News

Microsoft Surface Pro

Computer Culture Admin - Thursday, July 13, 2017
HP Computer Culture have joined a small select group of companies to become an official Microsoft Surface Product Reseller.  
We are now able to source directly:
  • The New Surface Pro
  • Surface Pro 4
  • Surface Laptop
  • Surface Book
  • Surface Studio
The new Surface Pro is 8.5mm thick and weighs only 786 grams.  Processors options includes m3, i5 and i7, hard drive sizes ranging from 128Gb up to 1TB and memory 4Gb up to 16GB.  Battery life is claimed to be 13.5 hours.

Microsoft Office 2016

Computer Culture Admin - Thursday, July 13, 2017
HP

Please note: Businesses should not be running any version of Office older than 2010


With Microsoft Office 2007’s support due to expire on 10 October 2017, now is a good time to upgrade to a newer suite such as Office 2016.  From October Microsoft will no longer supply patches for security vulnerabilities or fixes for other bugs, nor will it provide company-assisted technical support, whether free or paid, such as by-phone or trouble shooting.

That gives businesses that are using Office 2007 just over three months to drop Office 2007’s applications and switch to a new suite.

Here are the top 6 reasons to upgrade your Microsoft Office Suite to 2016.

1. Built for teamwork

In Word, PowerPoint, and Excel, there's easy sharing right from within the app. You can also see who has access to a given file and who is currently working in it.

2. New Chart Types in Word, PowerPoint, and Excel

Visualize financial or hierarchical data, and highlight statistical properties of your data with new chart types: Treemap, Waterfall, Pareto, Histogram, Box and Whisker, and Sunburst.

3. Faster, easier ways to get data into Excel

Excel includes a powerful new set of features called Get & Transform, which provides fast, easy data gathering and shaping capabilities. Get & Transform enables you to connect, combine, and refine data sources to meet your analysis needs.

4. Modern Attachments in Outlook

Attach a document from your recent items and share them from OneDrive or SharePoint with email recipients. Also configure sharing permissions so that all the recipients have access to the attached file without having to leave the app.

5. Smart Lookup in Word, PowerPoint, Excel, and Outlook

Fact-check or explore terms in your documents with Bing-powered Smart Lookup. Simply highlight terms in your document and use this feature to bring in search results from the web right into your reading or authoring environment.

6. Tell Me in Word, PowerPoint, Excel, Outlook, Project, Visio, and Access

Simply type what you want to do in the app using your own words, and then Tell Me will guide through the process as well as offer additional resources.

Security News

Computer Culture Admin - Thursday, July 13, 2017
HP
When we think of hackers we mostly assume these are individuals working alone.  This is far from the truth with communities of hackers working together, mostly to the detriment of governments and organizations.

“Anonymous” is a loosely associated international network of activist and hacktivist entities. A website nominally associated with the group describes it as "an Internet gathering" with "a very loose and decentralized command structure that operates on ideas rather than directives". The group became known for a series of well-publicized publicity stunts and distributed denial-of-service (DDoS) attacks on government, religious, and corporate websites.

Anonymous originated in 2003 on the imageboard 4chan, representing the concept of many online and offline community users simultaneously existing as an anarchic, digitized global brain. Anonymous members (known as "Anons") can be distinguished in public by the wearing of Guy Fawkes masks in the style portrayed in the graphic novel and film V for Vendetta.

In its early form, the concept was adopted by a decentralized online community acting anonymously in a coordinated manner, usually toward a loosely self-agreed goal, and primarily focused on entertainment, or "lulz". Beginning with 2008's Project Chanology—a series of protests, pranks, and hacks targeting the Church of Scientology—the Anonymous collective became increasingly associated with collaborative hacktivism on a number of issues internationally. Individuals claiming to align themselves with Anonymous undertook protests and other actions (including direct action) in retaliation against copyright-focused campaigns by motion picture and recording industry trade associations. Later targets of Anonymous hacktivism included government agencies of the U.S., Israel, Tunisia, Uganda, and others; the Islamic State of Iraq and the Levant; child pornography sites; copyright protection agencies; the Westboro Baptist Church; and corporations such as PayPal, MasterCard, Visa, and Sony.

Anons have publicly supported WikiLeaks and the Occupy movement. Related groups LulzSec and Operation AntiSec carried out cyberattacks on U.S. government agencies, media, video game companies, military contractors, military personnel, and police officers, resulting in the attention of law enforcement to the groups' activities. Some actions by members of the group have been described as being anti-Zionist. It has threatened to cyber-attack Israel and engaged in the "#OpIsrael" cyber-attacks of Israeli websites on Yom HaShoah (Holocaust Remembrance Day) in 2013.

Anonymous have also joined the fight against terrorism. The group announced a major, sustained operation against ISIS following the November 2015 Paris attacks, declaring "Anonymous from all over the world will hunt you down. You should know that we will find you and we will not let you go” ISIS responded by calling them “idiots” and asking “What they gonna hack?”.

By the next day, however, Anonymous claimed to have taken down 3,824 pro-ISI Twitter accounts, and by the third more than 5,000. A week later, Anonymous increased their claim to 20,000 accounts and released a list of the accounts.

Here comes the Zettabyte ...

Computer Culture Admin - Thursday, July 13, 2017
Hacked
Not many would have even heard of a zettabyte before. A term for data storage equal to 1.1 trillion gigabytes? That sounds crazy and absurd. Yet we are closing in on the transfer of a zettabyte of data annually. The future of the internet isn’t slower speeds and less data transfer, it will be more video streaming, phone lines or video calling and mobile streaming.
Programs like Skype and Facetime are taking off. People like to look each other in the eye, can you blame them? Telecommunication has a bright future as well with the increase of data transfer. Imagine calling up the customer service line and the representative walking you through the problem side by side. This technology is out there already, but most large companies don’t take advantage of it.

Soon internet speeds will be increased across the board. Companies like Google Fiber are bringing extremely fast internet speeds for a reasonable price and the other ISPs will have to catch up. [Source XO Communications]

LastPass

Computer Culture Admin - Thursday, July 13, 2017
LastPass
Most of us don’t do very well when it comes to setting and remembering passwords. We also come up short regarding safe storage of our passwords.
Thankfully, there are password managers like LastPass. With a password manager, the app generates unique, complex passwords for each site or app that requires one. When you need to log in, LastPass fills in the correct information, even filling it in in other apps.
LastPass also securely stores your personal information so you can quickly fill out tedious forms, and includes mechanisms to safely share passwords with other people—even after you've departed this mortal realm.
A new pricing structure lets you create an account and sync passwords between all your devices, mobile or otherwise, for free.

What is a Botnet?

Steve Hirst - Friday, June 23, 2017
Botnet A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allow the attacker access to the device and its connection. The owner can control the botnet using command and control (C&C) software. Users are often unaware of a botnet infecting their system. 

Infected devices are controlled remotely by cybercriminals, and are used for specific functions, so the malicious operations stay hidden to the user. 

The botnet malware typically looks for vulnerable devices across the internet, rather than targeting specific individuals, companies or industries. The objective for creating a botnet is to infect as many connected devices as possible, and to use the computing power and resources of those devices for automated tasks that generally remain hidden to the users of the devices.

For example, an ad fraud botnet that infects a user's PC will take over the system's web browsers to divert fraudulent traffic to certain online advertisements. However, to stay concealed, the botnet won't take complete control of the web browsers, which would alert the user. Instead, the botnet may use a small portion of the browser's processes, often running in the background, to send a barely noticeable amount of traffic from the infected device to the targeted ads.

On its own, that fraction of bandwidth taken from an individual device won't offer much to the cybercriminals running the ad fraud campaign. However, a botnet that combines millions of devices will be able to generate a massive amount of fake traffic for ad fraud, while also avoiding detection by the individuals using the devices.

Phishing Attack Attempts

Steve Hirst - Friday, June 23, 2017
Tizen
Phishing Attempt 1

This type of attack is becoming more frequent and the sender masquerades as a legitimate organisation.  The email in this article was apparently from Victoria University of Wellington. It was very similar to one in a recent incident where a Christchurch company was scammed out of tens of thousands of dollars by a fake Otago University purchase order.

These can be circumvented by finding the organisation’s genuine website and calling their procurement department to verify the authenticity of the enquiry.  If it’s too good to be true it usually is.

Attention: Sales/accounts 
Victoria University of Wellington wish to express it's interest in your extensive line of products & services and hereby submit a request for quote for the items below; 
1. WD My Passport Ultra 1TB & 2TB Portable External Hard Drive 
2. Toshiba 1TB & 2TB Canvio Basics USB 3.0 Portable Hard Drive 
3. Seagate Expansion 1TB & 2TB USB 3.0 External Hard Drive 
APPLE PRODUCTS 
1. Apple 15.4" MacBook Pro Retina Display with Touch Bar 2.7 GHz Intel Core i7 Quad-Core 
2. Apple Macbook Pro (2016) Retina Display 2.8GHz Intel Core i7 
3. Apple 13.3" MacBook Pro 3.1 GHz Intel Core i7 
In addition to the above, you may kindly forward us your credit app and also let us know your billing procedures for 30 days payment terms. 
Best Regards, 
Philip Thomas 
Strategic Procurement 
Victoria University of Wellington 
Kelburn, 
Wellington 6012, 
New Zealand 
Phone: +64 4-472 3478 
Fax: +64 4-472 3100

Phishing Attempt 2

Another common attempt is notification of expired or suspended services. Don't click on the link (you can often inspect the link by hovering the mouse cursor over the link. The best approach is to call your IT provider first.
Phishing attack

Phishing Attempt 3

This example is in a similar style.
Phishing attack

A Dangerous Link

Steve Hirst - Friday, June 23, 2017
A link was sent to one of our customers via an email. As this appeared to be from contact they knew they assumed it was safe. The link was to a video for them to watch.
Hackers

HP Fraud Alert

Steve Hirst - Friday, June 23, 2017
HP Fraudulent callers are posing as HP representatives and asking HP customers for personally identifiable information. In some cases, originating phone numbers appear to be from genuine HP contact numbers.

These scam callers might request the following:
  • Your personal information
  • A return call
  • A fee for technical support services
  • Remote access to your computer or device, so they can install malware or viruses in order to charge you a removal fee

To protect yourself, if you receive one of these scam calls, hang up and do not provide any personally identifiable information.
  • Do not provide any confidential information, such as customer IDs, passwords, contact information, social security numbers, credit or debit card numbers, PINs, or account information.
  • Do not provide remote access to your computer or device.
  • Do not transfer funds.
  • Do not install any software suggested by the caller.

The security of HP customers' devices and personal information is a top priority for HP. HP does not contact customers to provide unsolicited technical support. If you believe you have been contacted by a scammer and are concerned about your personal information, run a virus scan on your computer or device, or contact your security software provider for assistance.

What to do when you are hacked

Steve Hirst - Friday, June 23, 2017
Hacked Security experts have been saying for more than a decade that it is “not if, but when” an organisation will be hacked. Therefore, the focus needs to move to “What to do when you are hacked”.

Cybercrime is big business, a huge underground economy estimated to be larger than the drug trade. Large amounts of money are then invested into developing new cyber-attacks to steal data, hijack systems and find your passwords, credit card and bank details.

Companies need to identify what their critical data is, where it is located, the impact on the company if that data is destroyed or shared, and how quickly they can recover from a breach. The response to a major hack becomes as important as the security measures taken to protect that data.

The attacks are getting more sophisticated and even security professionals fall for phishing.  This highlights the need to report and alert the general public to new scams and attacks as they are detected.

The reality is that “people are the weakest link” in the security chain.  Organisations need to foster an environment that allows employees to do their jobs by providing training and testing to mitigate the risk.

The New Zealand Government has set up CERT NZ to provide trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand.

Computer Culture is constantly updating our Cyber Security solutions to ensure that our customers have the best protection and a way back from a disaster.

Back to Top