A1 Computer Repair

Computer Services

Tech Support Blog

Apple Is Discouraging Repair by Locking iPhones

by

By activating a dormant software lock on their newest iPhones, Apple is effectively announcing a drastic new policy: only Apple batteries can go in iPhones, and only they can install them.

Apple Is Discouraging Repair by Locking iPhone Batteries

If you replace the battery in the newest iPhones, a message indicating you need to service your battery appears in Settings  Battery, next to Battery Health. The “Service” message is normally an indication that the battery is degraded and needs to be replaced. The message still shows up when you put in a brand new battery, however. Here’s the bigger problem: our lab tests confirmed that even when you swap in a genuine Apple battery, the phone will still display the “Service” message.

It’s not a bug; it’s a feature Apple wants. Unless an Apple Genius or an Apple Authorized Service Provider authenticates a battery to the phone, that phone will never show its battery health and always report a vague, ominous problem.

Continue Reading at iFixIt

Millions Exposed To Ads That Use Infected Images

by

Antivirus provider ESET released a report on Tuesday stating that its researchers have discovered malicious code residing within advertisements that are currently in rotation on many “reputable” news websites. Since the beginning of October, these malicious ads have been exposed to millions of web surfers who still use Microsoft’s Internet Explorer browser.

Millions Exposed To Ads That Use Images Infected By Malicious Scripts

According to the report, the ads promote applications called “Browser Defense” and “Broxu.” What’s scary is that the actual graphic used in these ads contain malicious code buried within the parameters of their alpha channel, which is used to define the transparency of each pixel in images. By way of explanation, an alpha channel is what makes the background color of an image transparent so that the focused object can reside as an overlay against any backdrop image or color.

Adding the malicious script to an image’s alpha channel is only a minor modification. The resulting image has a slightly different tone than the original, but if web surfers have no idea what the originating image looks like, then they have no clue the altered, malicious version is on their screen. The sample provided by the ESET researchers is barely indistinguishable from the “clean” original.

Once the advertisement is displayed on the visitor’s screen, the embedded code uses the CVE-2016-0162 vulnerability in Internet Explorer to scan the target PC to see if it’s running on a malware analyst’s machine. If the coast is clear, it will then load a landing page that includes a Flash file built for exploiting three vulnerabilities in Flash Player: CVE-2015-8651, CVE-2016-1019, and CVE-2016-4117.

“Upon successful exploitation, the executed shell code collects information on installed security products and performs — [in a manner] as paranoid as the cybercriminals behind this attack — yet another check to verify that it is not being monitored,” the antivirus firm reports. “If results are favorable, it will attempt to download the encrypted payload from the same server again, disguised as a GIF image.”

When the encrypted payload is downloaded to the target PC, it is then decrypted and launched through regsvr32.exe or rundll32.exe in Microsoft Windows. The payloads detected thus far have included various trojan downloaders, banking trojans, backdoors, spyware, and “file stealers.”

The attack is based on the Stegano exploit kit, which uses steganography to hide malware out in plain sight. The term is typically used when hiding messages or information within public text and data. However, in this case, the method throws a malicious script within the alpha channel information of an image. The kit was first used in 2014 to target Dutch customers, and moved on to residents in the Czech Republic. New attacks are targeting web surfers in Australia, Britain, Canada, Italy, and Spain.

ESET senior malware researcher Robert Lipovsky pointed out in an interview that web surfers aren’t required to do anything to trigger the malicious script: all they have to do is visit a website displaying the infected ad. The payloads aren’t random either: attackers choose what to download to the target PCs.

Lipovsky added that the firm didn’t release a list of websites affected by the malicious ads because the information didn’t add any value to the warning. Even more, the firm didn’t want to inflict reputational harm to the websites given that they had no clue or control over displaying the ads. Naturally, web surfers can stay safe by keeping their browser, Flash Player, and security software updated regularly.

http://www.digitaltrends.com/computing/eset-malware-images-alpha-channel-browser-defense-broxu-stegano/

414,949 D-Link cameras, IoT devices can be hijacked

by

Shodan has turned up half a million D-Link devices exposed to the internet, and subject to easy hijacking using zero-day vulnerabilities.

414,949 D-Link cameras, IoT devices can be hijacked over the net

The stack overflow vulnerabilities affect more than 120 D-Link products, from Wi-Fi cameras to routers and modems, and allow remote attackers to completely hijack the administer account of the devices to install backdoors and intercept traffic.

D-Link has been contacted for comment.

It takes only one command to exploit the flaw, according to Senrio researchers who published a proof-of-concept that changed administrator passwords.

“… the Senrio research team discovered and exploited a remote code execution vulnerability in the latest firmware of the D-Link DCS-930L Network Cloud Camera,” the researchers say.

“While the thought of strangers watching your sleeping baby is disturbing, the implications for enterprise and infrastructure environments are downright scary.”

Almost 140,000 of the devices are located in the US, with 23,442 in Canada, and 20,982 in Sweden.

Founder Stephen Ridley told Security Week attacking the 120-odd D-Link device models requires to exploit tweaking to suit different firmware.

“An attacker would practically account for this difference in versions [and] devices by fingerprinting a device, and then changing the exploit payload based on the target,” Ridley says.

http://www.theregister.co.uk/2016/07/08/414949_dlink_cameras_iot_devices_can_be_hijacked_over_the_net/

Uninstall QuickTime for Windows Today

by

RemoveQuickTimeTrendMicro is putting the word out that everyone should follow Apple’s guidance and uninstall QuickTime for Windows as soon as possible.

This is for two reasons.

First, Apple is deprecating QuickTime for Microsoft Windows. They will no longer be issuing security updates for the product on the Windows Platform and recommend users uninstall it. Note that this does not apply to QuickTime on Mac OSX.

Second, our Zero Day Initiative has just released two advisories ZDI-16-241 and ZDI-16-242 detailing two new, critical vulnerabilities affecting QuickTime for Windows. These advisories are being released in accordance with the Zero Day Initiative’s Disclosure Policy for when a vendor does not issue a security patch for a disclosed vulnerability. And because Apple is no longer providing security updates for QuickTime on Windows, these vulnerabilities are never going to be patched.

We’re not aware of any active attacks against these vulnerabilities currently. But the only way to protect your Windows systems from potential attacks against these or other vulnerabilities in Apple QuickTime now is to uninstall it. In this regard, QuickTime for Windows now joins Microsoft Windows XP and Oracle Java 6 as software that is no longer being updated to fix vulnerabilities and is subject to ever-increasing risk as more and more unpatched vulnerabilities are found affecting it.

You can find information on how to uninstall Apple QuickTime for Windows from the Apple website here:https://support.apple.com/HT205771

Continue for Full Article

Be careful, it is The Season for Cyber Criminals

by

With the end of the year, the volume of internet sales increases drastically due to Black Friday, Cyber Monday, Christmas, and New Year’s Eve. Cybercriminals also increase their activity on these dates, as they want to go unnoticed in the high number of transactions.

For that reason, you must be aware of the threats you are exposed to in order to avoid an unwanted gift—more than your grandma’s socks.

cyber criminals

According to Allianz Risk Barometer for 2015, cybercrime rose three positions from 2014 to become the fifth top global business risk in 2015. It is a big threat that continues to expand; you have to be informed about it and take action to avoid it.

Let’s take a look at the biggest threats that you should be aware of.

Malvertising: A growing threat

Malicious ads are online advertisements on legitimate websites created to deliver and spread spyware, ransomware, and other malware to end-user systems. They are usually shown as targeted pop-up advertisements or as banner ads on online shopping sites, news portals, social media sites, and gaming and adult platforms.

Unlike other malware delivery mechanisms which require user action (clicking a link or opening an email attachment), malvertisements often require no user interaction to work, which makes them quite dangerous.

Sometimes, just visiting a webpage with malicious ads on it is enough to infect a system. In other cases, users have to click fake Flash or Java updates, or fake anti-virus alerts, to get infected.

Typically, larger websites receive ads through multiple ad brokers and networks automatically, with little action margin to filter them. As advertisements are tailored to the user’s demographics, location, and browsing history, attackers can deliver the malware to their desired victims.

Security vendor RiskIQ reported a shocking 260 percent increase in the number of detected malvertisements in the first half of 2015, compared to the same period last year.

Unfortunately, there isn’t much you can do to avoid malvertising, but make sure you have good commercial antivirus software installed so that if you do stumble upon a bad ad, you will have an extra layer of protection.

Phishing

One of the most dangerous threats this season is Phishing. Phishing occurs when cybercriminals attempt to get your usernames, passwords, and credit card details by creating a fake version of a real and well-known site. Users get tricked into entering their sensitive information, thinking that the site is the real one. You may arrive at one of these sites by misspelling the address or by following links on forged emails, ads, or posts.

This time of year we always see several fake stores emerge. They are there for a couple of weeks, then disappear with your sensitive data and your money.

The Anti-Phishing Working Group reports that in the last quarter of 2014, there was an increase of 18 percent in the number of unique phishing reports compared to the previous quarter and that retail /service was the most targeted industry sector, with payment services close behind.

To confirm that you are on a real, legitimate site, look for the https protocol at the beginning of the URL and check that there is a padlock icon, indicating that the identity of the site is confirmed by a third-party security firm.

Click Here to Continue Reading This Article

When you are browsing a site look for https and the padlock icon to ensure its authenticity and that your information will be transmitted securely.

Is the Windows 10 Upgrade Right for You?

by

As you might have seen down in your system tray, the area by your clock… a little Windows 8 looking icon. If you click on it, it’s a Windows 10 upgrade window asking you to register to be on the list for the upgrade on July 29th or after.

Windows 10 Upgrade

If you register, it will be downloaded to your computer when it’s released. If and when you chose to install it is up to you. If you chose to install it, please read my notes below as upgrading can change your computer completely and you need to know what can happen.

If you have Windows 7 and are completely happy with how your system runs right now, there is no need to do a windows 10 upgrade and you can ignore this message. Which is recommended for business computers.

Technicians are already preparing for what can happen to your computer, before and after the windows 10 upgrade.

Possible Windows 10 Upgrade Issues

Here is a list of issues to be ready for.

  • The upgrade, as with any software upgrade could not install correctly and leave your computer in a state of not functioning. Meaning, that you cannot log in, cannot boot to Windows, or view your monitor (graphic issues from drivers malfunctioning, etc.). As we do not know what can happen, we recommend you be prepared for the worse.
  • The upgrade might install just fine but leave you with no programs or any of your current settings.
  • The upgrade might install just fine and you might have all of your programs and settings, but your drivers for your printers, webcams, scanners, etc. might not work.
  • The upgrade might install correctly and everything seems to work, but some of your critical business software might not work correctly.
  • Before doing any upgrade, have all of your installation disks ready in case you need to reinstall programs.
  • Be sure to have all of your online software subscriptions and passwords ready in case you need to reinstall them.

Tips from Techs

  • Do not download and install the windows 10 upgrade on the very first day you have it available.
  • We recommend waiting it out until the bugs are figured out.

If you own a business, you should have the following done on your computer prior to any upgrades:

  • Full system image of your computer (this will allow a full restore to before the upgrade, including operating system, programs, setting,s and data). If the Windows 10 upgrade goes bad or you dislike it, you can go back in time.
  • If you don’t opt for full system image, at least have a good backup of your current data before any upgrade. There is no promise that an upgrade will keep your data!

If you are a home user, we still recommend the full system image, but due to cost… many home users just want their data backed up. But considering how many home users have custom software for their music, videos, and games, it’s worth a full system image.

If you feel you need help, please contact us at A1 Computer Repair at (530) 903-8838. We can help you remotely set up a software program to do a full system image. You will need an external hard drive for this installation.

This article was reprinted with permission from Call That Girl Tech Support & Office 365 Consulting.