Starting last week, Google Chrome browsers begin flagging every
website that doesn't have "HTTPS" in their URL as "Site Not Secure".
With about 60% of all Internet traffic utilized through Google
Chrome, a change like can affect almost every website on the Internet.
This is the latest in the web’s massive shift from non-secure HTTP to the more secure, encrypted HTTPS protocol. All web servers use one of these two protocols to get web pages from the server to your browser. HTTP has problems that make it vulnerable to eavesdropping and content hijacking. HTTPS fixes most of these problems.
Avoiding this alert and enabling HTTPS is easily done by adding a trusted SSL certificate to your site. To
help small business owners get up to speed, IES is offering some
great pricing on this product along with our years of experience. If you host your site with us, your SSL certificate can be up and running within hours.
Contact us today for assistance.
iesAdvisors.com
781-816-9437
Thursday, August 2, 2018
Wednesday, May 30, 2018
FBI warning: Russians hacked hundreds of thousands of routers.
The FBI warned on Friday that Russian computer hackers had compromised hundreds of thousands of home and office routers and could collect user information or shut down network traffic.
The U.S. law enforcement agency urged the owners of many brands of routers to turn them off and on again and download updates from the manufacturer to protect themselves.
Infections were detected in more than 50 countries, though the primary target for further actions was probably Ukraine, the site of many recent infections and a longtime cyberwarfare battleground.
In obtaining the court order, the Justice Department said the hackers involved were in a group called Sofacy that answered to the Russian government.
Sofacy, also known as APT28 and Fancy Bear, has been blamed for many of the most dramatic Russian hacks, including that of the Democratic National Committee during the 2016 U.S. presidential campaign.
Earlier, Cisco Systems Inc said the hacking campaign targeted devices from Belkin International’s Linksys, MikroTik, Netgear Inc, TP-Link and QNAP.
An FBI official told Reuters that the kinds of devices known to be affected by the hack were purchased by users at electronic stores or online.
However, the FBI was not ruling out the possibility that routers provided to customers by internet service companies could also be affected, the official added.
If you own one of the above brand of routers you MUST restart it. To restart it, unplug your router for 30 seconds and then plug it back in.
We have no indication currently that routers from Verizon, Comcast or Cox have this vulnerability, but it wouldn't hurt to restart them anyway.
The U.S. law enforcement agency urged the owners of many brands of routers to turn them off and on again and download updates from the manufacturer to protect themselves.
Infections were detected in more than 50 countries, though the primary target for further actions was probably Ukraine, the site of many recent infections and a longtime cyberwarfare battleground.
In obtaining the court order, the Justice Department said the hackers involved were in a group called Sofacy that answered to the Russian government.
Sofacy, also known as APT28 and Fancy Bear, has been blamed for many of the most dramatic Russian hacks, including that of the Democratic National Committee during the 2016 U.S. presidential campaign.
Earlier, Cisco Systems Inc said the hacking campaign targeted devices from Belkin International’s Linksys, MikroTik, Netgear Inc, TP-Link and QNAP.
An FBI official told Reuters that the kinds of devices known to be affected by the hack were purchased by users at electronic stores or online.
However, the FBI was not ruling out the possibility that routers provided to customers by internet service companies could also be affected, the official added.
If you own one of the above brand of routers you MUST restart it. To restart it, unplug your router for 30 seconds and then plug it back in.
We have no indication currently that routers from Verizon, Comcast or Cox have this vulnerability, but it wouldn't hurt to restart them anyway.
Thursday, April 5, 2018
PSA: That Facebook quiz may be hackers mining your personal information.
Social media quizzes – especially popular on Facebook – seem innocent
enough. But taking the quiz might mean you are giving away more about
yourself than you originally thought, and may extend to your friends as
well.
These quizzes ask seemingly silly or useless questions, but hackers can use that information to penetrate your social accounts and gain access to your personal information or the information of your friends and family.
Some quizzes are designed to steal your data in an outright scam. Once answered, hackers can easily hijack personal accounts and use them to lure in more victims. The hackers will include links embedded in the quiz that can cause a security breach of your personal accounts.
But the latest news shows that it isn’t just scammers who are interested in your quiz answers. It turns out, your personal information is big business.
Not all social media quizzes are about unprincipled data collection, but the Better Business Bureau cautions users to be careful about what they share online. Profile data, quiz answers, and more can be used to used to steal your money, or let a scammer pretend to be you in order to steal someone else’s money.
These quizzes ask seemingly silly or useless questions, but hackers can use that information to penetrate your social accounts and gain access to your personal information or the information of your friends and family.
Some quizzes are designed to steal your data in an outright scam. Once answered, hackers can easily hijack personal accounts and use them to lure in more victims. The hackers will include links embedded in the quiz that can cause a security breach of your personal accounts.
But the latest news shows that it isn’t just scammers who are interested in your quiz answers. It turns out, your personal information is big business.
Not all social media quizzes are about unprincipled data collection, but the Better Business Bureau cautions users to be careful about what they share online. Profile data, quiz answers, and more can be used to used to steal your money, or let a scammer pretend to be you in order to steal someone else’s money.
Monday, March 19, 2018
The battle of the dating apps...Tinder sues Bumble!
Match Group, the company that holds a large portfolio of dating services, such as Tinder, Match.com, OkCupid, PlentyOfFish, to name a few, and was in talks last year to purchase the dating service Bumble. Match is still looking to acquire the service, but it’s going about it in an unconventional way: by suing it for patent infringement.
On Friday, Match filed a lawsuit that accuses Bumble of infringing on a pair of patents held by Tinder: one called “Matching Process System and Method,” in which users swipe cards and mutually select one another, as well as “Display Screen or Portion Thereof With a Graphical User Interface of a Mobile Device,” which it describes as an “ornamental aspect” of Tinder’s App. The lawsuit also points to similarities between each companies’ apps, and Bumble’s descriptions of “swiping” run afoul of Tinder’s registered trademarks.
In a statement to The Verge, a Match spokesperson said that the company has “invested significant resources and creative expertise in the development” in its products, and was working to enforce its property rights.
Last November, TechCrunch reported that Bumble had turned down the $450 million offer, but that talks were still ongoing, which could leverage for Match to encourage Bumble to join its portfolio: accept the buyout, and the lawsuit goes away.
Friday, March 9, 2018
Alexa is alive!
It's quiet in the house. Not a creature is stirring, not even a mouse. Suddenly you hear a woman's laughter...but where is it coming from?
No, you're (probably) not being haunted, it's just Amazon's Alexa voice assistant malfunctioning in a profoundly creepy way.
Some Alexa users have reported hearing an unprompted laugh from their smart speaker devices in the last day. The laugh is three short "Ha" sounds in a female voice that actually doesn't sound like Alexa's normal voice. It happens randomly, when nobody is using the device, or in response to request to turn on or off lights.
Amazon is aware of this and working to fix it. The company has not elaborated on what was causing the laugh or how widespread it is.
Alexa's laugh isn't the only thing that's freaking out users. Others have claimed Alexa has stopped responding to requests. One Twitter user said their Amazon Echo suddenly began listing names of local funeral homes and cemeteries, also unprompted.
Of course, when voice assistants start acting on their own, it also raises concerns about what artificial intelligence might be capable of. But it's unlikely that Alexa has become sentient and is intentionally frightening users with the laughs.
No, you're (probably) not being haunted, it's just Amazon's Alexa voice assistant malfunctioning in a profoundly creepy way.
Some Alexa users have reported hearing an unprompted laugh from their smart speaker devices in the last day. The laugh is three short "Ha" sounds in a female voice that actually doesn't sound like Alexa's normal voice. It happens randomly, when nobody is using the device, or in response to request to turn on or off lights.
Amazon is aware of this and working to fix it. The company has not elaborated on what was causing the laugh or how widespread it is.
Alexa's laugh isn't the only thing that's freaking out users. Others have claimed Alexa has stopped responding to requests. One Twitter user said their Amazon Echo suddenly began listing names of local funeral homes and cemeteries, also unprompted.
Of course, when voice assistants start acting on their own, it also raises concerns about what artificial intelligence might be capable of. But it's unlikely that Alexa has become sentient and is intentionally frightening users with the laughs.
Thursday, December 28, 2017
Providing WiFi to renters...why you should and how to protect yourself.
WiFi has become one of the most popular amenities requested by rental guests – ahead of a dishwasher or cable TV. Plain and simple: if you do not offer free WiFi, you are losing business.
Think about it...do you work when you travel? Most people reading this will answer "yes" or "I try not to, but unfortunately I do". What do you need in order to work? An Internet connection. (And a descent one at that). But it's not just for work – kids love Netflix, grandparents love to Skype, and that cat video of Fido just needs to be posted to YouTube this very second.
Did you know that rental property owners are legally responsible for everything their renters do online? If your renter engages in any illegal activities online, it is the owner who pays the price. IES has the perfect solution to your liability issue while still offering renters a seamless WiFi experience...
Our system features:
•Plug & play out of the box – 5 minute automatic activation
•Custom branded sign in page with your logo, contact information, and legal disclosure (exempting you from wrongdoing); option to add form to collect data such as email addresses, phone numbers, and birthdays for marketing purposes
•Online dashboard to get statistics such as use history, block users, generate passwords, set time limits, set speed limits, and more
•Option to charge for WiFi, or upgraded WiFi option, if desired
•Visit iesAdvisors.com/wifi for a full list of features.
Ready to learn more or make a purchase? Call 781-816-9437 or click here to email us.
Think about it...do you work when you travel? Most people reading this will answer "yes" or "I try not to, but unfortunately I do". What do you need in order to work? An Internet connection. (And a descent one at that). But it's not just for work – kids love Netflix, grandparents love to Skype, and that cat video of Fido just needs to be posted to YouTube this very second.
Did you know that rental property owners are legally responsible for everything their renters do online? If your renter engages in any illegal activities online, it is the owner who pays the price. IES has the perfect solution to your liability issue while still offering renters a seamless WiFi experience...
Our system features:
•Plug & play out of the box – 5 minute automatic activation
•Custom branded sign in page with your logo, contact information, and legal disclosure (exempting you from wrongdoing); option to add form to collect data such as email addresses, phone numbers, and birthdays for marketing purposes
•Online dashboard to get statistics such as use history, block users, generate passwords, set time limits, set speed limits, and more
•Option to charge for WiFi, or upgraded WiFi option, if desired
•Visit iesAdvisors.com/wifi for a full list of features.
Ready to learn more or make a purchase? Call 781-816-9437 or click here to email us.
Monday, October 16, 2017
Security Notice: Key Reinstallation Attack
Background
On October 16, a WPA2 exploit was disclosed known as Key Reinstallation Attack (KRACK) that affects all WPA2 protected WiFi networks. This exploit could lead to user's WiFi traffic becoming compromised.Impact
- This exploit affects any wireless product using WPA2 encryption, which includes all IES access point products.
- Those using 802.11r or mesh repeaters are most susceptible.
- Client devices that have not received a security update specifically addressing this issue are also susceptible.
- The exploit requires physical proximity to the network.
Fix
- A new firmware version is currently under test, and we expect to qualify and publish the new version of 6.3 by end of day Tuesday, October 17. An update to 6.4 will be available at that time or shortly after.
- Once new firmware is available, all networks will begin upgrading during their scheduled maintenance window automatically
- We will also be patching older versions of our WiFi software, including 481, 590, 6.1 & 6.2, with availability end of this week.
Mitigation
- In the meantime, we have turned off 802.11r on all IES WiFi devices until they have received the firmware update
- End users should contact their WiFi client device manufacturers for security updates related to their specific client devices.
Questions / Feedback
If you have any questions or concerns about this vulnerability or the upgrade process, please reach out to IES support.
Subscribe to:
Posts (Atom)