Excedeo Blog

Excedeo has been serving the San Diego area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Lessons From a Company that Successfully Beat Ransomware

Lessons From a Company that Successfully Beat Ransomware

Ransomware is a dangerous malware that all businesses fear. Although, if the right precautions are taken, a ransomware attack can be completely thwarted. A recent hack attack of the San Francisco Municipal Transportation Agency provides us with a real-world example of this, which helps make ransomware appear a lot less formidable.

Continue reading
0 Comments

Baseball Executive Found Guilty of “Performance Enhancing Hack Attack”

b2ap3_thumbnail_baseball_hacks_brings_concerns_400.jpgA very large shift has taken place in the annals of baseball. The “Moneyball” revolution has produced a dependence on analytics, both for measuring individual player performance and for overall team makeup. This shift has now presented at least one Major League Baseball franchise with major data security questions.

Continue reading
0 Comments

Tip of the Week: How to Spot a DDoS Attack

b2ap3_thumbnail_ddos_400.jpgIf you are a technician and a network you are responsible for begins to go down because the traffic that is coming into the network is unusually high, there is a good chance you are experiencing a distributed denial of service attack, or DDoS. These attacks, which are extraordinarily difficult to prevent altogether, can be exceedingly costly for a business.

Continue reading
0 Comments

Stop Blaming Technology for the Attacks Caused By People

b2ap3_thumbnail_protect_your_business_400.jpgIt might seem like the obvious reason for hacks and data loss is due to technology being unpredictable, but in all reality, it’s important to remember that some of the problems we experience with technology come from the people operating it. To this end, it’s important to realize that the people operating technology can also protect themselves from hackers.

Continue reading

New Lenovo PCs come with Security Vulnerability

     I have always disliked all of the extraneous software that comes pre-installed on new computers, but Lenovo has shown just how bad this can be.  Lenovo computers are shipping with pre-installed adware which could be used to hijack your secure internet connections with a man-in-the-middle attack.  The software in question is Superfish.  Superfish is suppose to be a image search tool which Lenovo is using to place ads in your Google search results.  According to a Lenovo administrator: 

"Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine."

     Adding additional ads to your search results is bad enough, but exposing your secure information, such as banking information, is inexcusable.  When you establish a secure internet connection, certificates are used to verify that the sites you visit are truly who they say that they are.  Lenovo is using a self-signed certificate which makes it appear as a trusted party.  With this certificate Superfish could generate its own encryption certificates for any site with out the user being aware.

     Lenovo could use this to spy on their customers but worse yet hackers could use this security vulnerability to spy on you and steal your private information.  The hackers only need to discover the private key which Superfish used to sign its certificate.  Robert Graham of Errata Security reports to have cracked the password "komodia" with a simple password cracker he wrote.  It also appears that all of the certificates use the same password.  You can read his posting here.  At least Lenovo now seems to recognize the problem.

"Due to some issues (browser pop up behavior for example), with the Superfish Visual Discovery browser add-on, we have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues."

If you have recently purchased a Lenovo computer you should definitely check it for Superfish and remove it immediately.  But please note that just uninstalling the software will not fix the problem, the root certificate has to be removed.  To check for the Superfish software open Control Panel > Programs and Features and look for a program named VisualDiscovery and uninstall it.  Then to remove the certificate press the Windows Key + R and run the certificate manager program certmgr.msc.  Open the Trusted Root Certification Authorities folder, open the Certificates folder, and delete the Superfish record.

Continue reading
0 Comments

Cyberattacks Can Have Physical Consequences

b2ap3_thumbnail_physical_problems_for_hacks_400.jpgBusiness owners primarily concentrate more on the digital effects of hacking rather than the physical side of it. After all, hacking some code through a network can’t harm you or anybody else in the real world, right? Wrong. As shown by a recent hack in Germany, ignoring network security can be a dangerous gambit.

Continue reading
0 Comments

Contact Excedeo Today

619.398.4100

Mobile? Grab this Article!

Qr Code

Tag Cloud

SecurityTip of the WeekTechnologyBest PracticesPrivacyInternetCloudMicrosoftSoftwareBusiness ComputingBusiness ManagementHackersGoogleEfficiencyProductivityHosted SolutionsBackupManaged Service ProviderUser TipsWorkplace TipsMalwareBusinessInnovationMobile DeviceswindowsIT ServicesHardwareComputerUpgradeNetwork SecurityIT SupportSaving MoneyMiscellaneousEmailDataSmartphonesWindows 10VirtualizationBusiness ContinuityGadgetsCommunicationSmartphoneAppsProductivityVoIPDisaster RecoveryNetworkBrowserMicrosoft OfficeServerMobile Device ManagementSmall BusinessTech TermMobile ComputingInformation TechnologyAndroidQuick TipsPasswordsHealthSocial MediaOperating SystemMobile OfficeData BackupGoing GreenCybersecurityHolidayChromeCybercrimecommunicationsAppApplicationOfficeAlertBest PracticeOffice 365CollaborationspamSave MoneyWindows 10Data RecoveryOutsourced ITRansomwareEmployer-Employee RelationshipBYODMarketingData SecurityLaw EnforcementManaged IT ServicesAppleUsersThe Internet of ThingsVendor ManagementWiFiInternet of ThingsTabletSearchRemote ComputingWearable TechnologyRouterPhishingWireless TechnologyMoneyBDRIT SupportHistoryFacebookUser ErrorBring Your Own DeviceRemote MonitoringAntivirusUnified Threat ManagementiPhoneAvoiding DowntimeMobilityRisk ManagementCost ManagementMaintenanceSaving TimeHackingBig DataData ManagementComputersEncryptionSocialCustomer Relationship ManagementTelephone SystemsOneNoteGovernmentBandwidthHard DrivesOffice TipsPasswordIT SolutionsTech SupportUnsupported SoftwareGmailUSBPowerPointCloud ComputingNetworkingAnalyticsWi-FiProactive ITVulnerabilityFirewallBudgetLithium-ion batteryGoogle DriveCurrent EventsPhone SystemArtificial IntelligenceAutomationVPNHumorTwo-factor AuthenticationWebsiteUpdateNet NeutralitySocial NetworkingWirelessPrinterShortcutOutlookVirusTravelWork/Life BalanceadministrationSocial EngineeringMobile DeviceDisasterStreaming MediaPoliticsTrendingAuditIntranetRecoveryLaptopAugmented RealityContent FilteringApplicationsManaged ITIT COnsultantPersonal InformationComputer RepairBlockchainEducationTelevisionRetailExcelIdentity TheftInformationManaged IT ServicesGoogle AssistantMeetingsUninterrupted Power SupplyhackerTelephonySalesCustomer ServiceHard DriveComputingBiometricsPrivate CloudVirtual RealityManaged ServiceDevicesLegalHIPAATransportationEnd of SupportInternet ExlporerCommercePatch ManagementFlexibilityHuman ResourcesDDoSInstant MessagingEmailsFraudGoogle DocsWindows 8Online CurrencyScamSportsBusiness TechnologyEntertainmentData StorageBenefitseWasteComputer AccessoriesWireless ChargingAccess ControlMobile SecuritySaaSValueWannaCryData BreachPoint of SaleProject ManagementPrinter ServerTouchscreenCortanaHaaSEvernoteSamsungProgrammingManaging StressTwitterBatteryStorageDisplayAutomobileAmazonCleaningPaperless OfficeHosted SolutionSave TimeData ProtectionFax ServerComputer CareWordBusiness IntelligenceEbaySolid State DriveConferencingWorker CommuteAdministratorSoftware as a ServiceSettingsDevice SecurityKeyboardIT ManagementWindows InkVideo GamesBuisnessHyperlinkComputer ForensicsHard Disk DriveGiftsAccessRunning CableWebinarImagesHiring/FiringWIndows Server 2008Google MapsWasting TimeNear Field CommunicationProactiveManagementCredit CardsVendor3D PrintingSpywareSmart TechnologyWebsitesData LossSurge ProtectorAccessoryIT consultingWireless InternetFAQRobotSyncAdvertisingDebateEmployee-Employer RelationshipHelp DeskReliable ComputingData TheftScalabilityPeripheralDistributed Denial of ServiceGamificationComplianceiOSChargerExperienceData storagePDFBloatwareEdgeApp storeUpgradesMicrosoft ExcelHow ToMemoryInbound MarketingComputer FanMusicCommunityEmployer Employee RelationshipAdobeText MessagingFilesTestingScreen MirroringCiminalISPConsultantFile SharingBrandingTouchpadIntrantetMouseFinancialBooksLifestyleChromecastCameraCastAdminWIndows 7IdentityBloggingTutorialBlack MarketNetwork CongestionHybrid CloudMonitorsElectronic Medical RecordsLicensingProjectsRegulationsIT budgetKeyboard ShortcutsData PrivacyWebinarLegislationBluetoothOperating SysytemVirtual AssistantjunkNanotechnologyWorkersSafetyCo-managed ITTrainingTabletsWindows 7CamerasPayrollUserChromebookIT solutionsComparisonNokiaSharePointGift GivingAlexa for BusinessfilterRoot Cause AnalysisUpdatesHBOCompany CultureNFLYoutubeVirtual DesktopCo-Managed ServicesPresentationIdentitiesSecurity CamerasOneDriveBest AvailablePrintingWindows 10sSpecificationsPrint ServerTeamworkReputationMicrobloggingScienceMicrosoft WordTelephoneLanguageMachine Learning