July 2018 Newsletter

 

 

 

July 2018 Newsletter

Hello! We’re pleased to send you this monthly issue of Monthly Bytes. It’s our way of saying that you’re important to us and we truly value your business. Please feel free to pass this newsletter on to friends and colleagues. Enjoy!

For a printable PDF version of this newsletter, click here

URGENT NEWS

SamSam and other ransomware attacks are on the rise. In the past 60 days, the cities of Atlanta, Savannah and Winder as well as Dawson County government were all hit. Winder’s ransom was over $300,000. According to Datto, a data protection and disaster recovery firm, Ransomware is costing businesses more than $75 billion per year. With businesses losing around $8,500 per hour due to ransomwareinduced downtime. Cogentes can help you ensure that your network and data are protected. Call us today at (404) 424-8585 to schedule a free network and security audit to help find and fix places where your systems are vulnerable.

Fake Battery Saving Apps and Scams

With smartphones dominating the phone market, new apps pop up on a nearly daily basis. Unfortunately, a lot of these apps have only one purpose; to infect phones and steal data. Normally, these types of apps are easy to spot, but much like the phones, they’re getting smarter. They present the user with messages that directly have something to do with the phone’s performance. Common messages that would pop up include your device is running low, you need to install this antivirus software to save your device, or your device needs an update. This text will focus mostly on fake battery saving apps, but it will also touch upon other app scams.

Spotting Fake Battery Saving Apps
Fake battery saving apps are rather easy to notice. The biggest problem with them, as is with many other apps, is that they ask the user for a large number of device permissions. These include, but are not limited to: reading sensitive log data, receiving text messages, or SMS, receiving internet data, pairing with other Bluetooth devices, a complete network access, and the ability to modify system settings.

At times, the app itself will look very well made, but the page it redirects to will look shoddy and shady. That can mean one of two things. Either the developers behind these apps cared more about the app than the redirection link, or two separate teams worked on these two separate elements.

The Odd Twist
It might sound strange, but these fake battery saving apps actually do save batteries. A typical fake battery saving app will still reduce battery strain to lengthen its life. Furthermore, it will kill off any process that uses a lot of battery during low battery charging. And to top it all off, the fake battery saving app will also monitor the status of said battery.

All of this looks good for the fake battery saving app so far. However, there’s a twist. Each time a user downloads and uses the app, they receive a tiny ad-clicking backdoor with the app. This is normally hidden within the fake battery saver code. This ad-clicker steals information, including phone contacts, the type and brand of the phone, IMEI, the user’s location, and much more.

Other Apps
Fake battery saving apps aren’t the only fake software that damages the user. At times, fake cleanup or antivirus apps would perform phone cleanups by stealing and sharing personal data. Even popular app stores aren’t immune from having these apps. Luckily, there are websites out there which can check and mark dangerous software, so users can rest easy and continue to use their smartphone without fear.

Apple Introduces a New iPhone Privacy Feature

A number of controversies have emerged in recent years in relation to Apple’s refusal to release material of interest as part of criminal investigations. Police and other law enforcement agencies feel they should have the right to access evidence stored on phones, while Apple is adamant that releasing such evidence would breach its customers’ rights to privacy.

Apple has now announced that its iOS 11.4.1 and iOS 12 systems will have a “USB Restricted Mode” capability, which will turn off the data connection accessible through the Lightning port if a device is locked for more than an hour. This will be a default setting, which will mean that, from one hour of the time of the device being locked, the Lightning port can only be used for charging.

The implication for law enforcement agencies is that once they have seized a suspect’s iPhone, they will only have an hour at most to try to extract information using specialized software for cracking iPhones provided by specialist companies like GrayShift, Cellebrite, etc. GrayKey from GrayShift is widely used for this purpose, with at least ten states and federal agencies known to employ it. GrayKey gains access through the Lightning port and allows the user to make unlimited attempts to crack the device password. However, depending on how long the password is, the process can last between two hours and three days.

According to recent reports, law enforcement agencies are far from impressed with Apple’s new feature; however, Apple claims it is protecting customers, not the criminals. They have pointed out that the new feature prevents both criminals and law enforcement personnel from accessing a user’s data. The new software, they insist, is designed to block hackers, identity theft, and similar personal intrusions, and was not designed to frustrate law enforcement officers.

However, as USB Restricted Mode has already been rolled out in beta versions for iOS 11.4.1 and iOS 12, and is included in the final OS rollout, it seems likely that there will be further clashes between Apple and law enforcement agencies along the lines of the San Bernardino iPhone controversy of 2016. In that case, Apple would not agree to FBI demands to unlock an iPhone belonging to one of the San Bernardino shooters. Ultimately, the Bureau used a third party, probably Cellebrite, to crack the device.

News Bytes

Facebook’s Fight against Fake News
Facebook has just announced new initiatives to prevent the dissemination of fake news on its platform. In addition to using technological devices and human input to recognize and delete counterfeit accounts, they will be employing fact checkers and educating users on how to identify fake news. Facebook’s program will also be introduced into new countries.

Companies such as Associated Press, Snopes, and FactCheck.org will be working with Facebook, along with advanced computer programs that also check for fake news, and accounts will be censored or deleted as necessary. According to early reports, this initiative has already lowered the number of fake stories by around 80%.

It remains to be seen whether the company’s efforts will really reduce the prevalence of fake news on Facebook, or whether it is simply window dressing to address the concerns of politicians and other critics.

Emergency iOS Hits iPhones
Apple’s latest iteration of its iOS, iOS 12, has a new safety feature that means iPhones employed for emergency calls will automatically give the responders the location of the phone. Around 80% of emergency calls are made from mobiles, but the dated systems used for 911 calls make it hard to pin down locations. With landline emergency calls, the customer database can be interrogated to match an incoming number with an address, something that’s not possible with mobiles.

Apple has paired with RapidSOS, a company that has been building enhancements to the emergency call system for the last five years. Part of the problem associated with identifying callers is that the 6300 emergency response centers in the USA use 25,000 different types of software. With the RapidSOS system, as soon a 911 call is received, RapidSOS’s database will be interrogated for additional information regarding the caller, which will then be passed on to the 911 operatives.

Question of the Month

Question: My Smartphone is too slow; how can I speed it up?

Answer:

Figure out what is slowing down your smartphone
The first step should be figuring out the root of the problem. Did the phone start slowing down after downloading a specific app? Is the OS up to date? There are profiling apps, used for analyzing CPU, Wi-Fi and RAM usage, which can help pinpoint to the cause of the problem.

Create room in your Internal Storage
Installing too many apps can easily overload a smartphone’s capacity. Uninstalling apps usually helps speed up a phone. In fact, it is necessary to keep a part of the Internal Storage empty for the phone to work at full speed.

Turn off memory-consuming animations
Some smartphones have many visually appealing animations going on. Although they make the screen pretty, they serve no other purpose. What’s more, they consume precious phone resources, so it’s better to turn them off in the system settings.

Close the apps running in the background
A nifty feature of modern smartphones is being able to keep multiple apps open at once. However, it is easy to forget to close down those that are no longer in use. Closing down these background apps helps free up memory. Simply restarting the phone can improve its responsiveness.

The 4 Azure Options for Implementing Single Sign-On

A wide range of options are available for those looking to employ a Single Sign-on (SSO) in Azure.

Here’s an overview of the options that are currently available:

Cloud-only Passwords Without SSO
With this option, SSO’s are not used: Office365 accounts login independent of the local Active Directory. This option is quick to implement, allows for password resetting, does not need dedicated servers or other infrastructure, and can be used without the Active Directory. However, it does mean that users will not have the convenience of an SSO.

Password Synchronization with SSO
Office uses Azure Active Directory (ADD) Connect, allowing synchronization of data between on-site Active Directories and Azure AD. User accounts do not have to be held on Office365, and changes in passwords are synchronized. No extra resources are needed, external logins, single password for on-site and cloud services, password synchronization and access to Office 365, even if the Internet or the AD infrastructure is not functioning, are all allowed. However, this option does remove some control over the system; e.g., employers will not be able to restrict login times. In addition, the user must purchase Azure AD Premium or a license for Enterprise Mobility + Security Suite to access the self-service password reset features.

Pass-through Authentication
Pass-through authentication with Azure AD connect allows logons to be passed back to the on-site Active Directory for authentication. This permits login time restrictions. However, it does mean that your on-site facilities must be available at any time you want to authenticate users. Pass-through authentication allows machines on the same domain to enjoy seamless passing through domain credentials. This provides genuine single sign-ons through Outlook (2013 onwards) and web browsers. As it is built into Azure AD Connect minimal infrastructure is needed. However, companies with only one data center and/or Internet connection may have trouble creating enough redundancy.

Federated Identity
Federated identity allows users access to the security choices that are available elsewhere; however, it does need more infrastructure. Active Directory Federation Services (ADFS) has to be deployed in the on-site network. This requires two servers on separate sites for secure application. User logins are passed back to ADFS for validation. Security features that are unavailable elsewhere include filtering client access, for example, to prevent certain employees checking email from home. It should be noted that alongside the additional security offered, this method is more expensive, adds extra potential failure points, and needs updating periodically.

APP OF THE MONTH: PIGMENT

 

 

Nowadays, it is really difficult to tell real information from fake news, due to so much false information circulating the web. However, thanks to Eyeo, there is now a way to stand up to the constant onslaught of fake news. Their new browser extension TrustedNews can help you avoid suspicious sources of information.

TrustedNews, which is currently only available for Chrome, can be installed in the Chrome Web Store. When you visit a page, the extension icon will tell you whether you can trust the information on that page.

.

Cartoon of the month

 

 

 

 

 

 

 

 

 

Offer of the Month

FROM THE DESK OF

Tom Glover

If you don’t have a managed-service agreement in place, please let us know and we’ll conduct a needs analysis and provide you with a proposal free of charge!

Cogentes, Inc.

PO Box 294

Hardwick, GA 31034

Phone: (404) 424-8585

Email: tom.glover@cogentes.com

Web: www.cogentes.com

Facebook: www.facebook.com/Cogentes

Linked In: linkedin.com/company/cogentes-inc-

All data and information provided in this newsletter is for informational purposes only. Cogentes makes no representations as to accuracy, completeness, correctness, suitability, or validity of any information in this newsletter and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use. All information is provided on an as-is basis.