RansomFree – Ransomware prevention?

2017 February 24

Cybereason has released a real-time ransomware detection program called RansomFree.  The free software for Windows 7 to 10, the company claims, can spot most strains of ransomware before it starts encrypting files, alerting the user to take action.

From their website, “Cybereason’s mission is to put an end to cyber crime. And in order to put an end to one of the most profitable cyber operations of the recent years – ransomware – we have to make it unprofitable for the criminals. That’s why we are launching RansomFree: free, easy-to-install ransomware protection software, available for download for every individual and business that lacks the budget and skills to fight back.

RansomFree uses “behavioral and proprietary deception techniques” to detect ransomware strains in action. Users receive a pop-up notification when ransomware has been found on their computer and is trying to encrypt files. The user can then decide to take action.

Digital Trends reports “When ransomware is detected, RansomFree presents the user with a list of any files that may have been encrypted,” said Uri Sternfield, senior security researcher.

“RansomFree relies on the common denominator of all ransomware, no matter their distribution or method of operation — they all need to search for target files on the local drives and encrypt them. By anticipating these common patterns, RansomFree can bait ransomware to expose their intentions and accurately detect them before they are able to fully achieve their malicious goal.”

Ransomware is big business.  Symantec’s latest ransomware report notes that traditional virus vectors are quickly being replaced by crypto-ransomware.  The percentage of new families of misleading apps, fake anti-virus are near zero for 2016, replaced almost entirely by ransomware.

Clearswift has some crazy stats on the topic:

  • 2,500 cases of ransomware costing victims $24 million in the US alone were reported to the Internet Crime Complaint Center for 2015 (Turkel, 2016)
  • 500+ malware evasion behaviors are being tracked by researchers used to bypass detection (Kruegel, 2015)
  • 10 is the average number of evasion techniques used per malware sample (Kruegel, 2015)
  • 97% of malware is unique to a specific endpoint, rendering signature-based security virtually useless (Webroot, 2015)
  • 15% of new files are malicious executables (Webroot, 2015)
  • 98% of Microsoft Office-targeted threats use macros (Microsoft , 2016)
  • 600%+ increase in attachment-based vs. URL delivered malware attacks from mid 2014 to 2015 (Proofpoint, 2015)
  • 50% increase in email attacks where macros are the method of infection (Tim Gurganus, 2015)
  • 390,000 malicious programs are registered every day by AV-Test Institute (AV-TEST, 2016)
  • 19.2% potential increase of detecting malware simply by adding a 2nd AV to your existing email security, while structural sanitization can help eliminate macro malware threats (Clearswift, 2016)

I’m testing RansomFree – I hope it’s as good as advertised.  At least until the crypto-guys come up with a new way to encrypt data that RansomFree doesn’t detect…..

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Apple Watch Reset – 5 ways to bring your device back from the Wonk

2017 February 17
by Andy

Ahh Technology.  Sometimes it works, and other times, you just have to reboot.  I know it’s a very Moss answer to problems, but there are times with almost everything that has a CPU where it just goes wonky and you have to restart.

Even with Apple devices.

If your Apple Watch starts acting funny – sensors not working, slow response times or it just freezes, try a reset.  Apple support pages on the below are here and here.

Have you tried turning it off and on?

Try this as a first step. It won’t cure everything, but it wont erase data either, and is quick and painless.

  1. Press and hold the side button until you see the Power Off slider.
  2. Drag the slider to turn off the watch
  3. Press and hold the side button until you see the Apple logo to restart the watch.

Reset the watch – The old CTRL / ALT / DEL

If a simple restart doesn’t fix your issue, you can try a reboot of the device.

  1. Press and hold in the crown button AND the side button at the same time.
  2. Hold….Hold…HOLD (10 seconds or so)
  3. The screen will turn off and the watch will reset

Sometimes you just need to start over

If you find yourself and your watch functions have irreconcilably parted ways, you might want to go back to where it all began and try and rekindle the magic.  Please note that this will reset your watch back to factory defaults and if you don’t have a backup of your watch settings, they will be lost forever.  Use caution here!

There are three ways (that I know of) to reset your watch back to factory settings.  The easy way, the slightly redundant easy way, and the hard more difficult also easy way.

Software Reset Using the iPhone Watch app

  1. On your phone, go to the Apple Watch app
  2. Scroll down to General
  3. Scroll down to Reset
  4. Tap on Erase Apple Watch Content and Settings
  5. Confirm the Reset
  6. Once the reset is complete you’ll have to re-pair the watch to your phone
  7. In the re-pair process you will have an option to restore from backup or start as a new watch

Software Reset Using the Settings app on the Watch

You can also do this from the watch itself

  1. Go to the settings app on the watch
  2. Tap General
  3. Tap Reset
  4. Tap Erase all Content and Settings
  5. Enter your Pin
  6. Once the reset is complete you’ll have to re-pair the watch to your phone
  7. In the re-pair process you will have an option to restore from backup or start as a new watch

Hard Reset

If your watch has become unpaired or if you need to pair to a new phone but didn’t erase the watch beforehand, you will need to manually force a device reset to factory settings.

  1. Press and hold the side button to bring up the Power Off menu
  2. Force Touch the Power off slider (do or do not, there is no try)
  3. Touch Erase all Content and Settings on the next menu
  4. Once the watch reboots you will have to re-pair / restore.

 

That’s it, hope this helps you if you’re stuck with a watch that’s acting up.  Remember, this is fun, right?

 

 

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Gmail shortcuts

2017 February 15

I really like Gmail, but the web interface is a little annoying.  I don’t like to click around when I’m working.  I prefer as many keyboard commands as I can use, especially when doing repeated tasks like sorting through crap-mail and deleting it.  I usually use an email program like Outlook or Mac Mail because the Gmail web interface was so annoyingly, well, webby.

I recently discovered that Gmail has TONS of keyboard shortcuts!  Of course they do, I should have known better.

Here are a couple that save tons of time.

  • Select Conversation – press the x key
  • Delete a conversation – press the # key

Those two alone are worth the price of admission.  Just use the arrow keys to scroll to the message you want to delete, hit x, then # and boom goes the dynamite.

More actions:

Action Shortcut
Previous message in an open conversation p
Next message in an open conversation n
Focus main window Shift + Esc
Focus latest chat or compose Esc
Advance to the next chat or compose Ctrl + .
Advance to previous chat or compose Ctrl + ,
Send /Ctrl + Enter
Add cc recipients /Ctrl + Shift + c
Add bcc recipients /Ctrl + Shift + b
Access custom from /Ctrl + Shift + f
Insert a link /Ctrl + k
Go to previous misspelled word /Ctrl + ;
Go to next misspelled word /Ctrl + ‘
Open spelling suggestions /Ctrl + m

 

So happy to find these things!  Make sure to check out the Google support page for Gmail.

Thanks to Shannon and Patrick at TekThing for directing my attention to these!  They have a Patreon, support them!

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Increased Risks from Macro-Based Malware

2016 June 9
by Andy

US-Cert warning of increased risk from Macro-based malware. Nothing new here, but I’ve seen a marked increase of external intrusion attempts in the last few months. Maybe it’s because of where I work (financial services) , but it seems to me the bad guys are working overtime to get to people.

https://www.us-cert.gov/ncas/current-activity/2016/06/09/Increased-Risks-Macro-Based-Malware

CERT Australia’s recommendations on macro security.  Basically, disable MS Office Macros.  Not sure if that’s practical for the enterprise, but for external documents, extreme caution must be taken.

 

 

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Email Privacy – Block Trackers!

2015 November 23

Read a really good article in the NY Times on email privacy today concerning an insidious way for people to know more about you then you realize. The problem is Trackers in your email. These are small code snippets embedded in your email that can send back information to the sender about when and if you open an email, where you were, what you looked at, if you clicked on a link etc.

These things are creepy!

Trackers are invisible to the mail recipient, and are inconvenient to block. Marketers send email to you to entice you to visit their site or click on the link / deal they are offering. This is done by sending email as HTML – essentially a web page delivered to your inbox. Since the text of the email is actually code, it’s easy to embed tracking instructions in the email so that when you open or simply view the mail, the code is executed and information about you is transmitted back to the sender. Most of the time this is benign stuff – time, date, location etc, but the problem is this is yet another leak of your information that you unknowingly allow, and there is no way for you to opt-out.

What can you do? Well there are some commercial tools that will help (pixelblock, UglyMail), but none are that great. See the NY Times article for the ups and downs on them.

For me, the easiest and fastest thing to do is to not allow automatic downloads of pictures, and to view email as text wherever possible. This isn’t as easy as it should be, and I hope it gets better.

On the Mac Mail app, make sure that the “Load Remote Content in Messages” check box is UN-checked. This will prevent loading of images and most trackers until you explicitly allow it in the message.

remote content

 

In your iOS device, go to Settings, then Mail, Contacts and Calendars, and turn the “ Load Remote Images” slider to off.

IMG_0311

Neither of these steps will stop everything, but will put bumps in the road until something better comes along.

I know this is a little Don Quixote-ish, but the more steps you take to prevent your information from getting out there, the hard it will be for the information hoarders to get to you. They will find you, but don’t make it easy for them!

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

More MAC Keyboard shortcuts

2015 October 8

More on my quest to conquer the MAC – I’ve found a few more shortcuts that are making my life easier and make me wonder why I didn’t convert to MAC ages ago.

As a general statement, the Command key

  • Command ⌘

replaces the Control key on the MAC.  Not in all cases, but in many.  That means things that you are already familiar with for copy / paste work with the command key –

CTRL – C for copy becomes Command-C

CTRL – V for paste becomes Command-V

CTRL – X for cut becomes Command-X

CTRL – Z for undo becomes Command-Z

 

 

Delete (as opposed to backspace) – Sometimes while editing I want to delete the character to the right of what I’m typing.  With the Delete key, you have to move the cursor past the offending text, then delete back over the text (right to left).  To speed this up a bit, use the fn key plus the delete key to delete the text from left to right.  No more moving the cursor, just delete delete delete!

Delete a file (move to trash).  This is another one that’s obvious to MAC people, but not so much to us Windows luddites.  To move a file to trash quickly, just use command + Delete.

Scrolling – coming from Window land, I missed my page up/down home and end keys.  Here’s the shortcuts that you can use on your MAC to get the same results.  Again, it’s the fn key to the rescue!

  • fn + up arrow = page up
  • fn + down arrow = page down
  • fn + left arrow = home (top of doc)
  • fn + right arrow = end (end of doc

Lots more keyboard commands from Apple here.

 

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Mac Tips from a Windows Guy

2015 September 1

I’m a Windows guy – I always have been.  I’ve used Apple products in the past, I mean I’m a tech guy for crying out loud.  I think my first resume was composed on a Mac way back in the computer lab at college, but my professional career has largely been Windows focused.

Until the iPhone cam along.  With the passage of just a few years, Apple products are everywhere and not just in pockets; iPads are commonplace in the enterprise and the demand for access to corporate resources through whatever device people have increases every day .  More and more that means Apple computers and devices.  With the continued maturation of remote access technologies like Citrix, and the increased use of virtualization for applications and desktops in the enterprise, BYOD is easier than ever to implement.  What does this mean for us mild mannered tech support guys?  It means we have to know Apple devices.

This turns out to be an awesome thing – Apple stuff is really good.  I know, duh, you say, and I hear you.  I’m not a naysayer cum fanboy yet, but I like what I see.

To that end, I’ve put together a little list of things that make navigating the OSX environment a little easier for us Windows Ham Handers.

  1. Ctrl-Home – in Windows, if you want to get the the top of a page, document, spreadsheet etc, you just hit Ctrl-Home.  On a Mac, there’s no Home key!  What to do?
    Fn – Left Arrow will get you there.
  2. F2 key to edit.  I use this one a lot – in Windows,  you hit F2 to edit the text in a lot of places – Cells in Excel, file names in Explorer etc..  How to do the same on a Mac?  This is a little trickier.For file names (in Finder) just hit the enter key to get to edit mode.For Spreadsheets is a bit application dependent.  For LibreOffice, Fn – F2 will put you in edit mode in a cell.
    For Numbers you can click in the cell to edit the text, or option-Return will put the cursor at the end of the text in the cell.
  3. Right Click – This may have been obvious to others, but it took me weeks to realize how to get a right click on my MacBook.  Simply two-finger tap the track-pad to bring up the right click menu.
  4. Open a second Finder window.  On Windows, I often have multiple frames for an application up at one time, especially explorer windows for file browsing.  On a Mac, it wasn’t immediately clear to me how to do the same.It’s quite easy – simply right click on the finder icon and choose “New Finder Window” from the menu.
  5. How do I save Word files from Pages?  If you have to live in both Windows an Mac land, you may have to edit documents on both platforms.  You can do this in many, many ways, the cleanest of which is to run MS Office on your Mac, but if you don’t want to pay for that, or your Office 365 subscription is Windows only (thanks Microsoft) then you may have to edit and save Word format docs from the Pages app on your Mac.  Lucky for us, that’s easy too -In Pages, click the File menu, then Export to then choose the format of choice – word, PDF, whatever floats your boat.  Note that for the most part Word formatting works well, but if you have a complex word document, I would not try and edit it in pages and expect that all formatting will work exactly as planned.  Caveat emptor here – if it’s complex formatting, stick to one format or the other – don’t cross the streams – it would be bad.

There are literally thousands of sites to explore looking for tips and tricks for Mac, this is just a tiny tiny sample from my personal experience.  Share if you find more stuff, and I’ll likely post more of these as I find them.

One thing I’ll mention is that the track-pad on a Mac is amazing as compared to it’s Windows counterparts.  Two finger gestures, swipes etc are intuitive (for the most part) and work really well.  Once you get get used to it, its very hard to go back to Windows clumsiness.

 

Inching ever closer to fan boy –

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Password Best Practices – Protect Yourself!

2015 August 31

I wanted to talk a little about password security and the need for two factor authentication.  As I’m sure you are aware, the internet is a scary place, and over the last few years information theft is hitting home for regular folks like you and me.  Home Depot, Target, Sony, Citibank just to name a few have all been hit with large scale targeted attacks where massive amounts of data were stolen.  Identity theft is rampant, and given that most people don’t think about passwords that much, its far too easy for bad people to get your data and do really bad things.

What can you do?

Three simple rules for Password Safety:

  • DON’T use the same password everywhere – I’ve done this so many times, and it is just asking for trouble.  Don’t give the bad guys the keys to the castle  when they break into the tool shed!
  • Use long passwords – the longer the better, but 8 characters minimum.
  • Use complex passwords – mix case, use numbers, use special characters (ampersand, asterisk etc).

How to I maintain secure passwords without driving myself insane or just writing them all down?

There are lots of ways to do this, and I’m not going to pretend like I know them all – but there are a few basics to remember

1) Use a hash

Simply put, this means use a base password that is always the same, then use the site name to generate something unique.

For example, make your base password something easy to remember like your favorite color or your nickname for your partner.  In this case, lets use “fido”.

I want to login to my mail account at yahoo.  I could make my password “fidoyahoomail”  or yahoodotcomfido.

I could get more secure if I split the keyword and added some special characters and replace letters with numbers: “fiy@hooD0” – note the o in fido was changed to a zero.

2) Don’t use all letters!  There are lots of creative replacements you can make for plain letters – use what makes sense for you.

replace all “e” with 3

replace all “a” with @

replace all “e” with # (shift 3)

replace all “o” with 0

replace all “s” with $

you get the idea

3) Use a password manager

There are many out there, but I really like Lastpass (www.lastpass.com).  It’s cross platform so will travel with you to whatever device you want, will generate and store very complex passwords, and probably most importantly uses multi-factor authentication scheme from Duo and several other providers (more about that later).

The basic idea is that you store all of your passwords in one place then use a single password to get at your password “vault”.  I know, this is a single point of failure and what if the password manager gets hacked?  That’s a valid concern and if I’m honest I don’t have a good response other than it’s the best you can do for the moment.  Choose a site (like lastpass) that has good two factor authentication choices so that you reduce the possibility that your master password gets hacked – that way you just need to worry about Lastpass itself getting hacked which will never happen – oh wait

4) Use multi-factor authentication where possible. 

What is multi-factor authentication (also called two-factor authentication)?  Basically it means another way for the system you are trying to access to know that you are who you say you are.  Since passwords can be hacked, a second authentication means that you further reduce the ability for someone to hack the system.  In practical terms that can mean a lot of things – an email with a security code, a text message with a security code, your smart phone fingerprint reader, a USB key for authentication etc.  This is an evolving space, authentication methods are improving all the time.  Check out the FIDO alliance for more on second better authentication methods.

As an aside, when LastPass reported their breech, I was not concerned because I had two factor authentication turned on.  I changed my vault password anyway, but I was relieved that I was protected regardless of the breech.

A couple of DON’Ts are necessary to mention here too –

  • Don’t use names of people you know in your password – wives, children, relatives.  In fact, don’t use proper names at all.
  • Don’t use dates that are discover-able – birthdays, anniversaries.  Nothing that someone can find out if they google you.  You want to use the date of your first date with your wife, or the day your kid said “No!”  for the first time, that’s fine.
  • Avoid simple, easy to guess passwords!  Things like “password”, “abc123”, “qwerty” etc.  When Adobe was hacked, the Stricture group released a list of the most common passwords found from the hack.  Please don’t use any of these!

Really Bad Passwords – these are the top 10 from the Adobe hack:

  • 123456789
  • password
  • adobe123
  • 12345678
  • qwerty
  • 1234567
  • 111111
  • photoshop
  • 123123

Passwords are a necessary evil, so please take a little time to come up with a strategy to keep your data safe that works for you.  You don’t have to have a photographic memory to maintain solid security on your passwords, use a password manager like lastpass or come up with a repeatable scheme and you’ll be fine.  Don’t forget about two factor authentication too – it’s an extra step, but totally worth it.

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Origin of the word “Scuttlebutt”

2012 May 9
by Andy

Definition of SCUTTLEBUTT

 

a : a cask on shipboard to contain freshwater for a day’s use
b : a drinking fountain on a ship or at a naval or marine installation
 
I don’t know why I find this interesting or even mildly amusing, but I do.
 
This term derives from the butt, or cask, that held drinking water on sailing ships; it was scuttled, or provided with a hole in the top, so that water could be drawn. In the same way that office workers gather around a water cooler to share gossip, the scuttlebutt was the locale of idle talk among mariners. Hence, scuttlebutt came to refer to the gossip itself, and the usage was extended to civilian environments.
 
Thanks to DWT for this.
 
 

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Happy New Year 2010!!

2010 January 1

Happy New Year all, let’s hope this year is better than last ;)

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com