This is LONG overdue. A universal standard to allowing services to rely on hardware 'keys' to unlock accounts will make it much easier for sites and applications to boost security. Google users can already use inexpensive 'FIDO' keys that not only ensure hackers can't access your account with just your password, they also verify the login page you are at to ensure two factor authentication codes aren't sent to hackers by mistake. Confused by all this? Stop by IT Xpress and we can explain it and set it up for you!

We Just Got One Step Closer to Killing the Password
gizmodo.com
The FIDO Alliance, whose members include everyone from Google to Samsung, just announced new password-free standards for regular and two-step authentication. In other words, the entire tech industry now has protocol for letting you sign into accounts without a password. Get ready for everything but…

Yahoo used to have a great feature called 'Login Shield' that let you customize their login screen in a way only you would recognize – making it trivial to avoid phishing scams like this. Two factor authentication can't prevent them from capturing your login info, but it can prevent them from using it (at Yahoo anyway). So be sure to enable two factor authentication on ALL services that support it, and use different passwords at different sites. Need help with setting it up? We can help!

Hackers Grab Yahoo Credentials through Mail Activity Reports Campaign
www.hotforsecurity.com
Yahoo users are being targeted by a new phishing campaign that helps hackers grab their credentials and hijack accounts. Bitdefender was already blocking the ma

Virus writers continue to come up with ways to compromise your systems and extract money. This latest variant is interesting because it is a 'true' virus that infects lots of files with itself, making it very hard to remove. Open a JPG file? You re-infect your computer. Thankfully the files can be decrypted, unlike Cryptolocker, but an infection by this would still result in an extended downtime. Is your main computer backed up and secure? My ITXpert Premier customers get award winning antivirus protection, unlimited secure online backup, and access to our IT Xperts! See http://myitxpert.biz/ for more information!

Notes from SophosLabs: Ransomware with a difference – this one is a true virus!
nakedsecurity.sophos.com
SophosLabs recently drew our attention to some new ransomware that is both interesting and intriguing. Unusually, this one is a true parasitic virus – it infects other files as well as scramblin…

If your business was hit by wiper malware, which wiped out everything on your computer including programs and data, how would you function? Could you get back up and running quickly? Is your data backed up? IT Xpress can review your existing setup and recommend ways to protect your systems and data.

FBI Warns US Businesses of Possible Wiper Malware Attacks
threatpost.com
The FBI sent security professionals at US businesses a five-page confidential flash warning, alerting them to destructive malware attacks that overwrite hard drives leaving them inoperable.

Interesting information on the threat of USB drives…

Bitdefender:

#ThreatAnalysis: How bad is #BadUSB, the malicious USB device? @BitdefernderOEM’s expert, George Yunaev, explains: http://bit.ly/1HD4HWf

What You Need to Know About BadUSB
oemhub.bitdefender.com
Recently, researchers found a way to replace firmware on certain innocuous USB flash drives, and turn them into malicious USB devices – BadUSB.

How small is your computer? This is unreal, though expect performance to be on par with something this small…

MeegoPad T01 Bay Trail Windows mini PC now available for $100 – Liliputing
liliputing.com
The MeegoPad T01 is a little computer-on-a-stick that looks like an Amazon Fire TV Stick or Chromecast. But it’s not just designed to let you stream music and movies to your TV: it’s a full-fledged (albeit tiny) computer that runs Windows 8.1. Actually, the MeegoPad T01 comes with both Windows and A…

If you use Google for more than just search, it just got a lot easier to keep tabs on your account and what devices have access.

New security tools to help improve online security
googleforwork.blogspot.com

Always be careful of what you plug into your computer!!!

E-Cig Chargers Could Infect Computer With Malware
google.com
What's supposedly better for your lungs may not be healthy for your hard drive.

As more people try too protect their passwords, hackers are determined to compromise them. Password managers are great, unless you get infected by malware which steals your master encryption key… Two factor authentication can help if your passwords are ever stolen, so be sure to enable it for all sites that support it!

Citadel attackers aim to steal victims’ master passwords
arstechnica.com
Researchers find a malware variant that targets two password managers.

Private browsing mode isn't just for hiding your tracks. It can be very useful for logging into accounts from public computers, avoiding account conflicts on the same site, and more…

All the things you can use private browsing mode for
www.ghacks.net
This guide looks at things that you can use a web browser's private browsing mode for.

Ever wonder if you've completely deleted something? What about that old computer you want to donate? This explains how files get deleted and what it takes to REALLY delete them. IT Xpress can help! We have devices which will perform military grade scrubbing on hard drives to ensure your data is GONE before donating computers to charity or recycling them.

What Really Happens When You Delete Something from Your PC
lifehacker.com
If you want to sell or get rid of your computer, it's important to make sure there isn't any leftover data that someone could get to. When it comes to NTFS-formatted hard drives, simply deleting your files isn't enough–even if you empty your recycle bin–but there are still a few things you can do.

Flash should auto update (if you use Google Chrome it's built in and updated). You can also go to adobe.com to make sure. Just be sure to UNCHECK whatever add on software they try to include when you grab the latest version. My ITXpert clients will always get the latest version even if auto update is broken.

Bitdefender:

Adobe fixed 18 critical flaws in Flash Player: updates are made automatically for browser plug-ins.
We advise you to make sure the auto update feature from the desktop Flash Player release is turned on. http://bit.ly/Adobe_fix_

Many people assume hotel WiFi is safe – but if you're not using VPN – you're very vulnerable. And even with a VPN connection, if you're infected with malware via a fake ad for a Flash Player update, etc. you'll be completely compromised AND they'll gain access to your corporate network. Always make sure your browser 'lock' is green/solid indicating valid encryption.

“DarkHotel” uses bogus crypto certificates to snare Wi-Fi-connected execs
arstechnica.com
Malware operators know in advance when targeted fat cats will check in and out.

Microsoft usually releases patches once a month – but occasionally the vulnerability is bad enough that they release the patch immediately. This is one of those patches – download and install it today!

Microsoft Posts Patch for Critical Vulnerability, Download It Now
lifehacker.com
Microsoft has released a critical patch via Windows Update today that seals up a vulnerability that affects every modern version of Windows, including Windows Server 2003/2008/2012, Vista, 7, 8, 8.1, and Windows RT.

Encryption viruses are becoming more common. A virus infects your computer, encrypts all your files, then holds them ransom for $300-$1000. We have had a number of clients hit by these and the only way to get your data back without paying the ransom is to have a current backup. Let IT Xpress help you with your backup needs, often for as little as $5/month. My ITXpert Premium clients get unlimited online backup as part of their package of system monitoring, remote support, and malware prevention. See http://myitxpert.biz/ for more information.

CryptoWall and DECRYPT_INSTRUCTION Ransomware Information Guide and FAQ
www.bleepingcomputer.com
This guide provides information and answers to frequently asked questions regarding the CryptoWall ransomware. It provides a break down of what this infection does, how it encrypts your data, and how you can recover your files.