Internet Browsing

We often get asked how to identify a real alert (from Windows, Apple, anti-virus, etc) from a fake alert.  While hackers are always advancing their trade to improve their success rates, the following general rules apply when presented with sudden "alert" or pop-up window. REAL ALERTS Will include the vendor logo, vendor product name, and details on the problem.  For example, a Symantec anti-virus alert will...

Read More

We often get asked how to identify a real alert (from Windows, Apple, anti-virus, etc) from a fake alert.  While hackers are always advancing their trade to improve their success rates, the following general rules apply when presented with sudden "alert" or pop-up window. REAL ALERTS Will include the vendor logo, vendor product name, and details on the problem.  For example, a Symantec anti-virus alert will...

Read More
a

A new variant of ransomware making the rounds is called Satana.  Focus on the "Satan" part of that.. as the makers clearly intended to draw that connection. Satana encrypts files and drops lots of extra txt/pdf/etc files into folders to tell you that your files are not accessible unless you pay a ransom.  Satana then encrypts the Master Boot Record (MBR) and replaces it with its own....

Read More

UPDATED - July 11, 2016 with latest Avast and AVG security issues. Google has discovered that AVG Free will weaken your Google Chrome settings and expose personal data to hackers.  Details here. Back in September as we originally reported, AVG announced that it will collect and sell your browser history and data to advertisers (or anyone).  They stated: We collect non-personal data to make money from our free...

Read More

Hackers have been able to exploit a number of flaws in Adobe's Flash tool.  These flaws can be embedded in advertisements that run on popular (but highly insecure) websites like Facebook.  We say these sites are insecure because Facebook makes it revenue from advertising.. they have very little incentive to check the ads for content, as they are more inclined to let virtually all ads...

Read More

On December 14, 2014, reports began surfacing of a new infection impacting WordPress content management websites. This infection has been coined “soaksoak”. We at ESG began seeing the attempted attacks over the weekend of Dec 13/14 and as of the morning of Dec 15, as soon as a safe mitigation process was available, we began patching our servers to protect the sites of our clients...

Read More

One question we frequently get asked is if social media sites like Facebook and Twitter are "safe" for workplace use. The answer is a tough one because it depends a great deal on how individual users utilize these services. Consider the following three examples: Sally gets on Facebook, Twitter, and LinkedIn a couple times a day to post updates for your company. Occasionally she also checks...

Read More

Heartbleed is a security flaw in OpenSSL, a widely used data encryption standard, that gives hackers the ability to extract data from inside the stream of communication that would normally be considered secure. The vulnerability was detected by researchers including an analyst for Google.  Specifically the Heartbleed vulnerability is in the machines that power services that handle secure transactions for banking and shopping, as well...

Read More

A recent study has found that search results from Microsoft's Bing lead to malware-infected sites at a rate five times higher than searches done on Google.  Put another way, if you use Google for searching the web you are five times less likely to run into a malware-infected site compared to using Bing. Microsoft, of course, has disputed the results of the study. ESG recommends using Google...

Read More