations would be wise to remember this: SNAFUS are bad, but cover-ups can kill you. You can ask forgiveness for being hacked and handle your disclosure correctly, but many people will find it harder to forgive if you deliberately covered up the truth.

Bad Rabbit Ransomware

Computer Culture Admin - Thursday, November 16, 2017
Organizations in Russia, Ukraine and a few hours later also the U.S. are under siege from Bad Rabbit, a new strain of ransomware with similarities to NotPetya.

The outbreak appears to have started via files on hacked Russian media websites, using the popular social engineering trick of pretending to be an Adobe Flash installer. The ransomware demands a payment of 0.05 bitcoin, or about $275, from its victim, though it isn’t clear whether paying the ransom unlocks a computer’s files. You have just 40 hours to pay.

Bad Rabbit shares some of the same code as the Petya virus that caused major disruptions to global corporations in June this year, said Liam O’Murchu, a researcher with the antivirus vendor Symantec Corp.

Based on analysis by ESET, Emsisoft, and Fox-IT, Bad Rabbit uses Mimikatz to extract credentials from the local computer's memory, and along with a list of hard-coded credentials, it tries to access servers and workstations on the same network via SMB and WebDAV.

The hardcoded creds are hidden inside the code and include predictable usernames such as root, guest and administrator, and passwords straight out of a worst passwords list. (Note to Self: all user passwords need to be strong, step all employees through a strong password training module ASAP.)

As for Bad Rabbit, the ransomware is a so-called disk coder, like Petya and NotPetya. Bad Rabbit first encrypts files on the user's computer and then replaces the MBR (Master Boot Record).

Check Your Home Network

Computer Culture Admin - Thursday, November 16, 2017
HP Bitdefender, the home version of our managed antivirus has developed a home network scanner to enable you to check for any dodgy devices on your network, it’s available as a free download.

Bitdefender Home Scanner lets you see all devices connected to your home network. You get an alert every time an unknown device connects to your wi-fi. Which means you can instantly boot out freeloaders and prevent connection slowdowns.

Home Scanner looks for weak passwords, as well as vulnerable or poorly encrypted communications. It correlates the information gathered from your connected devices with online vulnerability databases and gives you a thorough report so you can ensure maximum security for your network.

For more information go to Bitdefenders website here.

How to Remove Cookies

Computer Culture Admin - Thursday, November 16, 2017
On a PC or mobile device cookies can compromise your privacy, and fill up your storage. If you’re concerned about what websites are leaving behind, and how advertisers are accessing that data, here are some instructions on how to clear cookies from the latest version of your favourite web browser.

So what are cookies?
Cookies are small text files written by a web browser that contain information about your interaction with one specific site. They include information such as what you put into a virtual shopping cart, your username for logging into the site (not the password), products you viewed during your last visit, and any other information that could be used to tailor the visit just for your needs.

Typically, cookies pose no threat to your computer. But many cookies can compromise your privacy. That’s because advertising companies are prone to embedding cookies with web advertisements, allowing them to easily track your browsing history, and tailor ads toward your individual habits across multiple sites.

Cookies don’t take up much space on your hard drive. In fact, they’re extremely small, and should only be a concern for mobile devices with small amounts of storage. For instance, even without clearing the cookies in Chrome on PC for many, many months, we’ve only accumulated around 4MB worth of cookies. That said, the amount of volume they use isn’t troublesome; it’s the privacy risks that are difficult to ignore.

Google Chrome
Google Chrome lets you easily delete cookies, control browsing data, and specify what sort of files Google Chrome should accept or block. Here’s how:

Access content settings: Click on the “Menu” tab in the upper-right corner, and select “Settings.” Once the new tab opens, scroll to the bottom of the page and click on “Advanced.” This will expand the “Settings” page to include additional options.

The first expanded window you should see is the “Privacy and security” panel. Next, click on “Content settings,” and then select “Cookies.”

You may also simply type “chrome://settings/content/cookies” into your address bar, and Chrome will take you to your intended destination.

Cookie juggling: On the “Cookies” panel, you will see three toggles: allow sites to save and read cookie data (recommended), keep local data only until you exit Chrome, and block third-party cookies. This third option means advertisements won’t be able to read cookie data provided by a parent website, preventing them from using that information across multiple sites.

Smashing cookies: Google also provides options to block specific sites from leaving cookies, to allow specific sites to leave cookies, and to clear cookies left behind by specific websites when exiting Chrome. If you want to delete it all, click on the “Remove All” button, and you will be cookie-free. You can delete cookies individually, too.

For Android, iOS: Access Chrome’s menu, go to “Settings,” and then find the “Privacy” tab under “Advanced” settings. From there, select “Clear Browsing Data” at the bottom, and check “Clear cookies and site data.” There are also options for clearing your browser history, and removing space-eating cached images and files.

Mozilla Firefox
Access custom settings: Click on the “Menu” three-lined icon in the top-right corner. In the drop-down menu, select “Options,” which will open a new “Preferences” tab. On this page, select “Privacy” listed on the menu to the left, and then head to the “History” section. Here you will need to choose “Use custom settings for history” in the drop-down menu located next to “Firefox will…”

Cookie juggling: With the advanced history settings enabled, you should see an option to toggle on/off “Accept cookies from sites.” To the right, Mozilla provides an “Exceptions” button where you can control the cookie flow. These include blocking or allowing cookies from specific sites, and allowing a cookie from a specific site for only one browsing session. This is done by inserting the address of the website.

Next, you have the ability to accept or deny third-party cookies, or accept third-party cookies from sites you already visited.

Smashing cookies: To manually delete cookies in Firefox, you’ll need to hit the “Show Cookies” button. A window appears with a search field for locating a specific cookie, and a list of all cookies stored on your device. You can hit the “Remove Selected” button to delete a highlighted cookie, or hit the “Remove All” button to delete all the cookies.

Firefox (iOS): Tap the New Tab button (top right, with the number in it). Now tap the cog button in the top left of the screen. Scroll down to “Clear private data.” On the next screen, make sure “Cookies” is selected, then tap “Clear Private Data.”

Time Saving Android Tips

Computer Culture Admin - Thursday, November 16, 2017
Hacked 1. Snap between apps
Cut out delays in toggling between apps by putting Android's semi-secret fast-snap function to use. If your device runs Android 7.0 or higher, double-tap the Overview key — the square-shaped icon next to the Back and Home buttons — and you'll find yourself flipping between your two most recently used apps faster. It'll even work from your home screen for a zippy return to whatever process you had open last.

2. Slide into Quick Settings
Android's Quick Settings panel is a shortcut in and of itself — a single place with one-tap toggles to some of your device's most commonly used functions, from Bluetooth to the flashlight (and even more, if you know how to expand it).
To get a shortcut to this mecca: Just swipe down from the top of your screen with two fingers (any two — swiper's choice!). That'll skip past the standard notification panel and take you directly to the fully expanded Quick Settings section.

3. Open menus like a pro
Not many folks know it, but there's a faster way to open those three-dot overflow menus in a lot of apps.
Rather than tapping the icon to load the menu and then tapping the item you want, simply swipe downward on the icon and move your finger directly to your item of choice — without ever lifting your finger from the screen. The menu will appear as you swipe, and whatever item your finger is touching when you let go will be activated.

4. Stop disturbances without the fuss
Sometimes you need to silence your phone quickly and discreetly. Whenever that time comes, don't mess with on-screen menus and icons; just activate your phone's display, then press the device's volume-down key until the ringer volume goes all the way down.
That'll put your phone into vibrate-only mode, and you should feel a brief vibration to let you know you're there. If you want to take it a step further and go into Android's full do-not-disturb mode, in which nothing but an alarm will cause your phone to sound — assuming your phone is running 2015's Android 6.0 (Marshmallow) or higher — release the volume-down button and then press it one more time. (You'll see the confirmation of the mode change on your screen.)
Whenever you're ready to return to a normal state, simply activate your device's screen and press the volume-up button until the level lands wherever you like.

5. Refresh the web with ease
Say you're looking at a web page in Chrome. For one reason or another, you realize you need to refresh the page. What do you do?
Sure, you could open the Chrome menu and then select the refresh icon. Or you could skip a step and just swipe downward from anywhere on the page. You'll see a circular refresh symbol appear at the top of the screen as you swipe. Make sure you pull down until the arrow within the symbol turns blue, then let go. (Once you get used to the gesture, you'll find that a quick downward flick is all it really takes.)

6. Force a restart
No technology is foolproof. If your Android device ever isn't responding, press its power and volume-up buttons at the same time — even if the display is off — and hold them down together for 10 to 15 seconds. Unless something really disastrous is going on (or your battery's just dead), that'll force your phone to restart, regardless of what you were last doing.

7. Get to your camera in a flash
When a photogenic moment arises two seconds can be the difference between an unforgettable snapshot and an after-the-fact image. So don't futz around with unlocking your phone and looking for the on-screen camera icon; instead, just double-tap the device's power button to jump straight into shooting, whether your display is on or not.
That shortcut works on many popular Android phones, including Google's Pixel and Nexus devices, Samsung's most recent Galaxy gadgets (on pre-2017 models, use the physical Home button instead of the power button) and HTC's latest handsets. LG phones tend to shift the shortcut to the volume-down button, meanwhile, while Motorola phones use a double-twist motion to achieve the same effect.

8. Put notifications on notice
Next time you get an annoying notification, don't scream out in frustration. Press and hold the notification in question to hop over to some helpful advanced settings. They'll let you control exactly when and how that app is able to alert you.

9. Wake your screen with two taps
If you have a Pixel, a Galaxy S8 or Note 8 or a recent LG or HTC device, there's a decent chance your device supports a super-speedy way of waking the screen: Tap your finger on it twice. That's it! With the Samsung devices, you have to tap specifically on the always-on Home button at the bottom of the display; with the others, you can tap anywhere on the screen's surface.
(Note that on some of these devices, you may have to manually enable a "double-tap to wake" option before this'll work. Look in the Display section of your system settings to find it.)

10. Send a friendly rejection
When you get a phone call you can't or maybe just don't want to answer, look toward the bottom of the screen for a message icon or a "Send message" option.
Slide your finger up from that area, and you'll be presented with a list of ready-made rejection messages you can send to the caller while simultaneously declining his call.

11. End calls with ease
When you do talk on your phone, finding the on-screen button to end a call isn't always convenient. But Android actually has an easier way — if you know where to find it.
Open up the Accessibility section of your system settings, then activate the option labeled "Power button ends call." Now, when you're ready to say farewell, just tap your phone's power button and bask in your shortcut-aided efficiency.

What is a Firewall?

Computer Culture Admin - Thursday, October 19, 2017
By Brandon Butler – senior Editor Network World

Firewalls act as a perimeter defence tool that monitor traffic and either allow it or block it. Over the years functionality of firewalls has increased, and now most firewalls can not only block a set of known threats and enforce advanced access control list policies, but they can also deeply inspect individual packets of traffic and test packets to determine if they’re safe. Most firewalls are deployed as network hardware that processes traffic and software that allow end users to configure and manage the system. Increasingly, software-only versions of firewalls are being deployed in highly virtualized environments to enforce policies on segmented networks or in the LaaS public cloud.

Types of firewalls

Advancements in firewall technology have created new options firewall deployments over the past decade, so now there are a handful of options for end users looking to deploy a firewall. These include:

Stateful firewalls – When firewalls were first created they were stateless, meaning that the hardware that the traffic traverse through while being inspected monitored each packet of network traffic individually and either blocking or allowing it in isolation. Beginning in the mid to late 1990s, the first major advancements in firewalls was the introduction of state. Stateful firewalls examine traffic in a more holistic context, taking into account the operating state and characteristics of the network connection to provide a more holistic firewall. Maintaining this state allows the firewall to allow certain traffic to access certain users while blocking the same traffic to other users, for example.

Next-generation firewalls – Over the years firewalls have added a myriad of new features, including deep packet inspection, intrusion detection and prevention and inspection of encrypted traffic. Next-generation firewalls (NGFWs) refer to firewalls that have integrated many of these advanced features into the firewall.

Proxy-based firewalls – These firewalls act as a gateway between end users who request data and the source of that data. All traffic is filtered through this proxy before being passed on to the end user. This protects the client from exposure to threats by masking the identity of the original requester of the information.

Web application firewalls – These firewalls sit in front of specific applications as opposed to sitting on an entry or exit point of a broader network. Whereas proxy-based firewalls are typically thought of as protecting end-user clients, WAFs are typically thought of as protecting the application servers. 

Firewall hardware

Firewall hardware is typically a straightforward server that can act as a router for filtering traffic and running firewall software. These devices are placed at the edge of a corporate network, between a router and the Internet service provider’s connection point. A typical enterprise may deploy dozens of physical firewalls throughout a data center. Users need to determine what throughput capacity they need the firewall to support based on the size of the user base and speed of the Internet connection.

Firewall software

Typically end users deploy multiple firewall hardware endpoints and a central firewall software system to manage the deployment. This central system is where policies and features are configured, where analysis can be done and threats can be responded to.

Inside a next-generation firewall

Modern firewalls are a collection of features. These include:

-Stateful inspection: This is the basic firewall functionality in which the device blocks known unwanted traffic

-Anti-virus: The functionality that searches for known virus and vulnerabilities in network traffic is aided by the firewall receiving updates on the latest threats and being constantly updated to protect against them.

-Intrusion Prevention Systems (IPS): This class of security products can be deployed as a standalone product, but IPS functionality is increasingly being integrated into NGFWs. Whereas basic firewall technologies identify and block certain types of network traffic, IPS uses more granular security measures such as signature tracing and anomaly detection to prevent unwanted threats from entering corporate networks. IPS systems have replaced the previous version of this technology, Intrusion Detection Systems (IDS) which focused more on identifying threats rather than containing them.

-Deep Packet Inspection (DPI): DPI can be part of or used in conjunction with an IPS, but its nonetheless become an important feature of NGFWs because of the ability to provide granular analysis of traffic, most specifically the headers of traffic packets and traffic data. DPI can also be used to monitor outbound traffic to ensure sensitive information is not leaving corporate networks, a technology referred to as Data Loss Prevention (DLP).

-SSL Inspection: Secure Sockets Layer (SSL) Inspection is the idea of inspecting encrypted traffic to test for threats. As more and more traffic is encrypted, SSL Inspection is becoming an important component of DPI technology that is being implemented in NGFWs. SSL Inspection acts as a buffer that unencrypts the traffic before it’s delivered to the final destination to test it.

-Sandboxing: This is one of the newer features being rolled into NGFWs and refers to the ability of a firewall to take certain unknown traffic or code and run it in a test environment to determine if it is nefarious.

Exchange Online dropping support for Office 2007 from Oct 31 2017

Computer Culture Admin - Thursday, October 19, 2017
RPC over HTTP, also known as Outlook Anywhere, will no longer be a supported protocol for accessing mail data from Exchange Online as of Oct 31, 2017. Microsoft will no longer provide support or updates for Outlook clients that connect through RPC over HTTP, and the quality of the mail experience will decrease over time.

This is being replaced by MAPI over HTTP, a modern protocol that was launched in May 2014. This change affects you if you're running Outlook 2007 because Outlook 2007 won't work with MAPI over HTTP. To avoid being in an unsupported state, Outlook 2007 customers need to update to a newer version of Outlook or use Outlook on the web.

This change may also affect you if you're running Outlook 2016, Outlook 2013, or Outlook 2010 because you must regularly check that the latest cumulative update for the version of Office that you have is installed.

What is RPC over HTTP? What happens on October 31, 2017?

RPC over HTTP, also known as Outlook Anywhere, is a legacy method of connectivity and transport between Outlook for Windows and Exchange. In May 2014, Microsoft introduced MAPI over HTTP as a replacement for RPC over HTTP.

Starting on October 31, 2017, RPC over HTTP will no longer be a supported protocol for accessing mail data from Exchange Online. Starting on this date, the following conditions will apply:
1. Microsoft will not provide support for RPC over HTTP issues (regular or custom).
2. No code fixes or updates to resolve problems that are unrelated to security will be released.

Additionally, for Office versions that support MAPI over HTTP, Microsoft may elect to override existing registry keys that customers are using in order to force RPC over HTTP use.

Why is RPC over HTTP being replaced by MAPI over HTTP?

MAPI over HTTP offers the following benefits: 
• Improves the connection resiliency when the network drops packets in transit.
• Enables more secure sign-in scenarios, such as multi-factor authentication for Office 365.
• Provides the extensibility foundation for third-party identity providers.
• Removes the complexity of RPC over HTTP dependency on legacy RPC technology.

Back to Top