"Tech News" Blog by Crown Computers
%AM, %27 %827 %2017 %11:%Oct

Data Breaches: Have I been Pwned? Featured

Every day it seems as if more and more data breaches occur and many of these cases the company that was breached doesn’t disclose this information to you.

If you have ever been curious if,

Your data has ever been stolen from another company?

Your personal data is publicly available to anyone with internet access?

Any of your previously or current passwords could be compromised.


This is where haveibeenpwned.com lets you know if your information has been compromised. The website www.haveibeenpwned.com is a database of over 4,700,000,000 accounts that have are vulnerable due to data breaches that lets you search your email address or username for free to see if your information was compromised.  This data is gathered from thousands of sources including dark web sites where malicious users frequent to get information on their next potential victims. Be proactive with your data and account security and see if you’re compromised.

Use at your own risk and happy self-background checking : )


%AM, %15 %750 %2017 %10:%May

Ransomware: Wanna Decrypt0r 2.0 Featured


What is Wanna Decrypt0r 2.0 and how does it work?

Wanna Decrypt0r also known as WannaCry, Wcrypt, or WCRY is ransomware that encrypts the infected computers files using a unique encryption cipher (password) that is nearly impossible to decrypt or bypass without knowing the unique encryption cipher. This infection will quickly spread to other computers on the same network. Upon infection the infected computer will display this ransom notice shown on the right:

All of the encrypted files are unaccessible and applications will not work as the application files are also encrypted. They will demand payment in the form of bitcoins (an online crypto-currency) in order to decrypt your files. In many but not all cases the files are decrypted once full payment is recieved. The FBI and Cybersecurity professionals advise against paying the ransom as it encourages these attacks. However, if  your organization doesn't have current secured backups paying the ransom is often your only course of action to get your files back.


How to prevent this Infection?

This particular ransomware is far more dangerous compared to other types of ransomware as it utilizes a set of exploit kits developed by the National Security Agency (NSA) that were leaked backed in April by a hacker group known as The Shadow Brokers.The main exploit utilized by this ransomware is exploiting a vulnerability found in Microsoft Operating Systems that allows hackers to infect computers without any form of user interaction (Email attatchments, Malicious links, etc). There is good news though! This Vulnerability was patched back in March by microsoft with the MS17-010 update. Ensuring that all of your systems are up-to-date with patching and system updates is one of the most important steps in preventing this infection. The next stage of protection against Wanna Decryptor and other forms of ransomware is using a good Anti-malware and Anti-Virus suite. We recommend Sophos Endpoint Security which has it's own proprietary software designed to detect Ransomware attacks and cut-off the connection before the encryption starts. The last step is less of a prevention and more of a preperation, backups. Having regular scheduled backups that are secured by being stored offsite or not visible on your network is an important part of any organizations IT security. These backups are your savior if a ransomware or other malicious attacks manage to break through the other layers of security.


Click Here to view a live map showing Wanna Decrypt0r 2.0 infections in real-time on a global scale.


For more information about Wana Decrypt0r 2.0 and the tools we use protect against such threats please visit https://community.sophos.com/kb/en-us/126733


From Ars Technica:

Dropbox has disabled access to previously created shared links to certain kinds of documents after the discovery that some users' sensitive files—including tax returns and bank records—were exposed through Google AdWords campaigns.

How it was discovered:

The flaw was discovered by file-sharing company IntraLinks, which was purchasing ads that would appear on Google when people search for the names of its competitors. IntraLinks said that "During a routine analysis of Google AdWords and Google Analytics data mentioning competitors’ names (Dropbox and Box), we inadvertently discovered the fully clickable URLs necessary to access these documents that led us to live folder contents, some with sensitive data. Through these links, we gained access to confidential files including tax returns, bank records, mortgage applications, blueprints and business plans—all highly sensitive information, some perhaps sufficient for identity theft and other crimes."


How to protect yourself:

For Dropbox Business users, make sure you only share documents with members of your business team. For Box users, make sure you only share documents with collaborators you trust.

While online storage is a great feature, this event highlights the fact that security flaws can and will happen.  Using the strictest permissions possible is always best practice.

It's been a good run, but if you haven't heard, Microsoft is ending support for Windows XP on April 8th, 2014.

What does this mean?  

Unsupported versions of Windows no longer receive updates of any kind, including critical secruity updates!  If a bug or exploit is discoverd your computer could be compromised and your personal information could be exposed to cyber criminals.

What should you do?

Upgrade to Windows 7 or newer.  Unfortunately, this "upgrade" requires a fresh installation of the OS (operating system), so important software and files will need to be backed up first.  It's also possible that older software will not work with Windows 7 and will require an updated version to be purchased.  It's possible to research the programs you use first before committing to any costly or unneccessary upgrades.

Need Assistance?

Crown Computers offers free consulting for our clients.  If you're interested in finding out more about how to protect your network, please call 858-483-8770.





Have you ever seen a pop-up suggesting that you update your version of Java?  Have you been ignoring those warnings?  Doing so could put your data at risk!

First discovered in September of 2013, a certain type of malware (referred to as "ransomware") called Cryptolocker has been infecting systems and encrypting user files.  The only way to recover those encrypted files is to restore them from backup, or to pay a $300 fee to the attackers.  If you're lucky, after paying the fee the attackers will decrypt the files and "release"  your machine back to you.  This is a NASTY infection that results in downtime, revenue loss, and potential loss of sensitive data.

From wikipedia:

CryptoLocker typically propagates as an attachment to a seemingly innocuous e-mail message, which appears to have been sent by legitimate company; or, it is uploaded to a computer already recruited to a botnet by a previous trojan infection.[2] A ZIP file attached to an email message contains an executable file with the filename and the icon disguised as a PDF file, taking advantage of Windows' default behaviour of hiding the extension from file names to disguise the real .EXE extension. Some instances may actually contain the Zeus trojan instead, which in turn installs CryptoLocker.[3][4] When first run, the payload installs itself in the Documents and Settings folder with a random name, and adds a key to the registry that causes it to run on startup. It then attempts to contact one of several designated command and control servers; once connected, the server then generates a 2048-bit RSA key pair, and sends the public key back to the infected computer.[3][1] The server may be a local proxy and go through others, frequently relocated in different countries to make tracing difficult.[5][6]

The exploit relies upon a bug in the Java VM (virtual machine) prior to Java 7 update 40.  The risk of infection can be mitigated by installing the latest updates to the Java package.

It's critical to apply java updates when they become available to ensure safe and happy computing!


Ars Technica


%PM, %18 %993 %2013 %14:%Nov

A Second Look CEO Interview

Check out the second part of the CEO interview with Sean Goss


Page 1 of 10