A Word About VPN’s (Virtual Private Network)

When it comes to choosing a VPN provider, you should consider several things, including privacy features, streaming, app design, device compatibility, speed, and so on. A must for me is a Zero Logging Policy. Why eliminate others being an;e to spy on you if your VPN provider is doing it.

Here are a couple of choices:

Express VPN is currently offering 3 months free. They provide great performance in just about every area and includes a 30-day money-back guarantee. The offer comes when you pay for 1 year up front. It also provides for the best monthly cost at $6.67

Nord VPN offers great performance with the (currently) most servers of any other provider. They also offer a 30-day money back guarantee. Their current offer is $3.99 a month (with a one year subscription) and $8.29 a month their after.

Here’s wishing safe and happy computing!

Malicious BlackCat ransomware attacks

green computer virus on notebook screen.

The ALPHV ransomware group (aka BlackCat) was observed employing signed malicious Windows kernel drivers to evade detection by security software during attacks.

The driver seen by Trend Micro is an improved version of the malware known as ‘POORTRY’.

The POORTRY malware is a Windows kernel driver signed using stolen keys belonging to legitimate accounts in Microsoft’s Windows Hardware Developer Program. While security software is usually protected from being terminated or tampered with, as Windows kernel drivers run with the highest privileges in the operating system, they can be used to terminate almost any process.

Trend Micro says the ransomware actors attempted to use the Microsoft-signed POORTRY driver, but its detection rates were high following the publicity it got and after the code-signing keys were revoked.

For more information take a look at Trend Micro’s report.

Apple Users Beware

Attackers Target macOS With ‘Geacon’ Cobalt Strike Tool

Hackers are using Go-language implementation of the red-teaming tool on Intel and Apple silicon-based macOS systems. Know as Cobalt Strike called Geacon that first surfaced on GitHub four years ago and had remained largely under the radar.

They are using the red-teaming and attack-simulation tool to target macOS systems in much the same way they have used Cobalt Strike for post-exploit activity on Windows platforms the past few years.

Holiday Schedule

In celebration of Thanksgiving, we will follow these hours:

Tuesday – 9:00 am to 7:30 pm
Wednesday – 9:00 am to 1:00 pm
Thursday – Closed
Friday – Closed
Saturday – Closed

Please have a Blessed thankful Thanksgiving!

Anti-Virus/Anti Malware/VPN

Anti-Virus Recommendations

We do not recommend the virus protection that we all hear on the radio and TV. In addition we do not recommend auto renewal because this ensures you will pay the highest price offered.

Virus Software.
1) Trend Micro – We sell the corporate version if this product.
2) Webroot – We sell the corporate version if this product.
3) Kaspersky – A Russian Owned Company No Longer Recommended.

Anti Malware
1) Trend Micro
2) Webroot
3) Malware Bytes Free – Use and uninstall because it is a resource hog.

1) Nord
2) Express

Computer Passwords

This is a short tutorial on passwords. Passwords are a very important part of security that is often overlooked. Often we keep lists in our desks or in a notebook which is a hacker’s dream. Here are some suggestions that can help you remain safe.

  • Do not use common and easily discovered passwords such as a spouses, kids, or pets name.
  • Use associated words and example of this is PurpleMonkey.
  • Do not use clear text, instead use character substitution. So our example above of PurpleMonkey would become Purpl3Monk3y.
  • Consider using a password manager such as Dashlane or Keypass. These will also create complex passwords for you.
  • Whatever you decide make sure you at least follow the first three rules.

Lock Screen Protection

Lock screen protection is easy security and should be used whenever someone else may have access to your computer. The lock screen is your logon password and may be used to prevent security risk as well as to limit access to your computer.

Security can be to resist prying eyes or to safeguard from improper use. It is important to protect children from the internet. A search for something as innocent as a baby doll can return pornographic results.

Use Two-Factor Authentication

Two factor Authentication is very important particularly when using secure site such as banking. Although it may be inconvenient it provides a level of security that can’t be matched simply by using a password.

The are various forms of to factor authentication including:

  • Pass Code – This is a texted or emailed pass code and a good form of authentication. It is the least secure as if your phone or email is compromised you are at risk.
  • Online Pass Code – This is a service provided by a secure internet connection. It is better then the first because you are required to set up a user name and password. We suggest a complex previously unused password.
  • Fob Pass Code – This is the most secure form of authentication. It requires the user to self generate a pass code at random that is authenticated with the server. The code is secure and regenerated every time you use it. Problems you need a=the fob with you at the time of login. There is additional security as someone would need your user name and password and the fob to access your account. Additionally fobs are generally unlabeled so if you loose it, it gives no hint to what it is used for or your user name and password.

Software Updates

Software updates are an important part of keeping your your computer safe.

Windows Updates

These generally happen every Tuesday automatically. You computer will restart automatically or a yellow dot will appear on the lower left of your task bar.

It can also be displayed on the power button. The restart should be done as soon as possible for system security.

Additionally you should check Windows update by going to Start – Setting – Windows Update one a quarter at least. You can look for optional updates and install them. These are generally feature updates that will, if not installed, eventually effect performance.

Additionally you will want to update application software as this can be an entry point for hackers. Updates are generally offered by the software manufacturer through the the application.

Beware of pop-ups in your web browser offering updates. These are generally phishing operations to compromise your computer. My advice is to right click on the browser on the taskbar and select close. Feel free to contact us for additional information.