508-909-5961 [email protected]

What’s new with the Chrome Cleanup tool?

Even if you’re sure that the websites you visit are safe, harmful software can still slip through, especially when you download and install free programs and applications. As the world’s most popular browser, Chrome is especially prone to infection.

The post What’s new with the Chrome Cleanup tool? appeared first on Complete Technology Resources, Inc..

What’s new with the Chrome Cleanup tool?

Even if you’re sure that the websites you visit are safe, harmful software can still slip through, especially when you download and install free programs and applications. As the world’s most popular browser, Chrome is especially prone to infection. Fortunately, Google has improved Chrome’s Cleanup tool for Windows by integrating the following security features.

Detect hijacked settings

Many users prefer to enhance their browsing experience by installing extensions or plug-ins, some of which could be malicious. When these extensions are installed, they could inject harmful ads into web pages or allow access to third-party servers without the user’s consent.

Google’s new hijacked settings detection function prevents this from happening. Once it detects an attempt by a third party to change your browser’s settings, it will automatically revert to Chrome's default settings. And in case you suspect any unauthorized change in your browser, you can manually reset settings in Chrome.

Simplify cleanup

You probably don’t remember downloading many of the files in your Downloads folder, but these are actually software and other attachments that were bundled with the software that you do use.

Chrome Cleanup’s newly simplified feature makes it easier for you to determine harmful files, easing the pain of sorting through and deleting tons of downloaded files. Whenever it detects a malicious software, users will get a pop-up message that offers them an easy way to remove the potential threat, get more details about it, or disregard it in case of false detection.

Maximize removal of nonessential software

Aside from the simplified interface, Google also made some much-needed improvements in Chrome Cleanup’s performance, so it’s now capable of eliminating more junkware.

Tricking users into installing a program without their consent is one of the many characteristics of unwanted software that Google lists under its Unwanted Software Policy. To help fight against this and other browser security risks, the company has partnered with an IT security team to strengthen Chrome’s ability to detect and remove unwelcome add-ons.

It’s important to note that these upgrades don’t affect Chrome’s performance and speed because they work in the background. In addition, these changes are now available in Windows devices but will soon roll out to other platforms. In the meantime, if you want to find out more about browser and application security, contact our security specialists today!

Published with permission from TechAdvisory.org. Source.

The post What’s new with the Chrome Cleanup tool? appeared first on Complete Technology Resources, Inc..

Read More

Google weighs in on account hijacking

According to experts, passwords shouldn’t be the only way you defend your accounts. After all, hackers have plenty of tricks and tools to steal them. So to help businesses fully understand the risks involved, Google conducted a study on the causes of account hijacking.

The post Google weighs in on account hijacking appeared first on Complete Technology Resources, Inc..

Google weighs in on account hijacking

According to experts, passwords shouldn’t be the only way you defend your accounts. After all, hackers have plenty of tricks and tools to steal them. So to help businesses fully understand the risks involved, Google conducted a study on the causes of account hijacking.

The results
From March 2016 to March 2017, Google and UC Berkeley researchers examined three main ways hackers hijack accounts:

  • Keylogging software - a malicious program that records computer users’ keystrokes
  • Phishing emails - to lead people into dangerous websites
  • Stolen passwords - available to the highest bidder

In just one year, Google found 788,000 successful keylogging attacks, 12.4 million victims of phishing attacks, and 1.9 billion accounts exposed via login credentials sold on the black market.

Researchers suggest the reason so many accounts are hacked is because people tend to reuse their passwords, which means if one set of login credentials is exposed, other accounts could be compromised.

Phishing is also a big threat because it targets users -- the weakest links in your cybersecurity. The strongest password or security system won’t mean anything if your employees constantly fall for online scams.

Protecting your accounts
There are several things you can do thwart account hijacking. For starters, you should set strong and unique passwords for each account to minimize data breaches.

While the general rule in the past was to set a complex password -- a mix of letters, numbers, and symbols -- recent studies suggest that longer, 20-character “passphrases” are much tougher to crack. If you find it difficult to remember several passwords, consider using a password manager, which not only stores all your passwords, but can generate strong passwords, too.

To deal with phishing attacks, you should activate multi-factor authentication on your accounts. This adds an extra layer of identity verification to your password (e.g., a fingerprint scan or a temporary security key sent to your phone), making your login details ‘unphishable.’

Security training is also crucial. This includes teaching your employees about what phishing attacks look like and instructing them on password protection best practices so they never fall victim to account hijacking.

The bottom line is not only that strong password security requires strong defense mechanisms; you and your employees must be vigilant, too.

Need more advice on keeping your business safe? Call us today! We provide critical security updates and comprehensive support services to help you stay well ahead of cybercriminals.

Published with permission from TechAdvisory.org. Source.

The post Google weighs in on account hijacking appeared first on Complete Technology Resources, Inc..

Read More

Android 8.0: significant security upgrades

Android users will want to take a bite of the latest OS’s features, and with good reason. Oreo is packed with enhancements and add-ons, including a significant interface overhaul, a picture-in-picture mode, smart text selection, and other nifty features.

The post Android 8.0: significant security upgrades appeared first on Complete Technology Resources, Inc..

Android 8.0: significant security upgrades

Android users will want to take a bite of the latest OS’s features, and with good reason. Oreo is packed with enhancements and add-ons, including a significant interface overhaul, a picture-in-picture mode, smart text selection, and other nifty features. In case you’ve missed the equally important security updates, we’ve listed some of the most noteworthy ones here.

More secure booting

Android's Verified Boot feature was introduced in 2013 and has been fine-tuned since. In Oreo, it performs a quick inspection of a device's software before it starts up.

The Verified Boot functionality prevents the device from starting if it detects that its OS reverted to an older version, which can expose it to security risks resulting from the older version’s vulnerabilities. With this upgrade, any attempts to exploit your device and data can be foiled by a system reboot.

Chip-embedded security

If you’re worried about physical attacks compromising your device’s security, Oreo covers that front by enabling a chip-based feature that fortifies security for Android devices. Integrating chip technology into supported devices’ security system makes tampering and other forms of physical intrusion extremely challenging for hackers, giving users greater protection.

Stricter app permissions

It’s tempting to simply click ‘OK’ whenever downloaded apps request permission to access your data and perform certain functions during installation. Android has limited what apps can actually gain access to your data with the System Alert Window feature.

The system alerts on previous Android OS were supposed to allow apps and programs to interact with the users by sending pop-up boxes and similar elements that usually cover up the device’s entire screen. However, Android developers detected a potential for its abuse. For example, hackers can easily use similar pop-up boxes that purport to be from legitimate apps.

With the new System Alert Window in Oreo, the pop-up boxes have been modified so that they’re easier to dismiss, limiting what malicious apps can do to trick users into clicking them.

Two-factor authentication support

Two-factor verification has become a standard feature in cyber security because it adds a much-needed layer of protection in accessing a password-protected account. It typically works by prompting a user to enter another piece of information in a separate device (e.g., a smartphone) or any physical token, which only the account owner would have.

Android 8.0 integrates a two-step verification that allows the use of a security key, which can easily connect to an Android device. Currently, it works only on apps that support it, but it won’t be long before more apps adopt it as an essential security protocol.

Stronger Sandboxing

Sandboxing essentially does one crucial thing for security: isolate compromised or problematic areas within a software or system so that they don’t infect the rest of the system.

Android Oreo beefs up its sandboxing capability by deploying a filter that prevents malicious apps from accessing the OS’s command center, thereby limiting their interaction with the system and other safe apps.

These security improvements aren’t the most noticeable features in Android Oreo, but they’re worth paying attention to. If you need to learn more about your systems’ and devices’ security features, get in touch with us today.

Published with permission from TechAdvisory.org. Source.

The post Android 8.0: significant security upgrades appeared first on Complete Technology Resources, Inc..

Read More

Beware of sneaky Microsoft Office malware

Cybersecurity systems are getting better at identifying and preventing attacks coming from all directions. At the same time, hackers are coming up with new ways to bypass these systems. While online scams are the most common ways to do this, cybercriminals have discovered a new attack method using Microsoft Office.

The post Beware of sneaky Microsoft Office malware appeared first on Complete Technology Resources, Inc..

Beware of sneaky Microsoft Office malware

Cybersecurity systems are getting better at identifying and preventing attacks coming from all directions. At the same time, hackers are coming up with new ways to bypass these systems. While online scams are the most common ways to do this, cybercriminals have discovered a new attack method using Microsoft Office.

What’s the new Office threat?
The Office exploit takes advantage of Microsoft’s Dynamic Data Exchange (DDE), a protocol that sends messages and data between applications. For example, DDE can be used to automatically update a table in a Word document with data collected in an Excel spreadsheet.

The problem with this is hackers can create DDE-enabled documents that link to malicious sources rather than to other Office apps. Theoretically, this allows hackers to launch scripts that download Trojan viruses from the internet and execute it before the user is even aware of the attack.

And unlike most malware-embedded Office files, which are usually blocked by security protocols from Microsoft, DDE exploits are instant. Once a compromised Word file is opened, it automatically executes the hack.

Outlook at risk
What’s even more alarming are the DDE vulnerabilities in Outlook. Recent reports found that hackers can embed malicious code in the body of an email or calendar invite, allowing them to perform phishing scams without a file attachment.

Fortunately, Outlook DDE attacks are not as automated as Word or Excel DDE attacks. Two dialog boxes will usually appear when you open the email asking if you want to update a document with data from linked files and start a specific application. Simply clicking ‘No’ on either of these boxes will stop the attack from executing.

Defending against DDE attacks
Beyond saying no, you can protect yourself by following these security best practices:

  • Evaluate the authenticity of unsolicited emails before interacting with them and don’t open attachments from unfamiliar contacts.
  • View emails in plain text format to completely stop DDE attacks embedded directly in emails from running. Note that this will also disable all original formatting, colors, images, and buttons.
  • Use a strong email security system that prevents phishing emails, spam, and other unwanted messages from reaching your inbox.
  • Get in the habit of checking for Microsoft updates, as they're usually quick to release patches after vulnerabilities have been discovered.

Last but not least, consider working with our team. We’re Microsoft Office experts who can keep you safe from the latest threats. Call us today to get started!

Published with permission from TechAdvisory.org. Source.

The post Beware of sneaky Microsoft Office malware appeared first on Complete Technology Resources, Inc..

Read More