Excedeo Blog

Excedeo has been serving the San Diego area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Lessons From a Company that Successfully Beat Ransomware

Lessons From a Company that Successfully Beat Ransomware

Ransomware is a dangerous malware that all businesses fear. Although, if the right precautions are taken, a ransomware attack can be completely thwarted. A recent hack attack of the San Francisco Municipal Transportation Agency provides us with a real-world example of this, which helps make ransomware appear a lot less formidable.

Continue reading
0 Comments

Baseball Executive Found Guilty of “Performance Enhancing Hack Attack”

b2ap3_thumbnail_baseball_hacks_brings_concerns_400.jpgA very large shift has taken place in the annals of baseball. The “Moneyball” revolution has produced a dependence on analytics, both for measuring individual player performance and for overall team makeup. This shift has now presented at least one Major League Baseball franchise with major data security questions.

Continue reading
0 Comments

Tip of the Week: How to Spot a DDoS Attack

b2ap3_thumbnail_ddos_400.jpgIf you are a technician and a network you are responsible for begins to go down because the traffic that is coming into the network is unusually high, there is a good chance you are experiencing a distributed denial of service attack, or DDoS. These attacks, which are extraordinarily difficult to prevent altogether, can be exceedingly costly for a business.

Continue reading
0 Comments

Stop Blaming Technology for the Attacks Caused By People

b2ap3_thumbnail_protect_your_business_400.jpgIt might seem like the obvious reason for hacks and data loss is due to technology being unpredictable, but in all reality, it’s important to remember that some of the problems we experience with technology come from the people operating it. To this end, it’s important to realize that the people operating technology can also protect themselves from hackers.

Continue reading

New Lenovo PCs come with Security Vulnerability

     I have always disliked all of the extraneous software that comes pre-installed on new computers, but Lenovo has shown just how bad this can be.  Lenovo computers are shipping with pre-installed adware which could be used to hijack your secure internet connections with a man-in-the-middle attack.  The software in question is Superfish.  Superfish is suppose to be a image search tool which Lenovo is using to place ads in your Google search results.  According to a Lenovo administrator: 

"Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine."

     Adding additional ads to your search results is bad enough, but exposing your secure information, such as banking information, is inexcusable.  When you establish a secure internet connection, certificates are used to verify that the sites you visit are truly who they say that they are.  Lenovo is using a self-signed certificate which makes it appear as a trusted party.  With this certificate Superfish could generate its own encryption certificates for any site with out the user being aware.

     Lenovo could use this to spy on their customers but worse yet hackers could use this security vulnerability to spy on you and steal your private information.  The hackers only need to discover the private key which Superfish used to sign its certificate.  Robert Graham of Errata Security reports to have cracked the password "komodia" with a simple password cracker he wrote.  It also appears that all of the certificates use the same password.  You can read his posting here.  At least Lenovo now seems to recognize the problem.

"Due to some issues (browser pop up behavior for example), with the Superfish Visual Discovery browser add-on, we have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues."

If you have recently purchased a Lenovo computer you should definitely check it for Superfish and remove it immediately.  But please note that just uninstalling the software will not fix the problem, the root certificate has to be removed.  To check for the Superfish software open Control Panel > Programs and Features and look for a program named VisualDiscovery and uninstall it.  Then to remove the certificate press the Windows Key + R and run the certificate manager program certmgr.msc.  Open the Trusted Root Certification Authorities folder, open the Certificates folder, and delete the Superfish record.

Continue reading
0 Comments

Cyberattacks Can Have Physical Consequences

b2ap3_thumbnail_physical_problems_for_hacks_400.jpgBusiness owners primarily concentrate more on the digital effects of hacking rather than the physical side of it. After all, hacking some code through a network can’t harm you or anybody else in the real world, right? Wrong. As shown by a recent hack in Germany, ignoring network security can be a dangerous gambit.

Continue reading
0 Comments

Contact Excedeo Today

619.398.4100

Mobile? Grab this Article!

Qr Code

Tag Cloud

SecurityTip of the WeekTechnologyBest PracticesPrivacyInternetCloudMicrosoftBusiness ComputingSoftwareHackersEfficiencyBusiness ManagementGoogleInnovationProductivityHosted SolutionsBackupUser TipsWorkplace TipsManaged Service ProviderProductivityMalwareNetwork SecurityMobile DevicesBusinessHardwareIT ServicesUpgradeComputerwindowsEmailDataGadgetsSmartphonesCommunicationSaving MoneyIT SupportMiscellaneousVirtualizationSmartphoneAppsWindows 10Small BusinessDisaster RecoveryNetworkBusiness ContinuityMobile Device ManagementBrowserVoIPServerHealthMicrosoft OfficeTech TermSocial MediaAndroidInformation TechnologyMobile ComputingQuick TipsPasswordsMobile OfficeData BackupOffice 365CybersecurityHolidayWindows 10Operating SystemData RecoveryGoing GreenSave MoneyChromecommunicationsOfficeBYODCollaborationspamUsersCybercrimeOutsourced ITAppApplicationInternet of ThingsAlertEmployer-Employee RelationshipBest PracticeLaw EnforcementSearchManaged IT ServicesIT SupportRansomwareMarketingData SecurityTabletWirelessRemote ComputingWearable TechnologyApplePhishingVendor ManagementWiFiThe Internet of ThingsBring Your Own DeviceFacebookAvoiding DowntimeAutomationRisk ManagementCost ManagementMaintenanceSaving TimeMoneyHackingRouterHistoryWireless TechnologyBDROneNoteUser ErrorRemote MonitoringMobilityiPhoneUnified Threat ManagementAntivirusOffice TipsPasswordIT SolutionsCloud ComputingTech SupportBig DataData ManagementComputersCustomer Relationship ManagementEncryptionSocialTelephone SystemsGovernmentArtificial IntelligenceBandwidthHard DrivesVPNInformationHumorManaged IT ServicesTwo-factor AuthenticationSocial NetworkingWebsiteUpdateNet NeutralityEducationUnsupported SoftwarePrinterWi-FiOutlookShortcutVulnerabilityGmailUSBPowerPointNetworkingAnalyticsGoogle DriveProactive ITFirewallBudgetLithium-ion batteryCurrent EventsPhone SystemContent FilteringIT COnsultantIdentity TheftComputer RepairWordTelevisionWork/Life BalanceRetailExcelVirusManaged ServicePaperless OfficeadministrationMeetingsMobile DeviceTelephonyPoliticsTravelDisasterSocial EngineeringStreaming MediaInstant MessagingTrendingApplicationsAuditEntertainmentManaged ITBatteryIntranetRecoveryPersonal InformationLaptopBlockchainAugmented RealitySaaSAutomobileValuePoint of SaleCleaningPrinter ServerHaaSPrintingSave TimeData ProtectionProgrammingManaging StressTwitterComputer CareConferencingYoutubeStorageGoogle AssistantIT ManagementhackerDisplayAmazonDevicesUninterrupted Power SupplyLegalSalesOneDriveHard DriveHosted SolutionTransportationBusiness IntelligenceFax ServerCommercePatch ManagementEnd of SupportFlexibilityData LossCustomer ServiceComputingBiometricsFraudGoogle DocsPrivate CloudVirtual RealityBusiness TechnologyData StorageScamHIPAAWireless ChargingInternet ExlporerWindows 8Access ControlHuman ResourcesFile SharingDDoSMobile SecurityWannaCryData BreachEmailsProject ManagementTouchscreenCortanaOnline CurrencyHybrid CloudEvernoteSportsBenefitsSamsungeWasteComputer AccessoriesWindows 7IT solutionsComparisonIntrantetMouseChromebookVoice over Internet ProtocolAlexa for BusinessRoot Cause AnalysisUpdatesChromecastHBOWIndows 7Co-Managed ServicesBloggingIdentitiesSecurity CamerasTutorialCompany CultureNFLWindows 10sSpecificationsNetwork CongestionSabotageRegulationsMicrosoft WordNokiaReputationBluetoothTelephoneLanguageMachine LearningGift GivingSolid State DriveWorker CommuteAdministratorjunkPCCamerasSoftware as a ServiceCo-managed ITSettingsDevice SecurityKeyboardSharePointVideo GamesMicrobloggingUserHyperlinkDowntimeWindows InkHard Disk DriveGiftsAccessfilterComputer ForensicsSmartwatchPresentationHiring/FiringWIndows Server 2008Virtual DesktopTeamworkBest AvailableWasting TimeProactiveE-CommercePrint ServerGoogle MapsCredit CardsScienceManagementServer MaintenanceVendorSpywareSmart TechnologyWebinarAccessoryImagesEbayWebsitesPayment CardsInvestmentFAQRobotWireless InternetEmployee-Employer RelationshipSyncBuisnessAdvertisingRunning CableScalabilityPeripheralData TheftEmployeeGamificationROIiOSChargerExperienceData storageNear Field CommunicationEdgePDFUpgradesMicrosoft ExcelHow ToDebateHelp DeskApp storeBreak/FixMemoryWindows Server 2008 R2Computer FanMusic3D PrintingText MessagingIT consultingTestingScreen MirroringCiminalSurge ProtectorEmployer Employee RelationshipAdobeConsultantMedical ITFinancialDevelopmentBooksTouchpadReliable ComputingCameraCastAdminDistributed Denial of ServiceBlack MarketComplianceIdentity5GMicrsosoftMonitorsElectronic Medical RecordsBloatwareProjectsIT budgetKeyboard ShortcutsLicensingLifestyleWebinarLegislationInbound MarketingData PrivacyEmployeesVirtual AssistantCommunityNanotechnologyWorkersFilesSafetyOperating SysytemBrandingISPPayrollTrainingTablets