IT Earthquake Preparations

Computer Culture Admin - Thursday, November 29, 2018
HP The recent large quake up north was a timely reminder to all about being prepared.
We all get constant reminders to ensure we have plans in place if the big one should hit.  We have additional supplies of water, food, torch, etc and somewhere safe to go.
What we also need to do is to make sure we are IT Quake Ready.
This is in terms of Safety, Power, Communication & Backup.
Safety:Your hardware is firmly mounted, so that it won’t topple and injure someone or damage the important hardware.   

Power: Protect critical hardware with UPSs (Uninterruptible Power Supplies). Have a Power Bank to recharge your phone.

Communication: Have the modem/router on a UPS to continue Internet access.Know how to use your phone as a hotspot.

Backup: Make sure you have in place a reliable, offsite backup system that is automated and monitored.

Endorsement for Microsoft Azure and Office 365 Services

Computer Culture Admin - Thursday, November 29, 2018
The Office of the Privacy Commissioner has inked a contract to store all applications and data on Microsoft Azure and Office 365 services.

The deal was made, after a Privacy Impact Assessment found that Microsoft offered industry-leading data security, and better data security than the Privacy Commissioner can deliver for itself.

"Our privacy impact assessment (PIA) explains the context for our move, the key privacy risks, and why we are satisfied that we can overcome those risks," a notice on the Commissioner's website said.

Data will reside in Microsoft’s data centres in Sydney, with possible back-ups in Melbourne.

"We are satisfied that the privacy laws in Australia provide an equivalent level of protection to New Zealand law," the Privacy Commissioner said.

"Microsoft’s terms of service, along with local and overseas privacy regulations, will make sure that we have control over the data while we store it in Microsoft’s data centres.

"Microsoft also undergoes regular independent audits of its compliance with international standards."

The Privacy Commissioner said the deal provides access "state-of-the-art" support and security at a fraction of the cost of doing it in-house or through any onshore provider.

"This means that our data is safer, and we have more resources to deploy for to other parts of our business," the Privacy Commissioner said.

"Our move to an externally hosted environment is consistent with government policy to encourage the uptake of outsourced data storage and processing."

Current Scams Circulating

Computer Culture Admin - Thursday, November 29, 2018
Fake Tech Support Calls
The phone call at your office and a fake Microsoft person is investigating a malware attack. Sounding official and asking to access your desktop. Once being in installing ransomware and lock you out, extorting you or your company to pay a hefty fee in order to get your files back.

"Look at This Resume"
An official-looking email comes from an unfamiliar name but with an attachment and request that sounds like it could be related to something you’d forgotten. Clicking the attachment and infecting your computer and possibly your whole company’s system with malware.

One-Ring Scam
A call comes in from an unknown number, rings once, and then stops. You call the number back not realising until later that you were automatically charged for a service you didn’t ask for.

Infection Detected
A pop-up add with graphics such as a big red X appears and alerts you that your computer might be infected with a virus. Click a link and pay $50 to scan and clear your system but computer will now be infected by new malware and other unpleasantness.

“See Who’s Viewed Your Profile”
This type of “clickjacking” promises to show you who has been checking out your profile requesting for personal information, leading your info to be compromised or malware to be installed on your computer.

Credit Card Pre-Approval
Notice that you’ve been pre-approved for a credit card and you have to pay the annual fee up front.

Account Cancellation Notice
An email telling you that your credit card or banking account has been cancelled leads you to provide your account information and login info to scammer.

“Confirm Your Email Account”
You get a request to confirm your account from a bank or other seemingly reputable company, but as you click through and enter your information, you are merely confirming that you’re gullible to a convincing scam.

Job Scams
Email offering a job in a foreign country asking to send money to cover the cost of paperwork or the cost of getting a work permit.

Court Notice
An email from a law firm telling you to appear in court including a link to court notice. Click to infect your computer.

Free Stuff
It promises free things or tickets asking you to click a link to claim your freebies and infect your computer with malware.

The Nigerian Prince
A prince from Nigeria (Ivory Coast, Spain, or Togo …) is wanting your help pay for the taxes, legal fees etc. with the goal to lift it from your bank account.

The Perfect Girlfriend
An message sent through a dating site or Facebook from an account with a really cute profile pic asking you for money to cover the airfare to come and see you.

“Work From Home” Mailed Check or Upfront Fees
Popup ads promising that you can make $2,000 a week working from your living room ending up costing you money by wiring back mistakenly paid money while the check will bounce.  Or charge you an “activation fee” to get started.

All-Expenses Paid Vacation
Email or phone call informing you that you’ve won an all-expenses-paid vacation to some exotic destination asking for your credit card information to hold the reservation.

Free Gift Cards
More popular than ever as phishing scam. An offer of a free gift card takes you to enter personal information.

“Payment Requested”
Notice of outstanding charge for a cable bill or some online purchase.

Fake Celebrity News
A shocking headline to click a pop-up ad with unintentional malware download that could cause major problems.

The Scandalous Photo
A Facebook message pointing out a photo of you leads you to file-sharing website by clicking and brings some nasty malware onto your computer.

Mugged on Vacation
Email or message from a friends address/account reaches you out of the blue to tell you they’ve been mugged and need your help to pay their expenses to get back home.

Unprepared for Data Breaches

Computer Culture Admin - Thursday, November 29, 2018
  • 45% of Kiwi businesses ‘unprepared’ for data breaches
  • Half of Kiwi companies lacking in cyber security confidence
“The consequences of a data breach are severe; from financial to brand and reputation damage,” says HP New Zealand managing director Grant Hopkins. “Organisations need to be vigilant about implementing processes that regularly monitor, detect and report data breaches. Running regular risk assessments and managing your endpoint security is critical in keeping businesses data safe.

Many IT departments tend to focus their efforts around PCs, tablets and other connected devices, but they neglect one of the largest areas of vulnerability: the printer.

The study found that New Zealand businesses have printers that are relatively insecure with 30% not offering any security features and only 35% of businesses including printers in their IT security assessment. Without embedded security measures like real-time threat detection, automated monitoring, and data encryption, printers are left open and vulnerable to attack. Not only does this make the confidential and sensitive documents that are printed, scanned and copied by the printer easily accessible for hackers, but risks the entire network being hacked, while bypassing the firewall altogether. 

USB Ninja Cable Attack

Computer Culture Admin - Tuesday, October 30, 2018
A malicious version of a USB charging cable has been built compromising a computer in just a few seconds. Once the USB cable is plugged in, it turns into a peripheral device capable of typing and launching commands.

Its makers of several computer security specialists call it USBHarpoon. Researchers have shown an attacker being able to reprogram the controller chip of a USB drive and make it appear to the computer as a human interface device (HID) which can be anything from an input device like a keyboard that issues a rapid succession of commands, to a network card that modifies the system’s DNS settings to redirect traffic.

Replacing the USB drive with a charging cable, users are less likely be aware of. Modified connectors of the cable allow both data and power to pass through. Any type of device that powers through USB can be effected  without raising suspicions about plugging the cable.

Now Kevin Mitnick, KnowBe4's Chief Hacking Officer wrote: "I’m excited to share the new #USBNinja cable that uses Bluetooth to command the malicious cable to inject its payload onto a targeted machine. The transmitter range is up to 100m depending on the antenna used.

Mitnick continued with: "My sincere congrats to Olaf, Dennis, Vincent Yiu and the rest of the RFID Team for such brilliant work. This work was borne out of the NSA’s COTTONMOUTH project disclosed by Edward Snowden. For those that are interested in the #USBNinja cable, this was formally codenamed USBHarpoon."

Here is a link where you can see this brand new attack video yourself. Have fun and shiver:

Block Chains

Computer Culture Admin - Tuesday, October 30, 2018
Blockchain was invented by Satoshi Nakamoto in 2008 to serve as the public transaction ledger of the cryptocurrency bitcoin. The invention of the blockchain for bitcoin made it the first digital currency to solve the double-spending problem without the need of a trusted authority or central server.

A blockchain is a growing list of records, called blocks, which are linked using cryptographic algorithms. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data to be resistant to modification of the data. It is "an open, distributed ledger that can record transactions between two parties efficiently and in a verifiable and permanent way". Hence, a blockchain is generally managed by a peer-to-peer network collectively adhering to a protocol for inter-node communication and validating new blocks. Once recorded, the data in any given block cannot be altered retroactively without alteration of all subsequent blocks.

You can find a blockchain explanation into more detail here:
Mazonka, Oleg (29 December 2016). "Blockchain: Simple Explanation" (PDF). Journal of Reference

UEFI Rootkit

Computer Culture Admin - Tuesday, October 30, 2018
Until August this year, no UEFI rootkit has ever been detected in a real cyber attack. They have been presented at security conferences as proofs of concept and are known to be at the disposal of governmental agencies.

Late September 2018, Security researchers from ESET came across a Unified Extensible Firmware Interface (UEFI) rootkit (named LoJax by ESET, detected by Trend Micro as BKDR_FALOJAK.USOMON and Backdoor.Win32.FALOJAK.AA) in the wild being used for cyberespionage based on a campaign by the Sednit APT group. The UEFI rootkit was found bundled together with a toolset able to patch a victim's system firmware in order to install malware at this deep level.

The rootkit is reportedly packaged with other tools that modify the system’s firmware to infect it with malware.

Malware is dropped off onto the system and ensures it is executed when the computer boots. LoJax affects UEFI, which provides an interface for the system’s operating system (OS) to connect with the firmware. As such, LoJax can persist in the UEFI even if the system’s OS is reinstalled or its hard drives replaced. If infection is successful, attackers can use LoJax to remotely access the system constantly and install and execute additional malware on it. The security researchers said that it can also be used to track the system’s location and possibly that of the system's owner.

What is UEFI (Unified Extensible Firmware Interface)?
The computer code that starts right after the computer is turned on and has the ultimate power over the computer’s operating system (and thus the whole machine) is called firmware. The standard – think of it as a set of rules – for how the firmware behaves is called UEFI (its predecessor was called BIOS). Firmware and UEFI (Unified Extensible Firmware Interface) are often linked together and called UEFI firmware.

A rootkit is a dangerous malware designed to gain “illegal” and persistent access to what is otherwise not allowed. Typically, a rootkit also masks its existence or the existence of other malware.

New HP Leather Laptop

Computer Culture Admin - Tuesday, October 30, 2018
HP has just released the new designed Spectre Folio using leather material. It's the HP way of expressing creativity and high end technology in a stunning way by combining newest technologies with a traditional good feeling material. 

The Spectre Folio looks finely crafted from its leather spine to the smooth way the hinge transitions between different orientations. The Spectre Folio features: USB-C ports, smooth touchpad, a small leather slot for HP's Digital Pen as well as four Bang & Olufsen speakers for rich sound. The leather makes it different with its almost vintage appeal being soft and warm to the touch.

The Folio is the first computer using the new dual-core, 8th generation Y-series Intel CPU, which allows for its completely fan-less design. HP worked together with Intel to build a motherboard that's 20 percent smaller than most laptops. The Folio is also the first to use Intel's low power display technology, which can significantly reduce screen battery use. To be an HP "Always Connected" PC, it also comes with a huge battery with up to 19 hours worth of juice on the Core i5 model, and over 17 hours on the Core i7.

Pre-ordering the Spectre Folio has started in the US. "Cognac Brown" is the initial colour to pick, but HP also plans to release a "Bordeux Burgundy" option later.

Data Breach

Computer Culture Admin - Thursday, September 27, 2018
Hacked Protecting your customers from a Data Breach is a very real, very valid concern. With rapid implementation of the General Data Protection Regulation (GDPR) and Australia's new Notifiable Data Breach (NDB), companies across the world are having to react and adapt quickly, to secure their system from the risk of their customers data being exposed.

New Zealanders are not immune from hefty fines, penalties and sanctions in failing to protect information of their customers and it is only a matter of time before New Zealand law follows suit, to enforce its own set of laws around the way data is handled.

We will keep you updated as we learn more, however ensuring your systems and data are secure from hackers is an essential action with or without legislation. 

Destructive Ransomware

Computer Culture Admin - Thursday, September 27, 2018
The SamSam ransomware has made cybercriminals at least $6m since they started distributing the file-locking malware in late 2015 to encrypt data and backups. Their profits are still on the rise, netting around an additional $300,000 each month.

SamSam is different to other forms of ransomware; while other variants are spammed out to potential victims by email, SamSam attacks are thought to begin with a remote desktop protocol (RDP) compromise, either by brute force attacks, or credentials purchased on the dark web.

Once inside a compromised machine, the attackers seek out vulnerabilities which they exploit to spread across an organisation's network before encrypting files.

With a stranglehold on an entire network, the attackers then demand a huge bitcoin ransom payment in exchange for the decryption keys. The payments now regularly reach over $50,000.

SamSam requires a more hands-on technique than other forms of ransomware, but the time and effort is apparently paying off for the crooks.

The number of payments received per month throughout 2018 has peaked at 10, indicating a level of precision by the attackers.

Back to Top