Excedeo Blog

Excedeo has been serving the San Diego area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Lessons From a Company that Successfully Beat Ransomware

Lessons From a Company that Successfully Beat Ransomware

Ransomware is a dangerous malware that all businesses fear. Although, if the right precautions are taken, a ransomware attack can be completely thwarted. A recent hack attack of the San Francisco Municipal Transportation Agency provides us with a real-world example of this, which helps make ransomware appear a lot less formidable.

Continue reading
0 Comments

Baseball Executive Found Guilty of “Performance Enhancing Hack Attack”

b2ap3_thumbnail_baseball_hacks_brings_concerns_400.jpgA very large shift has taken place in the annals of baseball. The “Moneyball” revolution has produced a dependence on analytics, both for measuring individual player performance and for overall team makeup. This shift has now presented at least one Major League Baseball franchise with major data security questions.

Continue reading
0 Comments

Tip of the Week: How to Spot a DDoS Attack

b2ap3_thumbnail_ddos_400.jpgIf you are a technician and a network you are responsible for begins to go down because the traffic that is coming into the network is unusually high, there is a good chance you are experiencing a distributed denial of service attack, or DDoS. These attacks, which are extraordinarily difficult to prevent altogether, can be exceedingly costly for a business.

Continue reading
0 Comments

Stop Blaming Technology for the Attacks Caused By People

b2ap3_thumbnail_protect_your_business_400.jpgIt might seem like the obvious reason for hacks and data loss is due to technology being unpredictable, but in all reality, it’s important to remember that some of the problems we experience with technology come from the people operating it. To this end, it’s important to realize that the people operating technology can also protect themselves from hackers.

Continue reading

New Lenovo PCs come with Security Vulnerability

     I have always disliked all of the extraneous software that comes pre-installed on new computers, but Lenovo has shown just how bad this can be.  Lenovo computers are shipping with pre-installed adware which could be used to hijack your secure internet connections with a man-in-the-middle attack.  The software in question is Superfish.  Superfish is suppose to be a image search tool which Lenovo is using to place ads in your Google search results.  According to a Lenovo administrator: 

"Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine."

     Adding additional ads to your search results is bad enough, but exposing your secure information, such as banking information, is inexcusable.  When you establish a secure internet connection, certificates are used to verify that the sites you visit are truly who they say that they are.  Lenovo is using a self-signed certificate which makes it appear as a trusted party.  With this certificate Superfish could generate its own encryption certificates for any site with out the user being aware.

     Lenovo could use this to spy on their customers but worse yet hackers could use this security vulnerability to spy on you and steal your private information.  The hackers only need to discover the private key which Superfish used to sign its certificate.  Robert Graham of Errata Security reports to have cracked the password "komodia" with a simple password cracker he wrote.  It also appears that all of the certificates use the same password.  You can read his posting here.  At least Lenovo now seems to recognize the problem.

"Due to some issues (browser pop up behavior for example), with the Superfish Visual Discovery browser add-on, we have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues."

If you have recently purchased a Lenovo computer you should definitely check it for Superfish and remove it immediately.  But please note that just uninstalling the software will not fix the problem, the root certificate has to be removed.  To check for the Superfish software open Control Panel > Programs and Features and look for a program named VisualDiscovery and uninstall it.  Then to remove the certificate press the Windows Key + R and run the certificate manager program certmgr.msc.  Open the Trusted Root Certification Authorities folder, open the Certificates folder, and delete the Superfish record.

Continue reading
0 Comments

Cyberattacks Can Have Physical Consequences

b2ap3_thumbnail_physical_problems_for_hacks_400.jpgBusiness owners primarily concentrate more on the digital effects of hacking rather than the physical side of it. After all, hacking some code through a network can’t harm you or anybody else in the real world, right? Wrong. As shown by a recent hack in Germany, ignoring network security can be a dangerous gambit.

Continue reading
0 Comments

Contact Excedeo Today

619.398.4100

Mobile? Grab this Article!

Qr Code

Tag Cloud

SecurityTip of the WeekTechnologyBest PracticesPrivacyCloudInternetMicrosoftSoftwareBusiness ComputingGoogleHackersBusiness ManagementEfficiencyProductivityHosted SolutionsBackupUser TipsInnovationManaged Service ProviderWorkplace TipsMalwareBusinessMobile DevicesIT ServicesHardwarewindowsComputerUpgradeNetwork SecurityEmailCommunicationIT SupportMiscellaneousSaving MoneyProductivityDataVirtualizationSmartphonesGadgetsWindows 10AppsDisaster RecoveryBusiness ContinuitySmartphoneBrowserVoIPServerSmall BusinessNetworkMicrosoft OfficeMobile Device ManagementTech TermSocial MediaMobile ComputingInformation TechnologyHealthAndroidQuick TipsPasswordsCybersecurityOperating SystemData BackupMobile OfficeGoing GreenHolidayWindows 10Office 365ChromeSave MoneyCybercrimeData RecoveryOutsourced ITcommunicationsAppOfficeApplicationAlertBest PracticeCollaborationspamUsersInternet of ThingsRansomwareEmployer-Employee RelationshipBYODData SecurityMarketingLaw EnforcementManaged IT ServicesSearchWearable TechnologyThe Internet of ThingsAppleFacebookVendor ManagementWiFiBring Your Own DeviceRemote ComputingTabletMoneyHackingIT SupportMaintenanceSaving TimeRouterWireless TechnologyPhishingBDRHistoryUser ErrorRemote MonitoringUnified Threat ManagementAntivirusMobilityAvoiding DowntimeiPhoneRisk ManagementCost ManagementIT SolutionsTech SupportCloud ComputingComputersBig DataData ManagementEncryptionSocialTelephone SystemsCustomer Relationship ManagementOneNoteGovernmentBandwidthAutomationHard DrivesOffice TipsPasswordUnsupported SoftwarePrinterSocial NetworkingShortcutOutlookWi-FiGmailVulnerabilityUSBNetworkingPowerPointAnalyticsGoogle DriveProactive ITFirewallArtificial IntelligenceBudgetLithium-ion batteryCurrent EventsPhone SystemVPNTwo-factor AuthenticationWirelessHumorWebsiteNet NeutralityInformationUpdateWork/Life BalanceMeetingsTravelVirusMobile DevicePoliticsadministrationSocial EngineeringStreaming MediaDisasterTrendingAuditApplicationsEntertainmentManaged ITIntranetRecoveryAugmented RealityLaptopContent FilteringPersonal InformationBlockchainIdentity TheftIT COnsultantManaged IT ServicesTelevisionEducationRetailExcelComputer RepairPaperless OfficeManaged ServiceDevicesHosted SolutionLegalBusiness IntelligenceFax ServerTransportationPatch ManagementCustomer ServiceEnd of SupportComputingCommerceTelephonyFlexibilityBiometricsUninterrupted Power SupplySalesHard DriveVirtual RealityFraudPrivate CloudGoogle DocsHIPAAScamBusiness TechnologyData StorageInternet ExlporerHuman ResourcesWireless ChargingDDoSInstant MessagingEmailsAccess ControlMobile SecurityOnline CurrencyWannaCryData BreachWindows 8Project ManagementSportsTouchscreenCortanaBenefitsHybrid CloudEvernoteeWasteComputer AccessoriesSamsungBatteryValueSaaSPoint of SaleAutomobilePrinter ServerHaaSCleaningTwitterProgrammingManaging StressStorageSave TimeData ProtectionComputer CareWordDisplayGoogle AssistantConferencingIT ManagementhackerAmazonDowntimeWindows InkVirtual DesktopVideo GamesPresentationHyperlinkNokiaAccessGift GivingComputer ForensicsPrint ServerHard Disk DriveGiftsTeamworkOneDriveBest AvailableHiring/FiringWIndows Server 2008ScienceYoutubeProactiveE-CommerceGoogle MapsWasting TimeEbayManagementMicrobloggingCredit CardsSmart TechnologyVendorSpywareWebsitesPayment CardsData LossBuisnessAccessoryRobotWireless InternetFAQRunning CableSyncAdvertisingEmployee-Employer RelationshipData TheftEmployeeScalabilityNear Field CommunicationPeripheralData storageGamificationWebinariOSChargerImagesExperiencePDF3D PrintingEdgeApp storeBreak/FixSurge ProtectorUpgradesMicrosoft ExcelHow ToIT consultingMemoryComputer FanMusicEmployer Employee RelationshipAdobeText MessagingTestingScreen MirroringCiminalMedical ITConsultantFile SharingReliable ComputingTouchpadComplianceFinancialDebateHelp DeskDistributed Denial of ServiceBooksBloatwareCameraCastAdminIdentityBlack MarketInbound MarketingMonitorsElectronic Medical RecordsFilesLicensingProjectsCommunityIT budgetKeyboard ShortcutsData PrivacyWebinarLegislationBrandingISPIntrantetMouseOperating SysytemVirtual AssistantNanotechnologyWorkersSafetyChromecastTrainingTabletsWindows 7PayrollLifestyleBloggingChromebookTutorialIT solutionsComparisonWIndows 7Network CongestionAlexa for BusinessRoot Cause AnalysisUpdatesHBOSecurity CamerasCompany CultureNFLRegulationsCo-Managed ServicesIdentitiesPrintingWindows 10sSpecificationsBluetoothReputationjunkMicrosoft WordLanguageMachine LearningCamerasTelephoneCo-managed ITSolid State DriveSharePointWorker CommuteUserAdministratorKeyboardfilterSoftware as a ServiceSettingsDevice Security