What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Service Coordinator(SC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for New Lenox, IL Businesses:
What A Few Of Our Clients Have To Say
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Don’t Use Public WiFi Without Reading These Data Security Quick Tips Apr 03, 2017
We are all guilty of it: connecting to free public WiFi. Whether it is at the coffee shop, hotel or airport, the temptation to check e-mail and surf the web is just too strong to resist. As with anything technology related, free networks pose a number of risks to your data security. Here are a few tips to help you keep your information safe.
Data Security Quick Tips for When Using Public Wifi
Confirm The Network Is Legit –
It is common for hackers to set up fake clones of public WiFi access points. The hacker sets up the clone to get you to connect to THEIR WiFi over the legitimate one made available to you by your neighborhood coffee shop or restaurant. Connecting to a hacker’s access point can expose critical data and passwords. To avoid jumping on an unsafe network, verify the name of the WiFi your location is providing.
Enable A Firewall On Your Devices Or Use a VPN
A dependable firewall will help protect your sensitive data. A Virtual Private Network (VPN) encrypts traffic between your device and the VPN server, which makes it much more difficult for an intruder or hacker to access your sensitive data and improves your data security. You can try to set up your own VPN for personal devices but we suggest professional support for any of your work devices.
Turn Off File Sharing & Keep Devices from Automatically Joining Networks
Sure, file sharing is a great way to collaborate and send photos or other documents simply and quickly with friends, but leaving this function on only leaves you vulnerable to intrusion. As an extra data security measure, make sure you turn this feature off whenever you aren’t at home. In addition, cellphones can be set up to automatically join networks with free WiFi. Does this help you save on data? Sure! But it also sets you up to fall victim to scammers. Make sure you never allow your device to join a network without getting your permission first.
Don’t Access Financial Sites Or Make Purchases
NEVER access financial, medical or other sensitive data while on public WiFi. Also, don’t shop online and enter your credit card information unless you’re absolutely certain the connection point you’re on is safe and secure. This is simply asking for trouble and breaks the data security’s number one rule.
There are many ways for you to protect your data and secure your devices from hackers and those that wish to do you harm. The surest way to protect yourself is a trusted IT partner who can ensure your devices have proper protocols in place. If you are concerned about your own devices or those of your employees, give us a call. We are always available to help.
The post Don’t Use Public WiFi Without Reading These Data Security Quick Tips appeared first on Andromeda Technology Solutions.Dark Web Series Part 1 – What Is the Dark Web & Why It Matters To You Dec 29, 2017
Ransomware, cybercrime, hackers . . .
It’s safe to say that you’ve at least heard of these terms in the news and if you are like most people, you’ve heard them over and over on the news, in the office and just in everyday conversation for the past few years.
This progression in the cybersecurity world may come with unique phrases and buzzwords but the trend itself is nothing new. Since the internet’s beginning, there have been people working to cause chaos.
Think computer viruses, Trojan horses, scams, spam, malware etc.
Like most technology, the internet is used predominantly for good. But, there are always a few bad apples who take good technology and choose to use it with less than the best intentions. And while there have always been “bad guys” out there trying to disrupt good works from being done, over the last decade and specifically in the last few years we’ve seen an incredible increase in spending, vulnerability and rates of incident for large scale cyber-attacks.
To put this in perspective, spending on cybersecurity is projected to exceed 1 trillion dollars by 2021. In 2017, information security (a subset of the cybersecurity industry) spending hit over 86 billion dollars.
On top of this, there has been a dramatic increase of incidents in the small to medium sized business arena. When a local business gets hit, it may not make the 5 o’clock news like Home Depot or Target, but it hurts just the same – and maybe even more.
The crazy thing when it comes to cybercrime, ransomware and other infections is that you can be doing regular updates, implement antivirus etc. and you still can fall victim to identity theft, breaches and other cyber incidents.
All of this cyber-security and cyber-crime discussion lays the groundwork for this Dark Web discussion.
What is the Dark Web?
First, what is the Dark Web? In a simple and brief explanation, the Dark Web is a mostly anonymous space online that you need special software to access. The experience is much like a normal internet browser but the sites and activities available are very different.
Many times the Dark Web is described using an iceberg illustration.
- The internet as we know it is what you can see above sea level.
- There is a larger space just below the surface of the iceberg where the ‘darknet’ lives, this is dominantly used for large data stores. Financial records, academic databases, government records etc. live here.
- Then there is the bottommost layer of the iceberg, this is the Dark Web – here you’ll find illegal activity like drug trafficking, illegal gun sales, and even personal data for sale.
Now, you may be thinking,
“This is interesting information but what in the heck does the Dark Web have to do with me? Why do I care about it? I don’t use it. I don’t know anyone who does. . .” And we get that, but even if you don’t use the Dark Web you may be on it.
The Dark Web is one of the largest sources of stolen data available to criminals. While some may use it to buy goods, other criminals purchase pieces of your information like credit card information, passwords, social security information and more to use for their own purposes.
When cybercriminals go to places like your local grocery store, Experian and other sites to wreak havoc, the information they steal ends up for sale on the Dark Web.
All of this taken into consideration, the everyday consumer and business professional shouldn’t be scanning these areas of the web to try and protect their data.
Instead, a business professional like yourself should make sure that you are following proper security protocols:
- Anti-Virus Software Regularly Updated and on every device
- Proper Firewalls and regular updates
- Employee training
- Regular Professional Backups (also regularly tested and verified)
- Disaster Recovery Plan
- Spam filtering
- Encourage employees to speak up if they see a weird email or link
- Bring in professional cyber security consulting
With all of these items and a few more in place, you make it much more difficult for a cyber-criminal to get into your network and steal your data. This in turn will help keep your data and that of your employees off of the Dark Web. Of course, nothing is foolproof and that is why an exceptional cyber-security partner should offer Dark Web monitoring.
Dark Web monitoring is a program some IT professionals offer businesses where scans are going on constantly in the background and are looking for a specific domain. When the scan recognizes your domain in a database, it flags the software and you are alerted to change passwords or address the breach.
This way, you are always a step ahead of the criminals without lowering yourself to the “Dark Web” itself.
We hope you found this first installment in our Dark Web series helpful. Look out for our next article in February focused on 5 ways you can keep your information off of the Dark Web entirely.
The post Dark Web Series Part 1 – What Is the Dark Web & Why It Matters To You appeared first on Andromeda Technology Solutions.Another Chrome Extension Is Stealing Passwords Sep 18, 2018
Do you use the Chrome browser extension for the MEGA file storage service? If you do, please read this article carefully. The official extension for that service has been compromised. It has been replaced with a malware version that has the capability to steal user login data for a number of popular websites, including Github, Google, Amazon, Microsoft and more.
The extension was compromised on September 4th, when an unknown attacker breached MEGA's Chrome Web Store account and uploaded the poisoned version of the extension. Any user who installs it is at risk of having their other login credentials stolen.
It gets worse. If you allow auto-updates, then the poisoned version of the extension would have automatically "updated" on your PC or smartphone when the malware was uploaded. Note that when the extension attempted to update, it would have asked users for elevated permissions. Those elevated permissions would allow the extension access to personal information, which is the mechanism by which the credentials are stolen.
The poisoned file was in place for a total of four hours before it was found, eradicated and replaced by a clean version (version 3.39.5).
According to MEGA:
"You are only affected if you had the MEGA Chrome extension installed at the time of the incident, auto update enabled, and you accepted the additional permission, or if you freshly installed version 3.39.4."
If you think there's even a chance you were impacted by this event, your best bet would be an across-the-board change of all your passwords, as there's no way to be sure which ones may have been compromised.
Two things to note here: The Firefox extension was not impacted. This applies only to chrome users who have the MEGA extension installed. Also, you should check your extension version number immediately to be sure you're not running version 3.39.4. If you are, uninstall it immediately and grab the clean version referenced above.